Report - www.333f.xyz/

Report Overview

Visited public
2024-04-15 05:15:09
Tags
URL
www.333f.xyz/
Finishing URL
www.333f.xyz/#/pages/login/login
IP / ASN
185.246.189.85
#200651 Flokinet Ltd
Title
eBay

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.333f.xyz	unknown	unknown	No data	No data	11 kB	467 kB	185.246.189.85
www.m5977.xyz	unknown	2023-06-30	2023-07-19 17:00:47	2023-09-25 05:15:13	6.3 kB	156 kB	37.228.129.70
cdn.dcloud.net.cn	116868	2013-07-17	2018-09-15 11:18:08	2024-04-13 13:40:53	431 B	0 B	0.0.0.0

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-14	medium	www.333f.xyz/	eBay Inc.
2024-04-14	medium	www.333f.xyz/	eBay Inc.
2024-04-14	medium	www.333f.xyz/	eBay Inc.
2024-04-14	medium	www.333f.xyz/	eBay Inc.
2024-04-14	medium	www.333f.xyz/	eBay Inc.
2024-04-14	medium	www.333f.xyz/	eBay Inc.
2024-04-14	medium	www.333f.xyz/	eBay Inc.
2024-04-14	medium	www.333f.xyz/	eBay Inc.
2024-04-14	medium	www.333f.xyz/	eBay Inc.
2024-04-14	medium	www.333f.xyz/	eBay Inc.
2024-04-14	medium	www.333f.xyz/	eBay Inc.
2024-04-14	medium	www.333f.xyz/	eBay Inc.
2024-04-14	medium	www.333f.xyz/	eBay Inc.
2024-04-14	medium	www.333f.xyz/	eBay Inc.
2024-04-14	medium	www.333f.xyz/	eBay Inc.
2024-04-14	medium	www.333f.xyz/	eBay Inc.
2024-04-14	medium	www.333f.xyz/	eBay Inc.
2024-04-14	medium	www.333f.xyz/	eBay Inc.
2024-04-14	medium	www.333f.xyz/	eBay Inc.
2024-04-14	medium	www.333f.xyz/	eBay Inc.
2024-04-14	medium	www.333f.xyz/	eBay Inc.
2024-04-14	medium	www.333f.xyz/	eBay Inc.
2024-04-14	medium	www.333f.xyz/	eBay Inc.
2024-04-14	medium	www.333f.xyz/	eBay Inc.
2024-04-14	medium	www.333f.xyz/	eBay Inc.
2024-04-14	medium	www.333f.xyz/	eBay Inc.

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (6)

	URL	From	Size	First Seen	Last Seen
	www.333f.xyz/static/js/index.88c4d258.js	ScriptElement	102 kB	2024-08-20	2024-08-20
Pretty URL www.333f.xyz/static/js/index.88c4d258.js IP 176.119.30.49 ASN #30860 Virtual Systems LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 04:30 Last Seen2024-08-20 04:30 Times Seen1 Hash 03bf039115293a9e297240d901c5b30c ccf893ebff60add8350423758dbbcaef4c37a66e 0480fa914c0318ad20cc5ebc9a31018992c16083f6f94a2dd5fe7099dbedc4e8 Loading...

	www.333f.xyz/static/js/pages-index-index.e510e607.js	ScriptElement	30 kB	2024-04-15	2024-09-20
Pretty URL www.333f.xyz/static/js/pages-index-index.e510e607.js IP 176.119.30.49 ASN #30860 Virtual Systems LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-15 07:15 Last Seen2024-09-20 21:38 Times Seen5 Hash 744a73bff54cc446007bdc5538eed980 591245fd8f8acc44005086ad89b4f065f0ad7ca3 e0bbe23e361c6b102651013b5553b95804d9fffdd63d5c7ac1843ab2a2f0da89 Loading...

	www.333f.xyz/static/js/pages-login-login.b7877c6e.js	ScriptElement	9.3 kB	2024-04-15	2024-09-20
Pretty URL www.333f.xyz/static/js/pages-login-login.b7877c6e.js IP 185.246.189.85 ASN #200651 Flokinet Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-15 07:15 Last Seen2024-09-20 21:38 Times Seen5 Hash 72867a3ef5e8fa29fcaacce67f00703c fe378455d67a41606ee8561600788d1b17c6ac9e 067daccd958a56416ca5b21d29ccef6af85e72d5eaab080c2551df12d69b8733 Loading...

	www.333f.xyz/	ScriptElement	357 B	2023-04-05	2025-03-01
Pretty URL www.333f.xyz/ IP 185.246.189.85 ASN #200651 Flokinet Ltd Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 04:38 Last Seen2025-03-01 07:43 Times Seen1065 Hash 830340a907776dc356a11dd09613045a 752e7534d3816cfbd6064e36ffff1f79f52f9919 96c12e066cf636b1a9d5010ba9d9e7c9972fd2bbd8874e00633d5828dcfa3df8 Loading...

	www.333f.xyz/static/js/chunk-vendors.52305675.js	ScriptElement	928 kB	2024-08-20	2024-08-20
Pretty URL www.333f.xyz/static/js/chunk-vendors.52305675.js IP 176.119.30.49 ASN #30860 Virtual Systems LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 04:30 Last Seen2024-08-20 04:30 Times Seen1 Hash dc4fe243c39fef58a2d29997aa808ad9 959bcc6e7cb9f34e1bb206496527bdf1e5c1b568 4309350766a51aded9cccc04392104c69d25a91badc23039defbe971c64a956d Loading...

		Size	First Seen	Last Seen
	#1 Write - 3d5272693eb411e5b8b13a243f76c720	148 B	2023-03-07 01:10	2025-06-02 11:56
Pretty Observations First Seen2023-03-07 01:10 Last Seen2025-06-02 11:56 Times Seen5465 Hash 3d5272693eb411e5b8b13a243f76c720 6a586ab8e0a4bf12bbc60eea6ca9f2418625a22c 9582f31f9eb892b8823a780e579d464d54e26d97d65dc327d2b2bdd92d47c4b8 Loading...

HTTP Transactions (40)

URL IP Response Size

www.333f.xyz/

185.246.189.85

200 OK

778 B

URL User Request GET HTTP/1.1
www.333f.xyz/
IP
185.246.189.85:443
ASN
#200651 Flokinet Ltd

Certificate
IssuerLet's Encrypt
Subjectwww.333f.xyz
Fingerprint44:89:B3:E2:B0:73:A7:8E:32:70:7E:C5:3E:82:DB:75:F0:BF:0F:FE
ValidityThu, 29 Feb 2024 04:36:05 GMT - Wed, 29 May 2024 04:36:04 GMT

File type
HTML document, ASCII text, with very long lines (500)
Size
778 B (778 bytes)
Hash
680f6bfc5238c7a0eb592330a05302af
ea7d6fc5bb2f0063cb650aa858b00c5bf6e5cec0
824a9199195867150c8a8018985e81ff9b8b59fed403e3633bdb312696f6d69b

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	eBay Inc.

