sounds similar to a masseter muscle massage https://www.youtube.com/watch?v=7VnV7wUxst0

The underlying architecture matters little when the SPA requires several seconds of main thread work after downloading various "blobs" of minified java script..

You know you're having a real impact when you have to self-report on the impact you're having.

So I tested out the extension.. First the extension spammed me with "login required".. So I click the notification to be taken to a login page.. Great? Now I have to create an account and verify a link.. Now I can test how great this is against a "fresh" facebook phishing page being actively promoted via Facebook Ads..

hxxps://r7ouhcqzdgae76-fsc0fydmbecefrap.z03.azurefd.net/new2/?utm_medium=paid&utm_source=fb&utm_id=6900429311725&utm_content=6900429312725&utm_t erm=6900429314125&utm_campaign=6900429311725

The "extension" did a "scan". {"url":"https://r7ouhcqzdgae76-fsc0fydmbecefrap.z03.azurefd.net/new2..."}

response: {"classification":"clean"}

great work?

If I click "Deep scan".. I see a screenshot blob being sent over.. response: { "classification": "phish", "reasons": [ "Our system has previously flagged this webpage as malicious." ] }

So if the site were already flagged, why does the "light" scan not show that?

"If you're interested in trying Muninn, it's available as a Chrome extension. We're in an early phase " Domain is less than 4 months old.. Software is "early phase".. Already making misleading marketing claims of usefulness..