| |  47.91.149.178 | | 0 B |
IP47.91.149.178:0 ASN#45102 Alibaba US Technology Co., Ltd.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Facebook | | Quad9 DNS | malicious | Sinkholed |
GET /?u=ahr0 HTTP/1.1
Host: 47.91.149.178
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Thu, 28 Mar 2024 16:15:06 GMT
Server: Apache/2.4.25 (Unix) proxy_html/3.1.2 OpenSSL/1.0.1e-fips
Location: http://47.91.149.178/?u=aHR0&r=cHM6Ly93d3cuZmFjZWJvb2suY29tL2xvZ2luLz9uZXh0PWh0dHBzJTNBJTJGJTJGd3d3LmZhY2Vib29rLmNvbSUyRiUzRnUlM0RhaHIw
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: unsafe-none;report-to="coop_report"
Vary: Sec-Fetch-Site,Sec-Fetch-Mode
Strict-Transport-Security: max-age=15552000; preload
Content-Type: text/html; charset="utf-8"
X-FB-Debug: ATMIwV7yZEeEH8GNC2ExRljS788cHRtDvVI+CBGDzWuCtIbxZSsOBztsK9naZP09n0zUwpeKX0oPSVXUMO5d3w==
X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=2, rtx=0, c=10, mss=1380, tbw=3223, tp=-1, tpl=-1, uplat=140, ullat=0
Alt-Svc: h3=":443"; ma=86400
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
|
|
| 47.91.149.178/?u=aHR0&r=cHM6Ly93d3cuZmFjZWJvb2suY29tL2xvZ2luLz9uZXh0PWh0dHBzJTNBJTJGJTJGd3d3LmZhY2Vib29rLmNvbSUyRiUzRnUlM0RhaHIw | 47.91.149.178 | | 60 kB |
URL User Request GET 47.91.149.178/?u=aHR0&r=cHM6Ly93d3cuZmFjZWJvb2suY29tL2xvZ2luLz9uZXh0PWh0dHBzJTNBJTJGJTJGd3d3LmZhY2Vib29rLmNvbSUyRiUzRnUlM0RhaHIw IP47.91.149.178:0 ASN#45102 Alibaba US Technology Co., Ltd.
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (30996) Hash4bc08874b3b531ed240d64d751204046 c61a53110a401eac1ef235ab49bd7e14cc69dd73 c75abce4dfe0769fc2626a29f709d720676751ce6a451c45a9ba934c3e02b730
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Facebook | | Quad9 DNS | malicious | Sinkholed |
GET /?u=aHR0&r=cHM6Ly93d3cuZmFjZWJvb2suY29tL2xvZ2luLz9uZXh0PWh0dHBzJTNBJTJGJTJGd3d3LmZhY2Vib29rLmNvbSUyRiUzRnUlM0RhaHIw HTTP/1.1
Host: 47.91.149.178
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 16:15:08 GMT
Server: Apache/2.4.25 (Unix) proxy_html/3.1.2 OpenSSL/1.0.1e-fips
Pragma: no-cache
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
Vary: Sec-Fetch-Site,Sec-Fetch-Mode,Accept-Encoding
Strict-Transport-Security: max-age=15552000; preload
Content-Type: text/html;charset=utf-8
X-FB-Debug: qslXAC+E8FM2H0811vnsT3PuNP+GA4LloWNULmzWTRuqkD//rpaYKLD+57t7R62EyNgVJ23Z1DLINjZQEisucg==
X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=2, rtx=37, c=74, mss=1380, tbw=2593491, tp=-1, tpl=-1, uplat=203, ullat=0
Alt-Svc: h3=":443"; ma=86400
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
|
|
| agent.joinf.cn/static?u=aH&r=R0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3kzL2wvMCxjcm9zcy9RZ3huYVA0TXpzQy5jc3M/X25jX3g9SWozV3A4bGc1S3o= | 47.91.149.178 | 200 OK | 11 kB |
URL GET HTTP/1.1agent.joinf.cn/static?u=aH&r=R0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3kzL2wvMCxjcm9zcy9RZ3huYVA0TXpzQy5jc3M/X25jX3g9SWozV3A4bGc1S3o= IP47.91.149.178:80 ASN#45102 Alibaba US Technology Co., Ltd.
Requested byhttp://47.91.149.178/?u=aHR0&r=cHM6Ly93d3cuZmFjZWJvb2suY29tL2xvZ2luLz9uZXh0PWh0dHBzJTNBJTJGJTJGd3d3LmZhY2Vib29rLmNvbSUyRiUzRnUlM0RhaHIw
File typeASCII text, with very long lines (1400) Hashcc0b6be40b90c537ef0b63bc2d9e910a 455f20eec55d628a9488bfd4551bb56221a39b0c f722e9e2345e7155c64bd66f197ecffe3349d8929b45f83496f6a924562c8063
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Facebook, Inc. |
GET /static?u=aH&r=R0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3kzL2wvMCxjcm9zcy9RZ3huYVA0TXpzQy5jc3M/X25jX3g9SWozV3A4bGc1S3o= HTTP/1.1
Host: agent.joinf.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://47.91.149.178
DNT: 1
Connection: keep-alive
Referer: http://47.91.149.178/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 16:15:10 GMT
Server: Apache/2.4.25 (Unix) proxy_html/3.1.2 OpenSSL/1.0.1e-fips
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: zAtr5AuQxTfvC2O8LZ6RCg==
Expires: Sun, 23 Mar 2025 18:02:52 GMT
Cache-Control: public,max-age=31536000,immutable
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
timing-allow-origin: *
document-policy: force-load-at-top
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy: cross-origin
X-Content-Type-Options: nosniff
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
X-FB-Debug: jlJZf9iIOsKjRwvjf/Ip8zqbD6zEGuZM8a9P1IsiKjj126O2jBvN/ebZSrnlJTx3ZhcpoGOMItxkRnBW6jNDKg==
X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=3, rtx=1, c=52, mss=1380, tbw=48507, tp=-1, tpl=-1, uplat=1, ullat=-1
Alt-Svc: h3=":443"; ma=86400
Content-Length: 11201
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
|
|
| agent.joinf.cn/static?u=aH&r=R0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzaWo5bTQveUcvbC9lbl9HQi91YkdRSnQ4OHlqQy5qcz9fbmNfeD1JajNXcDhsZzVLeg== | 47.91.149.178 | 200 OK | 66 kB |
URL GET HTTP/1.1agent.joinf.cn/static?u=aH&r=R0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzaWo5bTQveUcvbC9lbl9HQi91YkdRSnQ4OHlqQy5qcz9fbmNfeD1JajNXcDhsZzVLeg== IP47.91.149.178:80 ASN#45102 Alibaba US Technology Co., Ltd.
Requested byhttp://47.91.149.178/?u=aHR0&r=cHM6Ly93d3cuZmFjZWJvb2suY29tL2xvZ2luLz9uZXh0PWh0dHBzJTNBJTJGJTJGd3d3LmZhY2Vib29rLmNvbSUyRiUzRnUlM0RhaHIw
File typeJavaScript source, ASCII text, with very long lines (29846) Hash6ae31e24959edef539456835b70fd5d1 13b822e60dfb74c60feb3401e583423fb2c81792 64499ccd68fd0c6e6e7770939d5d39a080d0c3c15ba8eb4aff47e41f83655741
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Facebook, Inc. |
GET /static?u=aH&r=R0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzaWo5bTQveUcvbC9lbl9HQi91YkdRSnQ4OHlqQy5qcz9fbmNfeD1JajNXcDhsZzVLeg== HTTP/1.1
Host: agent.joinf.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://47.91.149.178
DNT: 1
Connection: keep-alive
Referer: http://47.91.149.178/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 16:15:09 GMT
Server: Apache/2.4.25 (Unix) proxy_html/3.1.2 OpenSSL/1.0.1e-fips
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Access-Control-Allow-Origin: *
Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: auMeJJWe3vU5RWg1tw/V0Q==
Expires: Mon, 24 Mar 2025 18:53:07 GMT
Cache-Control: public,max-age=31536000,immutable
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
timing-allow-origin: *
document-policy: force-load-at-top
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy: cross-origin
X-Content-Type-Options: nosniff
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
origin-agent-cluster: ?0
X-FB-Debug: nTFielz8KMWPiUeQ34gTIaDYMd6bRucsygFp0LY0Lglqc40lAKm1M6oROem4E/wScevhUqP8eVugYi5tGQaQXA==
X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=7, rtx=0, c=15, mss=1380, tbw=3756, tp=-1, tpl=-1, uplat=1, ullat=-1
Alt-Svc: h3=":443"; ma=86400
Content-Length: 65918
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
|
|
| agent.joinf.cn/static?u=aH&r=R0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3k3L3IvUkpUOWRRUzN0Mk4uanM/X25jX3g9SWozV3A4bGc1S3o= | 47.91.149.178 | 200 OK | 51 kB |
URL GET HTTP/1.1agent.joinf.cn/static?u=aH&r=R0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3k3L3IvUkpUOWRRUzN0Mk4uanM/X25jX3g9SWozV3A4bGc1S3o= IP47.91.149.178:80 ASN#45102 Alibaba US Technology Co., Ltd.
Requested byhttp://47.91.149.178/?u=aHR0&r=cHM6Ly93d3cuZmFjZWJvb2suY29tL2xvZ2luLz9uZXh0PWh0dHBzJTNBJTJGJTJGd3d3LmZhY2Vib29rLmNvbSUyRiUzRnUlM0RhaHIw
File typeJavaScript source, ASCII text, with very long lines (11302) Hash6b16687ebec17c692aac5f11b36ee8dd b8294eacb9522e2f752a583f0415fd137cc54859 b42b64ff58e9dcf85b73dd9ed256bb96aad9f05b2513ab87cc34686515a2a384
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Facebook, Inc. |
GET /static?u=aH&r=R0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3k3L3IvUkpUOWRRUzN0Mk4uanM/X25jX3g9SWozV3A4bGc1S3o= HTTP/1.1
Host: agent.joinf.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://47.91.149.178
DNT: 1
Connection: keep-alive
Referer: http://47.91.149.178/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 16:15:09 GMT
Server: Apache/2.4.25 (Unix) proxy_html/3.1.2 OpenSSL/1.0.1e-fips
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Access-Control-Allow-Origin: *
Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: axZofr7BfGkqrF8Rs27o3Q==
Expires: Wed, 26 Mar 2025 22:00:59 GMT
Cache-Control: public,max-age=31536000,immutable
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
timing-allow-origin: *
document-policy: force-load-at-top
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy: cross-origin
X-Content-Type-Options: nosniff
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
X-FB-Debug: InP0OatwhasqmnEQWc319vzv7NyYNVNMqg3Jl9jDC26OeCht2WS3Q55Moer4u9IEDA6RNa80eKpCsvTof1zx9g==
X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=2, rtx=0, c=14, mss=1380, tbw=3222, tp=-1, tpl=-1, uplat=1, ullat=-1
Alt-Svc: h3=":443"; ma=86400
Content-Length: 51398
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
|
|
| agent.joinf.cn/static?u=aH&r=R0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3lwL2wvMCxjcm9zcy9BVlRUY09IdjBhMi5jc3M/X25jX3g9SWozV3A4bGc1S3o= | 47.91.149.178 | 200 OK | 46 kB |
URL GET HTTP/1.1agent.joinf.cn/static?u=aH&r=R0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3lwL2wvMCxjcm9zcy9BVlRUY09IdjBhMi5jc3M/X25jX3g9SWozV3A4bGc1S3o= IP47.91.149.178:80 ASN#45102 Alibaba US Technology Co., Ltd.
Requested byhttp://47.91.149.178/?u=aHR0&r=cHM6Ly93d3cuZmFjZWJvb2suY29tL2xvZ2luLz9uZXh0PWh0dHBzJTNBJTJGJTJGd3d3LmZhY2Vib29rLmNvbSUyRiUzRnUlM0RhaHIw
File typeASCII text, with very long lines (4583) Hashf0eb020e18dc49ce1cfbddf040a3de6f faa02d9e34e1b15bf420c73d5972ae77815c6bdf d1882e9ea7eac50e1244963cc12b51a1eec220c08b9788343fd04447e7037651
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Facebook, Inc. |
GET /static?u=aH&r=R0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3lwL2wvMCxjcm9zcy9BVlRUY09IdjBhMi5jc3M/X25jX3g9SWozV3A4bGc1S3o= HTTP/1.1
Host: agent.joinf.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://47.91.149.178
DNT: 1
Connection: keep-alive
Referer: http://47.91.149.178/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 16:15:09 GMT
Server: Apache/2.4.25 (Unix) proxy_html/3.1.2 OpenSSL/1.0.1e-fips
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: 8OsCDhjcSc4c+93wQKPebw==
Expires: Mon, 24 Mar 2025 19:31:25 GMT
Cache-Control: public,max-age=31536000,immutable
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
timing-allow-origin: *
document-policy: force-load-at-top
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy: cross-origin
X-Content-Type-Options: nosniff
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
X-FB-Debug: 4p2eU9QVqjD0lLL7JAwJk/yA41Eg1HnQQI8dx2Pea6ny5iSIBdDsRwEWITnPJhdzEbw2qX7/AvkIkfLE6dlIDA==
X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=7, rtx=0, c=15, mss=1380, tbw=3756, tp=-1, tpl=-1, uplat=1, ullat=-1
Alt-Svc: h3=":443"; ma=86400
Content-Length: 45595
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
|
|
| agent.joinf.cn/static?u=aH&r=R0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3l4L3IvR0lsSmp5ekVndVEuanM/X25jX3g9SWozV3A4bGc1S3o= | 47.91.149.178 | 200 OK | 1.0 kB |
URL GET HTTP/1.1agent.joinf.cn/static?u=aH&r=R0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3l4L3IvR0lsSmp5ekVndVEuanM/X25jX3g9SWozV3A4bGc1S3o= IP47.91.149.178:80 ASN#45102 Alibaba US Technology Co., Ltd.
Requested byhttp://47.91.149.178/?u=aHR0&r=cHM6Ly93d3cuZmFjZWJvb2suY29tL2xvZ2luLz9uZXh0PWh0dHBzJTNBJTJGJTJGd3d3LmZhY2Vib29rLmNvbSUyRiUzRnUlM0RhaHIw
File typeJavaScript source, ASCII text, with very long lines (438) Hash787bc054adace94e0baccfe0525d84c1 d64a069fe8e62e7febeeb78f21af5d45cfbc995e 873edbb1e4fee287f44f1565d4c9df82b727d59a398092e3d278d14da203a372
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Facebook, Inc. |
GET /static?u=aH&r=R0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3l4L3IvR0lsSmp5ekVndVEuanM/X25jX3g9SWozV3A4bGc1S3o= HTTP/1.1
Host: agent.joinf.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://47.91.149.178
DNT: 1
Connection: keep-alive
Referer: http://47.91.149.178/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 16:15:10 GMT
Server: Apache/2.4.25 (Unix) proxy_html/3.1.2 OpenSSL/1.0.1e-fips
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Access-Control-Allow-Origin: *
Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: eHvAVK2s6U4LrM/gUl2EwQ==
Expires: Wed, 26 Mar 2025 22:01:00 GMT
Cache-Control: public,max-age=31536000,immutable
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
timing-allow-origin: *
document-policy: force-load-at-top
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy: cross-origin
X-Content-Type-Options: nosniff
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
X-FB-Debug: AE8bXL3Dl7TUDcdPymt39gXLObXONrqJM2Hw6TYNykuhNsAhH8GrzXMg0/QizsHmNtAqxG0vLz1VPE0kK76Xiw==
X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=3, rtx=0, c=14, mss=1380, tbw=3223, tp=-1, tpl=-1, uplat=1, ullat=-1
Alt-Svc: h3=":443"; ma=86400
Content-Length: 1047
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
|
|
| agent.joinf.cn/static?u=aH&r=R0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3l2L3IvNEc0MmZtWlY3RzguanM/X25jX3g9SWozV3A4bGc1S3o= | 47.91.149.178 | 200 OK | 384 kB |
URL GET HTTP/1.1agent.joinf.cn/static?u=aH&r=R0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3l2L3IvNEc0MmZtWlY3RzguanM/X25jX3g9SWozV3A4bGc1S3o= IP47.91.149.178:80 ASN#45102 Alibaba US Technology Co., Ltd.
Requested byhttp://47.91.149.178/?u=aHR0&r=cHM6Ly93d3cuZmFjZWJvb2suY29tL2xvZ2luLz9uZXh0PWh0dHBzJTNBJTJGJTJGd3d3LmZhY2Vib29rLmNvbSUyRiUzRnUlM0RhaHIw
File typeJavaScript source, ASCII text, with very long lines (11057) Size384 kB (383492 bytes) Hash98b6e43ab5e6c86576268a23a43a977d 2a069de8cdab975032793e41c635c23419db5f5d 41bec6a7a72128dbbfb76263f6cf6d88b6256275917a4f144f36ffcfea82f48f
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Facebook, Inc. |
GET /static?u=aH&r=R0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3l2L3IvNEc0MmZtWlY3RzguanM/X25jX3g9SWozV3A4bGc1S3o= HTTP/1.1
Host: agent.joinf.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://47.91.149.178
DNT: 1
Connection: keep-alive
Referer: http://47.91.149.178/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 16:15:13 GMT
Server: Apache/2.4.25 (Unix) proxy_html/3.1.2 OpenSSL/1.0.1e-fips
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Access-Control-Allow-Origin: *
Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: mLbkOrXmyGV2JoojpDqXfQ==
Expires: Fri, 28 Mar 2025 03:02:53 GMT
Cache-Control: public,max-age=31536000,immutable
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
timing-allow-origin: *
document-policy: force-load-at-top
permissions-policy: accelerometer=(), ambient-light-sensor=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy: cross-origin
X-Content-Type-Options: nosniff
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
X-FB-Debug: bQdf7/8A7fzx4w8X1dYjLdV18k8icYvsPi5mfSeBQfM3UmiQbqFAu59mFmoUUhFpOXjc9B5KYQodPvYlfoAF/g==
X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=14, mss=1380, tbw=3224, tp=-1, tpl=-1, uplat=1, ullat=-1
Alt-Svc: h3=":443"; ma=86400
Content-Length: 383492
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
|
|
| agent.joinf.cn/static/rsrc.php/v3ij9m4/yG/l/en_GB/ubGQJt88yjC.js?_nc_x=Ij3Wp8lg5Kz | 47.91.149.178 | 200 OK | 66 kB |
URL GET HTTP/1.1agent.joinf.cn/static/rsrc.php/v3ij9m4/yG/l/en_GB/ubGQJt88yjC.js?_nc_x=Ij3Wp8lg5Kz IP47.91.149.178:80 ASN#45102 Alibaba US Technology Co., Ltd.
