Report - mining989.com/

Report Overview

Submitted URL
mining989.com/
IP
3.33.129.28
ASN
#16509 AMAZON-02
Submitted
2022-11-30 03:39:41
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
58

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
mining989.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	20 kB	1.2 MB	15.197.149.206
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	62 kB	34.120.237.76
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	447 B	746 B	142.250.74.106
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	95.101.11.115
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.6 kB	93.184.220.29
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.35.167.249
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	686 B	1.4 kB	142.250.74.131
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
dvcasha2.ocsp-certum.com	71753	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	348 B	1.9 kB	23.36.79.17

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-30	medium	mining989.com/	Phishing
2022-11-30	medium	mining989.com/	Phishing
2022-11-30	medium	mining989.com/assets/js/index.ced277c3.js	Phishing
2022-11-30	medium	mining989.com/assets/js/chunk-vendors.862b4be9.js	Phishing
2022-11-30	medium	mining989.com/js/web3.min.js	Phishing
2022-11-30	medium	mining989.com/assets/js/chunk-7cc7d9f9.a78118b0.js	Phishing
2022-11-30	medium	mining989.com/api/config	Phishing
2022-11-30	medium	mining989.com/assets/js/chunk-774ac8cd.12133253.js	Phishing
2022-11-30	medium	mining989.com/assets/js/chunk-6a68a7c7.7f536d17.js	Phishing
2022-11-30	medium	mining989.com/assets/js/chunk-dc58c196.52c85745.js	Phishing
2022-11-30	medium	mining989.com/assets/js/chunk-17b6bbed.d57b66f8.js	Phishing
2022-11-30	medium	mining989.com/assets/js/chunk-1dac3aa2.602922a0.js	Phishing
2022-11-30	medium	mining989.com/assets/js/chunk-24c337ed.d3370be1.js	Phishing
2022-11-30	medium	mining989.com/assets/js/chunk-2d0a555d.4f85040f.js	Phishing
2022-11-30	medium	mining989.com/assets/js/chunk-2d0c91a9.81e323f6.js	Phishing
2022-11-30	medium	mining989.com/assets/js/chunk-2d22670c.f8e67220.js	Phishing
2022-11-30	medium	mining989.com/api/plan/planOPtionsList	Phishing
2022-11-30	medium	mining989.com/assets/img/nodata_icon.564ba5a9.svg	Phishing
2022-11-30	medium	mining989.com/api/get_config	Phishing
2022-11-30	medium	mining989.com/assets/js/chunk-2ed9aa7b.88424d04.js	Phishing
2022-11-30	medium	mining989.com/assets/js/chunk-31bfc060.99bf808b.js	Phishing
2022-11-30	medium	mining989.com/assets/js/chunk-3e95bfd4.ee231e1a.js	Phishing
2022-11-30	medium	mining989.com/assets/js/chunk-74a23f77.e7227b6f.js	Phishing
2022-11-30	medium	mining989.com/assets/js/chunk-5721dc56.0645dc09.js	Phishing
2022-11-30	medium	mining989.com/assets/js/chunk-74b6eb24.d3951a2b.js	Phishing
2022-11-30	medium	mining989.com/assets/js/chunk-76f08b24.6300be60.js	Phishing
2022-11-30	medium	mining989.com/assets/js/chunk-b121c5fe.612d8962.js	Phishing
2022-11-30	medium	mining989.com/assets/js/chunk-ef509314.23fb1057.js	Phishing
2022-11-30	medium	mining989.com/favicon.png?v=2	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (5)

	URL	Size	First Seen	Last Seen
	mining989.com/assets/js/chunk-774ac8cd.12133253.js	104 B	2023-03-07	2024-04-17
Pretty URL mining989.com/assets/js/chunk-774ac8cd.12133253.js IP 15.197.149.206 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:24:00 Last Seen2024-04-17 19:13:25 Times Seen9 Hash 73dda9114dae7d878d3104ca0eb24bf7 5de9aa2f7f9d09a628208c185d37849a507f7526 8827a7caff734301d6508fc2b00f8f8026ed3844933c360a85e83a6edb717937 Loading...

	mining989.com/	330 B	2023-03-07	2023-03-26
Pretty URL mining989.com/ IP 15.197.149.206 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:24:00 Last Seen2023-03-26 08:18:58 Times Seen3 Hash 94f79ee4fc2857b4ac213ca8083a3614 d7ed51421e58209d9512c16edf9016f7ed6c4f58 c5cd32b353dd1c3c3ffd54e75e4dae5b8ac12e7fb465c62577c3f7785c01ea1b Loading...

	mining989.com/assets/js/chunk-vendors.862b4be9.js	318 kB	2023-03-07	2023-03-11
Pretty URL mining989.com/assets/js/chunk-vendors.862b4be9.js IP 15.197.149.206 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:24:00 Last Seen2023-03-11 22:47:02 Times Seen1 Hash a87555e968e78345533f3ed1b46da29b 4c56d4c08ff542331bdab99676e8c9a0ef9768aa fe0f35c96da5362f0fc30709d18102c9a8299928d84722a84b6569e54dc7bc7c Loading...

	mining989.com/assets/js/index.ced277c3.js	219 kB	2023-03-11	2023-03-11
Pretty URL mining989.com/assets/js/index.ced277c3.js IP 15.197.149.206 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:11:18 Last Seen2023-03-11 22:47:02 Times Seen1 Hash 56dc8612d2bcf904d7f94d95e93ee4a0 0a7371e944dda327fe57b3e2ba129be2e2162e83 bc64dd9e230408509c5c57d8e9ef8879ea465fda64488a63ba9910a6be4deefa Loading...

	mining989.com/assets/js/chunk-7cc7d9f9.a78118b0.js	2.7 kB	2023-03-11	2023-03-11
Pretty URL mining989.com/assets/js/chunk-7cc7d9f9.a78118b0.js IP 15.197.149.206 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:11:18 Last Seen2023-03-11 22:47:02 Times Seen1 Hash 6b638b4eb4427d5eb44d9decae046322 0b8d9559a5fa86da97669336d093346813af1b93 7fe098fd7bc072ff558b0e5dc7e3a5fbc4b6253b021d2b9380886247f4d33c03 Loading...

HTTP Transactions (69)

URL IP Response Size

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a5daf4dc99951793ae2315d4795e8146
4427507ca4d3a5632cc8f598afbc85e2195d00bd
94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12233
Expires: Wed, 30 Nov 2022 07:03:23 GMT
Date: Wed, 30 Nov 2022 03:39:30 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
4ed065cb23b5fca1a179dd73b3c5b7b2
4422eb24688f5e056fc1b18b127c7f63b1dbf5e0
b723d770d0dec7441d8505dc5a4e7d34f55c9f564ec52f20d9b70c7c3a0d9d35

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4769
Cache-Control: max-age=115870
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 03:39:30 GMT
Etag: "6385df6f-1d7"
Expires: Thu, 01 Dec 2022 11:50:40 GMT
Last-Modified: Tue, 29 Nov 2022 10:31:11 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 30 Nov 2022 03:19:39 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1191
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6d9d34c96b9a826ae5676640c966469c
8052a16d41a637e420478b7de1ff5a2dc951fccd
f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9402
Expires: Wed, 30 Nov 2022 06:16:12 GMT
Date: Wed, 30 Nov 2022 03:39:30 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: Hd8utHpAD7Cd7znKB6lDnFybb6465/uPsjfijj6Q3++T3CWCPVT018eVy6Zg4SWg+BI+UyTK/Dk=
x-amz-request-id: WHNP18X837MXF4MX
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 30 Nov 2022 02:45:03 GMT
age: 3267
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 03:39:30 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

mining989.com/

15.197.149.206

301 Moved Permanently

185 B

URL HTTP/1.1
mining989.com/
IP
15.197.149.206:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
185 B (185 bytes)
Hash
cb6ffbb4043c88e63023bdbe1273e7f6
51ab256fee07ae97343aea50861f5b9b0214cac2
e2085b8ac766c65a76f7e31e2ee5d257f7728465331a46ee58005fd212575348

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: mining989.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx/1.12.2
Date: Wed, 30 Nov 2022 03:39:30 GMT
Content-Type: text/html
Content-Length: 185
Connection: keep-alive
Location: https://mining989.com/
X-Via: 1.1 ip-172-31-19-137.ap-southeast-1.compute.internal (random:275412 Fikker/Webcache/3.7.7)

