urlscan.io logo urlscan.io
SecurityTrails logo

wgqbmvwf.com Open in urlscan Pro
47.74.233.115  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://wgqbmvwf.com/wp-content
Submission: On August 29 via automatic, source phishtank
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 5 domains to perform 38 HTTP transactions. The main IP is 47.74.233.115, located in Singapore, Singapore and belongs to CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN. The main domain is wgqbmvwf.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on July 24th 2019. Valid for: 3 months.
This is the only time wgqbmvwf.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

IP Address AS Autonomous System
2 47.74.233.115 45102 (CNNIC-ALI...)
31 2a03:2880:f01... 32934 (FACEBOOK)
1 2a03:2880:f11... 32934 (FACEBOOK)
2 116.211.183.234 58563 (CHINATELE...)
1 2401:b180:200... 37963 (CNNIC-ALI...)
1 198.11.132.221 45102 (CNNIC-ALI...)
38 7
2    47.74.233.115 (Singapore, Singapore)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN)
wgqbmvwf.com
31    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
static.xx.fbcdn.net
1    2a03:2880:f11c:8083:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
facebook.com
2    116.211.183.234 (China)

ASN58563 (CHINATELECOM-HUBEI-IDC CHINANET Hubei province network, CN)
s22.cnzz.com
c.cnzz.com
1    2401:b180:2000:20::27 (China)

ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN)
z1.cnzz.com
1    198.11.132.221 (San Mateo, United States)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN)
cnzz.mmstat.com
Domain Requested by
31 static.xx.fbcdn.net wgqbmvwf.com
static.xx.fbcdn.net
2 wgqbmvwf.com static.xx.fbcdn.net
1 cnzz.mmstat.com wgqbmvwf.com
1 z1.cnzz.com wgqbmvwf.com
1 c.cnzz.com s22.cnzz.com
1 s22.cnzz.com wgqbmvwf.com
1 facebook.com wgqbmvwf.com
38 7
Subject Issuer Validity Valid
wgqbmvwf.com
Let's Encrypt Authority X3		 2019-07-24 -
2019-10-22		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-08-24 -
2019-10-19		 2 months crt.sh
*.cnzz.com
GlobalSign Organization Validation CA - SHA256 - G2		 2019-03-05 -
2020-03-05		 a year crt.sh
*.mmstat.com
GlobalSign Organization Validation CA - SHA256 - G2		 2019-07-29 -
2020-07-29		 a year crt.sh

This page contains 1 frames:

Primary Page: https://wgqbmvwf.com/wp-content
Frame ID: A8D2C7D8B6402AED683118707E10A17D
Requests: 39 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

38
Requests

100 %
HTTPS

50 %
IPv6

5
Domains

7
Subdomains

7
IPs

4
Countries

937 kB
Transfer

4215 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request wp-content
wgqbmvwf.com/ 		78 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wgqbmvwf.com/wp-content
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
47.74.233.115 Singapore, Singapore, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
23976c10eb71ae5070d7321c9db3cb1f15d2e1702ca753de63bc20ab954fd6d7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

:method
GET
:authority
wgqbmvwf.com
:scheme
https
:path
/wp-content
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
navigate
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

status
200
server
nginx
date
Thu, 29 Aug 2019 21:01:43 GMT
content-type
text/html; charset="utf-8"
vary
Accept-Encoding Origin Accept-Encoding
expires
Fri, 30 Aug 2019 09:01:43 GMT
x-frame-options
DENY
x-xss-protection
0
pragma
no-cache
strict-transport-security
max-age=15552000; preload
access-control-expose-headers
X-FB-Debug, X-Loader-Length
access-control-allow-credentials
true
x-content-type-options
nosniff
cache-control
max-age=43200
access-control-allow-origin
https://www.facebook.com
access-control-allow-methods
OPTIONS
x-fb-debug
qL74QS132F67DkWbIS5I5IBYU8xS15fkC5amVdvYxTJ9ki8UiR8w/AeW3O4f/nwAzhvx1+xvm/bAO3usZW69kQ==
x-cache
MISS
content-encoding
gzip
wqR9RYrRB1r.css
static.xx.fbcdn.net/rsrc.php/v3/yU/l/0,cross/ 		232 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yU/l/0,cross/wqR9RYrRB1r.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: wgqbmvwf.com
URL: https://wgqbmvwf.com/wp-content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
b7b69f2ad3cbd797d729d41af503c62c1e96e54cf2cb6ea404ab15b76a93a662
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://wgqbmvwf.com/
Origin
https://wgqbmvwf.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
x-fb-debug
cDa7pllNVbF+HiIEWH5WTNCjoMN/vHZf5vLfcQd9rNr3g5b/tVAOVjuUtsJsPXsM5nsRZgnFyZJ2+90sMesV9A==
x-fb-trip-id
365799557
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
zkVWbP8aNmQeLdhbD9Ic2Q==
status
200
date
Thu, 29 Aug 2019 21:01:43 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-encoding
br
content-length
36354
expires
Fri, 28 Aug 2020 12:11:18 GMT
cpvIBEQePYJ.css
static.xx.fbcdn.net/rsrc.php/v3/yd/l/0,cross/ 		82 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yd/l/0,cross/cpvIBEQePYJ.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: wgqbmvwf.com
URL: https://wgqbmvwf.com/wp-content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
606d8715ecebdb39a3a6d8ee4122b8bb23ca0291feb1cf601f62f6401f1f9bf6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://wgqbmvwf.com/
Origin
https://wgqbmvwf.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
x-fb-debug
YPZ4twif8G3L3Znm8wdFMXl6RAkbviWD/ARc72liTkzTRzpBfFp3295JRys0PEWlZNMGMYFWDZGxrl0Nu59ZqQ==
x-fb-trip-id
365799557
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
eN7Cx0QUmFHYonFQrZT15A==
status
200
date
Thu, 29 Aug 2019 21:01:43 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-encoding
br
content-length
11131
expires
Fri, 28 Aug 2020 19:02:51 GMT
Krkkx5rqLlr.css
static.xx.fbcdn.net/rsrc.php/v3/yM/l/0,cross/ 		154 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yM/l/0,cross/Krkkx5rqLlr.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: wgqbmvwf.com
URL: https://wgqbmvwf.com/wp-content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
599447c2440ad90f15fe191745920cbcc4a0e039be8cdbf7babaa2ff98c583c9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://wgqbmvwf.com/
Origin
https://wgqbmvwf.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
x-fb-debug
t/4hCaV4M89uMw7xIYYfbpNxzQHjIS2py+38upLYzAIjWSdhnNeMMIndacIcBDybgESECrOVAGYAoXb4CucKEw==
x-fb-trip-id
365799557
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
d7DsjryMkwzLhCpS8PFZEQ==
status
200
date
Thu, 29 Aug 2019 21:01:43 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-encoding
br
content-length
37820
expires
Fri, 28 Aug 2020 15:44:35 GMT
mXVVrf1BhjZ.css
static.xx.fbcdn.net/rsrc.php/v3/yo/l/0,cross/ 		31 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yo/l/0,cross/mXVVrf1BhjZ.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: wgqbmvwf.com
URL: https://wgqbmvwf.com/wp-content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
4432a148bc533b258f3751d596f78580bea63ced769fe91f1311b22a3e0fdbdf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://wgqbmvwf.com/
Origin
https://wgqbmvwf.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
x-fb-debug
hr4Hj0+ySPWdck8J7MBbSSNix6+ibIPhyEl9LQubskAQf+e8DdC88w4OUJzGJxYDv5+T55Oo3eTDPv/pFryJ4w==
x-fb-trip-id
365799557
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
57RX0oehILpEvcTuUVDGRg==
status
200
date
Thu, 29 Aug 2019 21:01:43 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-encoding
br
content-length
6492
expires
Fri, 28 Aug 2020 17:26:05 GMT
gImqYdTTC1Z.css
static.xx.fbcdn.net/rsrc.php/v3/yo/l/0,cross/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yo/l/0,cross/gImqYdTTC1Z.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: wgqbmvwf.com
URL: https://wgqbmvwf.com/wp-content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
4d9a37ba70b6b01b7de74b67686defe84e5a1e69f89af3fe392216ed0fac150e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://wgqbmvwf.com/
Origin
https://wgqbmvwf.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
x-fb-debug
19i64yqGAYJDsgHfGUYbc5LwOdPIBVXI4uh4/kwzPpiQrdiJexF31jGpyHV+lrbRe8JI87yNdpy+Bjvsp1zrFQ==
x-fb-trip-id
365799557
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
37p7RbZfiPT/Y3lCEU0LHA==
status
200
date
Thu, 29 Aug 2019 21:01:43 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-encoding
br
content-length
2474
expires
Fri, 28 Aug 2020 17:29:00 GMT
bFEHtD5-Qlj.css
static.xx.fbcdn.net/rsrc.php/v3/yj/l/0,cross/ 		106 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yj/l/0,cross/bFEHtD5-Qlj.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: wgqbmvwf.com
URL: https://wgqbmvwf.com/wp-content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
874ceaf6224b0e05e7799a3520d5d64cb39e51dc4a9c8de69121468c19ab06e5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://wgqbmvwf.com/
Origin
https://wgqbmvwf.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
x-fb-debug
i1R8UR6w6fErefNGcH3vy/bpVgaSA6MplAhE5SJWs/0Wupx14dUT/gAebSn6s1G6WFT1sooBwrFIHyVA7KuHvA==
x-fb-trip-id
365799557
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
/y5ASfA1yFNZqXoAtuqVSw==
status
200
date
Thu, 29 Aug 2019 21:01:43 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-encoding
br
content-length
16241
expires
Fri, 28 Aug 2020 13:46:54 GMT
yAdHcN62zkz.css
static.xx.fbcdn.net/rsrc.php/v3/y5/l/0,cross/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y5/l/0,cross/yAdHcN62zkz.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: wgqbmvwf.com
URL: https://wgqbmvwf.com/wp-content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
471d1eadb661ee8ab7c0f5d1a119f8270dfc38f6e276651a196ef34321f1211c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://wgqbmvwf.com/
Origin
https://wgqbmvwf.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
x-fb-debug
yGa5Kvb341VPkH6vMz68IkJea9W74mCnMyFP3vv4ntWfeVl1ER67w3IpGnm9p/iV8RkR5O+nr0RZyuen4tFHow==
x-fb-trip-id
365799557
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
kUR+LsYpvcpi8Cy83Z8N4Q==
status
200
date
Thu, 29 Aug 2019 21:01:43 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-encoding
br
content-length
3065
expires
Fri, 28 Aug 2020 18:16:52 GMT
1ActJZlvZpx.js
static.xx.fbcdn.net/rsrc.php/v3/yz/r/ 		302 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/1ActJZlvZpx.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: wgqbmvwf.com
URL: https://wgqbmvwf.com/wp-content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
5eb5af654833985f029c41623ffd528b616c25b161a4b829fc8fb5706be99d07
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://wgqbmvwf.com/
Origin
https://wgqbmvwf.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
x-fb-debug
LAcibf/n6AuanzVAlparOwfrcLJ7j2pPtQkbuaNr8zWwHdykB/p8N+Us2dn00ohZ5jzAzVr4baEjVcMWRwzknw==
x-fb-trip-id
365799557
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
2JcUgrsrQzBlpoHtDLdANA==
status
200
date
Thu, 29 Aug 2019 21:01:43 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-encoding
br
content-length
73450
expires
Fri, 28 Aug 2020 14:57:40 GMT
hsts-pixel.gif
facebook.com/security/ 		43 B
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://facebook.com/security/hsts-pixel.gif
Requested by
Host: wgqbmvwf.com
URL: https://wgqbmvwf.com/wp-content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://wgqbmvwf.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
status
200
x-xss-protection
0
pragma
no-cache
x-fb-debug
kvSonZo79iG39mOWiIVdR2jwsOD3FixfplxjDA+7hCipnu6UaLRSXeoEAcR0uZIl+gfvBm8pOEjaFOnWoegz5g==
x-frame-options
DENY
date
Thu, 29 Aug 2019 21:01:44 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
1IEFDHmneIT.png
static.xx.fbcdn.net/rsrc.php/v3/y7/r/ 		96 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y7/r/1IEFDHmneIT.png
Requested by
Host: wgqbmvwf.com
URL: https://wgqbmvwf.com/wp-content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
6aff321453d1ed197ce2785fee23690864ede5ee09adca6f1c6b6f344c0c2fb9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yd/l/0,cross/cpvIBEQePYJ.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fb-debug
0ODEecHFU8a26+vu7K/ffvy4DJbVrBVu9psqSILVD3PeNY0PIeqBHHbRVzX0h/ZCLNtSxRuMykCOWLBaE9QVUQ==
x-fb-trip-id
365799557
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
aHZpkJ21jHBa0SOYCrJNSA==
date
Thu, 29 Aug 2019 21:01:44 GMT
status
200
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
content-length
97928
expires
Sun, 23 Aug 2020 10:38:37 GMT
Qj-0QYDcQ1v.png
static.xx.fbcdn.net/rsrc.php/v3/y8/r/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y8/r/Qj-0QYDcQ1v.png
Requested by
Host: wgqbmvwf.com
URL: https://wgqbmvwf.com/wp-content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
c0cbb9fafc8525906e00b10fa6f28785baeb893c7cf9fb2cb6e11a35d57a2e5d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yd/l/0,cross/cpvIBEQePYJ.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fb-debug
kbQ3YU/vbOGrS128PsOUUMOIOJxcC1oWWlcMXC/KAMSOUINcoqA5ITcocUksPfugqh3+1scAMV3mSFHo2okZDg==
x-fb-trip-id
365799557
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
61AbwXNRtQlEWzUiWSfgUg==
date
Thu, 29 Aug 2019 21:01:44 GMT
status
200
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
content-length
15138
expires
Sun, 23 Aug 2020 10:38:37 GMT
g8alKZGcs-V.png
static.xx.fbcdn.net/rsrc.php/v3/yL/r/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yL/r/g8alKZGcs-V.png
Requested by
Host: wgqbmvwf.com
URL: https://wgqbmvwf.com/wp-content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
a5576c7b600814e1147f57735c7105fc72e81d77c27515cc50c4b896d0c409db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yd/l/0,cross/cpvIBEQePYJ.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fb-debug
inmid3RvpxcSaM5F6oxe7CLgFLVYog6/DwQrS3JzKz0rVx21GFC9sLiH4T3KWwBsUysmoh0Sawj2ZS23Xs543w==
x-fb-trip-id
365799557
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
t/SyHnBODW6DjZhOoXBQ7w==
date
Thu, 29 Aug 2019 21:01:44 GMT
status
200
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
content-length
16969
expires
Sun, 23 Aug 2020 10:38:37 GMT
z_stat.php
s22.cnzz.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s22.cnzz.com/z_stat.php?id=1262857254&web_id=1262857254
Requested by
Host: wgqbmvwf.com
URL: https://wgqbmvwf.com/wp-content
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.211.183.234 , China, ASN58563 (CHINATELECOM-HUBEI-IDC CHINANET Hubei province network, CN),
Reverse DNS
Software
Tengine / PHP/5.5.25
Resource Hash
db0f1147a796cf9d352e5e4dee89fae7a04f8f9d58f54f8f1c45a490a99c99e2

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://wgqbmvwf.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 29 Aug 2019 20:24:46 GMT
content-encoding
gzip
age
2218
x-powered-by
PHP/5.5.25
x-cache
HIT TCP_MEM_HIT dirn:13:681356143
status
200
x-swift-cachetime
5400
x-swift-savetime
Thu, 29 Aug 2019 20:24:46 GMT
content-length
4051
last-modified
Thu, 29 Aug 2019 20:24:46 GMT
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1567110286
content-type
application/javascript
via
cache19.l2cn628[30,200-0,M], cache20.l2cn628[32,0], cache7.cn533[0,200-0,H], cache17.cn533[1,0]
cache-control
max-age=5400,s-maxage=5400
timing-allow-origin
*
eagleid
74d3b72515671125047602864e
CcGImDrZiQn.js
static.xx.fbcdn.net/rsrc.php/v3iz_X4/yb/l/de_DE/ 		1 MB
259 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iz_X4/yb/l/de_DE/CcGImDrZiQn.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/1ActJZlvZpx.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
372e835a6b42a0353fba72253b1a9f4da5e0bef4804877db07ea2b0ef8884525
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://wgqbmvwf.com/
Origin
https://wgqbmvwf.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
x-fb-debug
su1rNazOgaFhc45KRafhdZQotxTzqSt3EhE1A+gkEHhOGrjOyElEDAwg+/+3P0GKt0Del6OhTB8/xsnM02jn0w==
x-fb-trip-id
365799557
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
KC7LHixwYiA5KUV94KVm2w==
status
200
date
Thu, 29 Aug 2019 21:01:44 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-encoding
br
content-length
265174
expires
Fri, 28 Aug 2020 13:14:03 GMT
truncated
/ 		74 B
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8627d83666e5f29db4f5ddfba459bf17a542a4b20569815b8055223dbe6d3f75

Request headers

Referer
https://wgqbmvwf.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
text/css;charset=utf-8
core.php
c.cnzz.com/ 		969 B
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.cnzz.com/core.php?web_id=1262857254&t=z
Requested by
Host: s22.cnzz.com
URL: https://s22.cnzz.com/z_stat.php?id=1262857254&web_id=1262857254
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.211.183.234 , China, ASN58563 (CHINATELECOM-HUBEI-IDC CHINANET Hubei province network, CN),
Reverse DNS
Software
Tengine / PHP/5.5.25
Resource Hash
e13673ed8da1215c0abb45d8244ed0c25b05119b9ad605e6224fe35b38d88b7b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://wgqbmvwf.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Thu, 29 Aug 2019 20:47:58 GMT
content-encoding
gzip
age
827
x-powered-by
PHP/5.5.25
x-cache
HIT TCP_MEM_HIT dirn:-2:-2
status
200
x-swift-cachetime
900
x-swift-savetime
Thu, 29 Aug 2019 20:47:58 GMT
content-length
620
last-modified
Thu, 29 Aug 2019 20:47:58 GMT
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1567111678
content-type
application/javascript
via
cache17.l2cn628[39,200-0,M], cache33.l2cn628[41,0], cache11.cn533[0,200-0,H], cache17.cn533[1,0]
timing-allow-origin
*
eagleid
74d3b72515671125050163241e
expires
Thu, 29 Aug 2019 21:02:58 GMT
stat.htm
z1.cnzz.com/ 		2 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://z1.cnzz.com/stat.htm?id=1262857254&r=&lg=en-us&ntime=none&cnzz_eid=1696286526-1567110286-&showp=1600x1200&p=https%3A%2F%2Fwgqbmvwf.com%2Fwp-content&t=Facebook&umuuid=16cdf2f263dfd0-0e683726cf10c9-37647e03-1d4c00-16cdf2f263e1052&h=1&rnd=587782962
Requested by
Host: wgqbmvwf.com
URL: https://wgqbmvwf.com/wp-content
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2401:b180:2000:20::27 , China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://wgqbmvwf.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Thu, 29 Aug 2019 21:01:45 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=utf-8
9.gif
cnzz.mmstat.com/ 		43 B
381 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cnzz.mmstat.com/9.gif?abc=1&rnd=1233811414
Requested by
Host: wgqbmvwf.com
URL: https://wgqbmvwf.com/wp-content
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.11.132.221 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://wgqbmvwf.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Aug 2019 21:01:45 GMT
server
nginx
p3p
CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
status
200
cache-control
no-cache
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
bQ42FX7sNRu.js
static.xx.fbcdn.net/rsrc.php/v3iWez4/yC/l/de_DE/ 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iWez4/yC/l/de_DE/bQ42FX7sNRu.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/1ActJZlvZpx.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
a17807efb46512ea35d39ec5c9f7fca92fd78e715316dc831753b8c537a7f9bc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://wgqbmvwf.com/
Origin
https://wgqbmvwf.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
x-fb-debug
qPLt3ScfTIAHIjE/dUuOIxEeN6x6GPqU0Js7fiTAu0Aj+sO+GiXpOSUissIMbF3sqbWgr6QcINS68C/KRmnl9A==
x-fb-trip-id
365799557
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
t+CgCl0oyGE98J2ZcpotkQ==
status
200
date
Thu, 29 Aug 2019 21:01:45 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-encoding
br
content-length
11066
expires
Thu, 27 Aug 2020 11:49:49 GMT
I-qdjAdBT7n.js
static.xx.fbcdn.net/rsrc.php/v3i5ED4/yp/l/de_DE/ 		33 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3i5ED4/yp/l/de_DE/I-qdjAdBT7n.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/1ActJZlvZpx.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
597f2cf2902b6e9368ec92853c1d36211fabde16e5ce762f767201401c2965af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://wgqbmvwf.com/
Origin
https://wgqbmvwf.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
x-fb-debug
n0jsy6QTvhB/k1041v189hkGiTW0GFHsmI/cw3SUERXsNe8YMXx18rjHKdg/ymenwpruVCMd9s5AsPhYVfmypA==
x-fb-trip-id
365799557
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
pe8g0edobfNmQt+va8ihGA==
status
200
date
Thu, 29 Aug 2019 21:01:45 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-encoding
br
content-length
7813
expires
Fri, 28 Aug 2020 10:23:38 GMT
_hgwPtYhbHK.js
static.xx.fbcdn.net/rsrc.php/v3iW1E4/ye/l/de_DE/ 		84 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iW1E4/ye/l/de_DE/_hgwPtYhbHK.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/1ActJZlvZpx.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
f76ca23f63540dd7e31ef1b168ea0fcd6ed2d0af926f3722f6ebd9cb1a4c58bc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://wgqbmvwf.com/
Origin
https://wgqbmvwf.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
x-fb-debug
9ZUGFBac5Fb9Tf25nRps76QxB8Y6l/ievBMnwq+Q5K1aoKMSlgUIy6anfEq4UxwYe2FDdZvdvy1BCe27F+7Hzw==
x-fb-trip-id
365799557
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
xoDE9XcFtybQssDEUEEMug==
status
200
date
Thu, 29 Aug 2019 21:01:45 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-encoding
br
content-length
21593
expires
Fri, 28 Aug 2020 11:03:16 GMT
iRbpmuuKJjc.js
static.xx.fbcdn.net/rsrc.php/v3/yg/r/ 		86 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yg/r/iRbpmuuKJjc.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/1ActJZlvZpx.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
c24f6c954a2902aa11218d6a16fe282cb513468ba8377e973b98afd0492d80d0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://wgqbmvwf.com/
Origin
https://wgqbmvwf.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
x-fb-debug
aia40ld8xw+5y0JLG31pB6lbCPn4V9cjgctJVH3BNuo2chZpag/oHyFH9CrcYoFEDkbMyy7DBB3s4UzY3r7u8A==
x-fb-trip-id
365799557
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
ufK1zZrksqwXOsWJribhew==
status
200
date
Thu, 29 Aug 2019 21:01:45 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-encoding
br
content-length
17424
expires
Fri, 28 Aug 2020 07:26:35 GMT
xStUcS9RWYj.js
static.xx.fbcdn.net/rsrc.php/v3i8594/yQ/l/de_DE/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3i8594/yQ/l/de_DE/xStUcS9RWYj.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/1ActJZlvZpx.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
e243b529d113a509c3b71b81331b5d3a320a199ba9220aaedf613ca902c344a8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://wgqbmvwf.com/
Origin
https://wgqbmvwf.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
x-fb-debug
IlNpKnvo2aYmwCXXmrA2pX4bfmQvjTCDuHO0sA3eFReREaMmWSP6yOB50bGawOByvM+6DBeFRyYoRQaUU/TRIg==
x-fb-trip-id
365799557
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
gwK9aeAlYMplA4D5TlUfDw==
status
200
date
Thu, 29 Aug 2019 21:01:45 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-encoding
br
content-length
7501
expires
Fri, 28 Aug 2020 11:03:17 GMT
rFA_l4nSK7v.js
static.xx.fbcdn.net/rsrc.php/v3/yO/r/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yO/r/rFA_l4nSK7v.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/1ActJZlvZpx.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
978bea4a9c6fd72fc0e81ee8a872ea6b4ee9dae05bc0097621601fce85069c8e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://wgqbmvwf.com/
Origin
https://wgqbmvwf.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
x-fb-debug
LRQ33O6dCyv7BQdlEn7d38lg39CJmobUNiInEHmDq4uMfdYCk2TCwyW44zxPxB+LsrgbbZmUWR5wWHyWhmODwQ==
x-fb-trip-id
365799557
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
tGxtZtrjdOVGJUuVSC4gSw==
status
200
date
Thu, 29 Aug 2019 21:01:45 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-encoding
br
content-length
3826
expires
Fri, 28 Aug 2020 14:57:42 GMT
KtuZskNhciI.js
static.xx.fbcdn.net/rsrc.php/v3i1Tk4/yc/l/de_DE/ 		72 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3i1Tk4/yc/l/de_DE/KtuZskNhciI.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/1ActJZlvZpx.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
6d7d8856db3b2c42e0737e0b826631897895abfd5e6963e08006cdedac28717e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://wgqbmvwf.com/
Origin
https://wgqbmvwf.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
x-fb-debug
t5bgyW2+A96oDAepMCTaX+Tq2184cr7SZdyj5SLDHMwoXCd9UvA/6S+FMEHHTKUb1lS3+RJ3SgHkQ9QZ6GE0tg==
x-fb-trip-id
365799557
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
W48A15UXUBHyg7DSBA2aeg==
status
200
date
Thu, 29 Aug 2019 21:01:45 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-encoding
br
content-length
16796
expires
Fri, 28 Aug 2020 14:57:35 GMT
2iH1WXLILGW.js
static.xx.fbcdn.net/rsrc.php/v3i_Kh4/ye/l/de_DE/ 		938 KB
181 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3i_Kh4/ye/l/de_DE/2iH1WXLILGW.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/1ActJZlvZpx.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
ffb304e326d9d46e9cddbc2e300a06b0bd4ddeac84c714ecfa894200ce882a98
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://wgqbmvwf.com/
Origin
https://wgqbmvwf.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
x-fb-debug
pSa6YvIcCN3BMtNGqtxUQ6REJJZTsTeZA7KfoBC2dFFx+rsgh/FNMd7DPcKF4ST1crPbqqn03G+dOhySANskWw==
x-fb-trip-id
365799557
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
gDXlX3pROLchniABE9FUwQ==
status
200
date
Thu, 29 Aug 2019 21:01:45 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-encoding
br
content-length
184924
expires
Fri, 28 Aug 2020 17:27:34 GMT
Gek5B7WTx0V.js
static.xx.fbcdn.net/rsrc.php/v3/y-/r/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y-/r/Gek5B7WTx0V.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/1ActJZlvZpx.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
9e4b95ad9322c6db45dcb87cde831e617cdd32980f12d128531168ee42b5ed18
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://wgqbmvwf.com/
Origin
https://wgqbmvwf.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
x-fb-debug
Gbl+anlRU0FNiE2JDI7TfajgYsEP2vBVb99jM8gBCclsio9YLD/6vdE7U7nlzaq6UcyCfNmKox0fKtLrLYpj1w==
x-fb-trip-id
365799557
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
yFo3rncYuLHx5S1qncl0eA==
status
200
date
Thu, 29 Aug 2019 21:01:45 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-encoding
br
content-length
3523
expires
Fri, 28 Aug 2020 17:26:01 GMT
zp_vAPaDXSE.js
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ 		37 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/zp_vAPaDXSE.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/1ActJZlvZpx.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
cc1654159f3b39b4324bc786e9a0f8a49ce27d35a79f8522c5e4c5b8905ac59d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://wgqbmvwf.com/
Origin
https://wgqbmvwf.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
x-fb-debug
wDyyyhVU5P+J6MdWYemQowcqbj99npof24OrnshGQhEkfHOB8JM3Oya88T0Gz6s/cdYgNDV0OUvUWJ4UW8sKYQ==
x-fb-trip-id
365799557
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
pYoj8SV9JtolLgJZ68HBoA==
status
200
date
Thu, 29 Aug 2019 21:01:45 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-encoding
br
content-length
8681
expires
Fri, 28 Aug 2020 11:32:42 GMT
W8w3r3svVSA.js
static.xx.fbcdn.net/rsrc.php/v3i_8b4/yO/l/de_DE/ 		53 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3i_8b4/yO/l/de_DE/W8w3r3svVSA.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/1ActJZlvZpx.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
f67328fec756395b45bba734859e1204ef3a2ccf78cdef0223669f122e22778d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://wgqbmvwf.com/
Origin
https://wgqbmvwf.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
x-fb-debug
KygTFsa+qPMgzfXW126LkabjgBdN62GxE7XyzUGSza0UHdbUf1YXo51v1Q5NqJG0LrjOCMAr1ntS6FwypyvPeA==
x-fb-trip-id
365799557
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
zjZbxPXzN/+OA+Sd9n0tCQ==
status
200
date
Thu, 29 Aug 2019 21:01:45 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-encoding
br
content-length
12485
expires
Fri, 28 Aug 2020 18:21:02 GMT
92ClkP2gQGd.js
static.xx.fbcdn.net/rsrc.php/v3/yY/r/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yY/r/92ClkP2gQGd.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/1ActJZlvZpx.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
5074990bc8a7fd7cef9fefb117cd04b2da41aeaeef532f6226154ce55318b7d0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://wgqbmvwf.com/
Origin
https://wgqbmvwf.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
x-fb-debug
jY7GpZflVLyPlp8nQ3121MGu9UZkdzWNiE275Er6y3CcuhwutJT6oM0XSYk9mirHeRb/p6xki9xhFsNf+WyM0A==
x-fb-trip-id
365799557
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
Yq0/nroLIBpgDcrGQZgYEQ==
status
200
date
Thu, 29 Aug 2019 21:01:45 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-encoding
br
content-length
2072
expires
Fri, 28 Aug 2020 06:11:14 GMT
yeJr_7WY1QY.js
static.xx.fbcdn.net/rsrc.php/v3i5Tg4/yb/l/de_DE/ 		67 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3i5Tg4/yb/l/de_DE/yeJr_7WY1QY.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/1ActJZlvZpx.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
bea86a0f6c953c477b299506156cf5cd9a1a3109274eef6b007f226882dda827
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://wgqbmvwf.com/
Origin
https://wgqbmvwf.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
x-fb-debug
CpTrT7fccfok6rtoqvnk+5YXej7amw2NlQtKppqQdjckgeJj8guJEA3Ig/+QZcK3o3BG573RqJ9Q9C+J07EQIw==
x-fb-trip-id
365799557
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
veW+uagUNJb+888arynpkQ==
status
200
date
Thu, 29 Aug 2019 21:01:45 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-encoding
br
content-length
15773
expires
Fri, 28 Aug 2020 18:46:08 GMT
aMNZdOcshIq.js
static.xx.fbcdn.net/rsrc.php/v3ii_L4/yD/l/de_DE/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3ii_L4/yD/l/de_DE/aMNZdOcshIq.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/1ActJZlvZpx.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
d3bd7e8c10ca0fcfb89faf34b3318e447005d4947e1c7ed8d8acb60a89b31faf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://wgqbmvwf.com/
Origin
https://wgqbmvwf.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
x-fb-debug
MlVjncCAJ+uPFMSEYG6TtkLGH9P7kaDUmiqBE/Ij2RG7AAJTASUQvzdUgq66dIdbI82Xvq0FSfRq+AJLg8RYYw==
x-fb-trip-id
365799557
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
JxxQfiCQmmIHmC882G7xuQ==
status
200
date
Thu, 29 Aug 2019 21:01:45 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-encoding
br
content-length
5027
expires
Wed, 26 Aug 2020 21:47:49 GMT
spOjwAbU1py.js
static.xx.fbcdn.net/rsrc.php/v3/ym/r/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ym/r/spOjwAbU1py.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/1ActJZlvZpx.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
0307179eb60a294ebe4c3d65bcd80438226d4fd66d1f40db1c434392cb1996dc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://wgqbmvwf.com/
Origin
https://wgqbmvwf.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
x-fb-debug
GyKTF3a5vSdnFFx29g8QUw44c9Lb+/oJ/9hP+4PmEGhJAu21UfQX/DN7lKmsxrZXp4D5OSHPF4xKZLnXUFqOvw==
x-fb-trip-id
365799557
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
ZrH7m85ZkNXa4WdsO0pZOw==
status
200
date
Thu, 29 Aug 2019 21:01:45 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-encoding
br
content-length
2995
expires
Fri, 28 Aug 2020 10:36:10 GMT
v4WgC_pJT9B.js
static.xx.fbcdn.net/rsrc.php/v3/yz/r/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/v4WgC_pJT9B.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/1ActJZlvZpx.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
a01808b8a2d6e28821f87b2b3bf59abfb34c2aa9050ecd6ba212d3c2c8f28538
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://wgqbmvwf.com/
Origin
https://wgqbmvwf.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
x-fb-debug
iqcwzHhQho4GrEc4Arw3mf0hKPh1ku5TJ8oqJc+R7PL1wgBCDHa8Uf1xtI7L4bbrU7Cln5FMMih7e+p+IKzGJQ==
x-fb-trip-id
365799557
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
zhO7kDvY1KlYWGjrr+zJSw==
status
200
date
Thu, 29 Aug 2019 21:01:45 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-encoding
br
content-length
2214
expires
Fri, 28 Aug 2020 18:45:58 GMT
pfdldQREj7c.js
static.xx.fbcdn.net/rsrc.php/v3/yl/r/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yl/r/pfdldQREj7c.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/1ActJZlvZpx.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
d1db9abf436fc91825be201c222703abf9854df11ec742552a6822186321f5b3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://wgqbmvwf.com/
Origin
https://wgqbmvwf.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
x-fb-debug
KOJrDC2yhyLEMxQpHcrBvG9aQN4m8tc0QT2Tqla/bhW0NowCHRLRq+j19u4+mtDo/+lhqBY1dtkAGmEgHSnqQA==
x-fb-trip-id
365799557
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
XgACNfmAuzmqav0Aez5f3g==
status
200
date
Thu, 29 Aug 2019 21:01:45 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-encoding
br
content-length
7654
expires
Fri, 28 Aug 2020 14:57:39 GMT
vdZSPMoJQ6g.js
static.xx.fbcdn.net/rsrc.php/v3i2UN4/y8/l/de_DE/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3i2UN4/y8/l/de_DE/vdZSPMoJQ6g.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/1ActJZlvZpx.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
8af27dd83785599244126493ed2c1e892ad6539a080b0acf55da05448a6c7b29
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://wgqbmvwf.com/
Origin
https://wgqbmvwf.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
x-fb-debug
atVAjcYbbsfg+jjC/8Ng2rJCcLtHFvuP1HMRGG1Ra6LnIG71pqmKqIuYjotHw4QvYc+vhxKTpICFV4X2DTdRQw==
x-fb-trip-id
365799557
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
xpvzAdQsi25MWzryoLQmCQ==
status
200
date
Thu, 29 Aug 2019 21:01:45 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-encoding
br
content-length
7150
expires
Fri, 28 Aug 2020 12:13:35 GMT
-PAXP-deijE.gif
static.xx.fbcdn.net/rsrc.php/v3/y4/r/ 		43 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y4/r/-PAXP-deijE.gif?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iz_X4/yb/l/de_DE/CcGImDrZiQn.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
5a52dbaf980be015c37ea658dc83e753f345ecb7c48a7dafd71bf1ed67e8b4bd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://wgqbmvwf.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fb-debug
vSAW7fJZYFavfWDZ3JG6L4NdWUhFgmuKN8JgrawVh3YFCILl4qkuOB3iW9/GU8AO+ZmbU/gfmO38020y57ncag==
x-fb-trip-id
365799557
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
YRyRbJo4R7CNEE1X8k7Jfg==
date
Thu, 29 Aug 2019 21:01:45 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
content-length
43
expires
Mon, 17 Aug 2020 14:10:33 GMT
bz
wgqbmvwf.com/ajax/ 		0
327 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wgqbmvwf.com/ajax/bz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3i2UN4/y8/l/de_DE/vdZSPMoJQ6g.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
47.74.233.115 Singapore, Singapore, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://wgqbmvwf.com/wp-content
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
x-fb-debug
uYpBaGU78eRY7FCmL7PN0U5vLuEFFbwkti1NagLh3MGvQd3XpRH8ilhncjMYRbexAoCTVbtAjgNuafd/pV+zUQ==
x-content-type-options
nosniff
server
nginx
x-frame-options
DENY
date
Thu, 29 Aug 2019 21:01:53 GMT
vary
Accept-Encoding
content-type
text/html; charset="utf-8"
status
200
cache-control
max-age=43200
strict-transport-security
max-age=15552000; preload
content-length
0
x-xss-protection
0
expires
Fri, 30 Aug 2019 09:01:53 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

number| _cstart function| envFlush object| Env number| __DEV__ function| CavalryLogger undefined| __p function| emptyFunction function| __annotator function| __bodyWrapper function| __t function| __w function| FB_enumerate function| __m object| babelHelpers function| define function| require function| requireDynamic function| requireLazy function| __d object| ErrorSerializer object| ErrorGuard object| ErrorUtils object| TimeSlice function| Arbiter object| JSCC function| $ function| ge object| Parent function| ProfilingCounters object| PageEvents function| _domcontentready function| onloadRegister_DEPRECATED function| onloadRegister function| onafterloadRegister_DEPRECATED function| onafterloadRegister function| onleaveRegister function| onbeforeunloadRegister function| onunloadRegister function| wait_for_load function| goURI object| Bootloader function| $E object| domreadyhooks object| onloadhooks function| __logBigPipePageletRootStatus string| _script_path object| bigPipe object| onafterunloadhooks object| _cz_loaded string| _cz_account object| _czc object| _CNZZDbridge_1262857254 object| cnzz_image_1595973522 object| cnzz_image_26008315 object| onunloadhooks function| AsyncRequest object| PageHooks function| _domreadyHook function| _onloadHook function| runHook function| runHooks function| keep_window_set_as_loaded object| onbeforeunloadhooks object| __FBDATASTORAGE object| onleavehooks function| intl_set_xmode function| intl_set_amode function| intl_set_rmode function| intl_set_locale object| PageTransitions boolean| domready boolean| loaded object| SnappyJS

4 Cookies

Domain/Path Name / Value
.wgqbmvwf.com/ Name: wd
Value: 1600x1200
wgqbmvwf.com/ Name: CNZZDATA1262857254
Value: 1696286526-1567110286-%7C1567110286
.wgqbmvwf.com/ Name: UM_distinctid
Value: 16cdf2f263dfd0-0e683726cf10c9-37647e03-1d4c00-16cdf2f263e1052
.wgqbmvwf.com/ Name: _js_datr
Value: Nz1oXVhUQjUhnIZEmCsiyEtR

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.cnzz.com
cnzz.mmstat.com
facebook.com
s22.cnzz.com
static.xx.fbcdn.net
wgqbmvwf.com
z1.cnzz.com
116.211.183.234
198.11.132.221
2401:b180:2000:20::27
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
47.74.233.115
0307179eb60a294ebe4c3d65bcd80438226d4fd66d1f40db1c434392cb1996dc
23976c10eb71ae5070d7321c9db3cb1f15d2e1702ca753de63bc20ab954fd6d7
372e835a6b42a0353fba72253b1a9f4da5e0bef4804877db07ea2b0ef8884525
4432a148bc533b258f3751d596f78580bea63ced769fe91f1311b22a3e0fdbdf
471d1eadb661ee8ab7c0f5d1a119f8270dfc38f6e276651a196ef34321f1211c
4d9a37ba70b6b01b7de74b67686defe84e5a1e69f89af3fe392216ed0fac150e
5074990bc8a7fd7cef9fefb117cd04b2da41aeaeef532f6226154ce55318b7d0
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
597f2cf2902b6e9368ec92853c1d36211fabde16e5ce762f767201401c2965af
599447c2440ad90f15fe191745920cbcc4a0e039be8cdbf7babaa2ff98c583c9
5a52dbaf980be015c37ea658dc83e753f345ecb7c48a7dafd71bf1ed67e8b4bd
5eb5af654833985f029c41623ffd528b616c25b161a4b829fc8fb5706be99d07
606d8715ecebdb39a3a6d8ee4122b8bb23ca0291feb1cf601f62f6401f1f9bf6
6aff321453d1ed197ce2785fee23690864ede5ee09adca6f1c6b6f344c0c2fb9
6d7d8856db3b2c42e0737e0b826631897895abfd5e6963e08006cdedac28717e
8627d83666e5f29db4f5ddfba459bf17a542a4b20569815b8055223dbe6d3f75
874ceaf6224b0e05e7799a3520d5d64cb39e51dc4a9c8de69121468c19ab06e5
8af27dd83785599244126493ed2c1e892ad6539a080b0acf55da05448a6c7b29
978bea4a9c6fd72fc0e81ee8a872ea6b4ee9dae05bc0097621601fce85069c8e
9e4b95ad9322c6db45dcb87cde831e617cdd32980f12d128531168ee42b5ed18
a01808b8a2d6e28821f87b2b3bf59abfb34c2aa9050ecd6ba212d3c2c8f28538
a17807efb46512ea35d39ec5c9f7fca92fd78e715316dc831753b8c537a7f9bc
a5576c7b600814e1147f57735c7105fc72e81d77c27515cc50c4b896d0c409db
b7b69f2ad3cbd797d729d41af503c62c1e96e54cf2cb6ea404ab15b76a93a662
bea86a0f6c953c477b299506156cf5cd9a1a3109274eef6b007f226882dda827
c0cbb9fafc8525906e00b10fa6f28785baeb893c7cf9fb2cb6e11a35d57a2e5d
c24f6c954a2902aa11218d6a16fe282cb513468ba8377e973b98afd0492d80d0
cc1654159f3b39b4324bc786e9a0f8a49ce27d35a79f8522c5e4c5b8905ac59d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1db9abf436fc91825be201c222703abf9854df11ec742552a6822186321f5b3
d3bd7e8c10ca0fcfb89faf34b3318e447005d4947e1c7ed8d8acb60a89b31faf
db0f1147a796cf9d352e5e4dee89fae7a04f8f9d58f54f8f1c45a490a99c99e2
e13673ed8da1215c0abb45d8244ed0c25b05119b9ad605e6224fe35b38d88b7b
e243b529d113a509c3b71b81331b5d3a320a199ba9220aaedf613ca902c344a8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f67328fec756395b45bba734859e1204ef3a2ccf78cdef0223669f122e22778d
f76ca23f63540dd7e31ef1b168ea0fcd6ed2d0af926f3722f6ebd9cb1a4c58bc
ffb304e326d9d46e9cddbc2e300a06b0bd4ddeac84c714ecfa894200ce882a98