Requested byhttp://47.91.149.178/?u=aHR0&r=cHM6Ly93d3cuZmFjZWJvb2suY29tL2xvZ2luLz9uZXh0PWh0dHBzJTNBJTJGJTJGd3d3LmZhY2Vib29rLmNvbSUyRiUzRnUlM0RhaHIw
File typeJavaScript source, ASCII text, with very long lines (29846) Hash6ae31e24959edef539456835b70fd5d1 13b822e60dfb74c60feb3401e583423fb2c81792 64499ccd68fd0c6e6e7770939d5d39a080d0c3c15ba8eb4aff47e41f83655741
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Facebook, Inc. |
GET /static/rsrc.php/v3ij9m4/yG/l/en_GB/ubGQJt88yjC.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: agent.joinf.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://47.91.149.178
DNT: 1
Connection: keep-alive
Referer: http://47.91.149.178/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 16:15:14 GMT
Server: Apache/2.4.25 (Unix) proxy_html/3.1.2 OpenSSL/1.0.1e-fips
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Access-Control-Allow-Origin: *
Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: auMeJJWe3vU5RWg1tw/V0Q==
Expires: Mon, 24 Mar 2025 18:53:07 GMT
Cache-Control: public,max-age=31536000,immutable
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
timing-allow-origin: *
document-policy: force-load-at-top
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy: cross-origin
X-Content-Type-Options: nosniff
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
origin-agent-cluster: ?0
X-FB-Debug: nTFielz8KMWPiUeQ34gTIaDYMd6bRucsygFp0LY0Lglqc40lAKm1M6oROem4E/wScevhUqP8eVugYi5tGQaQXA==
X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=7, rtx=2, c=146, mss=1380, tbw=390289, tp=-1, tpl=-1, uplat=1, ullat=-1
Alt-Svc: h3=":443"; ma=86400
Content-Length: 65918
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
|
|
| agent.joinf.cn/static/rsrc.php/v3/yk/r/RKK6hMCj3R1.js?_nc_x=Ij3Wp8lg5Kz | 47.91.149.178 | 200 OK | 5.3 kB |
URL GET HTTP/1.1agent.joinf.cn/static/rsrc.php/v3/yk/r/RKK6hMCj3R1.js?_nc_x=Ij3Wp8lg5Kz IP47.91.149.178:80 ASN#45102 Alibaba US Technology Co., Ltd.
Requested byhttp://47.91.149.178/?u=aHR0&r=cHM6Ly93d3cuZmFjZWJvb2suY29tL2xvZ2luLz9uZXh0PWh0dHBzJTNBJTJGJTJGd3d3LmZhY2Vib29rLmNvbSUyRiUzRnUlM0RhaHIw
File typeJavaScript source, ASCII text, with very long lines (1984) Hashe2d83c5739058e358f7b0bd00816e76b 842d3f0128d6db40f8c77e728a84c6c71de3f5d2 53bad59933518142fb7a669c6a1790a91d2ba3e9313b9327407f2d5df0a206b6
GET /static/rsrc.php/v3/yk/r/RKK6hMCj3R1.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: agent.joinf.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://47.91.149.178
DNT: 1
Connection: keep-alive
Referer: http://47.91.149.178/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 16:15:14 GMT
Server: Apache/2.4.25 (Unix) proxy_html/3.1.2 OpenSSL/1.0.1e-fips
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Access-Control-Allow-Origin: *
Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: 4tg8VzkFjjWPewvQCBbnaw==
Expires: Sun, 23 Mar 2025 17:53:39 GMT
Cache-Control: public,max-age=31536000,immutable
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
timing-allow-origin: *
document-policy: force-load-at-top
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy: cross-origin
X-Content-Type-Options: nosniff
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
X-FB-Debug: bplgxAdHfP2Qb1b4wk1nyft/eh0GVpH//eVvXXL/OJ+a4cPcW//+OEk8S1hbb4PEIOAPoLFRaah590qbIV2shw==
X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=3, rtx=0, c=14, mss=1380, tbw=3223, tp=-1, tpl=-1, uplat=0, ullat=-1
Alt-Svc: h3=":443"; ma=86400
Content-Length: 5306
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
|
|
| agent.joinf.cn/static/rsrc.php/v3/yx/r/GIlJjyzEguQ.js?_nc_x=Ij3Wp8lg5Kz | 47.91.149.178 | 200 OK | 1.0 kB |
URL GET HTTP/1.1agent.joinf.cn/static/rsrc.php/v3/yx/r/GIlJjyzEguQ.js?_nc_x=Ij3Wp8lg5Kz IP47.91.149.178:80 ASN#45102 Alibaba US Technology Co., Ltd.
Requested byhttp://47.91.149.178/?u=aHR0&r=cHM6Ly93d3cuZmFjZWJvb2suY29tL2xvZ2luLz9uZXh0PWh0dHBzJTNBJTJGJTJGd3d3LmZhY2Vib29rLmNvbSUyRiUzRnUlM0RhaHIw
File typeJavaScript source, ASCII text, with very long lines (438) Hash787bc054adace94e0baccfe0525d84c1 d64a069fe8e62e7febeeb78f21af5d45cfbc995e 873edbb1e4fee287f44f1565d4c9df82b727d59a398092e3d278d14da203a372
GET /static/rsrc.php/v3/yx/r/GIlJjyzEguQ.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: agent.joinf.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://47.91.149.178
DNT: 1
Connection: keep-alive
Referer: http://47.91.149.178/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 16:15:14 GMT
Server: Apache/2.4.25 (Unix) proxy_html/3.1.2 OpenSSL/1.0.1e-fips
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Access-Control-Allow-Origin: *
Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: eHvAVK2s6U4LrM/gUl2EwQ==
Expires: Wed, 26 Mar 2025 22:01:00 GMT
Cache-Control: public,max-age=31536000,immutable
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
timing-allow-origin: *
document-policy: force-load-at-top
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy: cross-origin
X-Content-Type-Options: nosniff
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
X-FB-Debug: AE8bXL3Dl7TUDcdPymt39gXLObXONrqJM2Hw6TYNykuhNsAhH8GrzXMg0/QizsHmNtAqxG0vLz1VPE0kK76Xiw==
X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=3, rtx=1, c=56, mss=1380, tbw=56571, tp=-1, tpl=-1, uplat=0, ullat=-1
Alt-Svc: h3=":443"; ma=86400
Content-Length: 1047
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
|
|
| agent.joinf.cn/static?u=aH&r=R0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3liL3IvaExSSjFHR195MEouaWNv | 47.91.149.178 | 200 OK | 4.3 kB |
URL GET HTTP/1.1agent.joinf.cn/static?u=aH&r=R0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3liL3IvaExSSjFHR195MEouaWNv IP47.91.149.178:80 ASN#45102 Alibaba US Technology Co., Ltd.
Requested byhttp://47.91.149.178/?u=aHR0&r=cHM6Ly93d3cuZmFjZWJvb2suY29tL2xvZ2luLz9uZXh0PWh0dHBzJTNBJTJGJTJGd3d3LmZhY2Vib29rLmNvbSUyRiUzRnUlM0RhaHIw
File typeMS Windows icon resource - 1 icon, 32x32, 32 bits/pixel Hash8cddca427dae9b925e73432f8733e05a 1999a6f624a25cfd938eef6492d34fdc4f55dedc 89676a3fb8639d6531c525e5800ff4cc44d06d27ff5607922d27e390eb5b6e62
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Facebook, Inc. |
GET /static?u=aH&r=R0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3liL3IvaExSSjFHR195MEouaWNv HTTP/1.1
Host: agent.joinf.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://47.91.149.178/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 16:15:15 GMT
Server: Apache/2.4.25 (Unix) proxy_html/3.1.2 OpenSSL/1.0.1e-fips
Content-Type: image/x-icon
Access-Control-Allow-Origin: *
Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: jN3KQn2um5Jec0MvhzPgWg==
Expires: Sat, 15 Mar 2025 19:43:19 GMT
Cache-Control: public,max-age=31536000,immutable
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
timing-allow-origin: *
document-policy: force-load-at-top
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy: cross-origin
X-Content-Type-Options: nosniff
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
origin-agent-cluster: ?0
X-FB-Debug: fDBg/VatgCrGsMuQkIwx3haTQBK9NclbqxuaQLAyk+l1r8iPCJr4InbDUZw7XBbzins7aTxRtsld4RLEL0wEvA==
X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=1, rtx=2, c=192, mss=1380, tbw=612014, tp=-1, tpl=-1, uplat=0, ullat=-1
Alt-Svc: h3=":443"; ma=86400
Content-Length: 4286
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
|
|
| agent.joinf.cn/rsrc.php/v3/y7/r/ZMz_3PD0Ipc.png | 47.91.149.178 | 200 OK | 3.9 kB |
URL GET HTTP/1.1agent.joinf.cn/rsrc.php/v3/y7/r/ZMz_3PD0Ipc.png IP47.91.149.178:80 ASN#45102 Alibaba US Technology Co., Ltd.
