whatsp.tikqus.top Open in urlscan Pro
23.95.186.190 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://whatsp.tikqus.top/
Effective URL:
https://whatsp.tikqus.top/
Submission: On November 13 via automatic, source openphish (November 13th 2024, 2:06:40 am UTC) — Scanned from DE

Summary HTTP 22 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 8 domains to perform 22 HTTP transactions. The main IP is 23.95.186.190, located in Buffalo, United States and belongs to AS-COLOCROSSING, US. The main domain is whatsp.tikqus.top.
TLS certificate: Issued by E6 on November 10th 2024. Valid for: 3 months.

This is the only time whatsp.tikqus.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	23.95.186.190 23.95.186.190	36352 (AS-COLOCR...) (AS-COLOCROSSING)
1 2	2606:4700::68... 2606:4700::6811:f7cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
2	157.240.253.1 157.240.253.1	32934 (FACEBOOK) (FACEBOOK)
2	172.217.18.3 172.217.18.3	15169 (GOOGLE) (GOOGLE)
1	3.122.218.248 3.122.218.248	16509 (AMAZON-02) (AMAZON-02)
2	157.240.251.35 157.240.251.35	32934 (FACEBOOK) (FACEBOOK)
22	9

8 23.95.186.190 (Buffalo, United States)

ASN36352 (AS-COLOCROSSING, US)
PTR: 23-95-186-190-host.colocrossing.com

whatsp.tikqus.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:f7cb (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.122.218.248 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-218-248.eu-central-1.compute.amazonaws.com

getyourapi.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.251.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-fra5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	tikqus.top whatsp.tikqus.top	25 KB
5	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 275	151 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	214 B
2	gstatic.com fonts.gstatic.com	30 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 208	74 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 850	6 KB
1	getyourapi.site getyourapi.site	514 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 55	1 KB
22	8

	Domain	Requested by
8	whatsp.tikqus.top	whatsp.tikqus.top
5	cdnjs.cloudflare.com	whatsp.tikqus.top cdnjs.cloudflare.com
2	www.facebook.com	whatsp.tikqus.top
2	fonts.gstatic.com	fonts.googleapis.com
2	connect.facebook.net	whatsp.tikqus.top connect.facebook.net
2	unpkg.com	1 redirects whatsp.tikqus.top
1	getyourapi.site	cdnjs.cloudflare.com
1	fonts.googleapis.com	whatsp.tikqus.top
22	8

This site contains no links.

Subject Issuer	Validity	Valid
whatsp.tikqus.top E6	`2024-11-10` - `2025-02-08`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-09-28` - `2024-12-27`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-22` - `2024-11-20`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
getyourapi.site E5	`2024-10-05` - `2025-01-03`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://whatsp.tikqus.top/
Frame ID: B7358D0CDE251E6C5E88C555CCB8C500
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

WhatsApp

Page URL History Show full URLs

http://whatsp.tikqus.top/ HTTP 307
https://whatsp.tikqus.top/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

22
Requests

95 %
HTTPS

25 %
IPv6

8
Domains

8
Subdomains

9
IPs

3
Countries

287 kB
Transfer

908 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://whatsp.tikqus.top/ HTTP 307
https://whatsp.tikqus.top/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://unpkg.com/typewriter-effect@latest/dist/core.js HTTP 302
https://unpkg.com/typewriter-effect@2.21.0/dist/core.js

22 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
whatsp.tikqus.top/
Redirect Chain

http://whatsp.tikqus.top/
https://whatsp.tikqus.top/

28 KB
8 KB

1161ms
532ms

Document
text/html

23.95.186.190
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to

Full URL: https://whatsp.tikqus.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.95.186.190 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS: 23-95-186-190-host.colocrossing.com
Software: openresty /
Resource Hash: aca9060c33f4ee14590bb444ebc05e0edfd5f3aa383c93a40fac05973877e1ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 13 Nov 2024 02:06:35 GMT
server: openresty
vary: Accept-Encoding Accept-Encoding Accept-Encoding

Redirect headers

Location: https://whatsp.tikqus.top/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 form.css
whatsp.tikqus.top/styles/ 5 KB
2 KB 442ms
438ms Stylesheet
text/css 23.95.186.190
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to

Full URL: https://whatsp.tikqus.top/styles/form.css
Requested by: Host: whatsp.tikqus.top
URL: https://whatsp.tikqus.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.95.186.190 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS: 23-95-186-190-host.colocrossing.com
Software: openresty /
Resource Hash: dec3682fc9b61ca1e7e5bf20312e4b3c6f3b5206c12e0ac554fdd8e1ce6efd9e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://whatsp.tikqus.top/

Response headers

content-encoding: gzip
date: Wed, 13 Nov 2024 02:06:35 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
server: openresty

GET
H2 200 styles.css
whatsp.tikqus.top/styles/ 8 KB
3 KB 431ms
429ms Stylesheet
text/css 23.95.186.190
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to

Full URL: https://whatsp.tikqus.top/styles/styles.css
Requested by: Host: whatsp.tikqus.top
URL: https://whatsp.tikqus.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.95.186.190 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS: 23-95-186-190-host.colocrossing.com
Software: openresty /
Resource Hash: b1ca7e880bd80bba1d16de20d2caa54d1ad79636b8491a6670984e9a77607f2a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://whatsp.tikqus.top/

Response headers

content-encoding: gzip
date: Wed, 13 Nov 2024 02:06:35 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
server: openresty

GET
H2

200

core.js Show response
unpkg.com/typewriter-effect@2.21.0/dist/
Redirect Chain

https://unpkg.com/typewriter-effect@latest/dist/core.js
https://unpkg.com/typewriter-effect@2.21.0/dist/core.js

13 KB
5 KB

28ms
23ms

Script
application/javascript

2606:4700::6811:f7cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/typewriter-effect@2.21.0/dist/core.js

Requested by

Host: whatsp.tikqus.top
URL: https://whatsp.tikqus.top/

Protocol

Server

2606:4700::6811:f7cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2082ce042eeb13a7343c05a4edf782b38ed5900d709935e145a5b83abf91df2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://whatsp.tikqus.top/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: "338f-JGp96ZhMp6JTCCJDq1+LWYCYFQg"
age: 625085
x-content-type-options: nosniff
date: Wed, 13 Nov 2024 02:06:35 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01JBZ07F16XB6159QRR5T6CX5X-fra
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8e1b340eee4735f4-FRA
access-control-allow-origin: *
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, s-maxage=600, max-age=60
location: /typewriter-effect@2.21.0/dist/core.js
content-encoding: br
cf-cache-status: HIT
age: 395
x-content-type-options: nosniff
via: 1.1 fly.io
cf-ray: 8e1b340ebe3335f4-FRA
access-control-allow-origin: *
date: Wed, 13 Nov 2024 02:06:35 GMT
content-type: text/plain; charset=utf-8
vary: Accept, Accept-Encoding
fly-request-id: 01JCHKZG1R66AHXPXVFAYRB558-fra
server: cloudflare

GET
H2 200 script.js Show response
whatsp.tikqus.top/scripts/ 9 KB
3 KB 377ms
376ms Script
application/javascript 23.95.186.190
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to

Full URL: https://whatsp.tikqus.top/scripts/script.js
Requested by: Host: whatsp.tikqus.top
URL: https://whatsp.tikqus.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.95.186.190 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS: 23-95-186-190-host.colocrossing.com
Software: openresty /
Resource Hash: cda80c6bb4653f1ac52aa784cbfd16e8fd89868c0553f447201e19d4899a26e2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://whatsp.tikqus.top/

Response headers

content-encoding: gzip
date: Wed, 13 Nov 2024 02:06:35 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
server: openresty

GET
H3 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/ 85 KB
27 KB 68ms
26ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js

Requested by

Host: whatsp.tikqus.top
URL: https://whatsp.tikqus.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://whatsp.tikqus.top/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "64ed75bb-6b36"
age: 457887
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6wNO5bxkejlN%2BiXDs6xDqmvjpdCGQob%2BfZ7SqEKEghq0WnsRQ33w98%2Bs%2BNmLpELLe6UupmbXF96w%2FamcUqsgRCLrcGeLcl1rUHRPcOwTLTXU0WXv%2B0k2by66iDzHa%2F0ZFT8VLMBN"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 03 Nov 2025 02:06:35 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 13 Nov 2024 02:06:35 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 29 Aug 2023 04:36:11 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8e1b340ebcef1d94-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27446
server: cloudflare

GET
H3 200 intlTelInput.css
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/css/ 24 KB
3 KB 84ms
42ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/css/intlTelInput.css

Requested by

Host: whatsp.tikqus.top
URL: https://whatsp.tikqus.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9ae063d7bf400c91d4056a69889903b54205f2efd6cb224d6041eca58b92cca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://whatsp.tikqus.top/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "65a3eb4d-85b"
age: 432260
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZkLKhacEg4wUBsHRynZm8uVWd4NdQLm7JFF4yVnz5I34p4U9jwEGqIcFGV7Ju5DSp3GNLsaESNRV%2F3Tvv4GJtQGyltp7lXt%2FZqxhp1mw4I9I5OL9QcSNxzdd1et%2B37bmWmHml2yR"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 03 Nov 2025 02:06:35 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 13 Nov 2024 02:06:35 GMT
content-type: text/css; charset=utf-8
last-modified: Sun, 14 Jan 2024 14:10:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8e1b340ebcf01d94-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2139
server: cloudflare

GET
H3 200 intlTelInput.min.js Show response
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/js/ 30 KB
9 KB 85ms
43ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/js/intlTelInput.min.js

Requested by

Host: whatsp.tikqus.top
URL: https://whatsp.tikqus.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54bc983ea406933001939caacb25ec98a9f633b8f2d54aa5ca3180948d6fe389

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://whatsp.tikqus.top/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "65a3eb4d-223d"
age: 1667944
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s4v39l55Nu7zatAZ1poC8O0qKy9Dzk0%2F3koSXBCzxMGeBdO1t9TBTdVS%2FJw5BBMytzXAIWO2rhZ%2BfpNbvW%2FAsQqUzQgI2%2BDS%2B6igDtPMbLPcPN6PiSObYymrV86PoYyoC31oteJY"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 03 Nov 2025 02:06:35 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 13 Nov 2024 02:06:35 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 14 Jan 2024 14:10:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8e1b340ebcf11d94-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8765
server: cloudflare

GET
H2 200 ModalPhoneError.js Show response
whatsp.tikqus.top/scripts/ 2 KB
1 KB 390ms
389ms Script
application/javascript 23.95.186.190
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to

Full URL: https://whatsp.tikqus.top/scripts/ModalPhoneError.js
Requested by: Host: whatsp.tikqus.top
URL: https://whatsp.tikqus.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.95.186.190 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS: 23-95-186-190-host.colocrossing.com
Software: openresty /
Resource Hash: 8da0ac9d1d0baf17534c9771eab9cdc974f73ae3a2e64393bfbf30f9dc07b287

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://whatsp.tikqus.top/

Response headers

content-encoding: gzip
date: Wed, 13 Nov 2024 02:06:35 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
server: openresty

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 132ms
47ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Figtree:300,regular,500,600,700,800,900,300italic,italic,500italic,600italic,700italic,800italic,900italic

Requested by

Host: whatsp.tikqus.top
URL: https://whatsp.tikqus.top/styles/styles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ba0a3c88350bbdf1124f15ea01cb2ea5f65aa9923d2979306fe11b666b5b9091

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://whatsp.tikqus.top/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 13 Nov 2024 02:06:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 13 Nov 2024 02:06:35 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Wed, 13 Nov 2024 02:06:35 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 20ms
9ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: whatsp.tikqus.top
URL: https://whatsp.tikqus.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-NB0OUiZ9' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://whatsp.tikqus.top/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 13 Nov 2024 02:06:35 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-NB0OUiZ9' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4414, tp=9, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: iQIb6LxmblOdq54NNf5YQKZ9FX7T55gNW/YozvO9JmV4TTR/YIHLP4x3Vq/mTnLFdR5fDb4pKCEaldiScjMPiQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62107
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 bg.svg
whatsp.tikqus.top/images/ 40 KB
5 KB 387ms
387ms Image
image/svg+xml 23.95.186.190
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://whatsp.tikqus.top/images/bg.svg
Requested by: Host: whatsp.tikqus.top
URL: https://whatsp.tikqus.top/styles/styles.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.95.186.190 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS: 23-95-186-190-host.colocrossing.com
Software: openresty /
Resource Hash: 47ee7cff984d7536d6a035b1bc67b811799b4496c0e56709741e14d013b58bf1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://whatsp.tikqus.top/styles/styles.css

Response headers

content-encoding: gzip
date: Wed, 13 Nov 2024 02:06:36 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
server: openresty

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9170dfe8b78fce5e3297c75957bdce3759c1e077244c34343f995e0244079d3a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H3 200 _Xms-HUzqDCFdgfMm4S9DQ.woff2
fonts.gstatic.com/s/figtree/v6/ 20 KB
20 KB 89ms
41ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/figtree/v6/_Xms-HUzqDCFdgfMm4S9DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Figtree:300,regular,500,600,700,800,900,300italic,italic,500italic,600italic,700italic,800italic,900italic

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

sffe /

Resource Hash

93a68eaa293304b947a167d0f7d0e00a1a8b5cf4972dc0da3da2094359a33e9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://whatsp.tikqus.top
Referer: https://fonts.googleapis.com/

Response headers

age: 556534
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 06 Nov 2025 15:31:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 15:31:01 GMT
last-modified: Fri, 27 Sep 2024 00:41:54 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20016
x-xss-protection: 0
server: sffe

GET
H3 200 _Xms-HUzqDCFdgfMm4q9DbZs.woff2
fonts.gstatic.com/s/figtree/v6/ 10 KB
10 KB 101ms
53ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/figtree/v6/_Xms-HUzqDCFdgfMm4q9DbZs.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Figtree:300,regular,500,600,700,800,900,300italic,italic,500italic,600italic,700italic,800italic,900italic

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

sffe /

Resource Hash

c96d7b7b085414ae99598c1cbd72b09c8aa6d4732d7a120c408a044f46425428

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://whatsp.tikqus.top
Referer: https://fonts.googleapis.com/

Response headers

age: 21028
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 12 Nov 2025 20:16:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 12 Nov 2024 20:16:07 GMT
last-modified: Fri, 27 Sep 2024 00:41:43 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 10232
x-xss-protection: 0
server: sffe

GET
H2 200 logo.svg
whatsp.tikqus.top/images/ 3 KB
1 KB 383ms
382ms Image
image/svg+xml 23.95.186.190
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://whatsp.tikqus.top/images/logo.svg
Requested by: Host: whatsp.tikqus.top
URL: https://whatsp.tikqus.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.95.186.190 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS: 23-95-186-190-host.colocrossing.com
Software: openresty /
Resource Hash: c36dcafd171c482a0b5ea4565c92b1c4198b1dfe41ec688facc3480fc4bb7b27

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://whatsp.tikqus.top/

Response headers

content-encoding: gzip
date: Wed, 13 Nov 2024 02:06:36 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
server: openresty

GET
DATA 200
OK truncated
/ 237 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: acf946f3c79d07dbd07531868adcb8ff47d39e8ffd7942d2de6b2a0bc618769b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H2 200 geolocation Show response
getyourapi.site/api/ 107 B
514 B 75ms
17ms XHR
application/json 3.122.218.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://getyourapi.site/api/geolocation
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.122.218.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-218-248.eu-central-1.compute.amazonaws.com
Software: openresty / Express
Resource Hash: e265dc0b244c63bb2dc7e0c6faed076f4ae4091a266db87f994a5dcca1962cab

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://whatsp.tikqus.top/

Response headers

access-control-max-age: 600
x-request-id: d00c8e2a-27b5-4156-bed0-12baf177c39d
access-control-expose-headers: content-type, authorization, x-request-id
etag: W/"6b-Hfv8HWypnpbNzw8Ieb6+mFG/97U"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://whatsp.tikqus.top
content-length: 107
date: Wed, 13 Nov 2024 02:06:35 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express
server: openresty
access-control-allow-headers: origin, content-type, accept, authorization

GET
H3 200 1756621951838040 Show response
connect.facebook.net/signals/config/ 67 KB
13 KB 81ms
81ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1756621951838040?v=2.9.176&r=stable&domain=whatsp.tikqus.top&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

c51244600ae3086298df13e5145e240f5fe6a5f1537211873fad7af3b14cecb4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-UPLARqmd' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://whatsp.tikqus.top/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 13 Nov 2024 02:06:35 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-UPLARqmd' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=74, mss=1232, tbw=70300, tp=66, tpl=0, uplat=73, ullat=0
pragma: public
x-fb-debug: wAKt0hZ4VU3HcS1tr9X3yciGTC7SQEsB7ZXbt78/eLnbuZCq/6OjwgbyDmT6STYadv1/59owWjMEwLLXr7/ObA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 flags.png
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/img/ 66 KB
66 KB 21ms
21ms Image
image/png 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/img/flags.png?1

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/css/intlTelInput.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3af394920236bdcab19b5514b8f67e06b194e29017368d6a9d83d598947f203b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/css/intlTelInput.css

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "65a3eb4d-1062f"
age: 3497664
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x73GP1a%2Bse8xug8%2BKhlWDC0irFmvaFCwicm6jeanxF%2F3olK1XEDW%2B3MXbeQt0hLjNHHZSGJ2Zmkgtne8M8scucmFr3GBOo62%2BCMKwk%2B03osDcUwbVbbvhLrVWxAV5%2B0EjEW0gE5K"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 03 Nov 2025 02:06:35 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 13 Nov 2024 02:06:35 GMT
content-type: image/png; charset=utf-8
last-modified: Sun, 14 Jan 2024 14:10:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8e1b3412be7b1d94-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 67119
server: cloudflare

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 25ms
10ms Image
text/plain 157.240.251.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1756621951838040&ev=PageView&dl=https%3A%2F%2Fwhatsp.tikqus.top%2F&rl=&if=false&ts=1731463596005&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1731463596001.271270863543027653&ler=empty&cdl=API_unavailable&it=1731463595891&coo=false&rqm=GET

Requested by

Host: whatsp.tikqus.top
URL: https://whatsp.tikqus.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://whatsp.tikqus.top/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4463, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Wed, 13 Nov 2024 02:06:36 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
195 B 191ms
177ms Image
image/png 157.240.251.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1756621951838040&ev=PageView&dl=https%3A%2F%2Fwhatsp.tikqus.top%2F&rl=&if=false&ts=1731463596005&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1731463596001.271270863543027653&ler=empty&cdl=API_unavailable&it=1731463595891&coo=false&rqm=FGET

Requested by

Host: whatsp.tikqus.top
URL: https://whatsp.tikqus.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra5.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://whatsp.tikqus.top/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7436579519115072451"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 13 Nov 2024 02:06:36 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: pDB5DiQd67kM3+KTpTuKjEzsRzeuuSQbd/PS8Kzz7N4GC8d7AOmxT7PD3RxWIjKB3Dzw8fYAX2tzRkRTWN/okA==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7436579519115072451", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4831, tp=13, tpl=0, uplat=168, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H3 200 utils.min.js Show response
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/js/ 244 KB
46 KB 21ms
20ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/js/utils.min.js

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/js/intlTelInput.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b35c83e4dc3713230edfbda43508fb2fb92d8e07c4189f19d201ba199ef810a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://whatsp.tikqus.top/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "65a3eb4d-b3dd"
age: 447100
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h%2FOQNS4DogajkcVfxyXmdk8vaHN5spD%2FEKCJmzy1dbKmASv9DB3DKSTcnSZ9GP31PJDIkUKaQVKGdnnFfmjNCMp1rsoHdG8Jx7llZ2V8wvZj8AtJAFSIFu2wLDET1lbJkxjjYxgh"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 03 Nov 2025 02:06:36 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 13 Nov 2024 02:06:36 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 14 Jan 2024 14:10:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8e1b34152f461d94-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 46045
server: cloudflare

GET
H2 200 logo.svg
whatsp.tikqus.top/images/ 3 KB
1 KB 385ms
384ms Other
image/svg+xml 23.95.186.190
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to

Full URL: https://whatsp.tikqus.top/images/logo.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.95.186.190 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS: 23-95-186-190-host.colocrossing.com
Software: openresty /
Resource Hash: c36dcafd171c482a0b5ea4565c92b1c4198b1dfe41ec688facc3480fc4bb7b27

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://whatsp.tikqus.top/

Response headers

content-encoding: gzip
date: Wed, 13 Nov 2024 02:06:36 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
server: openresty

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.tikqus.top/	1970-01-21 03:07:19	Name: _fbp Value: fb.1.1731463596001.271270863543027653

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
getyourapi.site
unpkg.com
whatsp.tikqus.top
www.facebook.com
104.17.25.14
157.240.251.35
157.240.253.1
172.217.18.3
23.95.186.190
2606:4700::6811:f7cb
2a00:1450:4001:82b::200a
3.122.218.248
3af394920236bdcab19b5514b8f67e06b194e29017368d6a9d83d598947f203b
47ee7cff984d7536d6a035b1bc67b811799b4496c0e56709741e14d013b58bf1
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
54bc983ea406933001939caacb25ec98a9f633b8f2d54aa5ca3180948d6fe389
8da0ac9d1d0baf17534c9771eab9cdc974f73ae3a2e64393bfbf30f9dc07b287
9170dfe8b78fce5e3297c75957bdce3759c1e077244c34343f995e0244079d3a
93a68eaa293304b947a167d0f7d0e00a1a8b5cf4972dc0da3da2094359a33e9a
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aca9060c33f4ee14590bb444ebc05e0edfd5f3aa383c93a40fac05973877e1ab
acf946f3c79d07dbd07531868adcb8ff47d39e8ffd7942d2de6b2a0bc618769b
b1ca7e880bd80bba1d16de20d2caa54d1ad79636b8491a6670984e9a77607f2a
b2082ce042eeb13a7343c05a4edf782b38ed5900d709935e145a5b83abf91df2
b35c83e4dc3713230edfbda43508fb2fb92d8e07c4189f19d201ba199ef810a2
ba0a3c88350bbdf1124f15ea01cb2ea5f65aa9923d2979306fe11b666b5b9091
c36dcafd171c482a0b5ea4565c92b1c4198b1dfe41ec688facc3480fc4bb7b27
c51244600ae3086298df13e5145e240f5fe6a5f1537211873fad7af3b14cecb4
c96d7b7b085414ae99598c1cbd72b09c8aa6d4732d7a120c408a044f46425428
c9ae063d7bf400c91d4056a69889903b54205f2efd6cb224d6041eca58b92cca
cda80c6bb4653f1ac52aa784cbfd16e8fd89868c0553f447201e19d4899a26e2
dec3682fc9b61ca1e7e5bf20312e4b3c6f3b5206c12e0ac554fdd8e1ce6efd9e
e265dc0b244c63bb2dc7e0c6faed076f4ae4091a266db87f994a5dcca1962cab
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

whatsp.tikqus.top Open in urlscan Pro 23.95.186.190 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

22 Requests

95 %HTTPS

25 %IPv6

8 Domains

8 Subdomains

9 IPs

3 Countries

287 kBTransfer

908 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

1 Cookies

Indicators

whatsp.tikqus.top Open in urlscan Pro
23.95.186.190 Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

95 %
HTTPS

25 %
IPv6

8
Domains

8
Subdomains

9
IPs

3
Countries

287 kB
Transfer

908 kB
Size

1
Cookies

22 HTTP transactions
2 data transactions