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 30 Nov 2022 03:11:13 GMT
cache-control: public,max-age=3600
age: 1697
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
3c8c689bd654417640d85f3da51af313
85123b6d46230a23d03768bf304b386e5d301305
516138ca79703b45e904d32d7dde1c1e9fd35995b9f1bb1331c547542745676d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4782
Cache-Control: max-age=110819
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 03:39:31 GMT
Etag: "6385cba8-1d7"
Expires: Thu, 01 Dec 2022 10:26:30 GMT
Last-Modified: Tue, 29 Nov 2022 09:06:48 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471

dvcasha2.ocsp-certum.com/

23.36.79.17

200 OK

1.6 kB

URL HTTP/1.1
dvcasha2.ocsp-certum.com/
IP
23.36.79.17:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.6 kB (1599 bytes)
Hash
2cd9e529379b28e2933fc0fa7d80b4e7
9fa88dae113be86dcca8882d1d12b0ea05d5e3fe
23d97d8dab8a1873af8b908675281cfa4786d68a62845f943bb240c51bb07fb3

HTTP Headers

POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: MISS
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=870
Date: Wed, 30 Nov 2022 03:39:31 GMT
Connection: keep-alive
X-N: S

push.services.mozilla.com/

52.35.167.249

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.35.167.249:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: dX5h18GRMYkzgAYQqPhuZg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: GEIgdo1yXChfgBgRL9GlOsAbWJY=

mining989.com/

15.197.149.206

200

1.4 kB

URL HTTP/1.1
mining989.com/
IP
15.197.149.206:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3874)
Size
1.4 kB (1448 bytes)
Hash
58b198f259fe0f03e6069f48a2baedb9
0596357c404888b2a7b2aaf92c34f880385cca1b
38b8cdc14411a0c8ecf4a8ae60e8745414ed3fcd4e7046ffa3f355b8224f12e1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: mining989.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 
Server: nginx/1.12.2
Date: Wed, 30 Nov 2022 03:39:31 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"4325-1667789544000"
Last-Modified: Mon, 07 Nov 2022 02:52:24 GMT
Content-Encoding: gzip
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Headers: X-Requested-With, X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS, GET,POST,OPTIONS
X-Via: 1.1 ip-172-31-19-137.ap-southeast-1.compute.internal (random:275412 Fikker/Webcache/3.7.7)

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
07b8296613be09905e34b09dce4a203f
c97c67e8c4b1247423d089c028c31e05734f124e
c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 03:39:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
07b8296613be09905e34b09dce4a203f
c97c67e8c4b1247423d089c028c31e05734f124e
c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 03:39:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

mining989.com/assets/css/index.e19fae5e.css

15.197.149.206

200

11 kB

URL HTTP/1.1
mining989.com/assets/css/index.e19fae5e.css
IP
15.197.149.206:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (28313), with no line terminators
Size
11 kB (11291 bytes)
Hash
083404a14e26d0489dea535f6a7bdc09
dba47db542bd1cb48fd77aed84bc1c41d11339bd
a67882d4beab7fd8811c5fa381f6e5c6fa8a7334fc795d2af87a488472a3d134

HTTP Headers

GET /assets/css/index.e19fae5e.css HTTP/1.1
Host: mining989.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mining989.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Server: nginx/1.12.2
Date: Wed, 30 Nov 2022 03:39:32 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"28313-1667789516000"
Last-Modified: Mon, 07 Nov 2022 02:51:56 GMT
Content-Encoding: gzip
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Headers: X-Requested-With, X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS, GET,POST,OPTIONS
X-Via: 1.1 ip-172-31-19-137.ap-southeast-1.compute.internal (random:275412 Fikker/Webcache/3.7.7)

mining989.com/assets/css/chunk-vendors.be622a32.css

15.197.149.206

200

34 kB

URL HTTP/1.1
mining989.com/assets/css/chunk-vendors.be622a32.css
IP
15.197.149.206:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (65536), with no line terminators
Size
34 kB (33949 bytes)
Hash
41aafd83fd109874a721b4de71b90db6
5c4d398f02415aa6e70c81cc600fe109fb4a1095
653ee50e08a1bd4b899cd6a741d39458d0a7aa91b6ee118088039e55b57ba807

HTTP Headers

GET /assets/css/chunk-vendors.be622a32.css HTTP/1.1
Host: mining989.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mining989.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Server: nginx/1.12.2
Date: Wed, 30 Nov 2022 03:39:32 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"71420-1667789516000"
Last-Modified: Mon, 07 Nov 2022 02:51:56 GMT
Content-Encoding: gzip
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Headers: X-Requested-With, X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS, GET,POST,OPTIONS
X-Via: 1.1 ip-172-31-19-137.ap-southeast-1.compute.internal (random:275412 Fikker/Webcache/3.7.7)

mining989.com/assets/js/index.ced277c3.js

15.197.149.206

200

77 kB

URL HTTP/1.1
mining989.com/assets/js/index.ced277c3.js
IP
15.197.149.206:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (65447), with no line terminators
Size
77 kB (77176 bytes)
Hash
aa4588ad07d54e7aea60815d8fd50dca
0dbbb6cb9054283ff983bdfa1911c95792f2b9bd
27004f195f2fcbecedcf29f72555080ab2af2f09927a4610ac587bf3fadae8bd

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/index.ced277c3.js HTTP/1.1
Host: mining989.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mining989.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Server: nginx/1.12.2
Date: Wed, 30 Nov 2022 03:39:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"219050-1667789543000"
Last-Modified: Mon, 07 Nov 2022 02:52:23 GMT
Content-Encoding: gzip
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Headers: X-Requested-With, X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS, GET,POST,OPTIONS
X-Via: 1.1 ip-172-31-19-137.ap-southeast-1.compute.internal (random:275412 Fikker/Webcache/3.7.7)

mining989.com/assets/js/chunk-vendors.862b4be9.js

15.197.149.206

200

122 kB

URL HTTP/1.1
mining989.com/assets/js/chunk-vendors.862b4be9.js
IP
15.197.149.206:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (41430)
Size
122 kB (121852 bytes)
Hash
e8c012959cd5398bec0bd9b3b3a47400
931dad715aca5f0a6123b41f64a4176339223821
0d5ee683d7f079cd618a6b34b8de4c7bd70a9981e2074bfe1fb979f60db78b93

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/chunk-vendors.862b4be9.js HTTP/1.1
Host: mining989.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mining989.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Server: nginx/1.12.2
Date: Wed, 30 Nov 2022 03:39:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"317881-1667789542000"
Last-Modified: Mon, 07 Nov 2022 02:52:22 GMT
Content-Encoding: gzip
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Headers: X-Requested-With, X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS, GET,POST,OPTIONS
X-Via: 1.1 ip-172-31-19-137.ap-southeast-1.compute.internal (random:275412 Fikker/Webcache/3.7.7)

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4934
Expires: Wed, 30 Nov 2022 05:01:46 GMT
Date: Wed, 30 Nov 2022 03:39:32 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4934
Expires: Wed, 30 Nov 2022 05:01:46 GMT
Date: Wed, 30 Nov 2022 03:39:32 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4934
Expires: Wed, 30 Nov 2022 05:01:46 GMT
Date: Wed, 30 Nov 2022 03:39:32 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4934
Expires: Wed, 30 Nov 2022 05:01:46 GMT
Date: Wed, 30 Nov 2022 03:39:32 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6bad627-8bb4-4de1-a2da-92da8f9ec614.webp

34.120.237.76

200 OK

7.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6bad627-8bb4-4de1-a2da-92da8f9ec614.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.7 kB (7658 bytes)
Hash
536cd283dee06cf1ceb9e15e4850db92
47aafca572d34f9726a0174ac902178556e581d8
63a5acf87962da6656f828422545af0ccc0888f0a2a15ebd2160ffb3714e6241

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6bad627-8bb4-4de1-a2da-92da8f9ec614.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7658
x-amzn-requestid: e729e5b6-0c92-4ed3-b449-4a30d5bb4b89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEyEQSIAMFWsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1e-1bba7e9a2d15d66779b1896c;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AuN9hTb4YydNZjvpnTGyE313wl-O3F_p4jC_NUSe8kr3RB_4AjOEMw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:56:09 GMT
age: 20603
etag: "47aafca572d34f9726a0174ac902178556e581d8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffcc0013-bfb7-45fa-bdf2-4b7a90daae54.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.0 kB (8953 bytes)
Hash
a7c72c70f2b8be44dd384abb4b4a6fdd
eed94c5cb2a5810e985894af5d5f73238a83e136
49a560a81471ad567067dfa4be4bc02d592eeac9ac5bf5376e67f8c93d2ef0d6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffcc0013-bfb7-45fa-bdf2-4b7a90daae54.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8953
x-amzn-requestid: 65d5d2d4-62aa-4d5b-abd4-1aa52eb3550f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhXeFPgoAMFojw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867c2f-6eaf6ebe4bb408d51abe0660;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:39:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: DqSVagVTQVJm7gZyiBIQP-X113XjRI5tHxaxLRFD1b7aQQiRyKoPZA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:45 GMT
age: 21287
etag: "eed94c5cb2a5810e985894af5d5f73238a83e136"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.1 kB (9051 bytes)
Hash
05196ec43964cf559caa0c0279148d62
6170d6776615503e3e29f86783febc3e3e78ca66
47f3a5cde661987e3496ce110a0170b10087dd9ba8d4fd691c4830587ba3fa3f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9051
x-amzn-requestid: 1032dd9c-a15e-4e8a-9c81-07419e8caf67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhGvEMNIAMFaKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bc4-1005c20a33320dbf6567ca31;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rtfl896JX35oFFEVmqyH9Nm62iSY6rqwzkLwZMcM45p_ySF6J2QwEQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:47 GMT
age: 21285
etag: "6170d6776615503e3e29f86783febc3e3e78ca66"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87a30da8-85ab-41b8-bac9-b9c57f447d6a.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9670 bytes)
Hash
33ee67e62c49fc8d51f18df313002aac
3d8c927b6945d880f92d4e7a686cad5a9985e8ad
ba6e66e07cd93219926927fd2b468a92b8d02cc9bf1da0b3b9a3c48da160bbdc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87a30da8-85ab-41b8-bac9-b9c57f447d6a.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9670
x-amzn-requestid: d9a529ac-9dc6-4e12-80c5-3250dc97e7bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDcFiAoAMF0nA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-116ddf09265d51523c3638b3;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dTu4TnkeBj5Jm6nU8CA37pptq4F43BUYXcAJPcXro47W1MJriiVrcw==
via: 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:35 GMT
etag: "3d8c927b6945d880f92d4e7a686cad5a9985e8ad"
content-type: image/jpeg
age: 21297
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.3 kB (7298 bytes)
Hash
e00769bd1391b8f4f5b8ab128a825355
e4ddf955e8ac1986045ed55880c43c69e588a021
81ca4d20c28fed8fd3135515daadc1fdbfb4198535d7c46021b418b8b98e59a5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7298
x-amzn-requestid: 381e55bb-876b-46ad-84b6-1ddf9f876f56
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDcE3poAMFaAA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-7c12394600900afc7281e858;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7mRG070F4NZnewfowUhVhMerJaGjJd4G6O1tvTPiKyvTAzq-Y16-jw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:56:51 GMT
etag: "e4ddf955e8ac1986045ed55880c43c69e588a021"
content-type: image/jpeg
age: 20561
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F265a94d3-cdf4-4682-bcea-7cb1b79bc860.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (13195 bytes)
Hash
9fb14804c284e300f976848e30396e9c
6004b4b7afd22dded903f026d245bc90a6706767
1cf96b0b6c83f182d018fa4ffb9924038bf282755091e7bacff2a624220260d5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F265a94d3-cdf4-4682-bcea-7cb1b79bc860.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13195
x-amzn-requestid: 1303b72c-fe18-46a3-b3c1-06f3b8550d90
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhGvHW6oAMFxgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bc4-1b3dbbb005a238117076d1f3;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pw2Wm8mI8MxRAOVsdvvWLEuxPN5ffcgWBZ_KecuuS5stoTHF4hxECg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:49 GMT
age: 21283
etag: "6004b4b7afd22dded903f026d245bc90a6706767"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

mining989.com/js/web3.min.js

15.197.149.206

200

449 kB

URL HTTP/1.1
mining989.com/js/web3.min.js
IP
15.197.149.206:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (63684), with CRLF line terminators
Size
449 kB (448607 bytes)
Hash
c02f971f2c774bb3267f0c2d40c766c5
92e21f5d3ab190da9b09e8f23845027c422a90c1
7881c8b49d3bccdfaf119eb6b8ccbedefde185986c4c49610cf1a71c9be8ad7a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/web3.min.js HTTP/1.1
Host: mining989.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mining989.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Server: nginx/1.12.2
Date: Wed, 30 Nov 2022 03:39:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"1412199-1667789550000"
Last-Modified: Mon, 07 Nov 2022 02:52:30 GMT
Content-Encoding: gzip
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Headers: X-Requested-With, X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS, GET,POST,OPTIONS
X-Via: 1.1 ip-172-31-19-137.ap-southeast-1.compute.internal (random:275412 Fikker/Webcache/3.7.7)

mining989.com/assets/js/chunk-7cc7d9f9.a78118b0.js

15.197.149.206

200

1.0 kB

URL HTTP/1.1
mining989.com/assets/js/chunk-7cc7d9f9.a78118b0.js
IP
15.197.149.206:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (2695), with no line terminators
Size
1.0 kB (1004 bytes)
Hash
2615aad432b297f6bfb7db1e9fc69e80
32dbcf76d0cca3387bbcfdf6b364e5aab08ed5a9
824414ea5438b37d337b68791db38d72199f8184135e5d950b87bf7ee60eb7ee

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/chunk-7cc7d9f9.a78118b0.js HTTP/1.1
Host: mining989.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mining989.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Server: nginx/1.12.2
Date: Wed, 30 Nov 2022 03:39:33 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"2695-1667789539000"
Last-Modified: Mon, 07 Nov 2022 02:52:19 GMT
Content-Encoding: gzip
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Headers: X-Requested-With, X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS, GET,POST,OPTIONS
X-Via: 1.1 ip-172-31-19-137.ap-southeast-1.compute.internal (random:275412 Fikker/Webcache/3.7.7)

mining989.com/api/config

15.197.149.206

200

23 kB

URL HTTP/1.1
mining989.com/api/config
IP
15.197.149.206:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (22903), with no line terminators
Size
23 kB (22907 bytes)
Hash
e9219a0ac07c86a2dc47f1e275d42d94
6b9a2bf3fc15312c2e67558ee3b3908647e4b4cb
f989f02fb865c66ed172f42d3a0d76b20dfcb2138e947e09228d91e86d1d2a43

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /api/config HTTP/1.1
Host: mining989.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate, br
lang: en-US
Content-Type: application/json
Content-Length: 52
Origin: https://mining989.com
Connection: keep-alive
Referer: https://mining989.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Server: nginx/1.12.2
Date: Wed, 30 Nov 2022 03:39:33 GMT
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Credentials: true
Set-Cookie: JSESSIONID=DEA9301911101CB7764489369A9240B7; Path=/; HttpOnly
Access-Control-Allow-Origin: https://mining989.com, *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS
X-Via: 1.1 ip-172-31-19-137.ap-southeast-1.compute.internal (random:275412 Fikker/Webcache/3.7.7)

mining989.com/assets/css/chunk-74b6eb24.7113d228.css

15.197.149.206

200

15 kB

URL HTTP/1.1
mining989.com/assets/css/chunk-74b6eb24.7113d228.css
IP
15.197.149.206:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (35004), with no line terminators
Size
15 kB (14810 bytes)
Hash
cbf1b89e5f8eeb360574bc7cf84dd53b
64fdcc84d42dad4c6a55c93a42e1a1e6363441c1
2ddef719cefeaf3fdb52a6156ffc81ee0f787c3bd5168338d2e2e3f352e5ade9

HTTP Headers

GET /assets/css/chunk-74b6eb24.7113d228.css HTTP/1.1
Host: mining989.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://mining989.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Server: nginx/1.12.2
Date: Wed, 30 Nov 2022 03:39:33 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"35004-1667789514000"
Last-Modified: Mon, 07 Nov 2022 02:51:54 GMT
Content-Encoding: gzip
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Headers: X-Requested-With, X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS, GET,POST,OPTIONS
X-Via: 1.1 ip-172-31-19-137.ap-southeast-1.compute.internal (random:275412 Fikker/Webcache/3.7.7)

mining989.com/assets/css/chunk-3e95bfd4.501ef72f.css

15.197.149.206

200

398 B

URL HTTP/1.1
mining989.com/assets/css/chunk-3e95bfd4.501ef72f.css
IP
15.197.149.206:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (1085), with no line terminators
Size
398 B (398 bytes)
Hash
be43f5440f9b11d9d366c105a29b4103
0977ab883758c52c49b9039b0da61cdb19dd361c
53f929968a532373baae017bb203055fcb1bd74db8ff782ea05ed713eee4cea4

HTTP Headers

GET /assets/css/chunk-3e95bfd4.501ef72f.css HTTP/1.1
Host: mining989.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://mining989.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Server: nginx/1.12.2
Date: Wed, 30 Nov 2022 03:39:33 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"1085-1667789513000"
Last-Modified: Mon, 07 Nov 2022 02:51:53 GMT
Content-Encoding: gzip
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Headers: X-Requested-With, X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS, GET,POST,OPTIONS
X-Via: 1.1 ip-172-31-19-137.ap-southeast-1.compute.internal (random:275412 Fikker/Webcache/3.7.7)

mining989.com/assets/css/chunk-74a23f77.0e1185f1.css

15.197.149.206

200

5.7 kB

URL HTTP/1.1
mining989.com/assets/css/chunk-74a23f77.0e1185f1.css
IP
15.197.149.206:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (18680), with no line terminators
Size
5.7 kB (5697 bytes)
Hash
696705c3209d8331f06b4eb7632bdf84
cc0a068ee40f3e605d2de7e680bdf4e031265d0a
b6b73a9535918fe2f3a9bdb6a7ebb928966897abddcb2e087828607fcae81456

HTTP Headers

GET /assets/css/chunk-74a23f77.0e1185f1.css HTTP/1.1
Host: mining989.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://mining989.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Server: nginx/1.12.2
Date: Wed, 30 Nov 2022 03:39:33 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"18680-1667789514000"
Last-Modified: Mon, 07 Nov 2022 02:51:54 GMT
Content-Encoding: gzip
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Headers: X-Requested-With, X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS, GET,POST,OPTIONS
X-Via: 1.1 ip-172-31-19-137.ap-southeast-1.compute.internal (random:275412 Fikker/Webcache/3.7.7)

mining989.com/assets/css/chunk-1dac3aa2.87802726.css

15.197.149.206

200

26 kB

URL HTTP/1.1
mining989.com/assets/css/chunk-1dac3aa2.87802726.css
IP
15.197.149.206:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (65536), with no line terminators
Size
26 kB (25582 bytes)
Hash
c8661eb596b97510ad9a56ca9282ea35
a9f1b4bdcba7e0ba1af6b5491c52593a91650bcf
d12898be0017811c3c0aa71d454ed5d68ef07a408c96f5b4ef9dbccdcb592c7b

HTTP Headers

GET /assets/css/chunk-1dac3aa2.87802726.css HTTP/1.1
Host: mining989.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://mining989.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Server: nginx/1.12.2
Date: Wed, 30 Nov 2022 03:39:33 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"77206-1667789513000"
Last-Modified: Mon, 07 Nov 2022 02:51:53 GMT
Content-Encoding: gzip
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Headers: X-Requested-With, X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS, GET,POST,OPTIONS
X-Via: 1.1 ip-172-31-19-137.ap-southeast-1.compute.internal (random:275412 Fikker/Webcache/3.7.7)

mining989.com/assets/css/chunk-774ac8cd.2e6b1f12.css

15.197.149.206

200

16 kB

URL HTTP/1.1
mining989.com/assets/css/chunk-774ac8cd.2e6b1f12.css
IP
15.197.149.206:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (36796), with no line terminators
Size
16 kB (15839 bytes)
Hash
29be22768cd0f0680036cc8f489ce17d
ec6f69ae95daaaf3ac5c0bad232e459281da634e
00fc46fd56a57bc0b55bcadac865fb2669de454fd287c79aa064cc6b3af1d808

HTTP Headers

GET /assets/css/chunk-774ac8cd.2e6b1f12.css HTTP/1.1
Host: mining989.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://mining989.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Server: nginx/1.12.2
Date: Wed, 30 Nov 2022 03:39:33 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"36796-1667789515000"
Last-Modified: Mon, 07 Nov 2022 02:51:55 GMT
Content-Encoding: gzip
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Headers: X-Requested-With, X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS, GET,POST,OPTIONS
X-Via: 1.1 ip-172-31-19-137.ap-southeast-1.compute.internal (random:275412 Fikker/Webcache/3.7.7)

mining989.com/assets/js/chunk-774ac8cd.12133253.js

15.197.149.206

200

104 B

URL HTTP/1.1
mining989.com/assets/js/chunk-774ac8cd.12133253.js
IP
15.197.149.206:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
104 B (104 bytes)
Hash
73dda9114dae7d878d3104ca0eb24bf7
5de9aa2f7f9d09a628208c185d37849a507f7526
8827a7caff734301d6508fc2b00f8f8026ed3844933c360a85e83a6edb717937

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/chunk-774ac8cd.12133253.js HTTP/1.1
Host: mining989.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mining989.com/
Cookie: JSESSIONID=DEA9301911101CB7764489369A9240B7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Server: nginx/1.12.2
Date: Wed, 30 Nov 2022 03:39:33 GMT
Content-Type: application/javascript
Content-Length: 104
Connection: keep-alive
Accept-Ranges: bytes
ETag: W/"104-1667789539000"
Last-Modified: Mon, 07 Nov 2022 02:52:19 GMT
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Headers: X-Requested-With, X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS, GET,POST,OPTIONS
X-Via: 1.1 ip-172-31-19-137.ap-southeast-1.compute.internal (random:275412 Fikker/Webcache/3.7.7)

mining989.com/assets/js/chunk-6a68a7c7.7f536d17.js

15.197.149.206

200

6.9 kB

URL HTTP/1.1
mining989.com/assets/js/chunk-6a68a7c7.7f536d17.js
IP
15.197.149.206:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (20391), with no line terminators
Size
6.9 kB (6903 bytes)
Hash
171a780e2b7342f663485b2f4fe40fe4
22f00921339875333bcad55022ce5849d2952ecc
07ee26aff2ff735d4dd4277fb757c1274be66491f380b1d7cdbd3b5217997880

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/chunk-6a68a7c7.7f536d17.js HTTP/1.1
Host: mining989.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mining989.com/
Cookie: JSESSIONID=DEA9301911101CB7764489369A9240B7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Server: nginx/1.12.2
Date: Wed, 30 Nov 2022 03:39:33 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"20394-1667789537000"
Last-Modified: Mon, 07 Nov 2022 02:52:17 GMT
Content-Encoding: gzip
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Headers: X-Requested-With, X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS, GET,POST,OPTIONS
X-Via: 1.1 ip-172-31-19-137.ap-southeast-1.compute.internal (random:275412 Fikker/Webcache/3.7.7)

mining989.com/assets/css/chunk-ef509314.501ef72f.css

15.197.149.206

200

398 B

URL HTTP/1.1
mining989.com/assets/css/chunk-ef509314.501ef72f.css
IP
15.197.149.206:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (1085), with no line terminators
Size
398 B (398 bytes)
Hash
be43f5440f9b11d9d366c105a29b4103
0977ab883758c52c49b9039b0da61cdb19dd361c
53f929968a532373baae017bb203055fcb1bd74db8ff782ea05ed713eee4cea4

HTTP Headers

GET /assets/css/chunk-ef509314.501ef72f.css HTTP/1.1
Host: mining989.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://mining989.com/
Cookie: JSESSIONID=DEA9301911101CB7764489369A9240B7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Server: nginx/1.12.2
Date: Wed, 30 Nov 2022 03:39:33 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"1085-1667789515000"
Last-Modified: Mon, 07 Nov 2022 02:51:55 GMT
Content-Encoding: gzip
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Headers: X-Requested-With, X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS, GET,POST,OPTIONS
X-Via: 1.1 ip-172-31-19-137.ap-southeast-1.compute.internal (random:275412 Fikker/Webcache/3.7.7)

mining989.com/assets/js/chunk-dc58c196.52c85745.js

15.197.149.206

200

31 kB

URL HTTP/1.1
mining989.com/assets/js/chunk-dc58c196.52c85745.js
IP
15.197.149.206:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (65500), with no line terminators
Size
31 kB (31224 bytes)
Hash
daa86795d7063de38a157f9b7edead22
1215fda7f05e9576201ac03ac1852ae0e24c39a7
e49ffdee367e9b6dd2c770f2fb7ec1a818243dc46eb3dd5c8c3676ca90968bc2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/chunk-dc58c196.52c85745.js HTTP/1.1
Host: mining989.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mining989.com/
Cookie: JSESSIONID=DEA9301911101CB7764489369A9240B7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Server: nginx/1.12.2
Date: Wed, 30 Nov 2022 03:39:33 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"84142-1667789540000"
Last-Modified: Mon, 07 Nov 2022 02:52:20 GMT
Content-Encoding: gzip
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Headers: X-Requested-With, X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS, GET,POST,OPTIONS
X-Via: 1.1 ip-172-31-19-137.ap-southeast-1.compute.internal (random:275412 Fikker/Webcache/3.7.7)