HTTP Headers

GET / HTTP/1.1
Host: www.333f.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 15 Apr 2024 05:14:44 GMT
Content-Type: text/html
Content-Length: 778
Connection: keep-alive
Last-Modified: Thu, 16 Nov 2023 14:38:50 GMT
ETag: "6556297a-30a"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Server: V2.0

www.333f.xyz/static/js/index.88c4d258.js

176.119.30.49

200 OK

33 kB

URL GET HTTP/1.1
www.333f.xyz/static/js/index.88c4d258.js
IP
176.119.30.49:443
ASN
#30860 Virtual Systems LLC

Requested by
https://www.333f.xyz/
Certificate
IssuerLet's Encrypt
Subjectwww.333f.xyz
Fingerprint44:89:B3:E2:B0:73:A7:8E:32:70:7E:C5:3E:82:DB:75:F0:BF:0F:FE
ValidityThu, 29 Feb 2024 04:36:05 GMT - Wed, 29 May 2024 04:36:04 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (58684), with no line terminators
Size
33 kB (32909 bytes)
Hash
03bf039115293a9e297240d901c5b30c
ccf893ebff60add8350423758dbbcaef4c37a66e
0480fa914c0318ad20cc5ebc9a31018992c16083f6f94a2dd5fe7099dbedc4e8

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	eBay Inc.

HTTP Headers

GET /static/js/index.88c4d258.js HTTP/1.1
Host: www.333f.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.333f.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 15 Apr 2024 05:14:44 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 16 Nov 2023 14:38:50 GMT
Vary: Accept-Encoding
ETag: W/"6556297a-18f3b"
Expires: Mon, 15 Apr 2024 16:59:09 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Server: V2.0
X-Cache-Status: HIT

www.333f.xyz/static/index.97465e7b.css

185.246.189.85

200 OK

30 kB

URL GET HTTP/1.1
www.333f.xyz/static/index.97465e7b.css
IP
185.246.189.85:443
ASN
#200651 Flokinet Ltd

Requested by
https://www.333f.xyz/
Certificate
IssuerLet's Encrypt
Subjectwww.333f.xyz
Fingerprint44:89:B3:E2:B0:73:A7:8E:32:70:7E:C5:3E:82:DB:75:F0:BF:0F:FE
ValidityThu, 29 Feb 2024 04:36:05 GMT - Wed, 29 May 2024 04:36:04 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
30 kB (29680 bytes)
Hash
97a29764a1df91af2f287e5641b1efeb
887cbd5cd4630164c4ac6b8738d8a32459c920d6
f6789ee8a50f44f18ba717956bd34c4cd17b1d658443e92408976907b83a0242

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	eBay Inc.

HTTP Headers

GET /static/index.97465e7b.css HTTP/1.1
Host: www.333f.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.333f.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 15 Apr 2024 05:14:44 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 16 Nov 2023 14:38:50 GMT
Vary: Accept-Encoding
ETag: W/"6556297a-17894"
Expires: Mon, 15 Apr 2024 17:14:44 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Server: V2.0
X-Cache-Status: EXPIRED

www.333f.xyz/static/js/chunk-vendors.52305675.js

176.119.30.49

200 OK

339 kB

URL GET HTTP/1.1
www.333f.xyz/static/js/chunk-vendors.52305675.js
IP
176.119.30.49:443
ASN
#30860 Virtual Systems LLC

Requested by
https://www.333f.xyz/
Certificate
IssuerLet's Encrypt
Subjectwww.333f.xyz
Fingerprint44:89:B3:E2:B0:73:A7:8E:32:70:7E:C5:3E:82:DB:75:F0:BF:0F:FE
ValidityThu, 29 Feb 2024 04:36:05 GMT - Wed, 29 May 2024 04:36:04 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65188), with no line terminators
Size
339 kB (339196 bytes)
Hash
dc4fe243c39fef58a2d29997aa808ad9
959bcc6e7cb9f34e1bb206496527bdf1e5c1b568
4309350766a51aded9cccc04392104c69d25a91badc23039defbe971c64a956d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	eBay Inc.

HTTP Headers

GET /static/js/chunk-vendors.52305675.js HTTP/1.1
Host: www.333f.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.333f.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 15 Apr 2024 05:14:45 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 16 Nov 2023 14:38:50 GMT
Vary: Accept-Encoding
ETag: W/"6556297a-e2729"
Expires: Mon, 15 Apr 2024 17:14:45 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Server: V2.0
X-Cache-Status: EXPIRED

www.333f.xyz/favicon.ico

176.119.30.49

404 Not Found

106 B

URL GET HTTP/1.1
www.333f.xyz/favicon.ico
IP
176.119.30.49:443
ASN
#30860 Virtual Systems LLC

Requested by
https://www.333f.xyz/
Certificate
IssuerLet's Encrypt
Subjectwww.333f.xyz
Fingerprint44:89:B3:E2:B0:73:A7:8E:32:70:7E:C5:3E:82:DB:75:F0:BF:0F:FE
ValidityThu, 29 Feb 2024 04:36:05 GMT - Wed, 29 May 2024 04:36:04 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
106 B (106 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	eBay Inc.

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.333f.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.333f.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Mon, 15 Apr 2024 05:14:47 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Server: V2.0
X-Cache-Status: MISS
Content-Encoding: gzip

www.333f.xyz/static/them01/tar1s.png

185.246.189.85

200 OK

3.6 kB

URL GET HTTP/1.1
www.333f.xyz/static/them01/tar1s.png
IP
185.246.189.85:443
ASN
#200651 Flokinet Ltd

Requested by
https://www.333f.xyz/
Certificate
IssuerLet's Encrypt
Subjectwww.333f.xyz
Fingerprint44:89:B3:E2:B0:73:A7:8E:32:70:7E:C5:3E:82:DB:75:F0:BF:0F:FE
ValidityThu, 29 Feb 2024 04:36:05 GMT - Wed, 29 May 2024 04:36:04 GMT

File type
PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced
Size
3.6 kB (3608 bytes)
Hash
fc061cf772ea6a1d7a782dfcbbda744c
a99df82d86e5c8ccbd6878a05afa993da33f649e
36ddb264bb0bdfbc599900452de388cfa9d1167bba48d36cf0ebe7bd4d7c097f

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	eBay Inc.

HTTP Headers

GET /static/them01/tar1s.png HTTP/1.1
Host: www.333f.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.333f.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 15 Apr 2024 05:14:47 GMT
Content-Type: image/png
Content-Length: 3608
Connection: keep-alive
Last-Modified: Thu, 16 Nov 2023 14:38:50 GMT
ETag: "6556297a-e18"
Expires: Wed, 15 May 2024 05:14:47 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Server: V2.0
X-Cache-Status: EXPIRED
Accept-Ranges: bytes

www.333f.xyz/static/js/pages-index-index.e510e607.js

176.119.30.49

200 OK

10 kB

URL GET HTTP/1.1
www.333f.xyz/static/js/pages-index-index.e510e607.js
IP
176.119.30.49:443
ASN
#30860 Virtual Systems LLC

Requested by
https://www.333f.xyz/
Certificate
IssuerLet's Encrypt
Subjectwww.333f.xyz
Fingerprint44:89:B3:E2:B0:73:A7:8E:32:70:7E:C5:3E:82:DB:75:F0:BF:0F:FE
ValidityThu, 29 Feb 2024 04:36:05 GMT - Wed, 29 May 2024 04:36:04 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (29012), with no line terminators
Size
10 kB (10511 bytes)
Hash
744a73bff54cc446007bdc5538eed980
591245fd8f8acc44005086ad89b4f065f0ad7ca3
e0bbe23e361c6b102651013b5553b95804d9fffdd63d5c7ac1843ab2a2f0da89

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	eBay Inc.

HTTP Headers

GET /static/js/pages-index-index.e510e607.js HTTP/1.1
Host: www.333f.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.333f.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 15 Apr 2024 05:14:47 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 16 Nov 2023 14:38:50 GMT
Vary: Accept-Encoding
ETag: W/"6556297a-7744"
Expires: Mon, 15 Apr 2024 17:14:47 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Server: V2.0
X-Cache-Status: EXPIRED

www.333f.xyz/static/them01/tar4.png

176.119.30.49

200 OK

3.1 kB

URL GET HTTP/1.1
www.333f.xyz/static/them01/tar4.png
IP
176.119.30.49:443
ASN
#30860 Virtual Systems LLC

Requested by
https://www.333f.xyz/
Certificate
IssuerLet's Encrypt
Subjectwww.333f.xyz
Fingerprint44:89:B3:E2:B0:73:A7:8E:32:70:7E:C5:3E:82:DB:75:F0:BF:0F:FE
ValidityThu, 29 Feb 2024 04:36:05 GMT - Wed, 29 May 2024 04:36:04 GMT

File type
PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced
Size
3.1 kB (3060 bytes)
Hash
9701f72251cf402d9990503564cf0bc5
806effda2cacd1b03b9d6d74018dbe51dba9273f
3765537d00ca41ef366f0fe71ebe88e9536abf7375ce3b169b7129aa1a673e1b

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	eBay Inc.

HTTP Headers

GET /static/them01/tar4.png HTTP/1.1
Host: www.333f.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.333f.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 15 Apr 2024 05:14:47 GMT
Content-Type: image/png
Content-Length: 3060
Connection: keep-alive
Last-Modified: Thu, 16 Nov 2023 14:38:50 GMT
ETag: "6556297a-bf4"
Expires: Wed, 15 May 2024 05:14:47 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Server: V2.0
X-Cache-Status: EXPIRED
Accept-Ranges: bytes

www.333f.xyz/static/js/pages-login-login.b7877c6e.js

185.246.189.85

200 OK

3.7 kB

URL GET HTTP/1.1
www.333f.xyz/static/js/pages-login-login.b7877c6e.js
IP
185.246.189.85:443
ASN
#200651 Flokinet Ltd

Requested by
https://www.333f.xyz/
Certificate
IssuerLet's Encrypt
Subjectwww.333f.xyz
Fingerprint44:89:B3:E2:B0:73:A7:8E:32:70:7E:C5:3E:82:DB:75:F0:BF:0F:FE
ValidityThu, 29 Feb 2024 04:36:05 GMT - Wed, 29 May 2024 04:36:04 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (8787), with no line terminators
Size
3.7 kB (3734 bytes)
Hash
72867a3ef5e8fa29fcaacce67f00703c
fe378455d67a41606ee8561600788d1b17c6ac9e
067daccd958a56416ca5b21d29ccef6af85e72d5eaab080c2551df12d69b8733

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	eBay Inc.

HTTP Headers

GET /static/js/pages-login-login.b7877c6e.js HTTP/1.1
Host: www.333f.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.333f.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 15 Apr 2024 05:14:47 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 16 Nov 2023 14:38:50 GMT
Vary: Accept-Encoding
ETag: W/"6556297a-2477"
Expires: Mon, 15 Apr 2024 17:14:47 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Server: V2.0
X-Cache-Status: EXPIRED

www.333f.xyz/static/them01/tar2.png

176.119.30.49

200 OK

3.2 kB

URL GET HTTP/1.1
www.333f.xyz/static/them01/tar2.png
IP
176.119.30.49:443
ASN
#30860 Virtual Systems LLC

Requested by
https://www.333f.xyz/
Certificate
IssuerLet's Encrypt
Subjectwww.333f.xyz
Fingerprint44:89:B3:E2:B0:73:A7:8E:32:70:7E:C5:3E:82:DB:75:F0:BF:0F:FE
ValidityThu, 29 Feb 2024 04:36:05 GMT - Wed, 29 May 2024 04:36:04 GMT

File type
PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced
Size
3.2 kB (3211 bytes)
Hash
ebc2c1fc69f4dd0ac39212c663586859
4be47f5129dd2e536d7cb5cc44e070817f82c667
b226c657e44c500755c3f3aee648a66136d94a54f21cee3913823b9d30f2a03a

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	eBay Inc.

HTTP Headers

GET /static/them01/tar2.png HTTP/1.1
Host: www.333f.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.333f.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 15 Apr 2024 05:14:47 GMT
Content-Type: image/png
Content-Length: 3211
Connection: keep-alive
Last-Modified: Thu, 16 Nov 2023 14:38:50 GMT
ETag: "6556297a-c8b"
Expires: Wed, 15 May 2024 05:14:47 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Server: V2.0
X-Cache-Status: EXPIRED
Accept-Ranges: bytes

www.333f.xyz/static/them01/tar3.png

176.119.30.49

200 OK

3.5 kB

URL GET HTTP/1.1
www.333f.xyz/static/them01/tar3.png
IP
176.119.30.49:443
ASN
#30860 Virtual Systems LLC

Requested by
https://www.333f.xyz/
Certificate
IssuerLet's Encrypt
Subjectwww.333f.xyz
Fingerprint44:89:B3:E2:B0:73:A7:8E:32:70:7E:C5:3E:82:DB:75:F0:BF:0F:FE
ValidityThu, 29 Feb 2024 04:36:05 GMT - Wed, 29 May 2024 04:36:04 GMT

File type
PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced
Size
3.5 kB (3517 bytes)
Hash
064072fb5b321e950cd1a07eeac21a3d
993d29759e38ae40e26b89855a906309951f93a5
d709a627ace461a88b4df83cf6ae1979af23b198131ffd72b2ff16c58926edec

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	eBay Inc.

HTTP Headers

GET /static/them01/tar3.png HTTP/1.1
Host: www.333f.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.333f.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 15 Apr 2024 05:14:47 GMT
Content-Type: image/png
Content-Length: 3517
Connection: keep-alive
Last-Modified: Thu, 16 Nov 2023 14:38:50 GMT
ETag: "6556297a-dbd"
Expires: Wed, 15 May 2024 05:14:47 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Server: V2.0
X-Cache-Status: EXPIRED
Accept-Ranges: bytes

www.333f.xyz/static/them01/tar5.png

176.119.30.49

200 OK

3.0 kB

URL GET HTTP/1.1
www.333f.xyz/static/them01/tar5.png
IP
176.119.30.49:443
ASN
#30860 Virtual Systems LLC

Requested by
https://www.333f.xyz/
Certificate
IssuerLet's Encrypt
Subjectwww.333f.xyz
Fingerprint44:89:B3:E2:B0:73:A7:8E:32:70:7E:C5:3E:82:DB:75:F0:BF:0F:FE
ValidityThu, 29 Feb 2024 04:36:05 GMT - Wed, 29 May 2024 04:36:04 GMT

File type
PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced
Size
3.0 kB (2973 bytes)
Hash
1de99775842a32e24989ce9acb2a86ef
c73086cf666576f1affc6d01e9d64065d4469d05
4da899b3c5573c03ba90dfabc7f7bfa99c40e7419aa1efe0663a342b79354114

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	eBay Inc.

