urlscan.io logo urlscan.io
SecurityTrails logo

facxmoon.top Open in urlscan Pro
143.92.49.123  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://facxmoon.top/
Submission: On December 14 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 6 domains to perform 30 HTTP transactions. The main IP is 143.92.49.123, located in Hong Kong, Hong Kong and belongs to CTGSERVERLIMITED-AS-AP CTG Server Limited, HK. The main domain is facxmoon.top.
TLS certificate: Issued by R10 on December 14th 2024. Valid for: 3 months.
This is the only time facxmoon.top was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

IP Address AS Autonomous System
24 143.92.49.123 152194 (CTGSERVER...)
1 2a04:fa87:fff... 2635 (AUTOMATTIC)
5 2a03:2880:f00... 32934 (FACEBOOK)
3 3 2a03:2880:f10... 32934 (FACEBOOK)
30 4
24    143.92.49.123 (Hong Kong, Hong Kong)

ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK)
facxmoon.top
1    2a04:fa87:fffd::c000:426d (Ireland)

ASN2635 (AUTOMATTIC, US)
about.fb.com
5    2a03:2880:f00e:13:face:b00c:0:3 (Toronto, Canada)

ASN32934 (FACEBOOK, US)
static.xx.fbcdn.net
connect.facebook.net
3    2a03:2880:f10e:83:face:b00c:0:25de (Toronto, Canada)

ASN32934 (FACEBOOK, US)
facebook.com
fbcdn.net
fbsbx.com
Apex Domain
Subdomains		 Transfer
24 facxmoon.top
facxmoon.top
374 KB
5 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 965
fbcdn.net — Cisco Umbrella Rank: 179
11 KB
1 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
177 B
1 fbsbx.com
fbsbx.com — Cisco Umbrella Rank: 2065
104 B
1 facebook.com
facebook.com — Cisco Umbrella Rank: 48
106 B
1 fb.com
about.fb.com — Cisco Umbrella Rank: 380933
841 KB
30 6
Domain Requested by
24 facxmoon.top facxmoon.top
4 static.xx.fbcdn.net facxmoon.top
1 connect.facebook.net facxmoon.top
1 fbsbx.com 1 redirects
1 fbcdn.net 1 redirects
1 facebook.com 1 redirects
1 about.fb.com facxmoon.top
30 7

This site contains no links.

Subject Issuer Validity Valid
wusitfbcoe.top
R10		 2024-12-14 -
2025-03-14		 3 months crt.sh
about.fb.com
DigiCert SHA2 High Assurance Server CA		 2024-08-02 -
2025-08-01		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-09-23 -
2024-12-22		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://facxmoon.top/
Frame ID: 38AC193A7FA49EF581002779786822FB
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

登录 Facebook

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Page Statistics

30
Requests

17 %
HTTPS

75 %
IPv6

6
Domains

7
Subdomains

4
IPs

3
Countries

1225 kB
Transfer

1964 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://facebook.com/security/hsts-pixel.gif?c=3.2.5 HTTP 302
  • https://fbcdn.net/security/hsts-pixel.gif?c=2.5 HTTP 302
  • https://fbsbx.com/security/hsts-pixel.gif?c=5 HTTP 302
  • https://connect.facebook.net/security/hsts-pixel.gif