Requested byhttp://47.91.149.178/?u=aHR0&r=cHM6Ly93d3cuZmFjZWJvb2suY29tL2xvZ2luLz9uZXh0PWh0dHBzJTNBJTJGJTJGd3d3LmZhY2Vib29rLmNvbSUyRiUzRnUlM0RhaHIw
File typePNG image data, 171 x 73, 8-bit colormap, non-interlaced Hash2130be8367dc3732b407b46854f90fb1 96bfc3d3904ba4846cd6f96ffddf88a3ceb81d67 76f848b14b35e2fd1c3fb3edf36e0b9b9f1afa9efd58ea2f3c542a8df113c804
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Facebook, Inc. |
GET /rsrc.php/v3/y7/r/ZMz_3PD0Ipc.png HTTP/1.1
Host: agent.joinf.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://agent.joinf.cn/static?u=aH&r=R0cHM6Ly9zdGF0aWMueHguZmJjZG4ubmV0L3JzcmMucGhwL3YzL3lwL2wvMCxjcm9zcy9BVlRUY09IdjBhMi5jc3M/X25jX3g9SWozV3A4bGc1S3o=
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 15 Mar 2024 22:19:26 GMT
Server: Apache/2.4.25 (Unix) proxy_html/3.1.2 OpenSSL/1.0.1e-fips
Content-Type: image/png
Access-Control-Allow-Origin: *
Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: ITC+g2fcNzK0B7RoVPkPsQ==
Expires: Sat, 15 Mar 2025 22:19:26 GMT
Cache-Control: public,max-age=31536000,immutable
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
timing-allow-origin: *
document-policy: force-load-at-top
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy: cross-origin
X-Content-Type-Options: nosniff
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
origin-agent-cluster: ?0
X-FB-Debug: 9aUoR94QJD3Ftt/0pAF1KdmCqJJ2PE6VRoM3RI3viT/0Bouwpb/bSIsKHE/wDvUps2l2snqmaHHetXSsGYPMfg==
Content-Length: 3940
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
|
|
| agent.joinf.cn/static/rsrc.php/v3/y7/r/RJT9dQS3t2N.js?_nc_x=Ij3Wp8lg5Kz | 47.91.149.178 | 200 OK | 51 kB |
URL GET HTTP/1.1agent.joinf.cn/static/rsrc.php/v3/y7/r/RJT9dQS3t2N.js?_nc_x=Ij3Wp8lg5Kz IP47.91.149.178:80 ASN#45102 Alibaba US Technology Co., Ltd.
Requested byhttp://47.91.149.178/?u=aHR0&r=cHM6Ly93d3cuZmFjZWJvb2suY29tL2xvZ2luLz9uZXh0PWh0dHBzJTNBJTJGJTJGd3d3LmZhY2Vib29rLmNvbSUyRiUzRnUlM0RhaHIw
File typeJavaScript source, ASCII text, with very long lines (11302) Hash6b16687ebec17c692aac5f11b36ee8dd b8294eacb9522e2f752a583f0415fd137cc54859 b42b64ff58e9dcf85b73dd9ed256bb96aad9f05b2513ab87cc34686515a2a384
GET /static/rsrc.php/v3/y7/r/RJT9dQS3t2N.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: agent.joinf.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://47.91.149.178
DNT: 1
Connection: keep-alive
Referer: http://47.91.149.178/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 16:15:14 GMT
Server: Apache/2.4.25 (Unix) proxy_html/3.1.2 OpenSSL/1.0.1e-fips
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Access-Control-Allow-Origin: *
Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: axZofr7BfGkqrF8Rs27o3Q==
Expires: Wed, 26 Mar 2025 22:00:59 GMT
Cache-Control: public,max-age=31536000,immutable
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
timing-allow-origin: *
document-policy: force-load-at-top
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy: cross-origin
X-Content-Type-Options: nosniff
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
X-FB-Debug: InP0OatwhasqmnEQWc319vzv7NyYNVNMqg3Jl9jDC26OeCht2WS3Q55Moer4u9IEDA6RNa80eKpCsvTof1zx9g==
X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=3, rtx=0, c=18, mss=1380, tbw=5988, tp=-1, tpl=-1, uplat=0, ullat=-1
Alt-Svc: h3=":443"; ma=86400
Content-Length: 51398
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
|
|
| agent.joinf.cn/static/rsrc.php/v3/yE/r/KqVnbuezAjj.js?_nc_x=Ij3Wp8lg5Kz | 47.91.149.178 | 200 OK | 41 kB |
URL GET HTTP/1.1agent.joinf.cn/static/rsrc.php/v3/yE/r/KqVnbuezAjj.js?_nc_x=Ij3Wp8lg5Kz IP47.91.149.178:80 ASN#45102 Alibaba US Technology Co., Ltd.
Requested byhttp://47.91.149.178/?u=aHR0&r=cHM6Ly93d3cuZmFjZWJvb2suY29tL2xvZ2luLz9uZXh0PWh0dHBzJTNBJTJGJTJGd3d3LmZhY2Vib29rLmNvbSUyRiUzRnUlM0RhaHIw
File typeJavaScript source, ASCII text, with very long lines (4899) Hash28a7f8ff8f6ab57e2f1397b5346e5b4f 747e16d863a5e1c4d4f20e402f870d1b105b00d6 15608556adf5513237381121d86a7c8f8454a0677a7446ba563f3d2317863025
GET /static/rsrc.php/v3/yE/r/KqVnbuezAjj.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: agent.joinf.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://47.91.149.178
DNT: 1
Connection: keep-alive
Referer: http://47.91.149.178/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 16:15:15 GMT
Server: Apache/2.4.25 (Unix) proxy_html/3.1.2 OpenSSL/1.0.1e-fips
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Access-Control-Allow-Origin: *
Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: KKf4/49qtX4vE5e1NG5bTw==
Expires: Sun, 23 Mar 2025 17:53:49 GMT
Cache-Control: public,max-age=31536000,immutable
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
timing-allow-origin: *
document-policy: force-load-at-top
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy: cross-origin
X-Content-Type-Options: nosniff
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
X-FB-Debug: edSIFjX/j9Gm7+DS9XYfl1QUPuIoZlwWk69A5vHfxwgoaussFcNvXoWELbiaFjI4BhbGUCYPXyuoECURACoPqQ==
X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=8, rtx=0, c=21, mss=1380, tbw=10247, tp=-1, tpl=-1, uplat=1, ullat=-1
Alt-Svc: h3=":443"; ma=86400
Content-Length: 40625
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
|
|
| agent.joinf.cn/static/rsrc.php/v3/y2/r/3FPJ9YC_wUr.js?_nc_x=Ij3Wp8lg5Kz | 47.91.149.178 | 200 OK | 1.1 kB |
URL GET HTTP/1.1agent.joinf.cn/static/rsrc.php/v3/y2/r/3FPJ9YC_wUr.js?_nc_x=Ij3Wp8lg5Kz IP47.91.149.178:80 ASN#45102 Alibaba US Technology Co., Ltd.
Requested byhttp://47.91.149.178/?u=aHR0&r=cHM6Ly93d3cuZmFjZWJvb2suY29tL2xvZ2luLz9uZXh0PWh0dHBzJTNBJTJGJTJGd3d3LmZhY2Vib29rLmNvbSUyRiUzRnUlM0RhaHIw
File typeJavaScript source, ASCII text, with very long lines (1130) Hash18f03b6683eebefec82f8ab362ddee01 9fb52fe3b8a1730f75106ad55390f85958365ff6 9eb382cef983aef7e97f8317560fc632521ae7c234a62932178efd9fccd70360
GET /static/rsrc.php/v3/y2/r/3FPJ9YC_wUr.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: agent.joinf.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://47.91.149.178
DNT: 1
Connection: keep-alive
Referer: http://47.91.149.178/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 16:15:15 GMT
Server: Apache/2.4.25 (Unix) proxy_html/3.1.2 OpenSSL/1.0.1e-fips
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Access-Control-Allow-Origin: *
Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: GPA7ZoPuvv7IL4qzYt3uAQ==
Expires: Sun, 23 Mar 2025 17:54:36 GMT
Cache-Control: public,max-age=31536000,immutable
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
timing-allow-origin: *
document-policy: force-load-at-top
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy: cross-origin
X-Content-Type-Options: nosniff
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
X-FB-Debug: JS65h2fxCc7xW5iwsDbnJG/f0a2Y7P//mDYMt0QtkFIFoTCs8Bm4q4fUWJIhU8BcKQUnJ0/xh1VHBA/JP0rsxg==
X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=3, rtx=0, c=54, mss=1380, tbw=52766, tp=-1, tpl=-1, uplat=0, ullat=-1
Alt-Svc: h3=":443"; ma=86400
Content-Length: 1149
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
|
|
| agent.joinf.cn/static/rsrc.php/v3/yG/r/CbM6CZG2ZAb.js?_nc_x=Ij3Wp8lg5Kz | 47.91.149.178 | 200 OK | 1.3 kB |
URL GET HTTP/1.1agent.joinf.cn/static/rsrc.php/v3/yG/r/CbM6CZG2ZAb.js?_nc_x=Ij3Wp8lg5Kz IP47.91.149.178:80 ASN#45102 Alibaba US Technology Co., Ltd.
Requested byhttp://47.91.149.178/?u=aHR0&r=cHM6Ly93d3cuZmFjZWJvb2suY29tL2xvZ2luLz9uZXh0PWh0dHBzJTNBJTJGJTJGd3d3LmZhY2Vib29rLmNvbSUyRiUzRnUlM0RhaHIw
File typeJavaScript source, ASCII text, with very long lines (630) Hash591e4f4010d942988b6701eccbca254c 067c05c1485a54f2c389fe18e8640fbe30b05870 3ca4f207d8ff0645187dc33d823c6111b5eeed3cc7558f4bead00516911b4a12
GET /static/rsrc.php/v3/yG/r/CbM6CZG2ZAb.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: agent.joinf.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://47.91.149.178
DNT: 1
Connection: keep-alive
Referer: http://47.91.149.178/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 16:15:15 GMT
Server: Apache/2.4.25 (Unix) proxy_html/3.1.2 OpenSSL/1.0.1e-fips
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Access-Control-Allow-Origin: *
Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: WR5PQBDZQpiLZwHsy8olTA==
Expires: Tue, 25 Mar 2025 17:30:11 GMT
Cache-Control: public,max-age=31536000,immutable
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
timing-allow-origin: *
document-policy: force-load-at-top
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy: cross-origin
X-Content-Type-Options: nosniff
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
origin-agent-cluster: ?0
X-FB-Debug: wunYAMpnB0woe+N/dcTX2K7BvIMPSouvZ2rLp7x7Z3vrQDJ62VUdNa2md+DzmOUZQ6oL4tTUrVBy/yAKprytyA==
X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=8, rtx=0, c=59, mss=1380, tbw=59337, tp=-1, tpl=-1, uplat=0, ullat=-1
Alt-Svc: h3=":443"; ma=86400
Content-Length: 1257
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
|
|
| agent.joinf.cn/static/rsrc.php/v3/y4/r/xPI18UMP6Nr.js?_nc_x=Ij3Wp8lg5Kz | 47.91.149.178 | 200 OK | 43 kB |
URL GET HTTP/1.1agent.joinf.cn/static/rsrc.php/v3/y4/r/xPI18UMP6Nr.js?_nc_x=Ij3Wp8lg5Kz IP47.91.149.178:80 ASN#45102 Alibaba US Technology Co., Ltd.
Requested byhttp://47.91.149.178/?u=aHR0&r=cHM6Ly93d3cuZmFjZWJvb2suY29tL2xvZ2luLz9uZXh0PWh0dHBzJTNBJTJGJTJGd3d3LmZhY2Vib29rLmNvbSUyRiUzRnUlM0RhaHIw
File typeJavaScript source, ASCII text, with very long lines (32588) Hash05f148121e3c7d276aed6117911a4a61 63245e9123e603860fd154c31ff734c1c9239823 6fd92f46e2b85506e22ea984f77a5eb23a1e37659f1fcd6bbee2d980321fd18c
GET /static/rsrc.php/v3/y4/r/xPI18UMP6Nr.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: agent.joinf.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://47.91.149.178
DNT: 1
Connection: keep-alive
Referer: http://47.91.149.178/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 16:15:16 GMT
Server: Apache/2.4.25 (Unix) proxy_html/3.1.2 OpenSSL/1.0.1e-fips
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Access-Control-Allow-Origin: *
Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: BfFIEh48fSdq7WEXkRpKYQ==
Expires: Sun, 23 Mar 2025 17:54:37 GMT
Cache-Control: public,max-age=31536000,immutable
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
timing-allow-origin: *
document-policy: force-load-at-top
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy: cross-origin
X-Content-Type-Options: nosniff
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
X-FB-Debug: F57utlErtw58xkrjIMqprxbyRmo3fc9SQ3GDwQ9YyUrI4AC5I7ytQrz+qn58n0lKinrXraOh3AcB9cTJLQvhyQ==
X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=1, rtx=2, c=146, mss=1380, tbw=458245, tp=-1, tpl=-1, uplat=1, ullat=-1
Alt-Svc: h3=":443"; ma=86400
Content-Length: 42556
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
|
|
| agent.joinf.cn/static/rsrc.php/v3/yS/r/ui2DkP-wt_7.js?_nc_x=Ij3Wp8lg5Kz | 47.91.149.178 | 200 OK | 11 kB |
URL GET HTTP/1.1agent.joinf.cn/static/rsrc.php/v3/yS/r/ui2DkP-wt_7.js?_nc_x=Ij3Wp8lg5Kz IP47.91.149.178:80 ASN#45102 Alibaba US Technology Co., Ltd.
Requested byhttp://47.91.149.178/?u=aHR0&r=cHM6Ly93d3cuZmFjZWJvb2suY29tL2xvZ2luLz9uZXh0PWh0dHBzJTNBJTJGJTJGd3d3LmZhY2Vib29rLmNvbSUyRiUzRnUlM0RhaHIw
File typeJavaScript source, ASCII text, with very long lines (6573) Hashfb4650e82a5a32490f5b1d4b85594cd7 ecced02fa31fa36fd1cfa9b4c52200ef726ee357 5fb29c66a3eda461a11e8dae54fcff64e73c23d6b67a5232fc23f417719d8ebb
GET /static/rsrc.php/v3/yS/r/ui2DkP-wt_7.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: agent.joinf.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://47.91.149.178
DNT: 1
Connection: keep-alive
Referer: http://47.91.149.178/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 16:15:16 GMT
Server: Apache/2.4.25 (Unix) proxy_html/3.1.2 OpenSSL/1.0.1e-fips
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Access-Control-Allow-Origin: *
Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: +0ZQ6CpaMkkPWx1LhVlM1w==
Expires: Thu, 27 Mar 2025 22:32:39 GMT
Cache-Control: public,max-age=31536000,immutable
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
timing-allow-origin: *
document-policy: force-load-at-top
permissions-policy: accelerometer=(), ambient-light-sensor=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy: cross-origin
X-Content-Type-Options: nosniff
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
X-FB-Debug: RFXHmNdz/YfgG0cVQGbzYSnjMWVMBBAOnj3l4jOFWf/GnpSF0TTUxeT/cUS5tc27QCvFuLIw0/Y8rIghH1ji0g==
X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=14, mss=1380, tbw=3222, tp=-1, tpl=-1, uplat=1, ullat=-1
Alt-Svc: h3=":443"; ma=86400
Content-Length: 10849
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
|
|
| agent.joinf.cn/static/rsrc.php/v3/yO/r/_tJ17sGyxOX.js?_nc_x=Ij3Wp8lg5Kz | 47.91.149.178 | 200 OK | 18 kB |
URL GET HTTP/1.1agent.joinf.cn/static/rsrc.php/v3/yO/r/_tJ17sGyxOX.js?_nc_x=Ij3Wp8lg5Kz IP47.91.149.178:80 ASN#45102 Alibaba US Technology Co., Ltd.
Requested byhttp://47.91.149.178/?u=aHR0&r=cHM6Ly93d3cuZmFjZWJvb2suY29tL2xvZ2luLz9uZXh0PWh0dHBzJTNBJTJGJTJGd3d3LmZhY2Vib29rLmNvbSUyRiUzRnUlM0RhaHIw
File typeJavaScript source, ASCII text, with very long lines (17932) Hash73111912f4b4f7a5b5501dc74d50025b 94bae7be09cae37c16321425b151eb0de4592f0d ab6777f622dce53efa7d6a93432292afba7757445eb4cc111b25810882375b98
GET /static/rsrc.php/v3/yO/r/_tJ17sGyxOX.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: agent.joinf.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://47.91.149.178
DNT: 1
Connection: keep-alive
Referer: http://47.91.149.178/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 16:15:16 GMT
Server: Apache/2.4.25 (Unix) proxy_html/3.1.2 OpenSSL/1.0.1e-fips
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Access-Control-Allow-Origin: *
Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: cxEZEvS096W1UB3HTVACWw==
Expires: Thu, 27 Mar 2025 22:19:01 GMT
Cache-Control: public,max-age=31536000,immutable
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
timing-allow-origin: *
document-policy: force-load-at-top
permissions-policy: accelerometer=(), ambient-light-sensor=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy: cross-origin
X-Content-Type-Options: nosniff
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
origin-agent-cluster: ?0
X-FB-Debug: dta2aHwgELelLeRca3U6yIqWtYH4rz3czKBgAp4wvm9/tUCB8NZBFisRM5GS3CIyiXbpZktVAXSh8Mz8yJZltg==
X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=78, mss=1380, tbw=79666, tp=-1, tpl=-1, uplat=1, ullat=-1
Alt-Svc: h3=":443"; ma=86400
Content-Length: 18154
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
|
|
| agent.joinf.cn/static/rsrc.php/v3/yD/r/51zpDh2VzWP.js?_nc_x=Ij3Wp8lg5Kz | 47.91.149.178 | 200 OK | 16 kB |
URL GET HTTP/1.1agent.joinf.cn/static/rsrc.php/v3/yD/r/51zpDh2VzWP.js?_nc_x=Ij3Wp8lg5Kz IP47.91.149.178:80 ASN#45102 Alibaba US Technology Co., Ltd.