HTTP Headers

GET /static/them01/tar5.png HTTP/1.1
Host: www.333f.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.333f.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 15 Apr 2024 05:14:47 GMT
Content-Type: image/png
Content-Length: 2973
Connection: keep-alive
Last-Modified: Thu, 16 Nov 2023 14:38:50 GMT
ETag: "6556297a-b9d"
Expires: Wed, 15 May 2024 05:14:47 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Server: V2.0
X-Cache-Status: EXPIRED
Accept-Ranges: bytes

www.333f.xyz/undefined

176.119.30.49

404 Not Found

106 B

URL GET HTTP/1.1
www.333f.xyz/undefined
IP
176.119.30.49:443
ASN
#30860 Virtual Systems LLC

Requested by
https://www.333f.xyz/
Certificate
IssuerLet's Encrypt
Subjectwww.333f.xyz
Fingerprint44:89:B3:E2:B0:73:A7:8E:32:70:7E:C5:3E:82:DB:75:F0:BF:0F:FE
ValidityThu, 29 Feb 2024 04:36:05 GMT - Wed, 29 May 2024 04:36:04 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
106 B (106 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	eBay Inc.

HTTP Headers

GET /undefined HTTP/1.1
Host: www.333f.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.333f.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Mon, 15 Apr 2024 05:14:47 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Server: V2.0
Content-Encoding: gzip

www.333f.xyz/static/img/login.168b0218.png

176.119.30.49

200 OK

16 kB

URL GET HTTP/1.1
www.333f.xyz/static/img/login.168b0218.png
IP
176.119.30.49:443
ASN
#30860 Virtual Systems LLC

Requested by
https://www.333f.xyz/
Certificate
IssuerLet's Encrypt
Subjectwww.333f.xyz
Fingerprint44:89:B3:E2:B0:73:A7:8E:32:70:7E:C5:3E:82:DB:75:F0:BF:0F:FE
ValidityThu, 29 Feb 2024 04:36:05 GMT - Wed, 29 May 2024 04:36:04 GMT

File type
PNG image data, 197 x 81, 8-bit/color RGBA, non-interlaced
Size
16 kB (16250 bytes)
Hash
168b02184845cf66060578ca278d99f7
de04240212759d92ddec064da36f1e734efe6c04
230c800d7dbf0dbdd61d521d332b50a2611bab1771ad913810eeea483cfaceb4

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	eBay Inc.

HTTP Headers

GET /static/img/login.168b0218.png HTTP/1.1
Host: www.333f.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.333f.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 15 Apr 2024 05:14:47 GMT
Content-Type: image/png
Content-Length: 16250
Connection: keep-alive
Last-Modified: Thu, 16 Nov 2023 14:38:50 GMT
ETag: "6556297a-3f7a"
Expires: Wed, 15 May 2024 05:14:47 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Server: V2.0
X-Cache-Status: EXPIRED
Accept-Ranges: bytes

www.333f.xyz/static/gq/hk.png

185.246.189.85

200 OK

1.1 kB

URL GET HTTP/1.1
www.333f.xyz/static/gq/hk.png
IP
185.246.189.85:443
ASN
#200651 Flokinet Ltd

Requested by
https://www.333f.xyz/
Certificate
IssuerLet's Encrypt
Subjectwww.333f.xyz
Fingerprint44:89:B3:E2:B0:73:A7:8E:32:70:7E:C5:3E:82:DB:75:F0:BF:0F:FE
ValidityThu, 29 Feb 2024 04:36:05 GMT - Wed, 29 May 2024 04:36:04 GMT

File type
PNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced
Size
1.1 kB (1140 bytes)
Hash
1d130e8e019abcc7a50e3983b2a0f816
8976309cc9a84cbf05e9148aa49d96c5b52f9cfc
b920cc85a0575930569bec5833afbd1ac7f8ee8c6017dca24a463e26182b2210

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	eBay Inc.

HTTP Headers

GET /static/gq/hk.png HTTP/1.1
Host: www.333f.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.333f.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 15 Apr 2024 05:14:49 GMT
Content-Type: image/png
Content-Length: 1140
Connection: keep-alive
Last-Modified: Thu, 16 Nov 2023 14:38:50 GMT
ETag: "6556297a-474"
Expires: Wed, 15 May 2024 05:14:49 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Server: V2.0
X-Cache-Status: EXPIRED
Accept-Ranges: bytes

www.m5977.xyz/api/user/siteobj

37.228.129.70

200 OK

1.6 kB

URL GET HTTP/2
www.m5977.xyz/api/user/siteobj
IP
37.228.129.70:443
ASN
#200651 Flokinet Ltd

Requested by
https://www.333f.xyz/
Certificate
IssuerLet's Encrypt
Subjectwww.m5977.xyz
FingerprintD1:C0:B4:1B:70:BA:AC:FD:E1:BD:4E:AB:14:79:60:2D:C2:41:E9:77
ValidityWed, 28 Feb 2024 02:12:06 GMT - Tue, 28 May 2024 02:12:05 GMT

File type
gzip compressed data, from Unix
Size
1.6 kB (1607 bytes)
Hash
1b5b4d6ae3020301856a0e36d701a1c9
27a2eb42606b3243010c130dec70bb8dce468a15
b07e603fb5521c3a7a147e99a3c95892502a68491c29f36ef6a90fa9b553062f

HTTP Headers

GET /api/user/siteobj HTTP/1.1
Host: www.m5977.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.333f.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.333f.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 15 Apr 2024 05:14:48 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.333f.xyz
access-control-allow-credentials: true
access-control-max-age: 86400
server: V2.0
content-encoding: gzip
X-Firefox-Spdy: h2

www.m5977.xyz/api/user/siteobj

37.228.129.70

200 OK

1.7 kB

URL GET HTTP/2
www.m5977.xyz/api/user/siteobj
IP
37.228.129.70:443
ASN
#200651 Flokinet Ltd

Requested by
https://www.333f.xyz/
Certificate
IssuerLet's Encrypt
Subjectwww.m5977.xyz
FingerprintD1:C0:B4:1B:70:BA:AC:FD:E1:BD:4E:AB:14:79:60:2D:C2:41:E9:77
ValidityWed, 28 Feb 2024 02:12:06 GMT - Tue, 28 May 2024 02:12:05 GMT

File type
gzip compressed data, from Unix
Size
1.7 kB (1650 bytes)
Hash
3d542613758effca317a246a2fa47502
a2e129b091045d6b747a80eb8feb91865f706c79
b491b906d01fad7260d003a33ca4dc6816f8cbc441700190896422efc8f0d660

HTTP Headers

GET /api/user/siteobj HTTP/1.1
Host: www.m5977.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.333f.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.333f.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 15 Apr 2024 05:14:48 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.333f.xyz
access-control-allow-credentials: true
access-control-max-age: 86400
server: V2.0
content-encoding: gzip
X-Firefox-Spdy: h2

www.333f.xyz/static/gq/riben.png

176.119.30.49

200 OK

609 B

URL GET HTTP/1.1
www.333f.xyz/static/gq/riben.png
IP
176.119.30.49:443
ASN
#30860 Virtual Systems LLC

Requested by
https://www.333f.xyz/
Certificate
IssuerLet's Encrypt
Subjectwww.333f.xyz
Fingerprint44:89:B3:E2:B0:73:A7:8E:32:70:7E:C5:3E:82:DB:75:F0:BF:0F:FE
ValidityThu, 29 Feb 2024 04:36:05 GMT - Wed, 29 May 2024 04:36:04 GMT

File type
PNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced
Size
609 B (609 bytes)
Hash
81244a5b8c587317d9b74ea88aa8047a
ab63298e5d42a1ba9c623cdaa90fa33e2d7d6b9d
4680c87235779112f2a63e31f837a4180317b6261a4f8297df789fa822bcc455

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	eBay Inc.

