urlscan.io logo urlscan.io
SecurityTrails logo

facebook.que.show.ji.ji.ji.com Open in urlscan Pro
18.166.248.208  Public Scan

Go To Rescan Add Verdict Report
URL: http://facebook.que.show.ji.ji.ji.com/
Submission Tags: @phishunt_io
Submission: On March 16 via api from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 5 HTTP transactions. The main IP is 18.166.248.208, located in China and belongs to AMAZON-02, US. The main domain is facebook.que.show.ji.ji.ji.com.
This is the only time facebook.que.show.ji.ji.ji.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 18.166.248.208 16509 (AMAZON-02)
3 120.77.167.179 37963 (CNNIC-ALI...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
5 3
Domain Requested by
3 domainecology-common.oss-cn-shenzhen.aliyuncs.com facebook.que.show.ji.ji.ji.com
1 ts.swd.com domainecology-common.oss-cn-shenzhen.aliyuncs.com
1 facebook.que.show.ji.ji.ji.com
5 3

This site contains no links.

Subject Issuer Validity Valid
*.oss-cn-shenzhen.aliyuncs.com
GlobalSign Organization Validation CA - SHA256 - G2		 2021-01-25 -
2022-02-26		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-02-02 -
2022-02-01		 a year crt.sh

This page contains 1 frames:

Primary Page: http://facebook.que.show.ji.ji.ji.com/
Frame ID: 357748C4E8765F204165B315D45A9248
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

5
Requests

80 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

291 kB
Transfer

357 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
facebook.que.show.ji.ji.ji.com/ 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://facebook.que.show.ji.ji.ji.com/
Protocol
HTTP/1.1
Server
18.166.248.208 , China, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-166-248-208.ap-east-1.compute.amazonaws.com
Software
/
Resource Hash
24861d1eaa21252d6f0916b1452e9f2e206d972d83dbbbeab27b7b9799d471f1

Request headers

Host
facebook.que.show.ji.ji.ji.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Token
12b0d0981450
Vary
Accept-Encoding
Date
Tue, 16 Mar 2021 18:01:00 GMT
Content-Length
1653
jquery.3.4.1.min.js
domainecology-common.oss-cn-shenzhen.aliyuncs.com/libs/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://domainecology-common.oss-cn-shenzhen.aliyuncs.com/libs/jquery.3.4.1.min.js
Requested by
Host: facebook.que.show.ji.ji.ji.com
URL: http://facebook.que.show.ji.ji.ji.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.77.167.179 , China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer
http://facebook.que.show.ji.ji.ji.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-oss-object-type
Normal
Date
Tue, 16 Mar 2021 18:01:01 GMT
Content-Encoding
gzip
x-oss-request-id
6050F25D8A0E923639CE557D
Last-Modified
Thu, 26 Nov 2020 06:00:43 GMT
Server
AliyunOSS
Content-MD5
Igr9dD2elkOFLjGhNanzrg==
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
x-oss-storage-class
Standard
Connection
keep-alive
x-oss-hash-crc64ecma
7140207208985271372
x-oss-server-time
2
site_statistics.js
domainecology-common.oss-cn-shenzhen.aliyuncs.com/libs/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://domainecology-common.oss-cn-shenzhen.aliyuncs.com/libs/site_statistics.js?v=1
Requested by
Host: facebook.que.show.ji.ji.ji.com
URL: http://facebook.que.show.ji.ji.ji.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.77.167.179 , China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
4e083cd30ab135182d34f93c491ef69ce66fd3d51bc8c08b376740e476673d04

Request headers

Referer
http://facebook.que.show.ji.ji.ji.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-oss-object-type
Normal
Date
Tue, 16 Mar 2021 18:01:01 GMT
Content-Encoding
gzip
x-oss-request-id
6050F25DC84D1C343400142E
Last-Modified
Wed, 03 Feb 2021 03:05:58 GMT
Server
AliyunOSS
Content-MD5
8zKBi0GhFz0BVnlJgoiS3g==
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
x-oss-storage-class
Standard
Connection
keep-alive
x-oss-hash-crc64ecma
12448314970517177584
x-oss-server-time
1
access_record
ts.swd.com/api/cs/n/ 		5 B
676 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ts.swd.com/api/cs/n/access_record?unique_code=a1a976e347367af88fd7f347cf2265e7&open_domain=facebook.que.show.ji.ji.ji.com&open_url=http://facebook.que.show.ji.ji.ji.com/&source_url=&cookie_hash=30bb2abf0e90682c2d61fbe4922b2bf2
Requested by
Host: domainecology-common.oss-cn-shenzhen.aliyuncs.com
URL: https://domainecology-common.oss-cn-shenzhen.aliyuncs.com/libs/site_statistics.js?v=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:241f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38e0b9de817f645c4bec37c0d4a3e58baecccb040f5718dc069a72c7385a0bed

Request headers

Referer
http://facebook.que.show.ji.ji.ji.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 18:01:02 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FGX%2BdKIfcnyFEBt5TVDlfJ%2Bp7%2B2o2QCdG%2Fxpls9JVm46SJKQj42Vd2eYuOVYyPCViHhN5647Z5%2FiAlecngonsj%2BepstU6xrI%2FzeZ55r304qeyQ4yw8Tf"}]}
content-type
application/json; charset=utf-8
cf-ray
630fe26a7d234e56-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08ddcbd69000004e56dcb64000000001
default_bg.jpg
domainecology-common.oss-cn-shenzhen.aliyuncs.com/sell_page_assets/ 		254 KB
254 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://domainecology-common.oss-cn-shenzhen.aliyuncs.com/sell_page_assets/default_bg.jpg
Requested by
Host: facebook.que.show.ji.ji.ji.com
URL: http://facebook.que.show.ji.ji.ji.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.77.167.179 , China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
09ab2f3ca10a7a157cfda3d6f3853d08a1c737368af1ff7f0028eef484c83f74

Request headers

Referer
http://facebook.que.show.ji.ji.ji.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 18:01:01 GMT
x-oss-request-id
6050F25D8A0E92363901597D
Content-MD5
TlyErBwt1f1/bNAjfc1w5Q==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
259817
x-oss-object-type
Normal
Last-Modified
Wed, 03 Feb 2021 03:24:55 GMT
Server
AliyunOSS
ETag
"4E5C84AC1C2DD5FD7F6CD0237DCD70E5"
Content-Type
image/jpeg
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
15237283449110122385
x-oss-server-time
22

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery number| hexcase string| b64pad number| chrsz function| hex_md5 function| b64_md5 function| str_md5 function| hex_hmac_md5 function| b64_hmac_md5 function| str_hmac_md5 function| md5_vm_test function| core_md5 function| md5_cmn function| md5_ff function| md5_gg function| md5_hh function| md5_ii function| core_hmac_md5 function| safe_add function| bit_rol function| str2binl function| binl2str function| binl2hex function| binl2b64 function| uuid function| setCookie function| getCookie function| getCookieHash function| viewRecord

1 Cookies

Domain/Path Name / Value
facebook.que.show.ji.ji.ji.com/ Name: HASH
Value: 30bb2abf0e90682c2d61fbe4922b2bf2