Requested byhttp://47.91.149.178/?u=aHR0&r=cHM6Ly93d3cuZmFjZWJvb2suY29tL2xvZ2luLz9uZXh0PWh0dHBzJTNBJTJGJTJGd3d3LmZhY2Vib29rLmNvbSUyRiUzRnUlM0RhaHIw
File typeJavaScript source, ASCII text, with very long lines (4490) Hashdc9fd6a7ef43074378c4c9e7c17ffdac 55ccc5cf56b45a7d6a8c599139b6bb6868945d4e 8b2ba3a512a9ea580619235ea36fa90d2ca7e5d7978dc4601b87f2b9f0d95ba3
GET /static/rsrc.php/v3/yD/r/51zpDh2VzWP.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: agent.joinf.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://47.91.149.178
DNT: 1
Connection: keep-alive
Referer: http://47.91.149.178/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 16:15:15 GMT
Server: Apache/2.4.25 (Unix) proxy_html/3.1.2 OpenSSL/1.0.1e-fips
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Access-Control-Allow-Origin: *
Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: 3J/Wp+9DB0N4xMnnwX/9rA==
Expires: Wed, 26 Mar 2025 22:10:09 GMT
Cache-Control: public,max-age=31536000,immutable
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
timing-allow-origin: *
document-policy: force-load-at-top
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy: cross-origin
X-Content-Type-Options: nosniff
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
origin-agent-cluster: ?0
X-FB-Debug: e6eIvnahyFywMejeRq5T7n4XQkqsiKxVg9yO2GfpJeKYrl5sQ//5Yc/WyfGhHtjpVPYUJyGp+GoBImgTO/sUww==
X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=63, mss=1380, tbw=62339, tp=-1, tpl=-1, uplat=0, ullat=-1
Alt-Svc: h3=":443"; ma=86400
Content-Length: 15552
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
|
|
| agent.joinf.cn/static/rsrc.php/v3/yj/r/wwPr_f3niE-.js?_nc_x=Ij3Wp8lg5Kz | 47.91.149.178 | 200 OK | 52 kB |
URL GET HTTP/1.1agent.joinf.cn/static/rsrc.php/v3/yj/r/wwPr_f3niE-.js?_nc_x=Ij3Wp8lg5Kz IP47.91.149.178:80 ASN#45102 Alibaba US Technology Co., Ltd.
Requested byhttp://47.91.149.178/?u=aHR0&r=cHM6Ly93d3cuZmFjZWJvb2suY29tL2xvZ2luLz9uZXh0PWh0dHBzJTNBJTJGJTJGd3d3LmZhY2Vib29rLmNvbSUyRiUzRnUlM0RhaHIw
File typeJavaScript source, ASCII text, with very long lines (8477) Hashdacf199171a1ac57bc088f49b0a4e62b 0d35340136e6cbccdf09aec95e6249c98d636f15 f62efef6c8e9dbbcdc6c4c60f263977e87e43f22cf766727be85a00d6ceb4dac
GET /static/rsrc.php/v3/yj/r/wwPr_f3niE-.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: agent.joinf.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://47.91.149.178
DNT: 1
Connection: keep-alive
Referer: http://47.91.149.178/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 16:15:16 GMT
Server: Apache/2.4.25 (Unix) proxy_html/3.1.2 OpenSSL/1.0.1e-fips
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Access-Control-Allow-Origin: *
Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: 2s8ZkXGhrFe8CI9JsKTmKw==
Expires: Sat, 15 Mar 2025 22:26:25 GMT
Cache-Control: public,max-age=31536000,immutable
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
timing-allow-origin: *
document-policy: force-load-at-top
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy: cross-origin
X-Content-Type-Options: nosniff
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
origin-agent-cluster: ?0
X-FB-Debug: OJMqklNhIBO4wx2vezd98zQzqOC3m43/UvIttEQ928UhF1ALiOgQsxOTsvcoxK0dO55UGqdrQh292nzKc9oFYg==
X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=26, mss=1380, tbw=15845, tp=-1, tpl=-1, uplat=1, ullat=-1
Alt-Svc: h3=":443"; ma=86400
Content-Length: 51589
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
|
|
| agent.joinf.cn/static/rsrc.php/v3/yz/r/R9MsQbdO8Qf.js?_nc_x=Ij3Wp8lg5Kz | 47.91.149.178 | 200 OK | 110 B |
URL GET HTTP/1.1agent.joinf.cn/static/rsrc.php/v3/yz/r/R9MsQbdO8Qf.js?_nc_x=Ij3Wp8lg5Kz IP47.91.149.178:80 ASN#45102 Alibaba US Technology Co., Ltd.
Requested byhttp://47.91.149.178/?u=aHR0&r=cHM6Ly93d3cuZmFjZWJvb2suY29tL2xvZ2luLz9uZXh0PWh0dHBzJTNBJTJGJTJGd3d3LmZhY2Vib29rLmNvbSUyRiUzRnUlM0RhaHIw
File typeJavaScript source, ASCII text Hasha16c901a85f8a02e4d1dd8719a27e6fb e0999360d695abfc8b21ff8c9f62f8b7039120d7 539367bcbb06de79eb3432e57db0793265c721d4e7f18be9b8d8f435a6bd9147
GET /static/rsrc.php/v3/yz/r/R9MsQbdO8Qf.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: agent.joinf.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://47.91.149.178
DNT: 1
Connection: keep-alive
Referer: http://47.91.149.178/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 16:15:16 GMT
Server: Apache/2.4.25 (Unix) proxy_html/3.1.2 OpenSSL/1.0.1e-fips
Content-Type: application/x-javascript; charset=utf-8
Access-Control-Allow-Origin: *
Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: oWyQGoX4oC5NHdhxmifm+w==
Expires: Sun, 23 Mar 2025 16:33:03 GMT
Cache-Control: public,max-age=31536000,immutable
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
timing-allow-origin: *
document-policy: force-load-at-top
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy: cross-origin
X-Content-Type-Options: nosniff
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
X-FB-Debug: JH29WpXUwY+pRxllTwzjT2gGa+r0oNaLBbtJ9vKcBzricINuW9lWkJTVOFOAppmoctYph3AHlc1oFUPsNBTLww==
X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=3, rtx=0, c=132, mss=1380, tbw=147061, tp=-1, tpl=-1, uplat=1, ullat=-1
Alt-Svc: h3=":443"; ma=86400
Content-Length: 110
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
|
|
| agent.joinf.cn/static/rsrc.php/v3/yY/r/BqEjD1dj1pL.js?_nc_x=Ij3Wp8lg5Kz | 47.91.149.178 | 200 OK | 840 B |
URL GET HTTP/1.1agent.joinf.cn/static/rsrc.php/v3/yY/r/BqEjD1dj1pL.js?_nc_x=Ij3Wp8lg5Kz IP47.91.149.178:80 ASN#45102 Alibaba US Technology Co., Ltd.
Requested byhttp://47.91.149.178/?u=aHR0&r=cHM6Ly93d3cuZmFjZWJvb2suY29tL2xvZ2luLz9uZXh0PWh0dHBzJTNBJTJGJTJGd3d3LmZhY2Vib29rLmNvbSUyRiUzRnUlM0RhaHIw
File typeJavaScript source, ASCII text, with very long lines (821) Hash52b474e24c02adf519b718d84eb8d0ab 8fd33497d7c72c336f310044ec50697ebb410ddb 5e6b64548a659799b21cada8e58a9fd1f53faf3208219c395c147194f7acbfe0
GET /static/rsrc.php/v3/yY/r/BqEjD1dj1pL.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: agent.joinf.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://47.91.149.178
DNT: 1
Connection: keep-alive
Referer: http://47.91.149.178/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 16:15:16 GMT
Server: Apache/2.4.25 (Unix) proxy_html/3.1.2 OpenSSL/1.0.1e-fips
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Access-Control-Allow-Origin: *
Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: UrR04kwCrfUZtxjYTrjQqw==
Expires: Wed, 26 Mar 2025 22:10:09 GMT
Cache-Control: public,max-age=31536000,immutable
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
timing-allow-origin: *
document-policy: force-load-at-top
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy: cross-origin
X-Content-Type-Options: nosniff
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
origin-agent-cluster: ?0
X-FB-Debug: K+0G2HWt0n2d3ekchDlmsdmfPXGzR7qrLxJfu6k9G83rIdFcnZrHQt1jKDGTZ1Pqh1iFL1tzDGsqkS0Vy1TYIQ==
X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=3, rtx=0, c=88, mss=1380, tbw=95566, tp=-1, tpl=-1, uplat=0, ullat=-1
Alt-Svc: h3=":443"; ma=86400
Content-Length: 840
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
|
|
| agent.joinf.cn/static/rsrc.php/v3/y-/r/PosgynLjFh0.js?_nc_x=Ij3Wp8lg5Kz | 47.91.149.178 | 200 OK | 24 kB |
URL GET HTTP/1.1agent.joinf.cn/static/rsrc.php/v3/y-/r/PosgynLjFh0.js?_nc_x=Ij3Wp8lg5Kz IP47.91.149.178:80 ASN#45102 Alibaba US Technology Co., Ltd.
