Verification - Tea App Breach Exposes 72,000 Selfies, ID Photos and Other User Images | FanVerse

other

corporate

English

_pk_ses.1.08fc

_pk_id.1.08fc

xf_csrf

Within the non-profit oriented generic top-level domain (.org), 'www.fanverse.org' is registered and includes subdomain 'www'. The second-level label 'fanverse' is 8 characters long containing 3 vowels alongside 5 consonants. Breaking it apart gives 2 words: fan, verse. Expect 4 characters per word on average. 'fan' is most common in Esperanto usage. Secondary signals appear in Swedish and Galician. Overall, 'www.fanverse.org' reads as Esperanto.

_xfToken

g-recaptcha-response

h-captcha-response

_xfClientLoadTime

html/a7/df/a7df18b8-4ada-485f-b359-ca26fc0c2af3.html.gz

application/x-www-form-urlencoded; charset=utf-8

report-uri https://sentry.hcaptcha.com/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1;

Widget containing checkbox for hCaptcha security challenge

Main content of the hCaptcha challenge

89e35b18e2ddd93f040839eb32f71a22a7781f27fca6e294f9405d5fb0ea2cc3

b436fcb2277e73f40246e07ee2ae54db8581d67a0ef83e37c85593167116c477

40370aee49c7a9cde80f64b5d8373f1bfe3c3de64f855cec1e8ef1afb3767f24

8c3683272ddf247bc272333e5820fe760207e7683aac163fe3e60abe06a21178

411c1aa29d83ae1d53fc26052d5ea20d7ed5d163a3cf6fc8e8973f12677e4283

a6e1f2a669bf6f12b5b754ad2814b9d449328ef7bbef4bec39838ac847148d3e

width=device-width, initial-scale=1, viewport-fit=cover

viewport

theme-color

apple-mobile-web-app-title

Verification - Tea App Breach Exposes 72,000 Selfies, ID Photos and Other User Images

Verification - Tea App Breach Exposes 72,000 Selfies, ID Photos...

https://www.fanverse.org/threads/tea-app-breach-exposes-72-000-selfies-id-photos-and-other-user-images.1352275/

HSTS header missing - vulnerable to protocol downgrade attacks

CSP header missing - vulnerable to XSS attacks

child-src https:  chrome-untrusted://new-tab-page/ chrome-untrusted://ntp-microsoft-auth/;connect-src chrome://resources chrome://theme 'self';default-src 'self';font-src chrome://resources 'self';img-src chrome://resources chrome://theme chrome://image chrome://favicon2 chrome://app-icon chrome://extension-icon chrome://fileicon blob: data: 'self';object-src 'none';require-trusted-types-for 'script';script-src chrome://resources chrome://webui-test 'self';style-src chrome://resources chrome://theme 'self' 'unsafe-inline';trusted-types parse-html-subset sanitize-inner-html static-types webui-test-script webui-test-html polymer-html-literal polymer-template-event-attribute-policy lit-html-desktop;frame-ancestors 'none';

child-src 'none';object-src 'none';require-trusted-types-for 'script';script-src chrome://resources 'self';trusted-types;worker-src blob: 'self';frame-ancestors 'none';

child-src 'none';object-src 'none';require-trusted-types-for 'script';script-src chrome://resources 'self';trusted-types;frame-ancestors 'none';

base-uri 'none';child-src https:;form-action https://ogs.google.com https://*.corp.google.com;object-src 'none';script-src 'self' 'unsafe-inline' https:;frame-ancestors chrome://new-tab-page/

Markus Schmitt

InterNetX GmbH

fanverse.org

ORG-HOA1-RIPE

Martin Hetzner

HOS-GUN

Hetzner Online GmbH

Dennis Diehm

Guenther Mueller

Martin Fritzsche

Stephan Konvickova

Sebastian Krannich

HOS-3073


		XF.ready(() =>
		{
			XF.extendObject(true, XF.config, {
				// 
				userId: 0,
				enablePush: true,
				pushAppServerKey: 'BKu70K7hacapzW5rsw_slABl7z2dBFBfmsmsFakmex_lzRnhKEoa-vJYHoNdA8D0Ox5EGXSl


XF.ready(() =>
{

var SV = window.SV || {};
SV.extendObject = SV.extendObject || XF.extendObject || jQuery.extend;
SV.extendObject(XF.config, {
	contentrating : {
		tooltipDelay: 400,
		menuDelay: 10


	  var _paq = window._paq = window._paq || [];
	  _paq.push(['trackPageView']);
	  _paq.push(['enableLinkTracking']);
	  (function() {
		var u="//stats.fanverse.org/";
		_paq.push(['setTrackerUrl', u

X-UA-Compatible

Open-Graph-Protocol

MySQL

Cloudflare

hCaptcha

XenForo

HSTS

reCAPTCHA

Cloudflare Turnstile

Matomo

First-Party Tracking

✅ Low Risk - https://www.fanverse.org/threads/tea-app-breach-exposes-72-000-selfies-id-photos-and-other-user-images.1352275/

Requests	IP Address	Location	AS Autonomous System
11	213.239.221.230	Falkenstein, Saxony, Germany	AS24940Hetzner Online GmbH
9	104.19.230.21	United States	AS13335CLOUDFLARENET
9	104.19.229.21	United States	AS13335CLOUDFLARENET
29	3	-	-

Security Scan Report: www.fanverse.org

Summary

AI Security Verdict

Safe Website

Safety Factors

Details

Primary Scan Blocked — Fallback Capture Shown

Screenshot

Page Load Overview

Language Analysis

Primary Language

Detection Details

Website Classification

Primary Category

All Detected Categories

Detected Features

Domain & IP Information

Detected Technologies10

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

ssdeep (Context Triggered Piecewise Hashing)

sdhash (Similarity Digest Hashing)

Image Hashes

Perceptual Hashes

Other Hashes

Scan History