Report - uwnfaisufasf.com/visa/#h2T7

Report Overview

Visited public
2025-04-06 09:50:16
Tags
URL
uwnfaisufasf.com/visa/#h2T7
Finishing URL
uwnfaisufasf.com/visa/#h2T7
IP / ASN
124.156.225.221
#132203 Tencent Building, Kejizhongyi Avenue
Title
uwnfaisufasf.com/visa/#h2T7

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
uwnfaisufasf.com	unknown	2025-03-31	2025-04-04	2025-04-04	2.9 kB	842 kB	124.156.225.221

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

Scan Date	Severity	Indicator	Alert
2025-04-05	medium	uwnfaisufasf.com/visa/#h2T7	Other

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (1)

	URL	From	Size	First Seen	Last Seen
	uwnfaisufasf.com/visa/assets/index-04JMTKZd.js	ScriptElement	237 kB	2025-04-04	2025-04-12
Pretty URL uwnfaisufasf.com/visa/assets/index-04JMTKZd.js IP 124.156.225.221 ASN #132203 Tencent Building, Kejizhongyi Avenue Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-04 05:27 Last Seen2025-04-12 17:27 Times Seen7 Hash 37cd2b576c1fe26fe6d108bf5f112c3d 75d115e2b3fcd4891a2fe9cb8a9196a5fcc59e76 0f76bab620676554146cbf00cc1044631b6020b8445f550c65460f1691c4c97c Loading...

HTTP Transactions (6)

URL IP Response Size

uwnfaisufasf.com/visa/assets/index-DmzrJnSJ.css

124.156.225.221

200 OK

16 kB

URL GET
uwnfaisufasf.com/visa/assets/index-DmzrJnSJ.css
IP
124.156.225.221:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://uwnfaisufasf.com/visa/#h2T7
Certificate
IssuerLet's Encrypt
Subjectuwnfaisufasf.com
Fingerprint03:F3:58:58:F0:E7:18:8D:4B:B9:84:48:FB:59:72:0B:13:9C:08:42
ValidityMon, 31 Mar 2025 09:23:01 GMT - Sun, 29 Jun 2025 09:23:00 GMT

File type
ASCII text, with very long lines (15670)
Size
16 kB (15671 bytes)
Hash
f40f137f7c4699d505566be11cc7b3ad
12c65af3de6bd3cfb89714475e28470b8e77863f
ecaf97f8e83950e2c931d68ae942b7a0c59aead54ff1ea005f41e3762c9fcc44

HTTP Headers

GET /visa/assets/index-DmzrJnSJ.css HTTP/1.1
Host: uwnfaisufasf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uwnfaisufasf.com/visa/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.26.3
Date: Sun, 06 Apr 2025 09:49:55 GMT
Content-Type: text/css
Last-Modified: Sat, 29 Mar 2025 11:19:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"67e7d72a-3d37"
Expires: Tue, 06 May 2025 09:49:55 GMT
Cache-Control: max-age=2592000, public, max-age=2592000
Content-Encoding: gzip

uwnfaisufasf.com/visa/assets/index-04JMTKZd.js

124.156.225.221

200 OK

237 kB

URL GET
uwnfaisufasf.com/visa/assets/index-04JMTKZd.js
IP
124.156.225.221:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://uwnfaisufasf.com/visa/#h2T7
Certificate
IssuerLet's Encrypt
Subjectuwnfaisufasf.com
Fingerprint03:F3:58:58:F0:E7:18:8D:4B:B9:84:48:FB:59:72:0B:13:9C:08:42
ValidityMon, 31 Mar 2025 09:23:01 GMT - Sun, 29 Jun 2025 09:23:00 GMT

File type

Size
237 kB (237294 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /visa/assets/index-04JMTKZd.js HTTP/1.1
Host: uwnfaisufasf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uwnfaisufasf.com/visa/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.26.3
Date: Sun, 06 Apr 2025 09:49:55 GMT
Content-Type: application/javascript
Last-Modified: Sat, 29 Mar 2025 11:19:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"67e7d72a-39eee"
Expires: Tue, 06 May 2025 09:49:55 GMT
Cache-Control: max-age=2592000, public, max-age=2592000
Content-Encoding: gzip

uwnfaisufasf.com/open/visitors/info/createOrGetUserInfo

124.156.225.221

404 Not Found

9 B

URL POST
uwnfaisufasf.com/open/visitors/info/createOrGetUserInfo
IP
124.156.225.221:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://uwnfaisufasf.com/visa/#h2T7
Certificate
IssuerLet's Encrypt
Subjectuwnfaisufasf.com
Fingerprint03:F3:58:58:F0:E7:18:8D:4B:B9:84:48:FB:59:72:0B:13:9C:08:42
ValidityMon, 31 Mar 2025 09:23:01 GMT - Sun, 29 Jun 2025 09:23:00 GMT

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
9d1ead73e678fa2f51a70a933b0bf017
d205cbd6783332a212c5ae92d73c77178c2d2f28
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