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
facxmoon.top/ 		61 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://facxmoon.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.92.49.123 Hong Kong, Hong Kong, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
0e5805ddd6f4432c7c23419fdd5003d3bd6256c60f4842bdeb59996738f5567c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html
date
Sat, 14 Dec 2024 12:14:15 GMT
etag
W/"675afed9-f3f2"
last-modified
Thu, 12 Dec 2024 15:18:49 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
FbIjy7kxcLk.css
facxmoon.top/static/css/ 		43 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://facxmoon.top/static/css/FbIjy7kxcLk.css
Requested by
Host: facxmoon.top
URL: https://facxmoon.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.92.49.123 Hong Kong, Hong Kong, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
b0996cbaaccd5854ac7252c70b9b8be5e11a9d5b8aa15817c19cd951b6896a40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://facxmoon.top/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=43200
content-encoding
gzip
etag
W/"6745d384-ad98"
expires
Sun, 15 Dec 2024 00:14:16 GMT
date
Sat, 14 Dec 2024 12:14:16 GMT
content-type
text/css
last-modified
Tue, 26 Nov 2024 13:56:20 GMT
server
nginx
vary
Accept-Encoding
Kzk9P7yfjQu.css
facxmoon.top/static/css/ 		11 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://facxmoon.top/static/css/Kzk9P7yfjQu.css
Requested by
Host: facxmoon.top
URL: https://facxmoon.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.92.49.123 Hong Kong, Hong Kong, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
a603d18ecd4845d39f654fa940cf75a2c817257465c4665b0538b9c370b96014
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://facxmoon.top/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=43200
content-encoding
gzip
etag
W/"6745d384-2b18"
expires
Sun, 15 Dec 2024 00:14:16 GMT
date
Sat, 14 Dec 2024 12:14:16 GMT
content-type
text/css
last-modified
Tue, 26 Nov 2024 13:56:20 GMT
server
nginx
vary
Accept-Encoding
8MYI4yJfgT8.js
facxmoon.top/static/js/ 		345 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://facxmoon.top/static/js/8MYI4yJfgT8.js
Requested by
Host: facxmoon.top
URL: https://facxmoon.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.92.49.123 Hong Kong, Hong Kong, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
3282e52fa7980fc65a439ac013b85f824472812dc394aedb4eb8160713f63aeb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://facxmoon.top/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=43200
content-encoding
gzip
etag
W/"6745d384-56361"
expires
Sun, 15 Dec 2024 00:14:16 GMT
date
Sat, 14 Dec 2024 12:14:16 GMT
content-type
application/javascript
last-modified
Tue, 26 Nov 2024 13:56:20 GMT
server
nginx
vary
Accept-Encoding
Broadcast-Channels-on-FB-MSGR_Header.jpg
about.fb.com/wp-content/uploads/2023/10/ 		839 KB
841 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://about.fb.com/wp-content/uploads/2023/10/Broadcast-Channels-on-FB-MSGR_Header.jpg?w=1920
Requested by
Host: facxmoon.top
URL: https://facxmoon.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:426d , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
d63109ab0f7da4863e2cc622be979b48a187aad21df9679672eb29c28d34af1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://facxmoon.top/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=31536000
x-rq
jfk1 98 226 443
etag
"703fa673061f7d84"
accept-ranges
bytes, bytes
x-cache
HIT
content-length
859486
date
Sat, 14 Dec 2024 12:14:16 GMT
content-type
image/webp
last-modified
Mon, 02 Dec 2024 00:12:24 GMT
server
nginx
vary
Accept
4lCu2zih0ca.svg
static.xx.fbcdn.net/rsrc.php/y1/r/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/y1/r/4lCu2zih0ca.svg
Requested by
Host: facxmoon.top
URL: https://facxmoon.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00e:13:face:b00c:0:3 Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0d6f8d206a6bd8b60a2048a3df206ac956a2f633786e4af1c02057f81758ad7a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://facxmoon.top/

Response headers

content-md5
n3VoHwQDdPdD5BC1HAoIkw==
content-encoding
zstd
report-to
{"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Wed, 03 Dec 2025 05:59:01 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 14 Dec 2024 12:14:16 GMT
content-type
image/svg+xml
vary
Accept-Encoding
x-fb-debug
nccUr+fomdKl/T71ol+heOAC3OJ4m9ooqa/JRlUHN/Q815f8xHfTRxpFavsUxJj/84T+OrRpEVK3AChiAdXfdQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
priority
u=2,i
reporting-endpoints
permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=15, rtx=0, c=23, mss=1232, tbw=4523, tp=9, tpl=0, uplat=0, ullat=-1
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
access-control-allow-origin
*
content-length
986
origin-agent-cluster
?1
hsts-pixel.gif
connect.facebook.net/security/
Redirect Chain
  • https://facebook.com/security/hsts-pixel.gif?c=3.2.5
  • https://fbcdn.net/security/hsts-pixel.gif?c=2.5
  • https://fbsbx.com/security/hsts-pixel.gif?c=5
  • https://connect.facebook.net/security/hsts-pixel.gif
43 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://connect.facebook.net/security/hsts-pixel.gif
Requested by
Host: facxmoon.top
URL: https://facxmoon.top/
Protocol
H3
Server
2a03:2880:f00e:13:face:b00c:0:3 Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-Xruvsw7a' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://facxmoon.top/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 14 Dec 2024 12:14:17 GMT
content-type
image/gif
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-Xruvsw7a' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
private, no-cache, no-store, must-revalidate
x-fb-debug
h0o2HDS156bCW+LUxTCoNS+jIyJNEqZZ2Gwk8RZwhiWNbUTCfJWyetXGC4Ura9BUbOzb30TuzhHxP/Shvg9cww==
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=17, rtx=0, c=29, mss=1232, tbw=11963, tp=24, tpl=0, uplat=6, ullat=-1
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
access-control-allow-origin
*
content-length
57
x-xss-protection
0
origin-agent-cluster
?1