Requested byhttp://47.91.149.178/?u=aHR0&r=cHM6Ly93d3cuZmFjZWJvb2suY29tL2xvZ2luLz9uZXh0PWh0dHBzJTNBJTJGJTJGd3d3LmZhY2Vib29rLmNvbSUyRiUzRnUlM0RhaHIw
File typeJavaScript source, ASCII text, with very long lines (5206) Hash5b31d7f36be7e632ac1aa6024e9bc60e cafdd71fe9beb152b283e6305851308d440982c8 233ea983ef7a6e5503aa6b59d499c06bd7ebe3ceb11c836a2ff92f6a7f2be0e7
GET /static/rsrc.php/v3/y-/r/PosgynLjFh0.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: agent.joinf.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://47.91.149.178
DNT: 1
Connection: keep-alive
Referer: http://47.91.149.178/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 16:15:16 GMT
Server: Apache/2.4.25 (Unix) proxy_html/3.1.2 OpenSSL/1.0.1e-fips
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Access-Control-Allow-Origin: *
Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: WzHX82vn5jKsGqYCTpvGDg==
Expires: Sun, 23 Mar 2025 17:54:37 GMT
Cache-Control: public,max-age=31536000,immutable
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
timing-allow-origin: *
document-policy: force-load-at-top
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy: cross-origin
X-Content-Type-Options: nosniff
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
X-FB-Debug: 60CRzNev50aeMqDG9SlbDwHwAJpDUB6tRmNMoF7fHva3T3OudUFuoPxRv3nRCipatocU5jSYmVzQEehPG/z93g==
X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=4, rtx=0, c=67, mss=1380, tbw=69395, tp=-1, tpl=-1, uplat=1, ullat=-1
Alt-Svc: h3=":443"; ma=86400
Content-Length: 24364
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
|
|
| agent.joinf.cn/static/rsrc.php/v3i_Ou4/yX/l/en_GB/kbFnzNy-KO7.js?_nc_x=Ij3Wp8lg5Kz | 47.91.149.178 | 200 OK | 46 kB |
URL GET HTTP/1.1agent.joinf.cn/static/rsrc.php/v3i_Ou4/yX/l/en_GB/kbFnzNy-KO7.js?_nc_x=Ij3Wp8lg5Kz IP47.91.149.178:80 ASN#45102 Alibaba US Technology Co., Ltd.
Requested byhttp://47.91.149.178/?u=aHR0&r=cHM6Ly93d3cuZmFjZWJvb2suY29tL2xvZ2luLz9uZXh0PWh0dHBzJTNBJTJGJTJGd3d3LmZhY2Vib29rLmNvbSUyRiUzRnUlM0RhaHIw
File typeJavaScript source, ASCII text, with very long lines (9768) Hashca7df9bcf51f37dd3028e52f32d9b6a7 c130be367d1cbe2d195417258c38a3d9690be308 72adee4206685f63694d83c0685db6b1ab579ae2eb90961d03862a8def8a3133
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Facebook, Inc. |
GET /static/rsrc.php/v3i_Ou4/yX/l/en_GB/kbFnzNy-KO7.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: agent.joinf.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://47.91.149.178
DNT: 1
Connection: keep-alive
Referer: http://47.91.149.178/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 16:15:16 GMT
Server: Apache/2.4.25 (Unix) proxy_html/3.1.2 OpenSSL/1.0.1e-fips
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Access-Control-Allow-Origin: *
Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: yn35vPUfN90wKOUvMtm2pw==
Expires: Wed, 19 Mar 2025 21:47:10 GMT
Cache-Control: public,max-age=31536000,immutable
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
timing-allow-origin: *
document-policy: force-load-at-top
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy: cross-origin
X-Content-Type-Options: nosniff
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
origin-agent-cluster: ?0
X-FB-Debug: 7WzSC17ihBaYm8So/s4b6+usdQligXXmhFSwELOwOwC93s2FUmnUFj2Zq6kL/loq4100BzjvpB9m8F8a9YXXCg==
X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=9, rtx=0, c=95, mss=1380, tbw=99679, tp=-1, tpl=-1, uplat=0, ullat=-1
Alt-Svc: h3=":443"; ma=86400
Content-Length: 45462
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
|
|
| agent.joinf.cn/static/rsrc.php/v3/yR/r/_Sa5pGsCdFu.js?_nc_x=Ij3Wp8lg5Kz | 47.91.149.178 | 200 OK | 1.9 kB |
URL GET HTTP/1.1agent.joinf.cn/static/rsrc.php/v3/yR/r/_Sa5pGsCdFu.js?_nc_x=Ij3Wp8lg5Kz IP47.91.149.178:80 ASN#45102 Alibaba US Technology Co., Ltd.
Requested byhttp://47.91.149.178/?u=aHR0&r=cHM6Ly93d3cuZmFjZWJvb2suY29tL2xvZ2luLz9uZXh0PWh0dHBzJTNBJTJGJTJGd3d3LmZhY2Vib29rLmNvbSUyRiUzRnUlM0RhaHIw
File typeJavaScript source, ASCII text, with very long lines (1898) Hash036b700231af893af0ebc121096f8f1a cbcce39737b5de85d8e6654fb6255e27a79a0a8b e8f93977bcf2ed878e8f2320bc8138573f7afe6cee589a3c72077837c94d11c0
GET /static/rsrc.php/v3/yR/r/_Sa5pGsCdFu.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: agent.joinf.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://47.91.149.178
DNT: 1
Connection: keep-alive
Referer: http://47.91.149.178/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 16:15:16 GMT
Server: Apache/2.4.25 (Unix) proxy_html/3.1.2 OpenSSL/1.0.1e-fips
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Access-Control-Allow-Origin: *
Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: A2twAjGviTrw68EhCW+PGg==
Expires: Wed, 26 Mar 2025 22:10:09 GMT
Cache-Control: public,max-age=31536000,immutable
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
timing-allow-origin: *
document-policy: force-load-at-top
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy: cross-origin
X-Content-Type-Options: nosniff
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
origin-agent-cluster: ?0
X-FB-Debug: ZLXWAHdfn05N+WDoytbdhVgrSazqN92e7WwZMed28UZ98AYuz7sKo0e/wtEhLBX9a7c/tjJodQePrQ2HEAPFgw==
X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=3, rtx=0, c=136, mss=1380, tbw=148868, tp=-1, tpl=-1, uplat=0, ullat=-1
Alt-Svc: h3=":443"; ma=86400
Content-Length: 1917
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
|
|
| agent.joinf.cn/static/rsrc.php/v3/y-/r/kq7zpUNTtp7.js?_nc_x=Ij3Wp8lg5Kz | 47.91.149.178 | 200 OK | 2.3 kB |
URL GET HTTP/1.1agent.joinf.cn/static/rsrc.php/v3/y-/r/kq7zpUNTtp7.js?_nc_x=Ij3Wp8lg5Kz IP47.91.149.178:80 ASN#45102 Alibaba US Technology Co., Ltd.
Requested byhttp://47.91.149.178/?u=aHR0&r=cHM6Ly93d3cuZmFjZWJvb2suY29tL2xvZ2luLz9uZXh0PWh0dHBzJTNBJTJGJTJGd3d3LmZhY2Vib29rLmNvbSUyRiUzRnUlM0RhaHIw
File typeJavaScript source, ASCII text, with very long lines (1602) Hash99da4f89baed8e557fde9319e4f45126 3d8cbda83324d8de299cc78cd39d35aad6d581c7 6a0137bc757e22479c094847dbdd5747ecd9e307539650f8653f456cc8871441
GET /static/rsrc.php/v3/y-/r/kq7zpUNTtp7.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: agent.joinf.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://47.91.149.178
DNT: 1
Connection: keep-alive
Referer: http://47.91.149.178/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 16:15:16 GMT
Server: Apache/2.4.25 (Unix) proxy_html/3.1.2 OpenSSL/1.0.1e-fips
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Access-Control-Allow-Origin: *
Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: mdpPibrtjlV/3pMZ5PRRJg==
Expires: Wed, 26 Mar 2025 22:07:44 GMT
Cache-Control: public,max-age=31536000,immutable
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
timing-allow-origin: *
document-policy: force-load-at-top
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy: cross-origin
X-Content-Type-Options: nosniff
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
X-FB-Debug: sOYdVf65sQyMqzWGB47PFK8rmjdMtVQWwkjaTOdh5feEgFUnSg6WkhpZupq6tadYohHEJfB4SDs2kebdyLhGyA==
X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=4, rtx=1, c=85, mss=1380, tbw=88016, tp=-1, tpl=-1, uplat=0, ullat=-1
Alt-Svc: h3=":443"; ma=86400
Content-Length: 2326
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
|
|
| agent.joinf.cn/static/rsrc.php/v3/yK/r/jMaPOqcTw38.js?_nc_x=Ij3Wp8lg5Kz | 47.91.149.178 | 200 OK | 30 kB |
URL GET HTTP/1.1agent.joinf.cn/static/rsrc.php/v3/yK/r/jMaPOqcTw38.js?_nc_x=Ij3Wp8lg5Kz IP47.91.149.178:80 ASN#45102 Alibaba US Technology Co., Ltd.
Requested byhttp://47.91.149.178/?u=aHR0&r=cHM6Ly93d3cuZmFjZWJvb2suY29tL2xvZ2luLz9uZXh0PWh0dHBzJTNBJTJGJTJGd3d3LmZhY2Vib29rLmNvbSUyRiUzRnUlM0RhaHIw
File typeJavaScript source, ASCII text, with very long lines (7279) Hashccf4b1be7e30fff5c1bfb79a8e9b4b58 b643455b84d419be67c1d8d0383ed856271d9121 fad63ae65d2579e89431b45c85649e4392fc105f5ed528896d2e7281788c8200
GET /static/rsrc.php/v3/yK/r/jMaPOqcTw38.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: agent.joinf.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://47.91.149.178
DNT: 1
Connection: keep-alive
Referer: http://47.91.149.178/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 16:15:15 GMT
Server: Apache/2.4.25 (Unix) proxy_html/3.1.2 OpenSSL/1.0.1e-fips
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Access-Control-Allow-Origin: *
Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: zPSxvn4w//XBv7eajptLWA==
Expires: Sun, 23 Mar 2025 17:54:36 GMT
Cache-Control: public,max-age=31536000,immutable
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
timing-allow-origin: *
document-policy: force-load-at-top
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy: cross-origin
X-Content-Type-Options: nosniff
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
X-FB-Debug: ysMpsgCLpAwughpm9lPw9U4Fkqbpb2KZ/i8ok17wIyfshFCHeJ0gehJdN4WyFEwN/Hb0jZYMaGant2MKP818SA==
X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=3, rtx=0, c=58, mss=1380, tbw=55634, tp=-1, tpl=-1, uplat=2, ullat=-1
Alt-Svc: h3=":443"; ma=86400
Content-Length: 30546
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
|
|
| 47.91.149.178/ajax/bz?__a=1&__aaid=0&__ccg=EXCELLENT&__dyn=7xe6E5aQ1PyUbFp41twpUnwgU29zEdEc8uwdK0lW4o3Bw5VCwjE3awbG782Cw8G1Qw5Mx61vw5zwwwi81nE1u83mwaS0zK1swc-0pa0h-0Lo6-0uS0ue&__hs=19810.BP%3ADEFAULT.2.0..0.0&__hsi=7351448594777587361&__req=1&__rev=1012382939&__s=h6uyn7%3Ayonxzy%3Al0ktqp&__spin_b=trunk&__spin_r=1012382939&__spin_t=1711642508&__user=0&dpr=1&jazoest=2976&lsd=AVrel_1Zx1c | 47.91.149.178 | 200 OK | 44 kB |
URL POST HTTP/1.147.91.149.178/ajax/bz?__a=1&__aaid=0&__ccg=EXCELLENT&__dyn=7xe6E5aQ1PyUbFp41twpUnwgU29zEdEc8uwdK0lW4o3Bw5VCwjE3awbG782Cw8G1Qw5Mx61vw5zwwwi81nE1u83mwaS0zK1swc-0pa0h-0Lo6-0uS0ue&__hs=19810.BP%3ADEFAULT.2.0..0.0&__hsi=7351448594777587361&__req=1&__rev=1012382939&__s=h6uyn7%3Ayonxzy%3Al0ktqp&__spin_b=trunk&__spin_r=1012382939&__spin_t=1711642508&__user=0&dpr=1&jazoest=2976&lsd=AVrel_1Zx1c IP47.91.149.178:80 ASN#45102 Alibaba US Technology Co., Ltd.
Requested byhttp://47.91.149.178/?u=aHR0&r=cHM6Ly93d3cuZmFjZWJvb2suY29tL2xvZ2luLz9uZXh0PWh0dHBzJTNBJTJGJTJGd3d3LmZhY2Vib29rLmNvbSUyRiUzRnUlM0RhaHIw
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (18594) Hashf17a987695541b0ffcc0613f725f161b ee2eb1f082bce8f149e66380caab27f6c879a870 cd99ad6b2b43c140ae12c8c3859242ab0daf050b9a2e621e82bc7bc17cc86825
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Facebook | | OpenPhish | phishing | Facebook, Inc. | | Quad9 DNS | malicious | Sinkholed |
POST /ajax/bz?__a=1&__aaid=0&__ccg=EXCELLENT&__dyn=7xe6E5aQ1PyUbFp41twpUnwgU29zEdEc8uwdK0lW4o3Bw5VCwjE3awbG782Cw8G1Qw5Mx61vw5zwwwi81nE1u83mwaS0zK1swc-0pa0h-0Lo6-0uS0ue&__hs=19810.BP%3ADEFAULT.2.0..0.0&__hsi=7351448594777587361&__req=1&__rev=1012382939&__s=h6uyn7%3Ayonxzy%3Al0ktqp&__spin_b=trunk&__spin_r=1012382939&__spin_t=1711642508&__user=0&dpr=1&jazoest=2976&lsd=AVrel_1Zx1c HTTP/1.1
Host: 47.91.149.178
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://47.91.149.178/?u=aHR0&r=cHM6Ly93d3cuZmFjZWJvb2suY29tL2xvZ2luLz9uZXh0PWh0dHBzJTNBJTJGJTJGd3d3LmZhY2Vib29rLmNvbSUyRiUzRnUlM0RhaHIw
Content-Type: multipart/form-data; boundary=---------------------------144585486429467827561816385246
Content-Length: 1492
Origin: http://47.91.149.178
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 16:15:18 GMT
Server: Apache/2.4.25 (Unix) proxy_html/3.1.2 OpenSSL/1.0.1e-fips
Vary: Accept-Encoding
Pragma: no-cache
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
Strict-Transport-Security: max-age=15552000; preload
Content-Type: text/html;charset=utf-8
X-FB-Debug: Q8OSZfyY3txjFRx6M1zF23+Lqqd7jzJqbR1YBdp/3R+Acq2Oo25dcRkg8w4TrjkWozl/ltz3FCnvspxYtgH2IA==
X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=9, rtx=40, c=65, mss=1380, tbw=3514841, tp=-1, tpl=-1, uplat=176, ullat=0
Alt-Svc: h3=":443"; ma=86400
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
|
|
| 47.91.149.178/ajax/webstorage/process_keys/?state=1 | 47.91.149.178 | | 243 B |
URL 47.91.149.178/ajax/webstorage/process_keys/?state=1 IP47.91.149.178:0 ASN#45102 Alibaba US Technology Co., Ltd.
File typeASCII text, with no line terminators Hashde7d66b1eeec178ddf3e3138647c4d7e 8f87f2011803f39406e19085dc00618ddc0bd327 7a47ff765fd0c8933ea6f4edcac7f21fd1ccbb5fac92d763cbeabe973feacf76
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Facebook | | OpenPhish | phishing | Facebook, Inc. | | Quad9 DNS | malicious | Sinkholed |
POST /ajax/webstorage/process_keys/?state=1 HTTP/1.1
Host: 47.91.149.178
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://47.91.149.178/?u=aHR0&r=cHM6Ly93d3cuZmFjZWJvb2suY29tL2xvZ2luLz9uZXh0PWh0dHBzJTNBJTJGJTJGd3d3LmZhY2Vib29rLmNvbSUyRiUzRnUlM0RhaHIw
Content-Type: application/x-www-form-urlencoded
X-FB-LSD: AVrel_1Zx1c
X-ASBD-ID: 129477
Content-Length: 460
Origin: http://47.91.149.178
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 16:15:27 GMT
Server: Apache/2.4.25 (Unix) proxy_html/3.1.2 OpenSSL/1.0.1e-fips
Content-Type: application/x-javascript; charset=utf-8
cross-origin-resource-policy: cross-origin
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Cache-Control: private, no-cache, no-store, must-revalidate
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
Vary: Sec-Fetch-Site,Sec-Fetch-Mode,Accept-Encoding
Strict-Transport-Security: max-age=15552000; preload
X-FB-Debug: RTF5UevIpfU3fCgwxR7a6Ae/zo/vTG/6gIiFZeVMO+ffbE5vxGNsO8LH+gFnosPdnF4NddFmusHj/joCT2NEYw==
X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=10, mss=1380, tbw=3223, tp=-1, tpl=-1, uplat=140, ullat=0
Alt-Svc: h3=":443"; ma=86400
Set-Cookie: ps_l=0; expires=Fri, 02-May-2025 16:15:27 GMT; Max-Age=34560000; path=/; domain=.joinf.cn; httponly; SameSite=Lax
ps_n=0; expires=Fri, 02-May-2025 16:15:27 GMT; Max-Age=34560000; path=/; domain=.joinf.cn; httponly; SameSite=None
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
|
|
| agent.joinf.cn/static/rsrc.php/v3/yo/r/SCrsJqgfPT1.js?_nc_x=Ij3Wp8lg5Kz |  0.0.0.0 | | 0 B |
URL GET agent.joinf.cn/static/rsrc.php/v3/yo/r/SCrsJqgfPT1.js?_nc_x=Ij3Wp8lg5Kz IP0.0.0.0:0
Requested byhttp://47.91.149.178/?u=aHR0&r=cHM6Ly93d3cuZmFjZWJvb2suY29tL2xvZ2luLz9uZXh0PWh0dHBzJTNBJTJGJTJGd3d3LmZhY2Vib29rLmNvbSUyRiUzRnUlM0RhaHIw
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /static/rsrc.php/v3/yo/r/SCrsJqgfPT1.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: agent.joinf.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://47.91.149.178
DNT: 1
Connection: keep-alive
Referer: http://47.91.149.178/
Pragma: no-cache
Cache-Control: no-cache
|
|