mining989.com/assets/js/chunk-17b6bbed.d57b66f8.js

15.197.149.206

200

5.1 kB

URL HTTP/1.1
mining989.com/assets/js/chunk-17b6bbed.d57b66f8.js
IP
15.197.149.206:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (15901), with no line terminators
Size
5.1 kB (5146 bytes)
Hash
727c278753f0ccd6de1c4eaf746375ce
6b3bcb7a7ebdf9c5da86e625e84992bc6a86a919
4f11620e12730ed8972f3239528af2a89d69901e5eb0f6910c93224b83cf81f5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/chunk-17b6bbed.d57b66f8.js HTTP/1.1
Host: mining989.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://mining989.com/
Cookie: JSESSIONID=DEA9301911101CB7764489369A9240B7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Server: nginx/1.12.2
Date: Wed, 30 Nov 2022 03:39:33 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"15901-1667789534000"
Last-Modified: Mon, 07 Nov 2022 02:52:14 GMT
Content-Encoding: gzip
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Headers: X-Requested-With, X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS, GET,POST,OPTIONS
X-Via: 1.1 ip-172-31-19-137.ap-southeast-1.compute.internal (random:275412 Fikker/Webcache/3.7.7)

mining989.com/assets/js/chunk-1dac3aa2.602922a0.js

15.197.149.206

200

106 B

URL HTTP/1.1
mining989.com/assets/js/chunk-1dac3aa2.602922a0.js
IP
15.197.149.206:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
106 B (106 bytes)
Hash
fd80ff51f55a7ad0134c164d0d94684d
e13b4595d42464509ec3093ec3c3ce555566c23b
273e01a259a4c7368a3b8f8b9765ab05bc585b0d404978a200563365efc643f6

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/chunk-1dac3aa2.602922a0.js HTTP/1.1
Host: mining989.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://mining989.com/
Cookie: JSESSIONID=DEA9301911101CB7764489369A9240B7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Server: nginx/1.12.2
Date: Wed, 30 Nov 2022 03:39:33 GMT
Content-Type: application/javascript
Content-Length: 106
Connection: keep-alive
Accept-Ranges: bytes
ETag: W/"106-1667789534000"
Last-Modified: Mon, 07 Nov 2022 02:52:14 GMT
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Headers: X-Requested-With, X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS, GET,POST,OPTIONS
X-Via: 1.1 ip-172-31-19-137.ap-southeast-1.compute.internal (random:275412 Fikker/Webcache/3.7.7)

mining989.com/assets/js/chunk-24c337ed.d3370be1.js

15.197.149.206

200

6.4 kB

URL HTTP/1.1
mining989.com/assets/js/chunk-24c337ed.d3370be1.js
IP
15.197.149.206:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (20498), with no line terminators
Size
6.4 kB (6438 bytes)
Hash
45e73f779e15c0a4e4957b886e114219
db1f0ec38a1f4aad4d0a24602afeddfe5eb7d3dc
201613b09509506425209425c892f540be5e3a47dfaef124d522f60480768e90

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/chunk-24c337ed.d3370be1.js HTTP/1.1
Host: mining989.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://mining989.com/
Cookie: JSESSIONID=DEA9301911101CB7764489369A9240B7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Server: nginx/1.12.2
Date: Wed, 30 Nov 2022 03:39:33 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"20498-1667789534000"
Last-Modified: Mon, 07 Nov 2022 02:52:14 GMT
Content-Encoding: gzip
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Headers: X-Requested-With, X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS, GET,POST,OPTIONS
X-Via: 1.1 ip-172-31-19-137.ap-southeast-1.compute.internal (random:275412 Fikker/Webcache/3.7.7)

mining989.com/assets/js/chunk-2d0a555d.4f85040f.js

15.197.149.206

200

16 kB

URL HTTP/1.1
mining989.com/assets/js/chunk-2d0a555d.4f85040f.js
IP
15.197.149.206:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (52422), with no line terminators
Size
16 kB (15558 bytes)
Hash
a60bf01760e7a1efffab27ade013a77f
eb27d6d7b61fd1fa0e2ead02c39c84d392aa7f85
5230ff4692c7840dd5f3132a6b5211f649bfe8d05d6d6fad93523ba2f47959b0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/chunk-2d0a555d.4f85040f.js HTTP/1.1
Host: mining989.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://mining989.com/
Cookie: JSESSIONID=DEA9301911101CB7764489369A9240B7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Server: nginx/1.12.2
Date: Wed, 30 Nov 2022 03:39:33 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"52423-1667789535000"
Last-Modified: Mon, 07 Nov 2022 02:52:15 GMT
Content-Encoding: gzip
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Headers: X-Requested-With, X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS, GET,POST,OPTIONS
X-Via: 1.1 ip-172-31-19-137.ap-southeast-1.compute.internal (random:275412 Fikker/Webcache/3.7.7)

mining989.com/assets/js/chunk-2d0c91a9.81e323f6.js

15.197.149.206

200

14 kB

URL HTTP/1.1
mining989.com/assets/js/chunk-2d0c91a9.81e323f6.js
IP
15.197.149.206:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (46292), with no line terminators
Size
14 kB (13563 bytes)
Hash
653cbe2b73eab911c10e6a6ddc4dcb09
4fdbdeb0163095cd0ac634050e783009f6a4d709
da18d066f5ff161b44274359c6e67d01cbfaf6c856ab95138957cab00c060e47

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/chunk-2d0c91a9.81e323f6.js HTTP/1.1
Host: mining989.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://mining989.com/
Cookie: JSESSIONID=DEA9301911101CB7764489369A9240B7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Server: nginx/1.12.2
Date: Wed, 30 Nov 2022 03:39:33 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"46326-1667789535000"
Last-Modified: Mon, 07 Nov 2022 02:52:15 GMT
Content-Encoding: gzip
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Headers: X-Requested-With, X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS, GET,POST,OPTIONS
X-Via: 1.1 ip-172-31-19-137.ap-southeast-1.compute.internal (random:275412 Fikker/Webcache/3.7.7)

mining989.com/assets/css/chunk-76f08b24.b3c0784b.css

15.197.149.206

200

17 kB

URL HTTP/1.1
mining989.com/assets/css/chunk-76f08b24.b3c0784b.css
IP
15.197.149.206:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (31630), with no line terminators
Size
17 kB (17017 bytes)
Hash
36c544da487c05778109c0466a06e0ea
c6befd69ec887c0bb8d92ebadb1851be3e47e660
cd461d1e9724223e334edb5061636e22959b86990b1789cff00214b36f93c6f4

HTTP Headers

GET /assets/css/chunk-76f08b24.b3c0784b.css HTTP/1.1
Host: mining989.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://mining989.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Server: nginx/1.12.2
Date: Wed, 30 Nov 2022 03:39:33 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"31630-1667789514000"
Last-Modified: Mon, 07 Nov 2022 02:51:54 GMT
Content-Encoding: gzip
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Headers: X-Requested-With, X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS, GET,POST,OPTIONS
X-Via: 1.1 ip-172-31-19-137.ap-southeast-1.compute.internal (random:275412 Fikker/Webcache/3.7.7)

mining989.com/assets/js/chunk-2d22670c.f8e67220.js

15.197.149.206

200

1.3 kB

URL HTTP/1.1
mining989.com/assets/js/chunk-2d22670c.f8e67220.js
IP
15.197.149.206:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (2979), with no line terminators
Size
1.3 kB (1345 bytes)
Hash
71d3bbcffe8ff6e6d0ecdbd465ccd52d
571cbd40dc4c77f0779b46e21c23d162d9a22d61
e561b5f93c1297e33de9d2a4a1558c3cd7a49021329723e091741cdda37e7665

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/chunk-2d22670c.f8e67220.js HTTP/1.1
Host: mining989.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://mining989.com/
Cookie: JSESSIONID=DEA9301911101CB7764489369A9240B7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Server: nginx/1.12.2
Date: Wed, 30 Nov 2022 03:39:33 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"2987-1667789536000"
Last-Modified: Mon, 07 Nov 2022 02:52:16 GMT
Content-Encoding: gzip
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Headers: X-Requested-With, X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS, GET,POST,OPTIONS
X-Via: 1.1 ip-172-31-19-137.ap-southeast-1.compute.internal (random:275412 Fikker/Webcache/3.7.7)

mining989.com/assets/img/bg_top.92ba63c5.png

15.197.149.206

200

58 kB

URL HTTP/1.1
mining989.com/assets/img/bg_top.92ba63c5.png
IP
15.197.149.206:0
ASN
#16509 AMAZON-02

File type
PNG image data, 656 x 676, 8-bit colormap, non-interlaced\012- data
Size
58 kB (57738 bytes)
Hash
48a3545c7b5a413bb53b73f3156e6a9d
6b29a2d372e258a08c8b32b2117221aad1bcbbc6
deecc8bbc9077a2e5894e8f38772b91fb7e44a7fec080d7b5e270742283ff4f4

HTTP Headers

GET /assets/img/bg_top.92ba63c5.png HTTP/1.1
Host: mining989.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mining989.com/
Cookie: JSESSIONID=DEA9301911101CB7764489369A9240B7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Server: nginx/1.12.2
Date: Wed, 30 Nov 2022 03:39:33 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"57717-1667789517000"
Last-Modified: Mon, 07 Nov 2022 02:51:57 GMT
Content-Encoding: gzip
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Headers: X-Requested-With, X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS, GET,POST,OPTIONS
X-Via: 1.1 ip-172-31-19-137.ap-southeast-1.compute.internal (random:275412 Fikker/Webcache/3.7.7)

mining989.com/assets/img/bottom_icon3.b9a37af9.png

15.197.149.206

200

5.9 kB

URL HTTP/1.1
mining989.com/assets/img/bottom_icon3.b9a37af9.png
IP
15.197.149.206:0
ASN
#16509 AMAZON-02

File type
PNG image data, 208 x 76, 8-bit/color RGBA, non-interlaced\012- data
Size
5.9 kB (5853 bytes)
Hash
79cb5435d5bc1ba27ac6eef6250d91c0
9c935aaf8b3bb6cc53341d69a297b650dd3048d2
77929b13ac78a3a926632ca949a837360f48700b91e067c0dcca83c572efc185

HTTP Headers

GET /assets/img/bottom_icon3.b9a37af9.png HTTP/1.1
Host: mining989.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mining989.com/
Cookie: JSESSIONID=DEA9301911101CB7764489369A9240B7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Server: nginx/1.12.2
Date: Wed, 30 Nov 2022 03:39:33 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5857-1667789519000"
Last-Modified: Mon, 07 Nov 2022 02:51:59 GMT
Content-Encoding: gzip
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Headers: X-Requested-With, X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS, GET,POST,OPTIONS
X-Via: 1.1 ip-172-31-19-137.ap-southeast-1.compute.internal (random:275412 Fikker/Webcache/3.7.7)

mining989.com/assets/img/bottom_icon4.dec0426a.png

15.197.149.206

200

4.3 kB

URL HTTP/1.1
mining989.com/assets/img/bottom_icon4.dec0426a.png
IP
15.197.149.206:0
ASN
#16509 AMAZON-02

File type
PNG image data, 400 x 144, 8-bit colormap, non-interlaced\012- data
Size
4.3 kB (4346 bytes)
Hash
78e251f2a7241430d30c385c4f1f6346
ba5aaa55dceaea13459444677399576e29e66631
4c5287c3edb4fbea0ba83bed9126ae55590d72b279c77b2eed72f5f1b3a35587

HTTP Headers

GET /assets/img/bottom_icon4.dec0426a.png HTTP/1.1
Host: mining989.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mining989.com/
Cookie: JSESSIONID=DEA9301911101CB7764489369A9240B7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Server: nginx/1.12.2
Date: Wed, 30 Nov 2022 03:39:33 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"4324-1667789520000"
Last-Modified: Mon, 07 Nov 2022 02:52:00 GMT
Content-Encoding: gzip
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Headers: X-Requested-With, X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS, GET,POST,OPTIONS
X-Via: 1.1 ip-172-31-19-137.ap-southeast-1.compute.internal (random:275412 Fikker/Webcache/3.7.7)

mining989.com/assets/img/bottom_icon5.847aeb71.png

15.197.149.206

200

7.0 kB

URL HTTP/1.1
mining989.com/assets/img/bottom_icon5.847aeb71.png
IP
15.197.149.206:0
ASN
#16509 AMAZON-02

File type
PNG image data, 400 x 144, 8-bit colormap, non-interlaced\012- data
Size
7.0 kB (7039 bytes)
Hash
15274e1a304c4c8f008e7488183867ba
5375ed6316987a5e1b4bbebe675abe081e4ac6bb
94ece28f7d6dfcb263c29e9bb40dd07ab954089943984ffe85ad6eabddaff92a

HTTP Headers

GET /assets/img/bottom_icon5.847aeb71.png HTTP/1.1
Host: mining989.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mining989.com/
Cookie: JSESSIONID=DEA9301911101CB7764489369A9240B7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Server: nginx/1.12.2
Date: Wed, 30 Nov 2022 03:39:33 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"7011-1667789521000"
Last-Modified: Mon, 07 Nov 2022 02:52:01 GMT
Content-Encoding: gzip
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Headers: X-Requested-With, X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS, GET,POST,OPTIONS
X-Via: 1.1 ip-172-31-19-137.ap-southeast-1.compute.internal (random:275412 Fikker/Webcache/3.7.7)

mining989.com/assets/img/bottom_icon6.b259b57c.png

15.197.149.206

200

5.5 kB

URL HTTP/1.1
mining989.com/assets/img/bottom_icon6.b259b57c.png
IP
15.197.149.206:0
ASN
#16509 AMAZON-02

File type
PNG image data, 400 x 144, 8-bit colormap, non-interlaced\012- data
Size
5.5 kB (5528 bytes)
Hash
120534404a7fb741e10e1ce41c3eed60
2bb048ed9ac5e2e23a72c7c709aa80f09e5bdf26
f4380fabe1a915853c7fa12bfd7032ddc9440b93ae8c090377667ac4ca23a90b

HTTP Headers

GET /assets/img/bottom_icon6.b259b57c.png HTTP/1.1
Host: mining989.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mining989.com/
Cookie: JSESSIONID=DEA9301911101CB7764489369A9240B7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Server: nginx/1.12.2
Date: Wed, 30 Nov 2022 03:39:33 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5500-1667789522000"
Last-Modified: Mon, 07 Nov 2022 02:52:02 GMT
Content-Encoding: gzip
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Headers: X-Requested-With, X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS, GET,POST,OPTIONS
X-Via: 1.1 ip-172-31-19-137.ap-southeast-1.compute.internal (random:275412 Fikker/Webcache/3.7.7)

mining989.com/api/plan/planOPtionsList

15.197.149.206

200

168 B

URL HTTP/1.1
mining989.com/api/plan/planOPtionsList
IP
15.197.149.206:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , Unicode text, UTF-8 text, with no line terminators
Size
168 B (168 bytes)
Hash
f21704d405c7e29bade4d356428f6b93
d1a23fda2f277d8a5e398d4b62c3b4266006d9db
640f7ea64332cbbf5c791ad28851be53318dd9bf801788faafa3b1d657564ede

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /api/plan/planOPtionsList HTTP/1.1
Host: mining989.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate, br
lang: en-US
Content-Type: application/json
Content-Length: 52
Origin: https://mining989.com
Connection: keep-alive
Referer: https://mining989.com/
Cookie: JSESSIONID=DEA9301911101CB7764489369A9240B7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Server: nginx/1.12.2
Date: Wed, 30 Nov 2022 03:39:34 GMT
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://mining989.com, *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS
X-Via: 1.1 ip-172-31-19-137.ap-southeast-1.compute.internal (random:275412 Fikker/Webcache/3.7.7)

mining989.com/assets/img/img_top_bg.4664403c.png

15.197.149.206

200

91 kB

URL HTTP/1.1
mining989.com/assets/img/img_top_bg.4664403c.png
IP
15.197.149.206:0
ASN
#16509 AMAZON-02

File type
PNG image data, 1500 x 900, 8-bit colormap, non-interlaced\012- data
Size
91 kB (91177 bytes)
Hash
577cf1a45520c7d2bed745e666b94f0c
3006eefc261cd102a415caae2d114bab6d72d784
e640be29ba739979dcf5e23b3e8ec042d539fbf86d92482196203f6d8e4003a7

HTTP Headers

GET /assets/img/img_top_bg.4664403c.png HTTP/1.1
Host: mining989.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mining989.com/
Cookie: JSESSIONID=DEA9301911101CB7764489369A9240B7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Server: nginx/1.12.2
Date: Wed, 30 Nov 2022 03:39:33 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"91538-1667789525000"
Last-Modified: Mon, 07 Nov 2022 02:52:05 GMT
Content-Encoding: gzip
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Headers: X-Requested-With, X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS, GET,POST,OPTIONS
X-Via: 1.1 ip-172-31-19-137.ap-southeast-1.compute.internal (random:275412 Fikker/Webcache/3.7.7)

mining989.com/assets/img/nodata_icon.564ba5a9.svg

15.197.149.206

200

23 kB

URL HTTP/1.1
mining989.com/assets/img/nodata_icon.564ba5a9.svg
IP
15.197.149.206:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (4751), with CRLF line terminators
Size
23 kB (23175 bytes)
Hash
564ba5a9432edccd08c3efab68a539cc
cccbf3dded72c61e92e31fb1abba6efe533a3635
3fe6e9135a185ba070fa9bde8854059514daac4bd97f81ef68be85731ddf35d0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/img/nodata_icon.564ba5a9.svg HTTP/1.1
Host: mining989.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mining989.com/
Cookie: JSESSIONID=DEA9301911101CB7764489369A9240B7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Server: nginx/1.12.2
Date: Wed, 30 Nov 2022 03:39:34 GMT
Content-Type: image/svg+xml
Content-Length: 23175
Connection: keep-alive
Accept-Ranges: bytes
ETag: W/"23175-1667789530000"
Last-Modified: Mon, 07 Nov 2022 02:52:10 GMT
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Headers: X-Requested-With, X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS, GET,POST,OPTIONS
X-Via: 1.1 ip-172-31-19-137.ap-southeast-1.compute.internal (random:275412 Fikker/Webcache/3.7.7)

mining989.com/api/get_config

15.197.149.206

200

125 B

URL HTTP/1.1
mining989.com/api/get_config
IP
15.197.149.206:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , Unicode text, UTF-8 text, with no line terminators
Size
125 B (125 bytes)
Hash
c676f8c9a8a8896871abc7d4a73aa250
af2d16df6f1aaffc2b86792f95f7ab03e08b1368
850397900990329234f325f9a8249405d57a14a53ff64d09b0ea2707120f6de7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /api/get_config HTTP/1.1
Host: mining989.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate, br
lang: en-US
Content-Type: application/json
Content-Length: 81
Origin: https://mining989.com
Connection: keep-alive
Referer: https://mining989.com/
Cookie: JSESSIONID=DEA9301911101CB7764489369A9240B7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Server: nginx/1.12.2
Date: Wed, 30 Nov 2022 03:39:34 GMT
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://mining989.com, *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS
X-Via: 1.1 ip-172-31-19-137.ap-southeast-1.compute.internal (random:275412 Fikker/Webcache/3.7.7)

mining989.com/assets/img/bottom_icon81.3b765963.png

15.197.149.206

200

16 kB

URL HTTP/1.1
mining989.com/assets/img/bottom_icon81.3b765963.png
IP
15.197.149.206:0
ASN
#16509 AMAZON-02

File type
PNG image data, 208 x 76, 8-bit/color RGBA, non-interlaced\012- data
Size
16 kB (16501 bytes)
Hash
50687296d30d02cbc6021d98f1d35e44
904dec0c9e3b202e63157c0ed725c5d0c5b0bfee
3ae6604f7c3f14579b870d00d70ec33c6e2eefc043cfa671fb3fe086278b1964

HTTP Headers

GET /assets/img/bottom_icon81.3b765963.png HTTP/1.1
Host: mining989.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mining989.com/
Cookie: JSESSIONID=DEA9301911101CB7764489369A9240B7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Server: nginx/1.12.2
Date: Wed, 30 Nov 2022 03:39:34 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"16508-1667789523000"
Last-Modified: Mon, 07 Nov 2022 02:52:03 GMT
Content-Encoding: gzip
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Headers: X-Requested-With, X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS, GET,POST,OPTIONS
X-Via: 1.1 ip-172-31-19-137.ap-southeast-1.compute.internal (random:275412 Fikker/Webcache/3.7.7)

mining989.com/assets/img/bottom_icon9.2464ff0f.png

15.197.149.206

200

4.3 kB

URL HTTP/1.1
mining989.com/assets/img/bottom_icon9.2464ff0f.png
IP
15.197.149.206:0
ASN
#16509 AMAZON-02

File type
PNG image data, 400 x 144, 8-bit colormap, non-interlaced\012- data
Size
4.3 kB (4280 bytes)
Hash
0d9f13301243726fb700a576be7d9e7c
ec0231e4a01a9304f0844b6d07d2d7c31f469834
e466e1d74e64b59f7e5b28ef59d3c936263c19b7827636e8be79c3570627d8e1

HTTP Headers

GET /assets/img/bottom_icon9.2464ff0f.png HTTP/1.1
Host: mining989.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mining989.com/
Cookie: JSESSIONID=DEA9301911101CB7764489369A9240B7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Server: nginx/1.12.2
Date: Wed, 30 Nov 2022 03:39:34 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"4252-1667789523000"
Last-Modified: Mon, 07 Nov 2022 02:52:03 GMT
Content-Encoding: gzip
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Headers: X-Requested-With, X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS, GET,POST,OPTIONS
X-Via: 1.1 ip-172-31-19-137.ap-southeast-1.compute.internal (random:275412 Fikker/Webcache/3.7.7)

mining989.com/assets/js/chunk-2ed9aa7b.88424d04.js

15.197.149.206

200

26 kB

URL HTTP/1.1
mining989.com/assets/js/chunk-2ed9aa7b.88424d04.js
IP
15.197.149.206:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (47423), with no line terminators
Size
26 kB (26367 bytes)
Hash
d6d7e3c60e16d3176db2565727cd4b7d
cea7daf8639f9f67cdda224c7c27a5a49e4c5543
140d5327af1fbf68f996a29c61c153274cbb8df997a00423bc3967927dd4d239

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/chunk-2ed9aa7b.88424d04.js HTTP/1.1
Host: mining989.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://mining989.com/
Cookie: JSESSIONID=DEA9301911101CB7764489369A9240B7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Server: nginx/1.12.2
Date: Wed, 30 Nov 2022 03:39:34 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"47425-1667789536000"
Last-Modified: Mon, 07 Nov 2022 02:52:16 GMT
Content-Encoding: gzip
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Headers: X-Requested-With, X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS, GET,POST,OPTIONS
X-Via: 1.1 ip-172-31-19-137.ap-southeast-1.compute.internal (random:275412 Fikker/Webcache/3.7.7)

mining989.com/assets/js/chunk-31bfc060.99bf808b.js

15.197.149.206

200

7.4 kB

URL HTTP/1.1
mining989.com/assets/js/chunk-31bfc060.99bf808b.js
IP
15.197.149.206:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (13936), with no line terminators
Size
7.4 kB (7378 bytes)
Hash
f94a6b089a5a66764df9347d973d4e71
4595490b8cd2e61076a5387501b3954bf4dfa4f4
8c46cd147ad21fb9dbc9aa52eb365638502bd5f468fdd5bbb0fb3ca5cd4b61c5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/chunk-31bfc060.99bf808b.js HTTP/1.1
Host: mining989.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://mining989.com/
Cookie: JSESSIONID=DEA9301911101CB7764489369A9240B7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Server: nginx/1.12.2
Date: Wed, 30 Nov 2022 03:39:34 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"13946-1667789536000"
Last-Modified: Mon, 07 Nov 2022 02:52:16 GMT
Content-Encoding: gzip
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Headers: X-Requested-With, X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS, GET,POST,OPTIONS
X-Via: 1.1 ip-172-31-19-137.ap-southeast-1.compute.internal (random:275412 Fikker/Webcache/3.7.7)

mining989.com/assets/js/chunk-3e95bfd4.ee231e1a.js

15.197.149.206

200

11 kB

URL HTTP/1.1
mining989.com/assets/js/chunk-3e95bfd4.ee231e1a.js
IP
15.197.149.206:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (18676), with no line terminators
Size
11 kB (11132 bytes)
Hash
030a70b1c33a66b16e8745c5a2be5265
ca9b26b606da68e240f0f04b4e97cc7e5809c0c2
26f06bed1b73030dd41f15e0306ccf025e176dd7f733b59532c943cd78593c60

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/chunk-3e95bfd4.ee231e1a.js HTTP/1.1
Host: mining989.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://mining989.com/
Cookie: JSESSIONID=DEA9301911101CB7764489369A9240B7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Server: nginx/1.12.2
Date: Wed, 30 Nov 2022 03:39:34 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"18684-1667789537000"
Last-Modified: Mon, 07 Nov 2022 02:52:17 GMT
Content-Encoding: gzip
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Headers: X-Requested-With, X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS, GET,POST,OPTIONS
X-Via: 1.1 ip-172-31-19-137.ap-southeast-1.compute.internal (random:275412 Fikker/Webcache/3.7.7)

mining989.com/assets/js/chunk-74a23f77.e7227b6f.js

15.197.149.206

200

106 B

URL HTTP/1.1
mining989.com/assets/js/chunk-74a23f77.e7227b6f.js
IP
15.197.149.206:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
106 B (106 bytes)
Hash
6edaefbee42043a40523113895a9865a
4653e50c123a6c0a48639ec1ea7b810d1e807e09
1b263fae95630e68b08b9d147958fbce62fc06a532f8a79583b4ff2a4b04b809

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/chunk-74a23f77.e7227b6f.js HTTP/1.1
Host: mining989.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://mining989.com/
Cookie: JSESSIONID=DEA9301911101CB7764489369A9240B7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Server: nginx/1.12.2
Date: Wed, 30 Nov 2022 03:39:34 GMT
Content-Type: application/javascript
Content-Length: 106
Connection: keep-alive
Accept-Ranges: bytes
ETag: W/"106-1667789538000"
Last-Modified: Mon, 07 Nov 2022 02:52:18 GMT
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Headers: X-Requested-With, X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS, GET,POST,OPTIONS
X-Via: 1.1 ip-172-31-19-137.ap-southeast-1.compute.internal (random:275412 Fikker/Webcache/3.7.7)

mining989.com/assets/js/chunk-5721dc56.0645dc09.js

15.197.149.206

200

22 kB

URL HTTP/1.1
mining989.com/assets/js/chunk-5721dc56.0645dc09.js
IP
15.197.149.206:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (34419), with no line terminators
Size
22 kB (22095 bytes)
Hash
b48b954798153c30baaf27fc42020488
5ead2d39e0404b6b59b364b5b16df93b3cc9d762
83134195d49d5c5c3fdc1b7f6266fbaf1c8f9e570543b488f7d2e14831239986

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/chunk-5721dc56.0645dc09.js HTTP/1.1
Host: mining989.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://mining989.com/
Cookie: JSESSIONID=DEA9301911101CB7764489369A9240B7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Server: nginx/1.12.2
Date: Wed, 30 Nov 2022 03:39:34 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"34465-1667789537000"
Last-Modified: Mon, 07 Nov 2022 02:52:17 GMT
Content-Encoding: gzip
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Headers: X-Requested-With, X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS, GET,POST,OPTIONS
X-Via: 1.1 ip-172-31-19-137.ap-southeast-1.compute.internal (random:275412 Fikker/Webcache/3.7.7)

mining989.com/assets/js/chunk-74b6eb24.d3951a2b.js

15.197.149.206

200

106 B

URL HTTP/1.1
mining989.com/assets/js/chunk-74b6eb24.d3951a2b.js
IP
15.197.149.206:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
106 B (106 bytes)
Hash
454179d8428bfa15491584b77fc9e529
604dc832b68b0a69258d9bb3b129032481dc610e
565948a6e98d141b5636199571da323fa3177e4c8a0dc4600c9296a98036a022

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/chunk-74b6eb24.d3951a2b.js HTTP/1.1
Host: mining989.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://mining989.com/
Cookie: JSESSIONID=DEA9301911101CB7764489369A9240B7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Server: nginx/1.12.2
Date: Wed, 30 Nov 2022 03:39:34 GMT
Content-Type: application/javascript
Content-Length: 106
Connection: keep-alive
Accept-Ranges: bytes
ETag: W/"106-1667789538000"
Last-Modified: Mon, 07 Nov 2022 02:52:18 GMT
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Headers: X-Requested-With, X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS, GET,POST,OPTIONS
X-Via: 1.1 ip-172-31-19-137.ap-southeast-1.compute.internal (random:275412 Fikker/Webcache/3.7.7)

mining989.com/assets/js/chunk-76f08b24.6300be60.js

15.197.149.206

200

104 B

URL HTTP/1.1
mining989.com/assets/js/chunk-76f08b24.6300be60.js
IP
15.197.149.206:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
104 B (104 bytes)
Hash
daa2086c38cfd4b705371e16861b75d9
9aaba71af296bb6b48fef4c825c9df4397176aa9
dd5a7c6a7fae5e1676d937b2aa7601eafe747de7260e689388d83ae827ef5f82

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/chunk-76f08b24.6300be60.js HTTP/1.1
Host: mining989.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://mining989.com/
Cookie: JSESSIONID=DEA9301911101CB7764489369A9240B7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Server: nginx/1.12.2
Date: Wed, 30 Nov 2022 03:39:34 GMT
Content-Type: application/javascript
Content-Length: 104
Connection: keep-alive
Accept-Ranges: bytes
ETag: W/"104-1667789538000"
Last-Modified: Mon, 07 Nov 2022 02:52:18 GMT
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Headers: X-Requested-With, X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS, GET,POST,OPTIONS
X-Via: 1.1 ip-172-31-19-137.ap-southeast-1.compute.internal (random:275412 Fikker/Webcache/3.7.7)

mining989.com/assets/js/chunk-b121c5fe.612d8962.js

15.197.149.206

200

7.6 kB

URL HTTP/1.1
mining989.com/assets/js/chunk-b121c5fe.612d8962.js
IP
15.197.149.206:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (14678), with no line terminators
Size
7.6 kB (7574 bytes)
Hash
c8e1337d663b17b68d89ddc7e813eb71
b7635a5c951b981c9d84a6ffc06616128b295350
71c705d7e2a744fe38edb22c7d4c705ca266e6ea6046fdfe55b13b950b447e34

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/chunk-b121c5fe.612d8962.js HTTP/1.1
Host: mining989.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://mining989.com/
Cookie: JSESSIONID=DEA9301911101CB7764489369A9240B7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Server: nginx/1.12.2
Date: Wed, 30 Nov 2022 03:39:34 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"14688-1667789540000"
Last-Modified: Mon, 07 Nov 2022 02:52:20 GMT
Content-Encoding: gzip
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Headers: X-Requested-With, X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS, GET,POST,OPTIONS
X-Via: 1.1 ip-172-31-19-137.ap-southeast-1.compute.internal (random:275412 Fikker/Webcache/3.7.7)

mining989.com/assets/js/chunk-ef509314.23fb1057.js

15.197.149.206

200

44 kB

URL HTTP/1.1
mining989.com/assets/js/chunk-ef509314.23fb1057.js
IP
15.197.149.206:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size
44 kB (43933 bytes)
Hash
6212c50e9b580f7ca0fac1a1d3466223
c369df747143d32d9054d56f5717cfc5de4063b7
58687824f10a2abe9dbf4df2eb382fa922ffb6519172d0aa8b1b3d94baaa160e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/chunk-ef509314.23fb1057.js HTTP/1.1
Host: mining989.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://mining989.com/
Cookie: JSESSIONID=DEA9301911101CB7764489369A9240B7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Server: nginx/1.12.2
Date: Wed, 30 Nov 2022 03:39:34 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"106946-1667789541000"
Last-Modified: Mon, 07 Nov 2022 02:52:21 GMT
Content-Encoding: gzip
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Headers: X-Requested-With, X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS, GET,POST,OPTIONS
X-Via: 1.1 ip-172-31-19-137.ap-southeast-1.compute.internal (random:275412 Fikker/Webcache/3.7.7)

mining989.com/favicon.png?v=2

15.197.149.206

200

1.4 kB

URL HTTP/1.1
mining989.com/favicon.png?v=2
IP
15.197.149.206:0
ASN
#16509 AMAZON-02

File type
PNG image data, 80 x 80, 8-bit colormap, non-interlaced\012- data
Size
1.4 kB (1430 bytes)
Hash
acf6780ef109a8addc424e037c544242
6448a4476470da02c4513738d0c8e45ce9f3c954
6e9ccefdb617fd23f6a5b765939b6645a944b3a825b96dc8cecb6a024fe3942b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /favicon.png?v=2 HTTP/1.1
Host: mining989.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mining989.com/
Cookie: JSESSIONID=DEA9301911101CB7764489369A9240B7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 
Server: nginx/1.12.2
Date: Wed, 30 Nov 2022 03:39:34 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"1402-1649576642000"
Last-Modified: Sun, 10 Apr 2022 07:44:02 GMT
Content-Encoding: gzip
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Headers: X-Requested-With, X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS, GET,POST,OPTIONS
X-Via: 1.1 ip-172-31-19-137.ap-southeast-1.compute.internal (random:275412 Fikker/Webcache/3.7.7)

fonts.googleapis.com/css2?family=Fredoka+One&family=Montserrat:wght@400;600;700;800;900&display=swap

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Fredoka+One&family=Montserrat:wght@400;600;700;800;900&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Fredoka+One&family=Montserrat:wght@400;600;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mining989.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 30 Nov 2022 03:39:31 GMT
date: Wed, 30 Nov 2022 03:39:31 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (69)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type

Size