Redirect headers

report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
alt-svc
h3=":443"; ma=86400
date
Sat, 14 Dec 2024 12:14:17 GMT
content-type
text/html; charset="utf-8"
x-fb-debug
ylrgerkQs830MkNyeGN2DgrzdBfVkfd7pSiqohJ7MGd/1Rfv0BhNFF9FnjxmBJKVsHnrQYWvTGJ83THyRFntAQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=15, rtx=0, c=24, mss=1232, tbw=6182, tp=13, tpl=0, uplat=67, ullat=0
location
https://connect.facebook.net/security/hsts-pixel.gif
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
0
origin-agent-cluster
?1
0g9ACyquZNC.js
facxmoon.top/static/js/ 		50 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://facxmoon.top/static/js/0g9ACyquZNC.js
Requested by
Host: facxmoon.top
URL: https://facxmoon.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.92.49.123 Hong Kong, Hong Kong, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
a81bf985b348ae18ade2f7d0c75168c503406dd881a871a72f3b1bcedb5278b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://facxmoon.top/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=43200
content-encoding
gzip
etag
W/"6745d386-c879"
expires
Sun, 15 Dec 2024 00:14:16 GMT
date
Sat, 14 Dec 2024 12:14:16 GMT
content-type
application/javascript
last-modified
Tue, 26 Nov 2024 13:56:22 GMT
server
nginx
vary
Accept-Encoding
n9Awa-VoX_i.js
facxmoon.top/static/js/ 		52 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://facxmoon.top/static/js/n9Awa-VoX_i.js
Requested by
Host: facxmoon.top
URL: https://facxmoon.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.92.49.123 Hong Kong, Hong Kong, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
1e032378ced972ac15e55087e18ce6b4705030dd9f457dc7bb4c986b375b08e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://facxmoon.top/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=43200
content-encoding
gzip
etag
W/"6745d386-cf81"
expires
Sun, 15 Dec 2024 00:14:16 GMT
date
Sat, 14 Dec 2024 12:14:16 GMT
content-type
application/javascript
last-modified
Tue, 26 Nov 2024 13:56:22 GMT
server
nginx
vary
Accept-Encoding
FkmGaZFEpGv.js
facxmoon.top/static/js/ 		1 KB
530 B 		Script
General
Check archive.org
Download Go to
Full URL
https://facxmoon.top/static/js/FkmGaZFEpGv.js
Requested by
Host: facxmoon.top
URL: https://facxmoon.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.92.49.123 Hong Kong, Hong Kong, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
e6c60ebee3c36576dd48206a9c0c0aa9566b13be98b8b01b0c7945dd31259fb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://facxmoon.top/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=43200
content-encoding
gzip
etag
W/"6745d386-4a8"
expires
Sun, 15 Dec 2024 00:14:16 GMT
date
Sat, 14 Dec 2024 12:14:16 GMT
content-type
application/javascript
last-modified
Tue, 26 Nov 2024 13:56:22 GMT
server
nginx
vary
Accept-Encoding
pt_W8BOmFiq.js
facxmoon.top/static/js/ 		1 KB
759 B 		Script
General
Check archive.org
Download Go to
Full URL
https://facxmoon.top/static/js/pt_W8BOmFiq.js
Requested by
Host: facxmoon.top
URL: https://facxmoon.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.92.49.123 Hong Kong, Hong Kong, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
56388c4c349610fe293967c6dac62f28bc9e1833cd12719aee012a5819681806
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://facxmoon.top/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=43200
content-encoding
gzip
etag
W/"6745d386-477"
expires
Sun, 15 Dec 2024 00:14:16 GMT
date
Sat, 14 Dec 2024 12:14:16 GMT
content-type
application/javascript
last-modified
Tue, 26 Nov 2024 13:56:22 GMT
server
nginx
vary
Accept-Encoding
truncated
/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://facxmoon.top
Referer
https://facxmoon.top/

Response headers

Content-Type
text/css;charset=utf-8
0g9ACyquZNC.js
facxmoon.top/static/js/ 		50 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://facxmoon.top/static/js/0g9ACyquZNC.js
Requested by
Host: facxmoon.top
URL: https://facxmoon.top/static/js/8MYI4yJfgT8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.92.49.123 Hong Kong, Hong Kong, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
a81bf985b348ae18ade2f7d0c75168c503406dd881a871a72f3b1bcedb5278b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://facxmoon.top
Referer
https://facxmoon.top/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=43200
content-encoding
gzip
etag
W/"6745d386-c879"
expires
Sun, 15 Dec 2024 00:14:16 GMT
date
Sat, 14 Dec 2024 12:14:16 GMT
content-type
application/javascript
last-modified
Tue, 26 Nov 2024 13:56:22 GMT
server
nginx
vary
Accept-Encoding
n9Awa-VoX_i.js
facxmoon.top/static/js/ 		52 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://facxmoon.top/static/js/n9Awa-VoX_i.js
Requested by
Host: facxmoon.top
URL: https://facxmoon.top/static/js/8MYI4yJfgT8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.92.49.123 Hong Kong, Hong Kong, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
1e032378ced972ac15e55087e18ce6b4705030dd9f457dc7bb4c986b375b08e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://facxmoon.top
Referer
https://facxmoon.top/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=43200
content-encoding
gzip
etag
W/"6745d386-cf81"
expires
Sun, 15 Dec 2024 00:14:16 GMT
date
Sat, 14 Dec 2024 12:14:16 GMT
content-type
application/javascript
last-modified
Tue, 26 Nov 2024 13:56:22 GMT
server
nginx
vary
Accept-Encoding
FkmGaZFEpGv.js
facxmoon.top/static/js/ 		1 KB
530 B 		Script
General
Check archive.org
Download Go to
Full URL
https://facxmoon.top/static/js/FkmGaZFEpGv.js
Requested by
Host: facxmoon.top
URL: https://facxmoon.top/static/js/8MYI4yJfgT8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.92.49.123 Hong Kong, Hong Kong, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
e6c60ebee3c36576dd48206a9c0c0aa9566b13be98b8b01b0c7945dd31259fb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://facxmoon.top
Referer
https://facxmoon.top/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=43200
content-encoding
gzip
etag
W/"6745d386-4a8"
expires
Sun, 15 Dec 2024 00:14:17 GMT
date
Sat, 14 Dec 2024 12:14:17 GMT
content-type
application/javascript
last-modified
Tue, 26 Nov 2024 13:56:22 GMT
server
nginx
vary
Accept-Encoding
pt_W8BOmFiq.js
facxmoon.top/static/js/ 		1 KB
759 B 		Script
General
Check archive.org
Download Go to
Full URL
https://facxmoon.top/static/js/pt_W8BOmFiq.js
Requested by
Host: facxmoon.top
URL: https://facxmoon.top/static/js/8MYI4yJfgT8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.92.49.123 Hong Kong, Hong Kong, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
56388c4c349610fe293967c6dac62f28bc9e1833cd12719aee012a5819681806
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://facxmoon.top
Referer
https://facxmoon.top/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=43200
content-encoding
gzip
etag
W/"6745d386-477"
expires
Sun, 15 Dec 2024 00:14:17 GMT
date
Sat, 14 Dec 2024 12:14:17 GMT
content-type
application/javascript
last-modified
Tue, 26 Nov 2024 13:56:22 GMT
server
nginx
vary
Accept-Encoding
uxkR2CEYmJq.png
static.xx.fbcdn.net/rsrc.php/v3/yj/r/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yj/r/uxkR2CEYmJq.png
Requested by
Host: facxmoon.top
URL: https://facxmoon.top/static/css/FbIjy7kxcLk.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00e:13:face:b00c:0:3 Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1a0c54d2286c6980c30ef2cab46942fd58dde16e8e225a35d89bcae437863a40
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://facxmoon.top/

Response headers

content-md5
ufpr1jub3jWP0nk8tG22gg==
report-to
{"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sun, 14 Dec 2025 06:01:19 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 14 Dec 2024 12:14:17 GMT
content-type
image/png
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
x-fb-debug
pNlHl+p5ziay3XGoTAaDro90PaAL0Y+jhqCGh57r1PjFnJcPts0bcp8QATkzhtKZtz/qI9K5J7iYuxXzdBmNYQ==
priority
u=3,i
reporting-endpoints
permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=19, rtx=0, c=25, mss=1232, tbw=7627, tp=17, tpl=0, uplat=1, ullat=-1
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
access-control-allow-origin
*
content-length
3826
origin-agent-cluster
?1
O7nelmd9XSI.png
static.xx.fbcdn.net/rsrc.php/v3/yU/r/ 		95 B
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/O7nelmd9XSI.png
Requested by
Host: facxmoon.top
URL: https://facxmoon.top/static/css/FbIjy7kxcLk.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00e:13:face:b00c:0:3 Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c0f9968d0fa5f4deff86babccd6df52306138314607a6f3f0acd2e7afc783d1c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://facxmoon.top/

Response headers

content-md5
OcEdZWIg79UvSWVADRSQCg==
report-to
{"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 13 Dec 2025 06:31:33 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 14 Dec 2024 12:14:17 GMT
content-type
image/png
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
x-fb-debug
ut/wLXHNg2BJ0paC6LUctxsFduPGjSTegDtKKEc9d17MWKad+tKrRpZiQgaAj1X47/lnawaI+smZ98iW3G3rXg==
priority
u=3,i
reporting-endpoints
permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=19, rtx=0, c=25, mss=1232, tbw=7147, tp=15, tpl=0, uplat=0, ullat=-1
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
access-control-allow-origin
*
content-length
95
origin-agent-cluster
?1
ZRoPT4DdUuR.js
facxmoon.top/static/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://facxmoon.top/static/js/ZRoPT4DdUuR.js
Requested by
Host: facxmoon.top
URL: https://facxmoon.top/static/js/8MYI4yJfgT8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.92.49.123 Hong Kong, Hong Kong, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
fab9e8ab178a52b270ed2e5242713a357809e9600d3730680167e4b07ecee911
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://facxmoon.top
Referer
https://facxmoon.top/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=43200
content-encoding
gzip
etag
W/"6745d384-1a31"
expires
Sun, 15 Dec 2024 00:14:17 GMT
date
Sat, 14 Dec 2024 12:14:17 GMT
content-type
application/javascript
last-modified
Tue, 26 Nov 2024 13:56:20 GMT
server
nginx
vary
Accept-Encoding
QMj9sEu41DG.js
facxmoon.top/static/js/ 		98 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://facxmoon.top/static/js/QMj9sEu41DG.js
Requested by
Host: facxmoon.top
URL: https://facxmoon.top/static/js/8MYI4yJfgT8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.92.49.123 Hong Kong, Hong Kong, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
b81aeb0c8ab462361725d7a798f7027416d0edf76602b2386bd1abd73ee7322f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://facxmoon.top
Referer
https://facxmoon.top/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=43200
content-encoding
gzip
etag
W/"6745d384-188a8"
expires
Sun, 15 Dec 2024 00:14:17 GMT
date
Sat, 14 Dec 2024 12:14:17 GMT
content-type
application/javascript
last-modified
Tue, 26 Nov 2024 13:56:20 GMT
server
nginx
vary
Accept-Encoding
DlS8iOPbc-U.js
facxmoon.top/static/js/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://facxmoon.top/static/js/DlS8iOPbc-U.js
Requested by
Host: facxmoon.top
URL: https://facxmoon.top/static/js/8MYI4yJfgT8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.92.49.123 Hong Kong, Hong Kong, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
8a694c2a2ce5ac379f50269b3732f2220a292c8f296c3a6b05dfd1eff8e3234d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://facxmoon.top
Referer
https://facxmoon.top/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=43200
content-encoding
gzip
etag
W/"6745d386-b104"
expires
Sun, 15 Dec 2024 00:14:17 GMT
date
Sat, 14 Dec 2024 12:14:17 GMT
content-type
application/javascript
last-modified
Tue, 26 Nov 2024 13:56:22 GMT
server
nginx
vary
Accept-Encoding
SPq-XM1tiF4.js
facxmoon.top/static/js/ 		138 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://facxmoon.top/static/js/SPq-XM1tiF4.js
Requested by
Host: facxmoon.top
URL: https://facxmoon.top/static/js/8MYI4yJfgT8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.92.49.123 Hong Kong, Hong Kong, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
0f3c42277eca6cf88ee3d4ea7b42060172a9609994a657ce81dcf70ec751bd15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://facxmoon.top
Referer
https://facxmoon.top/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=43200
content-encoding
gzip
etag
W/"6745d384-227eb"
expires
Sun, 15 Dec 2024 00:14:17 GMT
date
Sat, 14 Dec 2024 12:14:17 GMT
content-type
application/javascript
last-modified
Tue, 26 Nov 2024 13:56:20 GMT
server
nginx
vary
Accept-Encoding
WzNMjfKB7nj.js
facxmoon.top/static/js/ 		50 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://facxmoon.top/static/js/WzNMjfKB7nj.js
Requested by
Host: facxmoon.top
URL: https://facxmoon.top/static/js/8MYI4yJfgT8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.92.49.123 Hong Kong, Hong Kong, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
d45d80c8bbb57fef2442bd4dfe4f21207721398fb5c6377aebe4349f4f122326
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://facxmoon.top
Referer
https://facxmoon.top/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=43200
content-encoding
gzip
etag
W/"6745d386-c8a8"
expires
Sun, 15 Dec 2024 00:14:17 GMT
date
Sat, 14 Dec 2024 12:14:17 GMT
content-type
application/javascript
last-modified
Tue, 26 Nov 2024 13:56:22 GMT
server
nginx
vary
Accept-Encoding
qvzskUrYlYC.js
facxmoon.top/static/js/ 		28 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://facxmoon.top/static/js/qvzskUrYlYC.js
Requested by
Host: facxmoon.top
URL: https://facxmoon.top/static/js/8MYI4yJfgT8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.92.49.123 Hong Kong, Hong Kong, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
68e7a7c1b9098ddee7727e3dab0fa56e52a6d9fa61a1abf0ee93f4d29e68c29c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://facxmoon.top
Referer
https://facxmoon.top/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=43200
content-encoding
gzip
etag
W/"6745d386-70d9"
expires
Sun, 15 Dec 2024 00:14:17 GMT
date
Sat, 14 Dec 2024 12:14:17 GMT
content-type
application/javascript
last-modified
Tue, 26 Nov 2024 13:56:22 GMT
server
nginx
vary
Accept-Encoding
rFKoy_cbCKN.js
facxmoon.top/static/js/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://facxmoon.top/static/js/rFKoy_cbCKN.js
Requested by
Host: facxmoon.top
URL: https://facxmoon.top/static/js/8MYI4yJfgT8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.92.49.123 Hong Kong, Hong Kong, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
e36af9c0dfc926a53375dc4599aae93d982ceb3b8ac3e07510041178afc35c55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://facxmoon.top
Referer
https://facxmoon.top/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=43200
content-encoding
gzip
etag
W/"6745d386-25cb"
expires
Sun, 15 Dec 2024 00:14:17 GMT
date
Sat, 14 Dec 2024 12:14:17 GMT
content-type
application/javascript
last-modified
Tue, 26 Nov 2024 13:56:22 GMT
server
nginx
vary
Accept-Encoding
DgU1fe16oS1.js
facxmoon.top/static/js/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://facxmoon.top/static/js/DgU1fe16oS1.js
Requested by
Host: facxmoon.top
URL: https://facxmoon.top/static/js/8MYI4yJfgT8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.92.49.123 Hong Kong, Hong Kong, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
c7d8e520c96765a2cc9f35516690bc3abeff03944ddc0dd2749fd22d91847167
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://facxmoon.top
Referer
https://facxmoon.top/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=43200
content-encoding
gzip
etag
W/"6745d384-48c6"
expires
Sun, 15 Dec 2024 00:14:17 GMT
date
Sat, 14 Dec 2024 12:14:17 GMT
content-type
application/javascript
last-modified
Tue, 26 Nov 2024 13:56:20 GMT
server
nginx
vary
Accept-Encoding
bSFmFG5wOuO.js
facxmoon.top/static/js/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://facxmoon.top/static/js/bSFmFG5wOuO.js
Requested by
Host: facxmoon.top
URL: https://facxmoon.top/static/js/8MYI4yJfgT8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.92.49.123 Hong Kong, Hong Kong, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
f89e2090e176af266b259f05bf3abab9bba1c7610946f6978e11720f4f5c9fba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://facxmoon.top
Referer
https://facxmoon.top/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=43200
content-encoding
gzip
etag
W/"6745d384-af8b"
expires
Sun, 15 Dec 2024 00:14:17 GMT
date
Sat, 14 Dec 2024 12:14:17 GMT
content-type
application/javascript
last-modified
Tue, 26 Nov 2024 13:56:20 GMT
server
nginx
vary
Accept-Encoding
UDFCsXtDquD.js
facxmoon.top/static/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://facxmoon.top/static/js/UDFCsXtDquD.js
Requested by
Host: facxmoon.top
URL: https://facxmoon.top/static/js/8MYI4yJfgT8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.92.49.123 Hong Kong, Hong Kong, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
55052c647e1b5d8ef44c8f340c96c6aae9dec6861f45b2cc8434ae54c9b62dc8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://facxmoon.top
Referer
https://facxmoon.top/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=43200
content-encoding
gzip
etag
W/"6745d384-1959"
expires
Sun, 15 Dec 2024 00:14:17 GMT
date
Sat, 14 Dec 2024 12:14:17 GMT
content-type
application/javascript
last-modified
Tue, 26 Nov 2024 13:56:20 GMT
server
nginx
vary
Accept-Encoding
bz
facxmoon.top/ajax/ 		548 B
611 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://facxmoon.top/ajax/bz?__a=1&__aaid=0&__ccg=EXCELLENT&__dyn=7xe6E5aQ1PyUbFp41twpUnwgU29zE6u7E3rw5ux60Vo1upE4W0OE3nwaq0yE7i0n24o5-0me1Fw5uw5Uwdq0Ho2eU5O08HwSyE1582ZwrU1Xo1UU3jwea&__hs=20053.BP%3ADEFAULT.2.0..0.0&__hsi=7441586038878850443&__req=1&__rev=1018490153&__s=ur8kac%3Alppoyl%3Aruuz97&__spin_b=trunk&__spin_r=1018490153&__spin_t=1732629267&__user=0&dpr=1&jazoest=2880&lsd=AVq7OGeJbR8
Requested by
Host: facxmoon.top
URL: https://facxmoon.top/static/js/DlS8iOPbc-U.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.92.49.123 Hong Kong, Hong Kong, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

X-ASBD-ID
129477
X-FB-LSD
AVq7OGeJbR8
Referer
https://facxmoon.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryiOrboiUbggST43Y6

Response headers

content-length
548
date
Sat, 14 Dec 2024 12:14:17 GMT
content-type
text/html
server
nginx
2sFJRNmJ5OP.ico
static.xx.fbcdn.net/rsrc.php/yB/r/ 		5 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/yB/r/2sFJRNmJ5OP.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00e:13:face:b00c:0:3 Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
88ae5454a7c32c630703440849d35c58f570d8eecc23c071dbe68d63ce6a40d7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://facxmoon.top/

Response headers

content-md5
PnZPD3N3Z7MKaS+rHePOSQ==
report-to
{"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Wed, 03 Dec 2025 05:26:51 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 14 Dec 2024 12:14:18 GMT
content-type
image/x-icon
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
x-fb-debug
V9eChw979aMoSBdrsrPF/MnoRmlBO/+tgyQmniKF/QEzk44bFQVXR46KDTiCSpFE4U/8AsmUe0/5oW+uVZ/hNw==
priority
u=1,i
reporting-endpoints
permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=18, rtx=0, c=30, mss=1232, tbw=13611, tp=29, tpl=0, uplat=0, ullat=-1
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
access-control-allow-origin
*
content-length
5430
origin-agent-cluster
?1
bz
facxmoon.top/ajax/ 		548 B
611 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://facxmoon.top/ajax/bz?__a=1&__aaid=0&__ccg=EXCELLENT&__dyn=7xe6E5aQ1PyUbFp41twpUnwgU29zE6u7E3rw5ux60Vo1upE4W0OE3nwaq0yE7i0n24o5-0me1Fw5uw5Uwdq0Ho2eU5O08HwSyE1582ZwrU1Xo1UU3jwea&__hs=20053.BP%3ADEFAULT.2.0..0.0&__hsi=7441586038878850443&__req=2&__rev=1018490153&__s=ur8kac%3Alppoyl%3Aruuz97&__spin_b=trunk&__spin_r=1018490153&__spin_t=1732629267&__user=0&dpr=1&jazoest=2880&lsd=AVq7OGeJbR8
Requested by
Host: facxmoon.top
URL: https://facxmoon.top/static/js/DlS8iOPbc-U.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.92.49.123 Hong Kong, Hong Kong, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

X-ASBD-ID
129477
X-FB-LSD
AVq7OGeJbR8
Referer
https://facxmoon.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundarytiGdIQPB1Vw8M3TW

Response headers

content-length
548
date
Sat, 14 Dec 2024 12:14:18 GMT
content-type
text/html
server
nginx

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| envFlush object| Env object| _btldr function| parentIsNotHeadNorBody function| isTagSupported function| getNodeDataSet function| addLoadEventListeners function| __t function| __w function| __annotator function| __bodyWrapper function| emptyFunction function| FB_enumerate function| __m object| babelHelpers function| define function| require function| requireInterop function| importDefault function| importNamespace function| requireDynamic function| requireLazy function| __d function| $RefreshReg$ function| $RefreshSig$ function| getErrorSafe object| ErrorGuard object| ErrorSerializer object| ErrorUtils function| Arbiter function| $ function| ge object| Parent object| TimeSlice function| goURI object| PageEvents function| _domcontentready function| onloadRegister_DEPRECATED function| onloadRegister function| onafterloadRegister_DEPRECATED function| onafterloadRegister function| onleaveRegister function| onbeforeunloadRegister function| onunloadRegister object| Bootloader function| $E number| __bigPipeFactory string| _script_path function| now_inl number| __bigPipeFR number| __bigPipeCtor object| bigPipe object| PageHooks function| _domreadyHook function| _onloadHook function| runHook function| runHooks function| keep_window_set_as_loaded object| onbeforeunloadhooks object| onafterunloadhooks function| AsyncRequest object| onunloadhooks function| intl_set_string_manager_mode function| intl_set_xmode function| intl_set_rmode function| intl_set_locale object| __FB_STORE object| onleavehooks boolean| domready boolean| loaded

