Report - news.fangsforum.com/view/a3eb3efcf7ca9b57dff072ceb62b9b6a/

Report Overview

Submitted URL
news.fangsforum.com/view/a3eb3efcf7ca9b57dff072ceb62b9b6a/
IP
172.67.159.20
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-02 14:06:53
Access
public
Website Title
Login to continue – Buy and Sell Items Locally or … – Marketplace Listings
Final URL
news.fangsforum.com/view/a3eb3efcf7ca9b57dff072ceb62b9b6a/public/?
Tags
meta facebook phishing social
urlquery detections
Phishing - Facebook

Detections

urlquery
13
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
news.fangsforum.com	unknown	unknown	No data	No data	11 kB	3.6 MB	172.67.159.20

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (10)

	URL	Size	First Seen	Last Seen
	news.fangsforum.com/bower_components/ua-parser-js/dist/ua-parser.min.js	17 kB	2023-04-05	2024-05-17
Pretty URL news.fangsforum.com/bower_components/ua-parser-js/dist/ua-parser.min.js IP 172.67.159.20 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 05:27:01 Last Seen2024-05-17 07:44:12 Times Seen854 Hash a7e9c9b57fe9cfe79bd36a350b9a877f c186195ae889214c8b4af9f70ef872098bc44f4c 15dab54b218a38a7955d0ce950039eaf35fd565f40eec53032fc52353c302b76 Loading...

	news.fangsforum.com/view/a3eb3efcf7ca9b57dff072ceb62b9b6a/public/?	67 B	2023-05-14	2024-05-17
Pretty URL news.fangsforum.com/view/a3eb3efcf7ca9b57dff072ceb62b9b6a/public/? IP 172.67.159.20 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-14 01:54:41 Last Seen2024-05-17 07:44:12 Times Seen288 Hash 4bd4dc631ee60266d37f5b11f6d3c003 b0fc8747d330540396cc516a8c9f6c62b50775d5 9f10280c0f99cf9bac911e64b36c08344a3d4ff9a10e2028e37f513b67e39d43 Loading...

	unknown	57 B	2024-05-02	2024-05-02
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:06:59 Last Seen2024-05-02 16:06:59 Times Seen2 Hash 511aefdc99a76ad3c14d853212bffb88 ac0037f816c45d22803ea76e34452f437762e349 15d29a681a765d82e2f0bbcc408c0fdca340e5f2e8c094f2f5d0f05341d17f4f Loading...

	news.fangsforum.com/view/a3eb3efcf7ca9b57dff072ceb62b9b6a/public/?	350 B	2024-05-02	2024-05-02
Pretty URL news.fangsforum.com/view/a3eb3efcf7ca9b57dff072ceb62b9b6a/public/? IP 172.67.159.20 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-02 16:06:59 Last Seen2024-05-02 16:06:59 Times Seen1 Hash 5b1574997df25cc23524f9a65c595c64 e25b83108a1fe4fb2e9f16def1a3f3879289453b bf6e29653445eebc5e16488d0c9af21b9fef5c0330e5106d3be481329960b082 Loading...

	news.fangsforum.com/login/token/token.js?v=66339de36f3ca	1.3 kB	2023-03-09	2024-05-17
Pretty URL news.fangsforum.com/login/token/token.js?v=66339de36f3ca IP 172.67.159.20 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 08:46:09 Last Seen2024-05-17 07:44:12 Times Seen324 Hash 8468dcbc6d954bbc68eaad8033dfecd5 1f4cf015e6605be37ac4fb2ee9502ccb545b0936 c0bbbbdcb1b367c9212e278853f052c45436e7d7fcaae2d1250611912374285a Loading...

	unknown	57 B	2024-05-02	2024-05-02
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:06:59 Last Seen2024-05-02 16:06:59 Times Seen1 Hash dc168d17f232b0dcc123eeae5964f201 eb64f9f073d0ef2aa49b5e173f73c82624880b62 b8d41403bb6821c9d582ff8b81e3f876ca171f0f09bdee31182c51d8755636b5 Loading...

	news.fangsforum.com/core/form/core_form.js	17 kB	2024-03-11	2024-05-17
Pretty URL news.fangsforum.com/core/form/core_form.js IP 172.67.159.20 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-11 13:42:05 Last Seen2024-05-17 07:44:12 Times Seen133 Hash a17c7e17b71ea10cf76bf5bbb8fb6f57 08ebb851c9c37f53a2b8fedc94adc9d1cacb1cb8 871d7d34566ed4c3206be32e299552d04a697a82a36829cc71ba258ce44e4ca1 Loading...

	news.fangsforum.com/bower_components/jquery/dist/jquery.min.js	87 kB	2023-03-07	2024-05-17
Pretty URL news.fangsforum.com/bower_components/jquery/dist/jquery.min.js IP 172.67.159.20 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-05-17 09:12:06 Times Seen67360 Hash c9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Loading...