HTTP Headers

GET /static/gq/riben.png HTTP/1.1
Host: www.333f.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.333f.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 15 Apr 2024 05:14:49 GMT
Content-Type: image/png
Content-Length: 609
Connection: keep-alive
Last-Modified: Thu, 16 Nov 2023 14:38:50 GMT
ETag: "6556297a-261"
Expires: Wed, 15 May 2024 05:14:49 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Server: V2.0
X-Cache-Status: EXPIRED
Accept-Ranges: bytes

www.333f.xyz/static/gq/taiguo.png

176.119.30.49

200 OK

525 B

URL GET HTTP/1.1
www.333f.xyz/static/gq/taiguo.png
IP
176.119.30.49:443
ASN
#30860 Virtual Systems LLC

Requested by
https://www.333f.xyz/
Certificate
IssuerLet's Encrypt
Subjectwww.333f.xyz
Fingerprint44:89:B3:E2:B0:73:A7:8E:32:70:7E:C5:3E:82:DB:75:F0:BF:0F:FE
ValidityThu, 29 Feb 2024 04:36:05 GMT - Wed, 29 May 2024 04:36:04 GMT

File type
PNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced
Size
525 B (525 bytes)
Hash
542d20df26980e5ba3a9fdbe773f0909
e03d2e4246789780a9e5fc6ba886b5dd775cf322
b5f951fa81b17a89dccdb2aa91dc76a5b3d8b0ce4c9d1e2df3ba7ca008a9892f

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	eBay Inc.

HTTP Headers

GET /static/gq/taiguo.png HTTP/1.1
Host: www.333f.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.333f.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 15 Apr 2024 05:14:49 GMT
Content-Type: image/png
Content-Length: 525
Connection: keep-alive
Last-Modified: Thu, 16 Nov 2023 14:38:50 GMT
ETag: "6556297a-20d"
Expires: Wed, 15 May 2024 05:14:49 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Server: V2.0
X-Cache-Status: EXPIRED
Accept-Ranges: bytes

www.m5977.xyz/api/user/siteobj

37.228.129.70

200 OK

1.1 kB

URL GET HTTP/2
www.m5977.xyz/api/user/siteobj
IP
37.228.129.70:443
ASN
#200651 Flokinet Ltd

Requested by
https://www.333f.xyz/
Certificate
IssuerLet's Encrypt
Subjectwww.m5977.xyz
FingerprintD1:C0:B4:1B:70:BA:AC:FD:E1:BD:4E:AB:14:79:60:2D:C2:41:E9:77
ValidityWed, 28 Feb 2024 02:12:06 GMT - Tue, 28 May 2024 02:12:05 GMT

File type
gzip compressed data, from Unix
Size
1.1 kB (1140 bytes)
Hash
69263c0d47518a1683e6d619882f8095
7eda9b7b70d812d5fd38ead8b060055f342ce82a
7e562869812acd9aad38b623ece9943feb3d4051bff574fdc50cd1c22868312f

HTTP Headers

GET /api/user/siteobj HTTP/1.1
Host: www.m5977.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.333f.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.333f.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 15 Apr 2024 05:14:48 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.333f.xyz
access-control-allow-credentials: true
access-control-max-age: 86400
server: V2.0
content-encoding: gzip
X-Firefox-Spdy: h2

www.333f.xyz/static/gq/yuenan.png

185.246.189.85

200 OK

745 B

URL GET HTTP/1.1
www.333f.xyz/static/gq/yuenan.png
IP
185.246.189.85:443
ASN
#200651 Flokinet Ltd

Requested by
https://www.333f.xyz/
Certificate
IssuerLet's Encrypt
Subjectwww.333f.xyz
Fingerprint44:89:B3:E2:B0:73:A7:8E:32:70:7E:C5:3E:82:DB:75:F0:BF:0F:FE
ValidityThu, 29 Feb 2024 04:36:05 GMT - Wed, 29 May 2024 04:36:04 GMT

File type
PNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced
Size
745 B (745 bytes)
Hash
7b987c6fe6808554b0f48dff6ce70b23
57f71bd29107ce8afc5b33ebce0edb70573acbdc
99c03bdaf1f0ed20af788aca322ef7c66854735c7b9c4f91bb266fd7d69d138c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	eBay Inc.

HTTP Headers

GET /static/gq/yuenan.png HTTP/1.1
Host: www.333f.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.333f.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 15 Apr 2024 05:14:49 GMT
Content-Type: image/png
Content-Length: 745
Connection: keep-alive
Last-Modified: Thu, 16 Nov 2023 14:38:50 GMT
ETag: "6556297a-2e9"
Expires: Wed, 15 May 2024 05:14:49 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Server: V2.0
X-Cache-Status: EXPIRED
Accept-Ranges: bytes

www.m5977.xyz/api/user/siteobj

37.228.129.70

200 OK

511 B

URL GET HTTP/2
www.m5977.xyz/api/user/siteobj
IP
37.228.129.70:443
ASN
#200651 Flokinet Ltd

Requested by
https://www.333f.xyz/
Certificate
IssuerLet's Encrypt
Subjectwww.m5977.xyz
FingerprintD1:C0:B4:1B:70:BA:AC:FD:E1:BD:4E:AB:14:79:60:2D:C2:41:E9:77
ValidityWed, 28 Feb 2024 02:12:06 GMT - Tue, 28 May 2024 02:12:05 GMT

File type
gzip compressed data, from Unix
Size
511 B (511 bytes)
Hash
9d8e090311b6dd5f5b46fec5349ba139
9610a3dca1662c535f95a0c15844e7084f024a3b
d907832900a02b78975105bd1da854e37aa54c787f9fb46a33a9ed7e6c380fd6

HTTP Headers

OPTIONS /api/user/siteobj HTTP/1.1
Host: www.m5977.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: acceptlanguage,content-type,lang,token
Referer: https://www.333f.xyz/
Origin: https://www.333f.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 15 Apr 2024 05:14:49 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: https://www.333f.xyz
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: acceptlanguage,content-type,lang,token
content-encoding: gzip
server: V2.0
X-Firefox-Spdy: h2

www.333f.xyz/static/gq/alabo.png

176.119.30.49

200 OK

528 B

URL GET HTTP/1.1
www.333f.xyz/static/gq/alabo.png
IP
176.119.30.49:443
ASN
#30860 Virtual Systems LLC

Requested by
https://www.333f.xyz/
Certificate
IssuerLet's Encrypt
Subjectwww.333f.xyz
Fingerprint44:89:B3:E2:B0:73:A7:8E:32:70:7E:C5:3E:82:DB:75:F0:BF:0F:FE
ValidityThu, 29 Feb 2024 04:36:05 GMT - Wed, 29 May 2024 04:36:04 GMT

File type
PNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced
Size
528 B (528 bytes)
Hash
fc1ec85446b65d50152eb2629b18d0f5
0e54721f3d73a1ef60b77beb5bcf4c1632e54dd2
97a5b36f17b95e7482d8eeec2ef2688f807391655e1867940a30af0ead005555

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	eBay Inc.