0 Cookies

12 Console Messages

Source Level URL
Text
other warning URL: https://facxmoon.top/static/js/8MYI4yJfgT8.js(Line 87)
Message:
A preload for 'https://facxmoon.top/static/js/0g9ACyquZNC.js' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
other warning URL: https://facxmoon.top/static/js/8MYI4yJfgT8.js(Line 87)
Message:
A preload for 'https://facxmoon.top/static/js/n9Awa-VoX_i.js' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
other warning URL: https://facxmoon.top/static/js/8MYI4yJfgT8.js(Line 87)
Message:
A preload for 'https://facxmoon.top/static/js/FkmGaZFEpGv.js' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
other warning URL: https://facxmoon.top/static/js/8MYI4yJfgT8.js(Line 87)
Message:
A preload for 'https://facxmoon.top/static/js/pt_W8BOmFiq.js' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
rendering warning URL: https://facxmoon.top/
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0504A01B4090000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://facxmoon.top/
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0A0BB05B4090000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
network error URL: https://facxmoon.top/ajax/bz?__a=1&__aaid=0&__ccg=EXCELLENT&__dyn=7xe6E5aQ1PyUbFp41twpUnwgU29zE6u7E3rw5ux60Vo1upE4W0OE3nwaq0yE7i0n24o5-0me1Fw5uw5Uwdq0Ho2eU5O08HwSyE1582ZwrU1Xo1UU3jwea&__hs=20053.BP%3ADEFAULT.2.0..0.0&__hsi=7441586038878850443&__req=1&__rev=1018490153&__s=ur8kac%3Alppoyl%3Aruuz97&__spin_b=trunk&__spin_r=1018490153&__spin_t=1732629267&__user=0&dpr=1&jazoest=2880&lsd=AVq7OGeJbR8
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://facxmoon.top/ajax/bz?__a=1&__aaid=0&__ccg=EXCELLENT&__dyn=7xe6E5aQ1PyUbFp41twpUnwgU29zE6u7E3rw5ux60Vo1upE4W0OE3nwaq0yE7i0n24o5-0me1Fw5uw5Uwdq0Ho2eU5O08HwSyE1582ZwrU1Xo1UU3jwea&__hs=20053.BP%3ADEFAULT.2.0..0.0&__hsi=7441586038878850443&__req=2&__rev=1018490153&__s=ur8kac%3Alppoyl%3Aruuz97&__spin_b=trunk&__spin_r=1018490153&__spin_t=1732629267&__user=0&dpr=1&jazoest=2880&lsd=AVq7OGeJbR8
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript warning URL: https://facxmoon.top/
Message:
The resource https://facxmoon.top/static/js/n9Awa-VoX_i.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://facxmoon.top/
Message:
The resource https://facxmoon.top/static/js/FkmGaZFEpGv.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://facxmoon.top/
Message:
The resource https://facxmoon.top/static/js/pt_W8BOmFiq.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://facxmoon.top/
Message:
The resource https://facxmoon.top/static/js/0g9ACyquZNC.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

about.fb.com
connect.facebook.net
facebook.com
facxmoon.top
fbcdn.net
fbsbx.com
static.xx.fbcdn.net
143.92.49.123
2a03:2880:f00e:13:face:b00c:0:3
2a03:2880:f10e:83:face:b00c:0:25de
2a04:fa87:fffd::c000:426d
0d6f8d206a6bd8b60a2048a3df206ac956a2f633786e4af1c02057f81758ad7a
0e5805ddd6f4432c7c23419fdd5003d3bd6256c60f4842bdeb59996738f5567c
0f3c42277eca6cf88ee3d4ea7b42060172a9609994a657ce81dcf70ec751bd15
1a0c54d2286c6980c30ef2cab46942fd58dde16e8e225a35d89bcae437863a40
1e032378ced972ac15e55087e18ce6b4705030dd9f457dc7bb4c986b375b08e6
3282e52fa7980fc65a439ac013b85f824472812dc394aedb4eb8160713f63aeb
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55052c647e1b5d8ef44c8f340c96c6aae9dec6861f45b2cc8434ae54c9b62dc8
56388c4c349610fe293967c6dac62f28bc9e1833cd12719aee012a5819681806
68e7a7c1b9098ddee7727e3dab0fa56e52a6d9fa61a1abf0ee93f4d29e68c29c
88ae5454a7c32c630703440849d35c58f570d8eecc23c071dbe68d63ce6a40d7
8a694c2a2ce5ac379f50269b3732f2220a292c8f296c3a6b05dfd1eff8e3234d
a603d18ecd4845d39f654fa940cf75a2c817257465c4665b0538b9c370b96014
a81bf985b348ae18ade2f7d0c75168c503406dd881a871a72f3b1bcedb5278b9
b0996cbaaccd5854ac7252c70b9b8be5e11a9d5b8aa15817c19cd951b6896a40
b81aeb0c8ab462361725d7a798f7027416d0edf76602b2386bd1abd73ee7322f
c0f9968d0fa5f4deff86babccd6df52306138314607a6f3f0acd2e7afc783d1c
c7d8e520c96765a2cc9f35516690bc3abeff03944ddc0dd2749fd22d91847167
d45d80c8bbb57fef2442bd4dfe4f21207721398fb5c6377aebe4349f4f122326
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d63109ab0f7da4863e2cc622be979b48a187aad21df9679672eb29c28d34af1f
e36af9c0dfc926a53375dc4599aae93d982ceb3b8ac3e07510041178afc35c55
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6c60ebee3c36576dd48206a9c0c0aa9566b13be98b8b01b0c7945dd31259fb3
f89e2090e176af266b259f05bf3abab9bba1c7610946f6978e11720f4f5c9fba
fab9e8ab178a52b270ed2e5242713a357809e9600d3730680167e4b07ecee911