	news.fangsforum.com/core/token/core_token.js	14 kB	2024-03-11	2024-05-17
Pretty URL news.fangsforum.com/core/token/core_token.js IP 172.67.159.20 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-11 13:42:06 Last Seen2024-05-17 07:44:12 Times Seen133 Hash 94f53d530575909ce27cdd1f5dc64372 91b96e78d0aad4dfb6fa1834e7d9a60829d42eb8 3c8c63b5d734c8307e26340fabc40d2db29b8e790c857bc794f429196bc8bcf1 Loading...

	news.fangsforum.com/login/form/form.js?v=66339de36f3c7	2.6 kB	2023-03-07	2024-05-17
Pretty URL news.fangsforum.com/login/form/form.js?v=66339de36f3c7 IP 172.67.159.20 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:50 Last Seen2024-05-17 07:44:12 Times Seen399 Hash eee4f38d51f96bf15259382b48b33d50 247040dcf67aa7f48d5bbcd3e91610f7ae534787 01c12b5cd06120dfb1f8f9ee454d423b3c6648580d55926d5394c0ee6cdc2b47 Loading...

HTTP Transactions (18)

URL IP Response Size

news.fangsforum.com/login/form/newloader.gif

172.67.159.20

200 OK

557 kB

URL GET HTTP/3
news.fangsforum.com/login/form/newloader.gif
IP
172.67.159.20:443
ASN
#13335 CLOUDFLARENET

Requested by
https://news.fangsforum.com/view/a3eb3efcf7ca9b57dff072ceb62b9b6a/public/?
Certificate
IssuerGoogle Trust Services LLC
Subjectfangsforum.com
FingerprintA5:7C:74:8D:86:F9:01:BC:54:34:33:16:8C:01:2A:47:41:9A:20:2D
ValidityWed, 01 May 2024 15:07:29 GMT - Tue, 30 Jul 2024 15:07:28 GMT

File type
GIF image data, version 89a, 480 x 480
Size
557 kB (557122 bytes)
Hash
ef8d4e6b20b0cf0d68713fb2f6069042
d62bb4b1a169c88879de3bd2f5c4292b6259a952
32bfc673211421c1a5a33acc98291840183582f11d15490954b42a81d79d4630

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook

HTTP Headers

GET /login/form/newloader.gif HTTP/1.1
Host: news.fangsforum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news.fangsforum.com/view/a3eb3efcf7ca9b57dff072ceb62b9b6a/public/?
Cookie: bid=a3eb3efcf7ca9b57dff072ceb62b9b6a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 02 May 2024 14:06:28 GMT
content-type: image/gif
content-length: 557122
cache-control: public, max-age=604800
expires: Thu, 09 May 2024 10:45:30 GMT
last-modified: Tue, 30 Apr 2024 17:52:36 GMT
cf-cache-status: HIT
age: 12058
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WvUUHiDauaq7epxem5UMYpkgwFOhdSiPKyB%2BRTKNkT%2FOUWuCH2TITvGrzP1f0VdPl396Kz0NZE9lYC7Q9Y1dNhnJT1KBpSGEfWM5y14Hc11TzMqkSwuSOcdKmDUKRzQ1hJkjbG0q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d89272c924569d-OSL
alt-svc: h3=":443"; ma=86400

news.fangsforum.com/core/form/core_form.css

172.67.159.20

200 OK

9.9 kB

URL GET HTTP/3
news.fangsforum.com/core/form/core_form.css
IP
172.67.159.20:443
ASN
#13335 CLOUDFLARENET

Requested by
https://news.fangsforum.com/view/a3eb3efcf7ca9b57dff072ceb62b9b6a/public/?
Certificate
IssuerGoogle Trust Services LLC
Subjectfangsforum.com
FingerprintA5:7C:74:8D:86:F9:01:BC:54:34:33:16:8C:01:2A:47:41:9A:20:2D
ValidityWed, 01 May 2024 15:07:29 GMT - Tue, 30 Jul 2024 15:07:28 GMT

File type
ASCII text
Size
9.9 kB (9859 bytes)
Hash
5f7c5756290c3839d02393b51b49f2ed
a6d8b01283967061483f1c486e61bd416f0abe5c
59c87b869155763fac37130e3de2e9f0af7bf518bddd2fc4044706600f3cfdec

HTTP Headers

GET /core/form/core_form.css HTTP/1.1
Host: news.fangsforum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news.fangsforum.com/view/a3eb3efcf7ca9b57dff072ceb62b9b6a/public/?
Cookie: bid=a3eb3efcf7ca9b57dff072ceb62b9b6a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 02 May 2024 14:06:27 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 09 May 2024 00:04:37 GMT
last-modified: Tue, 30 Apr 2024 17:52:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 50510
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pg%2BYOtd8c%2Fk8bIOFoEkZ7fEY2kCHyhp%2FCmlEsyB7YIxfnoqTtSaLNBwp9yLRDJnLeZLs4yveAjlleJ9QR1xu%2F1RHoDcYvrUB81oHBUTQyWqTaHB4CM78sWKErg3ehmX5IOvzEXJT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d8926f5cee569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

news.fangsforum.com/home.php?pl=token&link=Hiz&bid=a3eb3efcf7ca9b57dff072ceb62b9b6a&callback=jQuery32108940583277327401_1714658787938&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1714658787939

172.67.159.20

200 OK

5.8 kB

URL GET HTTP/3
news.fangsforum.com/home.php?pl=token&link=Hiz&bid=a3eb3efcf7ca9b57dff072ceb62b9b6a&callback=jQuery32108940583277327401_1714658787938&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1714658787939
IP
172.67.159.20:443
ASN
#13335 CLOUDFLARENET

Requested by
https://news.fangsforum.com/view/a3eb3efcf7ca9b57dff072ceb62b9b6a/public/?
Certificate
IssuerGoogle Trust Services LLC
Subjectfangsforum.com
FingerprintA5:7C:74:8D:86:F9:01:BC:54:34:33:16:8C:01:2A:47:41:9A:20:2D
ValidityWed, 01 May 2024 15:07:29 GMT - Tue, 30 Jul 2024 15:07:28 GMT

File type
ASCII text, with no line terminators
Size
5.8 kB (5776 bytes)
Hash
511aefdc99a76ad3c14d853212bffb88
ac0037f816c45d22803ea76e34452f437762e349
15d29a681a765d82e2f0bbcc408c0fdca340e5f2e8c094f2f5d0f05341d17f4f

HTTP Headers

GET /home.php?pl=token&link=Hiz&bid=a3eb3efcf7ca9b57dff072ceb62b9b6a&callback=jQuery32108940583277327401_1714658787938&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1714658787939 HTTP/1.1
Host: news.fangsforum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://news.fangsforum.com/view/a3eb3efcf7ca9b57dff072ceb62b9b6a/public/?
Cookie: bid=a3eb3efcf7ca9b57dff072ceb62b9b6a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 02 May 2024 14:06:28 GMT
content-type: application/json
x-powered-by: PHP/7.3.33
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HldRwkS0mx2sEs%2B1HnEEqGD6yuRsxkCvc9IfGmn%2FVbFmV7TOr%2BSQdvyYAiEIG9ltiFtzm76F1vB9zgm8KzgM9ieUXOXUMnMtbaTw7FKkN9sn%2FKHqurGbTVz86%2BKa6vpIt5qmVjd1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d89273298c569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

news.fangsforum.com/view/a3eb3efcf7ca9b57dff072ceb62b9b6a/

172.67.159.20

302 Found

1.4 MB

URL User Request GET HTTP/2
news.fangsforum.com/view/a3eb3efcf7ca9b57dff072ceb62b9b6a/
IP
172.67.159.20:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectfangsforum.com
FingerprintA5:7C:74:8D:86:F9:01:BC:54:34:33:16:8C:01:2A:47:41:9A:20:2D
ValidityWed, 01 May 2024 15:07:29 GMT - Tue, 30 Jul 2024 15:07:28 GMT

File type

Size
1.4 MB (1426821 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /view/a3eb3efcf7ca9b57dff072ceb62b9b6a/ HTTP/1.1
Host: news.fangsforum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Thu, 02 May 2024 14:06:27 GMT
content-type: text/html; charset=UTF-8
location: public/?
x-powered-by: PHP/7.3.33
set-cookie: bid=a3eb3efcf7ca9b57dff072ceb62b9b6a; expires=Sat, 01-Jun-2024 14:06:27 GMT; Max-Age=2592000; path=/; secure
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OtPvA6ExyjzHfCTBKf1PZmMW6Er0cI1MVu7%2FPipiuo3MQVICU6EGJanmpXtWxYOMVAzmFwOJjcd%2FYC6HE6HzaMq2u%2FQJH39Eau%2FgTEI65uBMpJOhlvHEWZoFNRFRCOdbirIMlf3T"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d8926c7cc70b41-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

news.fangsforum.com/bower_components/jquery/dist/jquery.min.js

172.67.159.20

200 OK

87 kB

URL GET HTTP/3
news.fangsforum.com/bower_components/jquery/dist/jquery.min.js
IP
172.67.159.20:443
ASN
#13335 CLOUDFLARENET

Requested by
https://news.fangsforum.com/view/a3eb3efcf7ca9b57dff072ceb62b9b6a/public/?
Certificate
IssuerGoogle Trust Services LLC
Subjectfangsforum.com
FingerprintA5:7C:74:8D:86:F9:01:BC:54:34:33:16:8C:01:2A:47:41:9A:20:2D
ValidityWed, 01 May 2024 15:07:29 GMT - Tue, 30 Jul 2024 15:07:28 GMT

File type
JavaScript source, ASCII text, with very long lines (32058)
Size
87 kB (86659 bytes)
Hash
c9f5aeeca3ad37bf2aa006139b935f0a
1055018c28ab41087ef9ccefe411606893dabea2
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook

HTTP Headers

GET /bower_components/jquery/dist/jquery.min.js HTTP/1.1
Host: news.fangsforum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news.fangsforum.com/view/a3eb3efcf7ca9b57dff072ceb62b9b6a/public/?
Cookie: bid=a3eb3efcf7ca9b57dff072ceb62b9b6a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 02 May 2024 14:06:27 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 09 May 2024 10:45:30 GMT
last-modified: Tue, 30 Apr 2024 17:52:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 12057
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mY%2BYRDwITCYBwHUfq8jOG8IXB5vvGzc0WK5d%2BrQzz%2F9ge%2Bp30BXpjtJ%2BFrqri4qlzGD32kvY5h%2B%2FgYTxwIRoI1zKy7qk9HcI72lFdoKWw7TR1i7W5OWFn08sa3xRDDQHaqM9XU6E"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d8926f4cd1569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

news.fangsforum.com/bower_components/ua-parser-js/dist/ua-parser.min.js

172.67.159.20

200 OK

17 kB

URL GET HTTP/3
news.fangsforum.com/bower_components/ua-parser-js/dist/ua-parser.min.js
IP
172.67.159.20:443
ASN
#13335 CLOUDFLARENET

Requested by
https://news.fangsforum.com/view/a3eb3efcf7ca9b57dff072ceb62b9b6a/public/?
Certificate
IssuerGoogle Trust Services LLC
Subjectfangsforum.com
FingerprintA5:7C:74:8D:86:F9:01:BC:54:34:33:16:8C:01:2A:47:41:9A:20:2D
ValidityWed, 01 May 2024 15:07:29 GMT - Tue, 30 Jul 2024 15:07:28 GMT

File type

Size
17 kB (17048 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /bower_components/ua-parser-js/dist/ua-parser.min.js HTTP/1.1
Host: news.fangsforum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news.fangsforum.com/view/a3eb3efcf7ca9b57dff072ceb62b9b6a/public/?
Cookie: bid=a3eb3efcf7ca9b57dff072ceb62b9b6a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 02 May 2024 14:06:27 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 09 May 2024 10:45:30 GMT
last-modified: Tue, 30 Apr 2024 17:52:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 12057
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BuKLvNerqsT%2BF7ooXGVpIbfGZE31tq%2BG2FQzlEZM0fezIBKLmvTvkDPS7OvdHmWxfTQ6h8yAfYd5yc1CYqBAOmHH%2Fqeuen7IX0m7sD32xMooqSSCvLmPyy%2Fycgya79k80HsYqRmK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d8926f5cda569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

172.67.159.20

200 OK

57 B

URL GET HTTP/3
news.fangsforum.com/home.php?pl=token&link=Hiz&bid=a3eb3efcf7ca9b57dff072ceb62b9b6a&callback=jQuery32108940583277327401_1714658787938&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1714658787942
IP
172.67.159.20:443
ASN
#13335 CLOUDFLARENET

Requested by
https://news.fangsforum.com/view/a3eb3efcf7ca9b57dff072ceb62b9b6a/public/?
Certificate
IssuerGoogle Trust Services LLC
Subjectfangsforum.com
FingerprintA5:7C:74:8D:86:F9:01:BC:54:34:33:16:8C:01:2A:47:41:9A:20:2D
ValidityWed, 01 May 2024 15:07:29 GMT - Tue, 30 Jul 2024 15:07:28 GMT

File type
ASCII text, with no line terminators
Size
57 B (57 bytes)
Hash
88b523633a59cb73716ecf2d7c376f4c
6963bac8276855288498af49013a8029356be2e5
ff4baf275090abfad28499d244b04e86f7432e8c119fd2d0f20df0cee91ede56

HTTP Headers

GET /home.php?pl=token&link=Hiz&bid=a3eb3efcf7ca9b57dff072ceb62b9b6a&callback=jQuery32108940583277327401_1714658787938&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1714658787942 HTTP/1.1
Host: news.fangsforum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://news.fangsforum.com/view/a3eb3efcf7ca9b57dff072ceb62b9b6a/public/?
Cookie: bid=a3eb3efcf7ca9b57dff072ceb62b9b6a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 02 May 2024 14:06:33 GMT
content-type: application/json
x-powered-by: PHP/7.3.33
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NkYAy6xUcsetQqTIrCeTjc9WgT4XWoqhq5j0%2FVLfQ3LfxoopNXGMy5ImrGjuuHQf0Fe0xNsPMUrjMy%2FPUpBzwZ2fJ%2F55ltrlWIlMLN7eTBDAcAfUlmXXGJT%2F%2FBxADUaWZZGudCg%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d892923aae569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

172.67.159.20

200 OK

57 B

URL GET HTTP/3
news.fangsforum.com/home.php?pl=token&link=Hiz&bid=a3eb3efcf7ca9b57dff072ceb62b9b6a&callback=jQuery32108940583277327401_1714658787938&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1714658787945
IP
172.67.159.20:443
ASN
#13335 CLOUDFLARENET

Requested by
https://news.fangsforum.com/view/a3eb3efcf7ca9b57dff072ceb62b9b6a/public/?
Certificate
IssuerGoogle Trust Services LLC
Subjectfangsforum.com
FingerprintA5:7C:74:8D:86:F9:01:BC:54:34:33:16:8C:01:2A:47:41:9A:20:2D
ValidityWed, 01 May 2024 15:07:29 GMT - Tue, 30 Jul 2024 15:07:28 GMT

File type
ASCII text, with no line terminators
Size
57 B (57 bytes)
Hash
88b523633a59cb73716ecf2d7c376f4c
6963bac8276855288498af49013a8029356be2e5
ff4baf275090abfad28499d244b04e86f7432e8c119fd2d0f20df0cee91ede56

HTTP Headers

GET /home.php?pl=token&link=Hiz&bid=a3eb3efcf7ca9b57dff072ceb62b9b6a&callback=jQuery32108940583277327401_1714658787938&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1714658787945 HTTP/1.1
Host: news.fangsforum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://news.fangsforum.com/view/a3eb3efcf7ca9b57dff072ceb62b9b6a/public/?
Cookie: bid=a3eb3efcf7ca9b57dff072ceb62b9b6a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 02 May 2024 14:06:48 GMT
content-type: application/json
x-powered-by: PHP/7.3.33
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=szWzVXND5jSglxe9zDA%2F%2Fn1biO8fHjLoVw3P0t6troC2Fy1W1CHFD%2FmOJAutjNP1NE8PCQ0Y3XAheYtR3m1i9b%2B6tjMSoZXU4Y4JNrFIQIf00c6OEC5qPqbyc1%2BCXwQJ%2B7uHXiqJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d892eff9f5569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

news.fangsforum.com/core/form/core_form.js

172.67.159.20

200 OK

17 kB

URL GET HTTP/3
news.fangsforum.com/core/form/core_form.js
IP
172.67.159.20:443
ASN
#13335 CLOUDFLARENET

Requested by
https://news.fangsforum.com/view/a3eb3efcf7ca9b57dff072ceb62b9b6a/public/?
Certificate
IssuerGoogle Trust Services LLC
Subjectfangsforum.com
FingerprintA5:7C:74:8D:86:F9:01:BC:54:34:33:16:8C:01:2A:47:41:9A:20:2D
ValidityWed, 01 May 2024 15:07:29 GMT - Tue, 30 Jul 2024 15:07:28 GMT

File type
JavaScript source, ASCII text
Size
17 kB (17026 bytes)
Hash
a17c7e17b71ea10cf76bf5bbb8fb6f57
08ebb851c9c37f53a2b8fedc94adc9d1cacb1cb8
871d7d34566ed4c3206be32e299552d04a697a82a36829cc71ba258ce44e4ca1

HTTP Headers

GET /core/form/core_form.js HTTP/1.1
Host: news.fangsforum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news.fangsforum.com/view/a3eb3efcf7ca9b57dff072ceb62b9b6a/public/?
Cookie: bid=a3eb3efcf7ca9b57dff072ceb62b9b6a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 02 May 2024 14:06:27 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 09 May 2024 10:45:30 GMT
last-modified: Tue, 30 Apr 2024 17:52:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 12057
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cQbKD5ukPjC1pQJu%2FqldoMSDHVVv1Ka4gXbXEDR8UjOQQWLV53i8%2Bl06T%2F4gxSQoVKP7TvWPbAptV6B7HCXu21STMOmVX4zFP8G4CXbvoSW3qz3DfROdhiv1kHc%2F71lLc%2Fy4l%2Bgl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d8926f5ce6569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

news.fangsforum.com/core/token/core_token.js

172.67.159.20

200 OK

14 kB

URL GET HTTP/3
news.fangsforum.com/core/token/core_token.js
IP
172.67.159.20:443
ASN
#13335 CLOUDFLARENET

Requested by
https://news.fangsforum.com/view/a3eb3efcf7ca9b57dff072ceb62b9b6a/public/?
Certificate
IssuerGoogle Trust Services LLC
Subjectfangsforum.com
FingerprintA5:7C:74:8D:86:F9:01:BC:54:34:33:16:8C:01:2A:47:41:9A:20:2D
ValidityWed, 01 May 2024 15:07:29 GMT - Tue, 30 Jul 2024 15:07:28 GMT

File type
JavaScript source, ASCII text
Size
14 kB (13505 bytes)
Hash
94f53d530575909ce27cdd1f5dc64372
91b96e78d0aad4dfb6fa1834e7d9a60829d42eb8
3c8c63b5d734c8307e26340fabc40d2db29b8e790c857bc794f429196bc8bcf1

HTTP Headers

GET /core/token/core_token.js HTTP/1.1
Host: news.fangsforum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news.fangsforum.com/view/a3eb3efcf7ca9b57dff072ceb62b9b6a/public/?
Cookie: bid=a3eb3efcf7ca9b57dff072ceb62b9b6a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 02 May 2024 14:06:27 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 09 May 2024 10:45:30 GMT
last-modified: Tue, 30 Apr 2024 17:52:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 12057
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YhKzgAZrBju%2Bsbn4TnEUYdQqncXEv99fEWA87fO0EKr7BU6hsXd9lOXAMnbrJNTtiy3MiG8cTAvuGD15l6%2F6YaZ4YX4YDoluQaRr8PB0GWDEr5%2BsLgWEktke2Xxug%2B7D6kEMeWkx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d8926f5ce7569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

news.fangsforum.com/login/form/form.js?v=66339de36f3c7

172.67.159.20

200 OK

2.6 kB

URL GET HTTP/3
news.fangsforum.com/login/form/form.js?v=66339de36f3c7
IP
172.67.159.20:443
ASN
#13335 CLOUDFLARENET

Requested by
https://news.fangsforum.com/view/a3eb3efcf7ca9b57dff072ceb62b9b6a/public/?
Certificate
IssuerGoogle Trust Services LLC
Subjectfangsforum.com
FingerprintA5:7C:74:8D:86:F9:01:BC:54:34:33:16:8C:01:2A:47:41:9A:20:2D
ValidityWed, 01 May 2024 15:07:29 GMT - Tue, 30 Jul 2024 15:07:28 GMT

File type
JavaScript source, ASCII text, with very long lines (2787), with no line terminators
Size
2.6 kB (2633 bytes)
Hash
c90b860de78de5ffe4cda9b2d3a62fde
7aec84c45fdfd7b99646b3a87b3312eb83f8442f
cca3a6bb4044d0a7d321a27373a421d5045b081c21b68efe314fe35b39e319dd

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook

HTTP Headers

GET /login/form/form.js?v=66339de36f3c7 HTTP/1.1
Host: news.fangsforum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news.fangsforum.com/view/a3eb3efcf7ca9b57dff072ceb62b9b6a/public/?
Cookie: bid=a3eb3efcf7ca9b57dff072ceb62b9b6a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 02 May 2024 14:06:27 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 09 May 2024 14:06:27 GMT
last-modified: Tue, 30 Apr 2024 17:52:36 GMT
vary: Accept-Encoding
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qdgax8Jt7UTxcudxodUrp6sQr7RViPisShXMx6jvKRXXsjTx9pLDPDVII3btJk8fNZU4Y2Kz8qTxfeq1uO6GBXTW%2BndQrPacsedcSRenoge7YdmTdiHggAxlp3AuhiTmJnTETPjG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d8926f7d17569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

news.fangsforum.com/view/a3eb3efcf7ca9b57dff072ceb62b9b6a/public/?

172.67.159.20

200 OK

1.4 MB

URL User Request GET HTTP/2
news.fangsforum.com/view/a3eb3efcf7ca9b57dff072ceb62b9b6a/public/?
IP
172.67.159.20:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectfangsforum.com
FingerprintA5:7C:74:8D:86:F9:01:BC:54:34:33:16:8C:01:2A:47:41:9A:20:2D
ValidityWed, 01 May 2024 15:07:29 GMT - Tue, 30 Jul 2024 15:07:28 GMT

File type

Size
1.4 MB (1426821 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /view/a3eb3efcf7ca9b57dff072ceb62b9b6a/public/? HTTP/1.1
Host: news.fangsforum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: bid=a3eb3efcf7ca9b57dff072ceb62b9b6a
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 02 May 2024 14:06:27 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.3.33
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9EgVXrTa4TiFCmEeBZJgaP6ehJdp7PUvlrnJZjw6BgOOTnebrIApdPrO2NuKLwz2azidwLfSqFynO9%2BrnEeMt4MzXweP%2BbyYXvMIYxuG%2FbGI5HsSH5K1Nv91zOoXKoMe7F0vuu%2Bv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d8926d5ddc0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

news.fangsforum.com/home.php?pl=token&link=Hiz&bid=a3eb3efcf7ca9b57dff072ceb62b9b6a&callback=jQuery32108940583277327401_1714658787940&data=%7B%22mes%22%3A%22User%20on%20login%20page%22%7D&_=1714658787941

172.67.159.20

200 OK

57 B

URL GET HTTP/3
news.fangsforum.com/home.php?pl=token&link=Hiz&bid=a3eb3efcf7ca9b57dff072ceb62b9b6a&callback=jQuery32108940583277327401_1714658787940&data=%7B%22mes%22%3A%22User%20on%20login%20page%22%7D&_=1714658787941
IP
172.67.159.20:443
ASN
#13335 CLOUDFLARENET

Requested by
https://news.fangsforum.com/view/a3eb3efcf7ca9b57dff072ceb62b9b6a/public/?
Certificate
IssuerGoogle Trust Services LLC
Subjectfangsforum.com
FingerprintA5:7C:74:8D:86:F9:01:BC:54:34:33:16:8C:01:2A:47:41:9A:20:2D
ValidityWed, 01 May 2024 15:07:29 GMT - Tue, 30 Jul 2024 15:07:28 GMT

File type
ASCII text, with no line terminators
Size
57 B (57 bytes)
Hash
bbb83653385e4534ef056c863bbcd744
65fba4db7ab6c8be373c1c819635c63784dd82bb
a327de26da96f7ac07fff33fa22cf6849ff111fc9009b9775d50f4e88db9956e

HTTP Headers

GET /home.php?pl=token&link=Hiz&bid=a3eb3efcf7ca9b57dff072ceb62b9b6a&callback=jQuery32108940583277327401_1714658787940&data=%7B%22mes%22%3A%22User%20on%20login%20page%22%7D&_=1714658787941 HTTP/1.1
Host: news.fangsforum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://news.fangsforum.com/view/a3eb3efcf7ca9b57dff072ceb62b9b6a/public/?
Cookie: bid=a3eb3efcf7ca9b57dff072ceb62b9b6a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 02 May 2024 14:06:28 GMT
content-type: application/json
x-powered-by: PHP/7.3.33
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VST4SZ1MSamlfXgI8beWE6Duxa8xuRD1xlUO%2FLmX7a7rB4aM5z2VdTGXrXYJjiK3gawDZvp6drpaV4wLCpmcB6tXmgRORAMIuFXZpbz%2B78o6IswNN4wTpSguVPzWGm%2FshREYg3fL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d89273298e569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

172.67.159.20

200 OK

57 B

URL GET HTTP/3
news.fangsforum.com/home.php?pl=token&link=Hiz&bid=a3eb3efcf7ca9b57dff072ceb62b9b6a&callback=jQuery32108940583277327401_1714658787938&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1714658787943
IP
172.67.159.20:443
ASN
#13335 CLOUDFLARENET

Requested by
https://news.fangsforum.com/view/a3eb3efcf7ca9b57dff072ceb62b9b6a/public/?
Certificate
IssuerGoogle Trust Services LLC
Subjectfangsforum.com
FingerprintA5:7C:74:8D:86:F9:01:BC:54:34:33:16:8C:01:2A:47:41:9A:20:2D
ValidityWed, 01 May 2024 15:07:29 GMT - Tue, 30 Jul 2024 15:07:28 GMT

File type
ASCII text, with no line terminators
Size
57 B (57 bytes)
Hash
88b523633a59cb73716ecf2d7c376f4c
6963bac8276855288498af49013a8029356be2e5
ff4baf275090abfad28499d244b04e86f7432e8c119fd2d0f20df0cee91ede56

HTTP Headers

GET /home.php?pl=token&link=Hiz&bid=a3eb3efcf7ca9b57dff072ceb62b9b6a&callback=jQuery32108940583277327401_1714658787938&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1714658787943 HTTP/1.1
Host: news.fangsforum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://news.fangsforum.com/view/a3eb3efcf7ca9b57dff072ceb62b9b6a/public/?
Cookie: bid=a3eb3efcf7ca9b57dff072ceb62b9b6a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 02 May 2024 14:06:39 GMT
content-type: application/json
x-powered-by: PHP/7.3.33
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HXyqrRieNYgx4BfgMD%2BTsIBkSTwYNAUiZz%2F86GHYeyemBfqV2%2FykUnX1jwoqCOj3wRUrcr%2FuNqYEXKAy3rFEwbgcdwjTWx664mdTXWqfZZ3BnWvfHg4iTQ0L18VJaYAFQgPywuSU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d892b17940569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

news.fangsforum.com/bower_components/font-awesome/css/font-awesome.min.css

172.67.159.20

200 OK

31 kB

URL GET HTTP/3
news.fangsforum.com/bower_components/font-awesome/css/font-awesome.min.css
IP
172.67.159.20:443
ASN
#13335 CLOUDFLARENET

Requested by
https://news.fangsforum.com/view/a3eb3efcf7ca9b57dff072ceb62b9b6a/public/?
Certificate
IssuerGoogle Trust Services LLC
Subjectfangsforum.com
FingerprintA5:7C:74:8D:86:F9:01:BC:54:34:33:16:8C:01:2A:47:41:9A:20:2D
ValidityWed, 01 May 2024 15:07:29 GMT - Tue, 30 Jul 2024 15:07:28 GMT

File type
ASCII text, with very long lines (30837)
Size
31 kB (31000 bytes)
Hash
269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook

HTTP Headers

GET /bower_components/font-awesome/css/font-awesome.min.css HTTP/1.1
Host: news.fangsforum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news.fangsforum.com/view/a3eb3efcf7ca9b57dff072ceb62b9b6a/public/?
Cookie: bid=a3eb3efcf7ca9b57dff072ceb62b9b6a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 02 May 2024 14:06:27 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 09 May 2024 00:04:37 GMT
last-modified: Tue, 30 Apr 2024 17:52:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 50510
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JGNiHYIO6F51briYiwvDk%2Fjq0316QdBcf5a4w%2FKis9NdaibGy17CfY9bMzfPT%2BdMAQJNF7aH76PiP1cB37wrcbRYYZ0yaWmLm9398AQsGyGduDTQTk989cK0VHizCboa5r17Qgab"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d8926f5ce3569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

news.fangsforum.com/login/form/css.css

172.67.159.20

200 OK

563 B

URL GET HTTP/3
news.fangsforum.com/login/form/css.css
IP
172.67.159.20:443
ASN
#13335 CLOUDFLARENET

Requested by
https://news.fangsforum.com/view/a3eb3efcf7ca9b57dff072ceb62b9b6a/public/?
Certificate
IssuerGoogle Trust Services LLC
Subjectfangsforum.com
FingerprintA5:7C:74:8D:86:F9:01:BC:54:34:33:16:8C:01:2A:47:41:9A:20:2D
ValidityWed, 01 May 2024 15:07:29 GMT - Tue, 30 Jul 2024 15:07:28 GMT

File type
ASCII text, with very long lines (593), with no line terminators
Size
563 B (563 bytes)
Hash
d2fa4f2848d69806d9f0f39dcd92466b
9931bbfc6792da45a421f9b35a5f7f3284a73263
e7bd2de36778afe1a5ddccf9c9d94786eba97b0af8381f23518a6072e5b392b0

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook

HTTP Headers

GET /login/form/css.css HTTP/1.1
Host: news.fangsforum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news.fangsforum.com/view/a3eb3efcf7ca9b57dff072ceb62b9b6a/public/?
Cookie: bid=a3eb3efcf7ca9b57dff072ceb62b9b6a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 02 May 2024 14:06:27 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 09 May 2024 10:45:30 GMT
last-modified: Tue, 30 Apr 2024 17:52:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 12057
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=75sftV2nccVLqJfDbAH5hwOUuJ7A0QyoVqK5qqt%2BKOVZapu4UUr2eLFDy%2FU4n2HMFoIx5zDgziHKpBi9MKuwG9g0XA45sQOL%2FPnZZmN66p5f%2FC2b3GTvnc3f%2FHiavKQpbxC1VaCn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d8926f5cf1569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

news.fangsforum.com/login/token/token.js?v=66339de36f3ca

172.67.159.20

200 OK

1.3 kB

URL GET HTTP/3
news.fangsforum.com/login/token/token.js?v=66339de36f3ca
IP
172.67.159.20:443
ASN
#13335 CLOUDFLARENET

Requested by
https://news.fangsforum.com/view/a3eb3efcf7ca9b57dff072ceb62b9b6a/public/?
Certificate
IssuerGoogle Trust Services LLC
Subjectfangsforum.com
FingerprintA5:7C:74:8D:86:F9:01:BC:54:34:33:16:8C:01:2A:47:41:9A:20:2D
ValidityWed, 01 May 2024 15:07:29 GMT - Tue, 30 Jul 2024 15:07:28 GMT

File type
JavaScript source, ASCII text, with very long lines (1340), with no line terminators
Size
1.3 kB (1262 bytes)
Hash
a4c1710281b81e6ba56fd4c3c16e4f64
d973b08d0b9ce7345733fd17cc6606d3ba222b0c
e460dc38e8569d1ad35ac31920e3f5358717425f7803eddbfda7b39348f95af1

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook

HTTP Headers

GET /login/token/token.js?v=66339de36f3ca HTTP/1.1
Host: news.fangsforum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news.fangsforum.com/view/a3eb3efcf7ca9b57dff072ceb62b9b6a/public/?
Cookie: bid=a3eb3efcf7ca9b57dff072ceb62b9b6a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 02 May 2024 14:06:27 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 09 May 2024 14:06:27 GMT
last-modified: Tue, 30 Apr 2024 17:52:36 GMT
vary: Accept-Encoding
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2fewH5iUA3DpAWByQhzrfsuJ42PhRtwY3BjFEJPGvePSeZW2IGhuHBQaR7U10xi5UKsYy6DUsWLwAxPOgpRi%2BEhgfsIFFJfQKUW4kVaR4pdZwJTCn3qOmvdT%2F9HpDuDm5WLqN4e2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d8926f7d18569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

172.67.159.20

200 OK

57 B

URL GET HTTP/3
news.fangsforum.com/home.php?pl=token&link=Hiz&bid=a3eb3efcf7ca9b57dff072ceb62b9b6a&callback=jQuery32108940583277327401_1714658787938&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1714658787944
IP
172.67.159.20:443
ASN
#13335 CLOUDFLARENET

Requested by
https://news.fangsforum.com/view/a3eb3efcf7ca9b57dff072ceb62b9b6a/public/?
Certificate
IssuerGoogle Trust Services LLC
Subjectfangsforum.com
FingerprintA5:7C:74:8D:86:F9:01:BC:54:34:33:16:8C:01:2A:47:41:9A:20:2D
ValidityWed, 01 May 2024 15:07:29 GMT - Tue, 30 Jul 2024 15:07:28 GMT

File type
ASCII text, with no line terminators
Size
57 B (57 bytes)
Hash
88b523633a59cb73716ecf2d7c376f4c
6963bac8276855288498af49013a8029356be2e5
ff4baf275090abfad28499d244b04e86f7432e8c119fd2d0f20df0cee91ede56

HTTP Headers

GET /home.php?pl=token&link=Hiz&bid=a3eb3efcf7ca9b57dff072ceb62b9b6a&callback=jQuery32108940583277327401_1714658787938&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1714658787944 HTTP/1.1
Host: news.fangsforum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://news.fangsforum.com/view/a3eb3efcf7ca9b57dff072ceb62b9b6a/public/?
Cookie: bid=a3eb3efcf7ca9b57dff072ceb62b9b6a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 02 May 2024 14:06:43 GMT
content-type: application/json
x-powered-by: PHP/7.3.33
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p1eZCxbHtGebySw4eebtWNmRgoJCofKwjFb0s1C6%2BzmVprtR40EFowceD1ykUBL4Aw%2B2kt8zARXVG0zW%2Bx%2FBP0bidq8qYyVSa0AViZdgSmBFj6zi%2Fdt5GB3tgkDgqcTUZ7bw7jxk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d892d0bef1569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by