HTTP Headers

GET /static/gq/alabo.png HTTP/1.1
Host: www.333f.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.333f.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 15 Apr 2024 05:14:50 GMT
Content-Type: image/png
Content-Length: 528
Connection: keep-alive
Last-Modified: Thu, 16 Nov 2023 14:38:50 GMT
ETag: "6556297a-210"
Expires: Wed, 15 May 2024 05:14:49 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Server: V2.0
X-Cache-Status: EXPIRED
Accept-Ranges: bytes

www.333f.xyz/static/gq/alb.png

176.119.30.49

404 Not Found

106 B

URL GET HTTP/1.1
www.333f.xyz/static/gq/alb.png
IP
176.119.30.49:443
ASN
#30860 Virtual Systems LLC

Requested by
https://www.333f.xyz/
Certificate
IssuerLet's Encrypt
Subjectwww.333f.xyz
Fingerprint44:89:B3:E2:B0:73:A7:8E:32:70:7E:C5:3E:82:DB:75:F0:BF:0F:FE
ValidityThu, 29 Feb 2024 04:36:05 GMT - Wed, 29 May 2024 04:36:04 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
106 B (106 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	eBay Inc.

HTTP Headers

GET /static/gq/alb.png HTTP/1.1
Host: www.333f.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.333f.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Mon, 15 Apr 2024 05:14:50 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Server: V2.0
X-Cache-Status: MISS
Content-Encoding: gzip

www.333f.xyz/static/gq/xibanya.png

176.119.30.49

200 OK

1.1 kB

URL GET HTTP/1.1
www.333f.xyz/static/gq/xibanya.png
IP
176.119.30.49:443
ASN
#30860 Virtual Systems LLC

Requested by
https://www.333f.xyz/
Certificate
IssuerLet's Encrypt
Subjectwww.333f.xyz
Fingerprint44:89:B3:E2:B0:73:A7:8E:32:70:7E:C5:3E:82:DB:75:F0:BF:0F:FE
ValidityThu, 29 Feb 2024 04:36:05 GMT - Wed, 29 May 2024 04:36:04 GMT

File type
PNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced
Size
1.1 kB (1148 bytes)
Hash
a6539b48eb944454dd98496cc87c8d88
ca0b2c5d83a5646217b09436f00eb4ab9658ac6a
1bbfde7153dbf9d796b4516457f8149e89e18d88aa51c725d6924289b984b3e0

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	eBay Inc.

HTTP Headers

GET /static/gq/xibanya.png HTTP/1.1
Host: www.333f.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.333f.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 15 Apr 2024 05:14:50 GMT
Content-Type: image/png
Content-Length: 1148
Connection: keep-alive
Last-Modified: Thu, 16 Nov 2023 14:38:50 GMT
ETag: "6556297a-47c"
Expires: Wed, 15 May 2024 05:14:49 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Server: V2.0
X-Cache-Status: EXPIRED
Accept-Ranges: bytes

www.333f.xyz/static/gq/trq.png

176.119.30.49

404 Not Found

106 B

URL GET HTTP/1.1
www.333f.xyz/static/gq/trq.png
IP
176.119.30.49:443
ASN
#30860 Virtual Systems LLC

Requested by
https://www.333f.xyz/
Certificate
IssuerLet's Encrypt
Subjectwww.333f.xyz
Fingerprint44:89:B3:E2:B0:73:A7:8E:32:70:7E:C5:3E:82:DB:75:F0:BF:0F:FE
ValidityThu, 29 Feb 2024 04:36:05 GMT - Wed, 29 May 2024 04:36:04 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
106 B (106 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	eBay Inc.

HTTP Headers

GET /static/gq/trq.png HTTP/1.1
Host: www.333f.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.333f.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Mon, 15 Apr 2024 05:14:50 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Server: V2.0
X-Cache-Status: MISS
Content-Encoding: gzip

www.m5977.xyz/api/user/setlang?lang=en

37.228.129.70

200 OK

56 kB

URL GET HTTP/2
www.m5977.xyz/api/user/setlang?lang=en
IP
37.228.129.70:443
ASN
#200651 Flokinet Ltd

Requested by
https://www.333f.xyz/
Certificate
IssuerLet's Encrypt
Subjectwww.m5977.xyz
FingerprintD1:C0:B4:1B:70:BA:AC:FD:E1:BD:4E:AB:14:79:60:2D:C2:41:E9:77
ValidityWed, 28 Feb 2024 02:12:06 GMT - Tue, 28 May 2024 02:12:05 GMT

File type
gzip compressed data, from Unix
Size
56 kB (55620 bytes)
Hash
6399fff656edc7e33fe8482f3e1e1e67
ef8d896e0be4bed0862844afe695fa71cbe842b8
756afb58dda47bb814e4db220e472252a6843acacc5c1b90c63277021129c45a

HTTP Headers

GET /api/user/setlang?lang=en HTTP/1.1
Host: www.m5977.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.333f.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.333f.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 15 Apr 2024 05:14:48 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
set-cookie: think_var=en; path=/
access-control-allow-origin: https://www.333f.xyz
access-control-allow-credentials: true
access-control-max-age: 86400
server: V2.0
content-encoding: gzip
X-Firefox-Spdy: h2

www.m5977.xyz/api/user/siteobj

37.228.129.70

200 OK

7.7 kB

URL GET HTTP/2
www.m5977.xyz/api/user/siteobj
IP
37.228.129.70:443
ASN
#200651 Flokinet Ltd

Requested by
https://www.333f.xyz/
Certificate
IssuerLet's Encrypt
Subjectwww.m5977.xyz
FingerprintD1:C0:B4:1B:70:BA:AC:FD:E1:BD:4E:AB:14:79:60:2D:C2:41:E9:77
ValidityWed, 28 Feb 2024 02:12:06 GMT - Tue, 28 May 2024 02:12:05 GMT

File type
gzip compressed data, from Unix
Size
7.7 kB (7696 bytes)
Hash
10161198bc6bf6c1de3518c7af963b09
c938625d133831eef4d50dfb089bc43bba6caee7
6884ce3ac44e935bec18048917ca991ca6c47496a359259adfc1de6aa2354beb

HTTP Headers

GET /api/user/siteobj HTTP/1.1
Host: www.m5977.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.333f.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.333f.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 15 Apr 2024 05:14:48 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.333f.xyz
access-control-allow-credentials: true
access-control-max-age: 86400
server: V2.0
content-encoding: gzip
X-Firefox-Spdy: h2

www.m5977.xyz/api/user/setlang?lang=en

37.228.129.70

200 OK

13 kB

URL GET HTTP/2
www.m5977.xyz/api/user/setlang?lang=en
IP
37.228.129.70:443
ASN
#200651 Flokinet Ltd

Requested by
https://www.333f.xyz/
Certificate
IssuerLet's Encrypt
Subjectwww.m5977.xyz
FingerprintD1:C0:B4:1B:70:BA:AC:FD:E1:BD:4E:AB:14:79:60:2D:C2:41:E9:77
ValidityWed, 28 Feb 2024 02:12:06 GMT - Tue, 28 May 2024 02:12:05 GMT

File type
gzip compressed data, from Unix
Size
13 kB (12797 bytes)
Hash
f6d64ac2ea7a8a56f26cf1b0719cdd86
42b56bad8c8a541cb48400b722ad6473d61f9ceb
a63dd0c5abe61b86aa8fb9d4bd9a827e0f1ee8bfc82a0163e68d0d7f5893be24

HTTP Headers

GET /api/user/setlang?lang=en HTTP/1.1
Host: www.m5977.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.333f.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.333f.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 15 Apr 2024 05:14:48 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
set-cookie: think_var=en; path=/
access-control-allow-origin: https://www.333f.xyz
access-control-allow-credentials: true
access-control-max-age: 86400
server: V2.0
content-encoding: gzip
X-Firefox-Spdy: h2

www.m5977.xyz/api/user/islogin

37.228.129.70

200 OK

9.7 kB

URL OPTIONS HTTP/2
www.m5977.xyz/api/user/islogin
IP
37.228.129.70:443
ASN
#200651 Flokinet Ltd

Requested by
https://www.333f.xyz/
Certificate
IssuerLet's Encrypt
Subjectwww.m5977.xyz
FingerprintD1:C0:B4:1B:70:BA:AC:FD:E1:BD:4E:AB:14:79:60:2D:C2:41:E9:77
ValidityWed, 28 Feb 2024 02:12:06 GMT - Tue, 28 May 2024 02:12:05 GMT

File type
gzip compressed data, from Unix
Size
9.7 kB (9737 bytes)
Hash
9d9170153296b276f3f6a1ad23ef5538
b396a8b1a94e8da7797ef20f1ece10e297551300
6d530ccd1701f5c7703623a471677398b79cd51f2292009431566173df23d691

HTTP Headers

OPTIONS /api/user/islogin HTTP/1.1
Host: www.m5977.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: acceptlanguage,content-type,lang,token
Referer: https://www.333f.xyz/
Origin: https://www.333f.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 15 Apr 2024 05:14:49 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: https://www.333f.xyz
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: acceptlanguage,content-type,lang,token
content-encoding: gzip
server: V2.0
X-Firefox-Spdy: h2

www.333f.xyz/static/gq/en.png

176.119.30.49

200 OK

929 B

URL GET HTTP/1.1
www.333f.xyz/static/gq/en.png
IP
176.119.30.49:443
ASN
#30860 Virtual Systems LLC

Requested by
https://www.333f.xyz/
Certificate
IssuerLet's Encrypt
Subjectwww.333f.xyz
Fingerprint44:89:B3:E2:B0:73:A7:8E:32:70:7E:C5:3E:82:DB:75:F0:BF:0F:FE
ValidityThu, 29 Feb 2024 04:36:05 GMT - Wed, 29 May 2024 04:36:04 GMT

File type
PNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced
Size
929 B (929 bytes)
Hash
8d1aa75e4817ce957737b0217b27ed2d
1de3359d63953a1f98be9274f3345e2b59145ad4
ebe6a64e9612a35db58699f169cb15d37537ee92394aeb7c6141a968369119bc

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	eBay Inc.

HTTP Headers

GET /static/gq/en.png HTTP/1.1
Host: www.333f.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.333f.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 15 Apr 2024 05:14:49 GMT
Content-Type: image/png
Content-Length: 929
Connection: keep-alive
Last-Modified: Thu, 16 Nov 2023 14:38:50 GMT
ETag: "6556297a-3a1"
Expires: Wed, 15 May 2024 05:14:49 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Server: V2.0
X-Cache-Status: EXPIRED
Accept-Ranges: bytes

www.333f.xyz/static/gq/zh.png

176.119.30.49

200 OK

791 B

URL GET HTTP/1.1
www.333f.xyz/static/gq/zh.png
IP
176.119.30.49:443
ASN
#30860 Virtual Systems LLC

Requested by
https://www.333f.xyz/
Certificate
IssuerLet's Encrypt
Subjectwww.333f.xyz
Fingerprint44:89:B3:E2:B0:73:A7:8E:32:70:7E:C5:3E:82:DB:75:F0:BF:0F:FE
ValidityThu, 29 Feb 2024 04:36:05 GMT - Wed, 29 May 2024 04:36:04 GMT

File type
PNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced
Size
791 B (791 bytes)
Hash
eb99c5d98af11e7f34e117b1fb06ea17
b6566b602f28234c9f770c6735ded6c52ae9ecfb
b138a047c094faedcdcbda060d8c20fafcfc3dfe08dfbd69b5405014883ff21a

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	eBay Inc.

HTTP Headers

GET /static/gq/zh.png HTTP/1.1
Host: www.333f.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.333f.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 15 Apr 2024 05:14:49 GMT
Content-Type: image/png
Content-Length: 791
Connection: keep-alive
Last-Modified: Thu, 16 Nov 2023 14:38:50 GMT
ETag: "6556297a-317"
Expires: Wed, 15 May 2024 05:14:49 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Server: V2.0
X-Cache-Status: EXPIRED
Accept-Ranges: bytes

www.333f.xyz/static/gq/eyu.png

176.119.30.49

200 OK

491 B

URL GET HTTP/1.1
www.333f.xyz/static/gq/eyu.png
IP
176.119.30.49:443
ASN
#30860 Virtual Systems LLC

Requested by
https://www.333f.xyz/
Certificate
IssuerLet's Encrypt
Subjectwww.333f.xyz
Fingerprint44:89:B3:E2:B0:73:A7:8E:32:70:7E:C5:3E:82:DB:75:F0:BF:0F:FE
ValidityThu, 29 Feb 2024 04:36:05 GMT - Wed, 29 May 2024 04:36:04 GMT

File type
PNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced
Size
491 B (491 bytes)
Hash
6eba6498d6c80c834c369f5d76dc2a8e
8001c8144ba025179fe2add31c819174918c89ec
fd704e680d8e14a071f31c1999bd56edcac3c67728ca0ab56bc8a0fc9b39c17e

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	eBay Inc.

HTTP Headers

GET /static/gq/eyu.png HTTP/1.1
Host: www.333f.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.333f.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 15 Apr 2024 05:14:50 GMT
Content-Type: image/png
Content-Length: 491
Connection: keep-alive
Last-Modified: Thu, 16 Nov 2023 14:38:50 GMT
ETag: "6556297a-1eb"
Expires: Wed, 15 May 2024 05:14:49 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Server: V2.0
X-Cache-Status: EXPIRED
Accept-Ranges: bytes

www.m5977.xyz/uploads/20230719/ac63b0b8e6683ae735085f6c6263c317.png

37.228.129.70

200 OK

56 kB

URL GET HTTP/2
www.m5977.xyz/uploads/20230719/ac63b0b8e6683ae735085f6c6263c317.png
IP
37.228.129.70:443
ASN
#200651 Flokinet Ltd

Requested by
https://www.333f.xyz/
Certificate
IssuerLet's Encrypt
Subjectwww.m5977.xyz
FingerprintD1:C0:B4:1B:70:BA:AC:FD:E1:BD:4E:AB:14:79:60:2D:C2:41:E9:77
ValidityWed, 28 Feb 2024 02:12:06 GMT - Tue, 28 May 2024 02:12:05 GMT

File type
PNG image data, 414 x 896, 8-bit/color RGB, non-interlaced
Size
56 kB (55548 bytes)
Hash
ac63b0b8e6683ae735085f6c6263c317
0768eb030a9d7cda4226c0a9283f258bc23d0724
3a7bb3d28b58a195fed975b9ac0eff0c895625de58b0ed8256ac3f07b8a5f25c

HTTP Headers

GET /uploads/20230719/ac63b0b8e6683ae735085f6c6263c317.png HTTP/1.1
Host: www.m5977.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.333f.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 15 Apr 2024 05:14:49 GMT
content-type: image/png
content-length: 55548
strict-transport-security: max-age=31536000
last-modified: Wed, 19 Jul 2023 15:48:56 GMT
etag: "64b805e8-d8fc"
expires: Wed, 15 May 2024 05:14:49 GMT
cache-control: max-age=2592000
server: V2.0
x-cache-status: EXPIRED
accept-ranges: bytes
X-Firefox-Spdy: h2

www.333f.xyz/static/gq/malaixiya.png

176.119.30.49

200 OK

1.2 kB

URL GET HTTP/1.1
www.333f.xyz/static/gq/malaixiya.png
IP
176.119.30.49:443
ASN
#30860 Virtual Systems LLC

Requested by
https://www.333f.xyz/
Certificate
IssuerLet's Encrypt
Subjectwww.333f.xyz
Fingerprint44:89:B3:E2:B0:73:A7:8E:32:70:7E:C5:3E:82:DB:75:F0:BF:0F:FE
ValidityThu, 29 Feb 2024 04:36:05 GMT - Wed, 29 May 2024 04:36:04 GMT

File type
PNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced
Size
1.2 kB (1249 bytes)
Hash
57d093f78e0b62f0a2e3673a76eea4e0
f6f16552d17cf24f7dcd9b301b1fca52439a4f25
21294c2a2d413330a42afaa4a79d6a88b1e0880acb8058f763c0551a08f24f84

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	eBay Inc.

HTTP Headers

GET /static/gq/malaixiya.png HTTP/1.1
Host: www.333f.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.333f.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 15 Apr 2024 05:14:49 GMT
Content-Type: image/png
Content-Length: 1249
Connection: keep-alive
Last-Modified: Thu, 16 Nov 2023 14:38:50 GMT
ETag: "6556297a-4e1"
Expires: Wed, 15 May 2024 05:14:49 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Server: V2.0
X-Cache-Status: EXPIRED
Accept-Ranges: bytes

www.m5977.xyz/api/index/isThem

37.228.129.70

200 OK

0 B

URL OPTIONS HTTP/2
www.m5977.xyz/api/index/isThem
IP
37.228.129.70:443
ASN
#200651 Flokinet Ltd

Requested by
https://www.333f.xyz/
Certificate
IssuerLet's Encrypt
Subjectwww.m5977.xyz
FingerprintD1:C0:B4:1B:70:BA:AC:FD:E1:BD:4E:AB:14:79:60:2D:C2:41:E9:77
ValidityWed, 28 Feb 2024 02:12:06 GMT - Tue, 28 May 2024 02:12:05 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /api/index/isThem HTTP/1.1
Host: www.m5977.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: acceptlanguage,content-type,lang,token
Referer: https://www.333f.xyz/
Origin: https://www.333f.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 15 Apr 2024 05:14:49 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: https://www.333f.xyz
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: acceptlanguage,content-type,lang,token
content-encoding: gzip
server: V2.0
X-Firefox-Spdy: h2

www.m5977.xyz/api/index/isThem

37.228.129.70

200 OK

0 B

URL OPTIONS HTTP/2
www.m5977.xyz/api/index/isThem
IP
37.228.129.70:443
ASN
#200651 Flokinet Ltd

Requested by
https://www.333f.xyz/
Certificate
IssuerLet's Encrypt
Subjectwww.m5977.xyz
FingerprintD1:C0:B4:1B:70:BA:AC:FD:E1:BD:4E:AB:14:79:60:2D:C2:41:E9:77
ValidityWed, 28 Feb 2024 02:12:06 GMT - Tue, 28 May 2024 02:12:05 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /api/index/isThem HTTP/1.1
Host: www.m5977.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: acceptlanguage,content-type,lang,token
Referer: https://www.333f.xyz/
Origin: https://www.333f.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 15 Apr 2024 05:14:49 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: https://www.333f.xyz
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: acceptlanguage,content-type,lang,token
content-encoding: gzip
server: V2.0
X-Firefox-Spdy: h2

www.m5977.xyz/api/index/isThem

37.228.129.70

200 OK

2.3 kB

URL POST HTTP/2
www.m5977.xyz/api/index/isThem
IP
37.228.129.70:443
ASN
#200651 Flokinet Ltd

Requested by
https://www.333f.xyz/
Certificate
IssuerLet's Encrypt
Subjectwww.m5977.xyz
FingerprintD1:C0:B4:1B:70:BA:AC:FD:E1:BD:4E:AB:14:79:60:2D:C2:41:E9:77
ValidityWed, 28 Feb 2024 02:12:06 GMT - Tue, 28 May 2024 02:12:05 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (2518), with no line terminators
Size
2.3 kB (2291 bytes)
Hash
233e3fdb395cea8ef1470d14add45008
dc3fdc21740c2da538863535b114010bb6dc858f
06680e79c4f6abe8c3016ce3e963512af953f13ff1798245a8e56ad9b66ce7b2

HTTP Headers

POST /api/index/isThem HTTP/1.1
Host: www.m5977.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
token: 
lang: en
acceptLanguage: en
Content-Type: application/json
Content-Length: 0
Origin: https://www.333f.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.333f.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 15 Apr 2024 05:14:49 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.333f.xyz
access-control-allow-credentials: true
access-control-max-age: 86400
server: V2.0
content-encoding: gzip
X-Firefox-Spdy: h2

cdn.dcloud.net.cn/img/shadow-grey.png

0.0.0.0

0 B

URL GET
cdn.dcloud.net.cn/img/shadow-grey.png
IP
0.0.0.0:0
ASN
#0

Requested by
https://www.333f.xyz/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /img/shadow-grey.png HTTP/1.1
Host: cdn.dcloud.net.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.333f.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

www.m5977.xyz/api/index/isThem

37.228.129.70

200 OK

2.3 kB

URL POST HTTP/2
www.m5977.xyz/api/index/isThem
IP
37.228.129.70:443
ASN
#200651 Flokinet Ltd

Requested by
https://www.333f.xyz/
Certificate
IssuerLet's Encrypt
Subjectwww.m5977.xyz
FingerprintD1:C0:B4:1B:70:BA:AC:FD:E1:BD:4E:AB:14:79:60:2D:C2:41:E9:77
ValidityWed, 28 Feb 2024 02:12:06 GMT - Tue, 28 May 2024 02:12:05 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (2518), with no line terminators
Size
2.3 kB (2291 bytes)
Hash
233e3fdb395cea8ef1470d14add45008
dc3fdc21740c2da538863535b114010bb6dc858f
06680e79c4f6abe8c3016ce3e963512af953f13ff1798245a8e56ad9b66ce7b2

HTTP Headers

POST /api/index/isThem HTTP/1.1
Host: www.m5977.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
token: 
lang: en
acceptLanguage: en
Content-Type: application/json
Content-Length: 0
Origin: https://www.333f.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.333f.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 15 Apr 2024 05:14:49 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.333f.xyz
access-control-allow-credentials: true
access-control-max-age: 86400
server: V2.0
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (6)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

HTTP Transactions (40)

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers