Report - page-center-support-j2plz.ondigitalocean.app/

Report Overview

Visited public
2025-04-05 11:36:40
Tags
meta facebook phishing social
URL
page-center-support-j2plz.ondigitalocean.app/
Finishing URL
page-center-support-j2plz.ondigitalocean.app/
IP / ASN
172.66.0.96
#13335 CLOUDFLARENET
Title
Facebook
Phishing - Facebook

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
page-center-support-j2plz.ondigitalocean.app	unknown	unknown	No data	No data	501 B	1.7 kB	172.66.0.96
pages-centre2025.glitch.me	unknown	unknown	No data	No data	545 B	2.3 kB	151.101.2.59
brandlogos.net	469574	2019-05-10	2015-07-22	2025-03-28	489 B	15 kB	188.114.97.1

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2025-04-05 11:36:18	low	Client IP	151.101.2.59	ET INFO Observed Online Application Hosting Domain (glitch .me in TLS SNI)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2025-04-04	medium	page-center-support-j2plz.ondigitalocean.app/	Facebook, Inc.

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (1)

	URL	From	Size	First Seen	Last Seen
	page-center-support-j2plz.ondigitalocean.app/	ScriptElement	208 B	2025-04-05	2025-04-05
Pretty URL page-center-support-j2plz.ondigitalocean.app/ IP 172.66.0.96 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-04-05 11:36 Last Seen2025-04-05 11:36 Times Seen1 Hash 9fc4bbf23079cd0453d1a3a7a791bc4a fc487e456d35aa426ecead45c0a549b80b5ffead 14ee89ee7e2db79e4ab18b8539df61fb90a271b864a9f9f88da3d50129d87e71 Loading...

HTTP Transactions (3)

URL IP Response Size

page-center-support-j2plz.ondigitalocean.app/

172.66.0.96

200 OK

862 B

URL User Request GET
page-center-support-j2plz.ondigitalocean.app/
IP
172.66.0.96:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectondigitalocean.app
Fingerprint92:68:21:D4:23:B2:2B:97:BD:FF:3E:79:B1:2D:12:5C:70:AD:5E:34
ValidityMon, 10 Feb 2025 00:06:09 GMT - Sun, 11 May 2025 01:06:05 GMT

File type
HTML document, ASCII text, with very long lines (912), with no line terminators
Size
862 B (862 bytes)
Hash
c43c624280de092cf4a707e5a648970d
281acff3f38a209c588c8cd57e9690d0824e4658
6252705a0d0225a64da522708aa7ddc35cb373009a9839b6554de4aae7263791

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook
OpenPhish	phishing	Facebook, Inc.

HTTP Headers

GET / HTTP/1.1
Host: page-center-support-j2plz.ondigitalocean.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 05 Apr 2025 11:36:18 GMT
content-type: text/html; charset=utf-8
last-modified: Sat, 22 Mar 2025 13:41:41 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx000003da2a0b0093d4564-0067f002fc-6e42a991-sfo3a
cache-control: public,max-age=10,s-maxage=86400
x-do-app-origin: 1932a343-326d-4fdb-b38f-5b3ddbf0a73c
x-do-orig-status: 200
cf-cache-status: HIT
set-cookie: __cf_bm=xXpOFj9..lOPubVeePTMDuhxMo2AicESeb6cuMUqXqs-1743852978-1.0.1.1-VDepHJ_HZmhDWFRuirEGYwocfi8Lq45TGep8zH5XL12yE1QimLt2gnOTDiRHh9j6PCH7objTQpOMcqZOJpYDGlxTzXQ3aVLMGJZ5kCGNXYA; path=/; expires=Sat, 05-Apr-25 12:06:18 GMT; domain=.ondigitalocean.app; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 92b8bf393d6ab4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

pages-centre2025.glitch.me/

151.101.2.59

403 Forbidden

1.9 kB

URL GET
pages-centre2025.glitch.me/
IP
151.101.2.59:443
ASN
#54113 FASTLY

Requested by
https://page-center-support-j2plz.ondigitalocean.app/
Certificate
IssuerCertainly
Subject*.glitch.me
Fingerprint97:AE:38:66:3D:A4:DF:39:E3:02:0E:99:02:5B:C4:DD:7A:E0:6D:60
ValiditySat, 22 Mar 2025 21:21:47 GMT - Mon, 21 Apr 2025 21:21:46 GMT

File type
HTML document, ASCII text, with very long lines (2045), with no line terminators
Size
1.9 kB (1937 bytes)
Hash
1ff82c1e7fea057a739fbca86e854879
d81e8a0df1901d7a3a5f0853901180fd106f47c0
3e8dc4c845ced69c49c088f8fc276830137f4580db02668f08ccb47b5d8188f0

HTTP Headers

GET / HTTP/1.1
Host: pages-centre2025.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://page-center-support-j2plz.ondigitalocean.app/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 403 Forbidden
cache-control: max-age=0
content-type: text/html; charset=utf-8
etag: W/"791-K7D/F4HagNxL2Mr7ASPeiAQ/g5w"
accept-ranges: bytes
date: Sat, 05 Apr 2025 11:36:19 GMT
via: 1.1 varnish
x-served-by: cache-hel1410030-HEL, cache-hel1410030-HEL
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1743852979.026026,VS0,VE191
content-length: 1937
X-Firefox-Spdy: h2

brandlogos.net/wp-content/uploads/2021/10/meta-logo-512x512.png

188.114.97.1

200 OK

14 kB

URL GET
brandlogos.net/wp-content/uploads/2021/10/meta-logo-512x512.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://page-center-support-j2plz.ondigitalocean.app/
Certificate
IssuerGoogle Trust Services
Subjectbrandlogos.net
FingerprintBA:2D:76:35:37:BD:57:BC:82:02:E8:60:40:6A:86:BC:A3:7D:A5:7C
ValidityFri, 28 Mar 2025 07:19:19 GMT - Thu, 26 Jun 2025 08:17:49 GMT

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Size
14 kB (13741 bytes)
Hash
5f83bcf7c75b3de571243ab7093b7160
f2f37acf8f44860beea9fa509917395e11be722c
4872f539c72cf037fe2c3b8046126d48e0118668f71d4523613ab3feed53db62

HTTP Headers

GET /wp-content/uploads/2021/10/meta-logo-512x512.png HTTP/1.1
Host: brandlogos.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://page-center-support-j2plz.ondigitalocean.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 05 Apr 2025 11:36:19 GMT
content-type: image/png
content-length: 13741
last-modified: Fri, 29 Oct 2021 20:57:33 GMT
etag: "617c603d-35ad"
expires: Sun, 04 May 2025 21:21:33 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
pragma: public
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EudsOc%2F8mTv9tEyD17XKxhhltDKbY6Pb2Fgg8fTAIVFggm8Jbrshjp%2Fkc5LkXsH80L7yyMjmNGg0eRjIGXT2z0%2BASMu8erAalh6p7qGyXSH%2BiOWNi96fdnX65sCrCs8Q8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 92b8bf3e3e47b527-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=688&min_rtt=465&rtt_var=451&sent=8&recv=10&lost=0&retrans=0&sent_bytes=3279&recv_bytes=1247&delivery_rate=5402985&cwnd=246&unsent_bytes=0&cid=ca65e0265cebf9b2&ts=240&x=0"
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (1)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (3)

URL User Request GET

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers