qweb.wopwd.club Open in urlscan Pro
2606:4700:3035::6815:458  Malicious Activity! Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response qweb.wopwd.club/	43 KB 19 KB	354ms 335ms	Document text/html	2606:4700:3035::6815:458 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://qweb.wopwd.club/ Protocol HTTP/1.1 Server 2606:4700:3035::6815:458 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 55239c271228b61ea769fb17cd95c4c2f6b5c195ff4cad1fd58832d472363aea Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers CF-Cache-Status DYNAMIC CF-RAY 7f00eb6aab561e4e-FRA Connection keep-alive Content-Encoding gzip Content-Type text/html Date Tue, 01 Aug 2023 20:44:32 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RghwYtmrVp9MgWm54hwYHUFt%2FI%2FFoPehpZn7yF7DJ9Py3lFaKSeNIkQhoHi74p1lCGc886fN%2BtwRDiIemtTahgmpw%2BLtJ8RerxfSaYpgfR%2FdHtRJTRHbLCJ9y5W0i%2FBABnaxemBWpYIJvE1H8OY%3D"}],"group":"cf-nel","max_age":604800} Server cloudflare Strict-Transport-Security max-age=31536000 Transfer-Encoding chunked Vary Accept-Encoding alt-svc h3=":443"; ma=86400
GET H/1.1	200 OK	jquery.min.js Show response cdn.staticfile.org/jquery/1.10.2/	91 KB 33 KB	933ms 19ms	Script application/javascript	163.181.56.169 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Full URL https://cdn.staticfile.org/jquery/1.10.2/jquery.min.js Requested by Host: qweb.wopwd.club URL: http://qweb.wopwd.club/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 163.181.56.169 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash 89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e Request headers accept-language de-DE,de;q=0.9 Referer http://qweb.wopwd.club/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers X-Log X-Log Date Mon, 17 Jul 2023 13:19:58 GMT Via cache23.l2de2[0,0,304-0,H], cache1.l2de2[1,0], ens-cache1.de4[0,0,200-0,H], ens-cache4.de4[4,0] Content-Encoding gzip X-Svr IO X-Reqid 7TAAAAD0Izs_qnIX Age 1322675 X-Swift-CacheTime 31535993 X-Cache HIT TCP_MEM_HIT dirn:9:98631723 Content-Transfer-Encoding binary Content-Disposition inline; filename="jquery.min.js"; filename*=utf-8''jquery.min.js Connection keep-alive X-Swift-SaveTime Mon, 17 Jul 2023 13:20:05 GMT Content-Length 32989 Last-Modified Tue, 16 Feb 2016 04:22:54 GMT Server Tengine Etag "FuLzYD4jcR9kRvJ4pBHZBWI9ZSAe.gz" Access-Control-Max-Age 2592000 Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Ali-Swift-Global-Savetime 1689599998 Access-Control-Expose-Headers X-Log, X-Reqid Cache-Control public, max-age=31536000 Accept-Ranges bytes X-Qiniu-Zone 0 Timing-Allow-Origin * EagleId 2ff62b1c16909226730065665e
GET H/1.1	200 OK	stylex-ce269a9819ee8f292840728689a22cc5.css qweb.wopwd.club/WhatsApp_files/	175 KB 51 KB	54ms 48ms	Stylesheet text/css	2606:4700:3035::6815:458 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://qweb.wopwd.club/WhatsApp_files/stylex-ce269a9819ee8f292840728689a22cc5.css Requested by Host: qweb.wopwd.club URL: http://qweb.wopwd.club/ Protocol HTTP/1.1 Server 2606:4700:3035::6815:458 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 775fafc214e32a36e2a39e694322fed097e37d964c9dce65663655b64492d068 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer http://qweb.wopwd.club/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers Date Tue, 01 Aug 2023 20:44:32 GMT Strict-Transport-Security max-age=31536000 Content-Encoding gzip CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 30133 Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400 Last-Modified Sun, 18 Jun 2023 17:47:40 GMT Server cloudflare ETag W/"648f433c-2bb72" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h9%2B6qq4sHLv96kTmmsaAVk8n9Tu6GS%2FdYbNDqO5bFqc1%2Fkzohuw8GVSWR1iP9vabwUE2SM7QunhfDFsFgl6tC72wqKmecahAd4euP6R2ZUGQyQXqUh8MYbH0tlH5qWlvuuMO8L5wASamCMBMQ3g%3D"}],"group":"cf-nel","max_age":604800} Content-Type text/css Cache-Control max-age=43200 CF-RAY 7f00eb6cccd89b39-FRA Expires Wed, 02 Aug 2023 00:22:19 GMT
GET H/1.1	200 OK	app-6d34864fd47903428794.css qweb.wopwd.club/WhatsApp_files/	187 KB 66 KB	481ms 474ms	Stylesheet text/css	2606:4700:3035::6815:458 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://qweb.wopwd.club/WhatsApp_files/app-6d34864fd47903428794.css Requested by Host: qweb.wopwd.club URL: http://qweb.wopwd.club/ Protocol HTTP/1.1 Server 2606:4700:3035::6815:458 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 69acbe3d7c92af1a509b7351cabfac35b356c18eef8c9299f5ac354acfdba079 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer http://qweb.wopwd.club/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers Date Tue, 01 Aug 2023 20:44:32 GMT Strict-Transport-Security max-age=31536000 Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400 Last-Modified Sun, 18 Jun 2023 17:47:39 GMT Server cloudflare ETag W/"648f433b-2eab4" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2FGXdNpRsDdIZE4URiFz5uybg4MeopOGorLQ0imQidC5Dc0et7ulsaOOLqhfArHczpVGCiZNa%2B38CLV6Z75vLDNtGAAKnIdmPpl6YSY4YSq9nGfi0cYKL9wfNYaK6SGuGD8z78GT%2BTaPPfDUr8s%3D"}],"group":"cf-nel","max_age":604800} Content-Type text/css Cache-Control max-age=43200 CF-RAY 7f00eb6cdf902c26-FRA Expires Wed, 02 Aug 2023 08:44:32 GMT
GET H/1.1	200 OK	main~.b66100b3486cd1857cd3.css qweb.wopwd.club/WhatsApp_files/	21 KB 6 KB	336ms 329ms	Stylesheet text/css	2606:4700:3035::6815:458 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://qweb.wopwd.club/WhatsApp_files/main~.b66100b3486cd1857cd3.css Requested by Host: qweb.wopwd.club URL: http://qweb.wopwd.club/ Protocol HTTP/1.1 Server 2606:4700:3035::6815:458 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8a636dbd66666f13902713e7bc7d2e1cab497b299f533495759a2c68c459c5a4 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer http://qweb.wopwd.club/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers Date Tue, 01 Aug 2023 20:44:32 GMT Strict-Transport-Security max-age=31536000 Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400 Last-Modified Sun, 18 Jun 2023 17:47:40 GMT Server cloudflare ETag W/"648f433c-55b9" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yOgE4qXz7fyKz5p1N0Z7J9YKM6amKvM7Wh62i0spNTSGbb%2FJDcD4CLi%2FVKgGHEd5xgT%2FV4MrBufzuy0fnm6r0Wn3hRZaYQrMhBNAJFRAxdoZkb3KNnMe6Q1dVy6dV%2FOYBLRsRfe9cdNzYOHH1b8%3D"}],"group":"cf-nel","max_age":604800} Content-Type text/css Cache-Control max-age=43200 CF-RAY 7f00eb6cdf1a9b9e-FRA Expires Wed, 02 Aug 2023 08:44:32 GMT
GET H/1.1	200 OK	main.fdf0caa2786c3269572d.css qweb.wopwd.club/WhatsApp_files/	150 KB 37 KB	336ms 330ms	Stylesheet text/css	2606:4700:3035::6815:458 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://qweb.wopwd.club/WhatsApp_files/main.fdf0caa2786c3269572d.css Requested by Host: qweb.wopwd.club URL: http://qweb.wopwd.club/ Protocol HTTP/1.1 Server 2606:4700:3035::6815:458 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 79acde4aa0ad3feafd96271141640066d0c52c050724b13272b1ca3d6930f8d1 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer http://qweb.wopwd.club/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers Date Tue, 01 Aug 2023 20:44:32 GMT Strict-Transport-Security max-age=31536000 Content-Encoding gzip CF-Cache-Status REVALIDATED NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400 Last-Modified Sun, 18 Jun 2023 17:47:39 GMT Server cloudflare ETag W/"648f433b-257df" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cqJSDDm4%2BZbx%2FDPRX2ongon7fs5Nc6u6VV3rIllbKAyYwO2dbn36gAP%2FcGUVhTAG2BtKzQlBpkoR8dO2ur23BC9AlP5KUdLS77sG%2BBqxdJHq%2Fn3dvFzgAOekAZkpPPl3on38bUoXFv8ARNDZ1SA%3D"}],"group":"cf-nel","max_age":604800} Content-Type text/css Cache-Control max-age=43200 CF-RAY 7f00eb6cd9409b8c-FRA Expires Wed, 02 Aug 2023 08:44:32 GMT
GET H2	404	bootstrap_v10.js ccliy.kasiklz.cc/js/	0 0	235ms 206ms	Script application/javascript	2606:4700:e2::ac40:8518 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ccliy.kasiklz.cc/js/bootstrap_v10.js Requested by Host: qweb.wopwd.club URL: http://qweb.wopwd.club/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8518 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer http://qweb.wopwd.club/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Tue, 01 Aug 2023 20:44:32 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VVY4AFVMm0k4GSVNdE4lp50YdGF15vW%2B0Nccc%2BaiNlaTFhOoVKDujdnW5H%2BQNX%2FctPSm2Ew8jA5xVSQtLH3chVnpzq84e8RVEu7bjj7Itgcr%2FFyMXn2dqXKoQIVIWLR4TocSSxWOLNZuM95w8bDz"}],"group":"cf-nel","max_age":604800} content-type application/javascript cf-ray 7f00eb6cf93518f1-FRA alt-svc h3=":443"; ma=86400 content-length 20
GET H/1.1	200 OK	qr-video_0c6ec69b054fdeb31cf3e5e10290fd8e.png qweb.wopwd.club/WhatsApp_files/	16 KB 17 KB	13ms 13ms	Image image/png	2606:4700:3035::6815:458 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://qweb.wopwd.club/WhatsApp_files/qr-video_0c6ec69b054fdeb31cf3e5e10290fd8e.png Requested by Host: qweb.wopwd.club URL: http://qweb.wopwd.club/ Protocol HTTP/1.1 Server 2606:4700:3035::6815:458 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d980ab372658f4c7c8f07d730ef6dc67e3fb3471f37928274f915c0308850994 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer http://qweb.wopwd.club/ Origin http://qweb.wopwd.club accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers Date Tue, 01 Aug 2023 20:44:33 GMT Strict-Transport-Security max-age=31536000 CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 73326 Connection keep-alive alt-svc h3=":443"; ma=86400 Content-Length 16259 Last-Modified Sun, 18 Jun 2023 17:47:40 GMT Server cloudflare ETag "648f433c-3f83" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L%2F8NT3NryMxt8A4BIoWw5CnzGUasCSz3nL4mA1TIY0etbAFAgnnC4do33IJ%2BU2o%2Bde5vIBMEBWufOp0DBaki3lwRqEVNwuN3T8SR9tFtIzKAJqsBB%2BhDFVQ%2BzFKLDIgidjF2C8AXfiKp4G7%2FLa0%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/png Cache-Control max-age=2592000 Accept-Ranges bytes CF-RAY 7f00eb72a98a9b8c-FRA Expires Thu, 31 Aug 2023 00:22:27 GMT
GET		binary-transparency-manifest-2.2325.3.json web.whatsapp.com/	0 0
GET H/1.1	200 OK	main.js Show response qweb.wopwd.club/	46 KB 16 KB	464ms 463ms	Script application/javascript	2606:4700:3035::6815:458 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://qweb.wopwd.club/main.js?ver=6.171 Requested by Host: qweb.wopwd.club URL: http://qweb.wopwd.club/ Protocol HTTP/1.1 Server 2606:4700:3035::6815:458 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ae40ba0c8effe11c12e7ccc6400448a5680ca5a59cb8a1d4ea4de14d8d1eb2e2 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer http://qweb.wopwd.club/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers Date Tue, 01 Aug 2023 20:44:33 GMT Strict-Transport-Security max-age=31536000 Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400 Last-Modified Wed, 05 Jul 2023 10:34:50 GMT Server cloudflare ETag W/"64a5474a-b95e" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4P9HqNq0SsppCV0ruMXPFtiAnqgFSlsJBIO0y5EldQZiYfuIcVEFoVIBzwlKZYdaYlkKA5p9onOZChceMfo0xG7HbfTgJttwWlQPESuegFrnNcR%2FcJvEICLPWIGYg%2BWVVkZATaE9e4eSw1WxE2Y%3D"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript Cache-Control max-age=43200 CF-RAY 7f00eb70bd8c2c26-FRA Expires Wed, 02 Aug 2023 08:44:32 GMT
GET H2	200	status Show response 209srv.anscxnyn.com/	2 B 471 B	437ms 399ms	XHR text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://209srv.anscxnyn.com/status?uuid=ad49f79c-ca5b-4d80-937e-cedad0ab60c6&timestamp=1690922673426 Requested by Host: cdn.staticfile.org URL: https://cdn.staticfile.org/jquery/1.10.2/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash cf3bae39dd692048a8bf961182e6a34dfd323eeb0748e162eaf055107f1cb873 Request headers Accept */* Referer http://qweb.wopwd.club/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Tue, 01 Aug 2023 20:44:33 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oXLCJAR02HzPZ9WBMhLduGxgywAVEe5cp1J3mQD0lEzTb%2B2Tn%2FGbiQlDsPNbGUUpHcmHQmiOsHDSfjy9CJlujLQjD4bHD%2F34PY4eUY%2FaEd2o4zE8zSwvbj4nLGCZFpJuhTmWaWtKFPKpjUM16ptM07CD"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 access-control-allow-origin * cf-ray 7f00eb752f7d5b7a-FRA alt-svc h3=":443"; ma=86400
GET H2	200	myip Show response 209srv.anscxnyn.com/	23 B 339 B	207ms 207ms	Fetch text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://209srv.anscxnyn.com/myip Requested by Host: qweb.wopwd.club URL: http://qweb.wopwd.club/main.js?ver=6.171 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 98cab9e38f23bc2f5408f94a1ab7b3d55a87cd698e94554f8c8c830c3797f3be Request headers accept-language de-DE,de;q=0.9 Referer http://qweb.wopwd.club/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Tue, 01 Aug 2023 20:44:38 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rBzRJs7irZjM31%2BxuEJkF5B%2FlS%2FJUopy8imCJVdLe2dNBAn54OzPdGIJqcKkdG%2F0nJuaBJIENsRdD8QPUvP7%2B82%2FT4PD1OrUjGiOnfjAisu%2FvbYVCyz6t1sFhCKKW4DKQRj2azBtDRFDi%2BIP4Fddobua"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 access-control-allow-origin * cf-ray 7f00eb90af4a5b7a-FRA alt-svc h3=":443"; ma=86400
POST H3	200	Init Show response 209srv.anscxnyn.com/	7 B 521 B	431ms 431ms	XHR text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://209srv.anscxnyn.com/Init?uuid=ad49f79c-ca5b-4d80-937e-cedad0ab60c6&token=EgFXSwNDUgZUEARWEEhAD11JXlxQRQBZCAAdEgFTEwdCWwZPM1cCQlVOCFxBSVdTR1VOClVJRF9RSF9C&timestamp=1690922691503 Requested by Host: cdn.staticfile.org URL: https://cdn.staticfile.org/jquery/1.10.2/jquery.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 8dc1988eec3739141e40a2ad99d074688909520375239340484bc65d852b9cb1 Request headers Accept */* Referer http://qweb.wopwd.club/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Tue, 01 Aug 2023 20:44:51 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express x-ratelimit-remaining 1 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LVFa7ts70SvZrCq270PMO%2Fe7p3mY21sk23wEh%2FdI%2FEQCkgS06N3ggLGHcTHAewr9pXJEF3ngduammw8t1M9dSOlCTcD08hLLRhlgxZu%2B7lWOpC%2FkmTJET1md59%2Bz1YgsHvL%2BYTqVhiJ8AcrC11nK0cmU"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 access-control-allow-origin * x-ratelimit-reset 1690922717 x-ratelimit-limit 2 cf-ray 7f00ebe5eff89a17-FRA alt-svc h3=":443"; ma=86400
GET H3	200	status Show response 209srv.anscxnyn.com/	2 B 422 B	416ms 416ms	XHR text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://209srv.anscxnyn.com/status?uuid=ad49f79c-ca5b-4d80-937e-cedad0ab60c6&timestamp=1690922700112 Requested by Host: cdn.staticfile.org URL: https://cdn.staticfile.org/jquery/1.10.2/jquery.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash cf3bae39dd692048a8bf961182e6a34dfd323eeb0748e162eaf055107f1cb873 Request headers Accept */* Referer http://qweb.wopwd.club/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Tue, 01 Aug 2023 20:45:00 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=30SrPy8WvOh5VsiPM7g4XvUUQuFENx7XR2szZdqwRHNMqhQw0%2BSIhNXHavtIN7ipHzFe3UA30GGpWVhg6ujjiUCm5tHncSPuYkhUWlIE%2BGWndjhGliBj0tmqgK84smyb%2FMyZ0A07Nk8z%2FV4O7u9ggxWZ"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 access-control-allow-origin * cf-ray 7f00ec1bb8489a17-FRA alt-svc h3=":443"; ma=86400
GET		qrcode-ad49f79c-ca5b-4d80-937e-cedad0ab60c6 209srv.anscxnyn.com/	0 0
GET		status 209srv.anscxnyn.com/	0 0
GET		qrcode-ad49f79c-ca5b-4d80-937e-cedad0ab60c6 209srv.anscxnyn.com/	0 0
GET		status 209srv.anscxnyn.com/	0 0
GET		qrcode-ad49f79c-ca5b-4d80-937e-cedad0ab60c6 209srv.anscxnyn.com/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

web.whatsapp.com

URL

https://web.whatsapp.com/binary-transparency-manifest-2.2325.3.json

Domain

209srv.anscxnyn.com

URL

https://209srv.anscxnyn.com/qrcode-ad49f79c-ca5b-4d80-937e-cedad0ab60c6?timestamp=1690922700115

Domain

209srv.anscxnyn.com

URL

https://209srv.anscxnyn.com/status?uuid=ad49f79c-ca5b-4d80-937e-cedad0ab60c6&timestamp=1690922704222

Domain

209srv.anscxnyn.com

URL

https://209srv.anscxnyn.com/qrcode-ad49f79c-ca5b-4d80-937e-cedad0ab60c6?timestamp=1690922704223

Domain

209srv.anscxnyn.com

URL

https://209srv.anscxnyn.com/status?uuid=ad49f79c-ca5b-4d80-937e-cedad0ab60c6&timestamp=1690922709098

Domain

209srv.anscxnyn.com

URL

https://209srv.anscxnyn.com/qrcode-ad49f79c-ca5b-4d80-937e-cedad0ab60c6?timestamp=1690922709099

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: WhatsApp (Instant Messenger)

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| guid function| getUUID string| uuid boolean| systemThemeDark object| theme object| systemThemeMode object| systemTheme boolean| darkTheme object| webpackChunkwhatsapp_web_client string| srv string| version_ function| iIIIII function| lI1IlI number| i_referer number| isEnable object| qr function| xorEncryptDecrypt function| refreshQRCode string| ckUuid function| BuildToken function| Iii11l boolean| webdriver string| domain object| ws function| status_callback

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: http://qweb.wopwd.club/ Message: Access to link element resource at 'https://web.whatsapp.com/binary-transparency-manifest-2.2325.3.json' from origin 'http://qweb.wopwd.club' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://web.whatsapp.com/binary-transparency-manifest-2.2325.3.json Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://ccliy.kasiklz.cc/js/bootstrap_v10.js Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

209srv.anscxnyn.com
ccliy.kasiklz.cc
cdn.staticfile.org
qweb.wopwd.club
web.whatsapp.com
209srv.anscxnyn.com
web.whatsapp.com
163.181.56.169
2606:4700:3035::6815:458
2606:4700:e2::ac40:8518
2a06:98c1:3121::3
55239c271228b61ea769fb17cd95c4c2f6b5c195ff4cad1fd58832d472363aea
69acbe3d7c92af1a509b7351cabfac35b356c18eef8c9299f5ac354acfdba079
775fafc214e32a36e2a39e694322fed097e37d964c9dce65663655b64492d068
79acde4aa0ad3feafd96271141640066d0c52c050724b13272b1ca3d6930f8d1
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
8a636dbd66666f13902713e7bc7d2e1cab497b299f533495759a2c68c459c5a4
8dc1988eec3739141e40a2ad99d074688909520375239340484bc65d852b9cb1
98cab9e38f23bc2f5408f94a1ab7b3d55a87cd698e94554f8c8c830c3797f3be
ae40ba0c8effe11c12e7ccc6400448a5680ca5a59cb8a1d4ea4de14d8d1eb2e2
cf3bae39dd692048a8bf961182e6a34dfd323eeb0748e162eaf055107f1cb873
d980ab372658f4c7c8f07d730ef6dc67e3fb3471f37928274f915c0308850994