HTTP Headers

POST /open/visitors/info/createOrGetUserInfo HTTP/1.1
Host: uwnfaisufasf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 387
Origin: https://uwnfaisufasf.com
DNT: 1
Connection: keep-alive
Referer: https://uwnfaisufasf.com/visa/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx/1.26.3
Date: Sun, 06 Apr 2025 09:49:57 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 9
Connection: keep-alive
Vary: Origin
Access-Control-Allow-Origin: https://uwnfaisufasf.com
set-cookie: locale=en-us; path=/; max-age=31557600; expires=Mon, 06 Apr 2026 15:49:57 GMT

uwnfaisufasf.com/visa/favicon.ico

124.156.225.221

200 OK

15 kB

URL GET
uwnfaisufasf.com/visa/favicon.ico
IP
124.156.225.221:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://uwnfaisufasf.com/visa/#h2T7
Certificate
IssuerLet's Encrypt
Subjectuwnfaisufasf.com
Fingerprint03:F3:58:58:F0:E7:18:8D:4B:B9:84:48:FB:59:72:0B:13:9C:08:42
ValidityMon, 31 Mar 2025 09:23:01 GMT - Sun, 29 Jun 2025 09:23:00 GMT

File type
MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Size
15 kB (15406 bytes)
Hash
84cf5c9481517216aebbdeef45bbc579
eccf5493218059e75d373193286eae6383b4e78d
3d7dd058cf1ba56277b3e62c0b520398aeecd1e49e1e2cacb74779f75f475bec

HTTP Headers

GET /visa/favicon.ico HTTP/1.1
Host: uwnfaisufasf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uwnfaisufasf.com/visa/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.26.3
Date: Sun, 06 Apr 2025 09:49:57 GMT
Content-Type: image/x-icon
Content-Length: 15406
Last-Modified: Sat, 15 Mar 2025 12:18:26 GMT
Connection: keep-alive
ETag: "67d57012-3c2e"
Expires: Tue, 06 May 2025 09:49:57 GMT
Cache-Control: max-age=2592000, public, max-age=2592000
Accept-Ranges: bytes

uwnfaisufasf.com/visa/NotoSansCJKjp-Regular_subset.woff

124.156.225.221

200 OK

571 kB

URL GET
uwnfaisufasf.com/visa/NotoSansCJKjp-Regular_subset.woff
IP
124.156.225.221:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://uwnfaisufasf.com/visa/#h2T7
Certificate
IssuerLet's Encrypt
Subjectuwnfaisufasf.com
Fingerprint03:F3:58:58:F0:E7:18:8D:4B:B9:84:48:FB:59:72:0B:13:9C:08:42
ValidityMon, 31 Mar 2025 09:23:01 GMT - Sun, 29 Jun 2025 09:23:00 GMT

File type
Web Open Font Format, CFF, length 570992, version 1.0
Size
571 kB (570992 bytes)
Hash
72ba2113b5ba2bc18cccfd1e3b7ea0de
c11321ab94e5545becf2e50f6e5509912d6a40ba
94eee0ce4bf85dc67bde9b9211afe0ec2e59a0a3a252944cb116c96ee0560072

HTTP Headers

GET /visa/NotoSansCJKjp-Regular_subset.woff HTTP/1.1
Host: uwnfaisufasf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://uwnfaisufasf.com/visa/assets/index-DmzrJnSJ.css
Cookie: locale=en-us
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.26.3
Date: Sun, 06 Apr 2025 09:49:57 GMT
Content-Type: font/woff
Content-Length: 570992
Last-Modified: Sat, 15 Mar 2025 12:18:26 GMT
Connection: keep-alive
ETag: "67d57012-8b670"
Expires: Tue, 06 May 2025 09:49:57 GMT
Cache-Control: max-age=2592000, public, max-age=2592000
Accept-Ranges: bytes

uwnfaisufasf.com/visa/#h2T7

124.156.225.221

200 OK

492 B

URL User Request GET
uwnfaisufasf.com/visa/#h2T7
IP
124.156.225.221:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Certificate
IssuerLet's Encrypt
Subjectuwnfaisufasf.com
Fingerprint03:F3:58:58:F0:E7:18:8D:4B:B9:84:48:FB:59:72:0B:13:9C:08:42
ValidityMon, 31 Mar 2025 09:23:01 GMT - Sun, 29 Jun 2025 09:23:00 GMT

File type
HTML document, ASCII text, with very long lines (547), with no line terminators
Size
492 B (492 bytes)
Hash
77aa13fd11f5af1ec291966033e3ef9f
3779357a999391b214aa9929dfef7f7dd2210762
a932c601efe1c6edcbcd66347e6f79339d29d3248081ab7f865e48e2449eed42

Detections

Analyzer	Verdict	Alert
PhishTank	phishing	Other

HTTP Headers

GET /visa/ HTTP/1.1
Host: uwnfaisufasf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.26.3
Date: Sun, 06 Apr 2025 09:49:55 GMT
Content-Type: text/html
Last-Modified: Sat, 29 Mar 2025 11:19:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"67e7d72a-1ec"
Content-Encoding: gzip

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (1)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (6)

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL POST

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers