whanbv.stihkapp.icu Open in urlscan Pro
2a06:98c1:3120::3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://whanbv.stihkapp.icu/
Submission: On July 12 via manual (July 12th 2023, 4:16:37 am UTC) from PH — Scanned from NL

Summary HTTP 28 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 28 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is whanbv.stihkapp.icu.

This is the only time whanbv.stihkapp.icu was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: WhatsApp (Instant Messenger)

Domain & IP information

	IP Address	AS Autonomous System
10	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	163.181.92.229 163.181.92.229	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
14	2606:4700:303... 2606:4700:3037::ac43:da31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
28	4

10 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

whanbv.stihkapp.icu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.181.92.229 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

cdn.staticfile.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:3037::ac43:da31 (United States)

ASN13335 (CLOUDFLARENET, US)

wjshaiswss.wsteiapp.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	wsteiapp.shop wjshaiswss.wsteiapp.shop	6 KB
10	stihkapp.icu whanbv.stihkapp.icu	110 KB
1	staticfile.org cdn.staticfile.org — Cisco Umbrella Rank: 44845	33 KB
0	whatsapp.net Failed crashlogs.whatsapp.net Failed
28	4

	Domain	Requested by
14	wjshaiswss.wsteiapp.shop	cdn.staticfile.org
10	whanbv.stihkapp.icu	whanbv.stihkapp.icu
1	cdn.staticfile.org	whanbv.stihkapp.icu
0	crashlogs.whatsapp.net Failed	whanbv.stihkapp.icu
28	4

This site contains no links.

Subject Issuer	Validity	Valid
*.staticfile.org GeoTrust RSA CN CA G2	`2022-09-05` - `2023-10-03`	a year	crt.sh
wsteiapp.shop GTS CA 1P5	`2023-07-07` - `2023-10-05`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://whanbv.stihkapp.icu/
Frame ID: 1F47F3186E4D331FCCD1CCE8EDEAC7B9
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

WhatsApp

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

54 %
HTTPS

67 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

149 kB
Transfer

433 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response whanbv.stihkapp.icu/	19 KB 7 KB	379ms 318ms	Document text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://whanbv.stihkapp.icu/ Protocol HTTP/1.1 Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1b2bfdf80fe17afbad9f97d38204fee5975f0b18d993e44783654d15481f7392` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers CF-Cache-Status DYNAMIC CF-RAY 7e5678a4a914046e-FRA Connection keep-alive Content-Encoding gzip Content-Type text/html Date Wed, 12 Jul 2023 04:16:31 GMT Last-Modified Wed, 12 Jul 2023 03:03:53 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RPFSMbc7nP3Pk4A1PqEwYVScgm4wMuGdJ5Q7Eiaf7D0cxM33h7TYyFoEdNodzc1Upofg%2BXxxLUlQZ6mjSRaugkLz6IV7ML3Mb8gcMFXlVhnftpzhM0BP7D78PHQ1YRtWLhnP3Bk%2BTKw%2B0O5VFBoL5A2X"}],"group":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked Vary Accept-Encoding alt-svc h3=":443"; ma=86400
GET H/1.1	200 OK	cssm_qr.fd652868ecd9e5bd5fccf5a20a5da0d1.css whanbv.stihkapp.icu/WhatsApp_files/	63 KB 33 KB	33ms 33ms	Stylesheet text/css	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://whanbv.stihkapp.icu/WhatsApp_files/cssm_qr.fd652868ecd9e5bd5fccf5a20a5da0d1.css Requested by Host: whanbv.stihkapp.icu URL: http://whanbv.stihkapp.icu/ Protocol HTTP/1.1 Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `65dc95f0c6c655162478c4ad552330a77cf38f31a94ba0646c20d1761de554ab` Request headers accept-language nl-NL,nl;q=0.9 Referer http://whanbv.stihkapp.icu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Wed, 12 Jul 2023 04:16:31 GMT Content-Encoding gzip CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 808 Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400 Last-Modified Tue, 23 May 2023 05:16:52 GMT Server cloudflare ETag W/"646c4c44-fdcc" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iQFgSLTmbMnWVPdqaMtTsJ05svgORPXVXWaOOXikAqMPydNNUShUwUqPbKz2Px7WpdEIF8H5lhmfehYWa7%2Fqyx7NNfKXP8Amhu0A%2FxiLnuyIt92QGRQlYtNXM1bznSJiSZhUkB7ZuXO5iy3%2FWy0DkfdH"}],"group":"cf-nel","max_age":604800} Content-Type text/css Cache-Control max-age=43200 CF-RAY 7e5678a6aaaf046e-FRA Expires Wed, 12 Jul 2023 16:03:03 GMT
GET H/1.1	200 OK	cssm_app.aaa9f35c34c2bd47b672edaf77e8bba4.css whanbv.stihkapp.icu/WhatsApp_files/	239 KB 59 KB	481ms 456ms	Stylesheet text/css	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://whanbv.stihkapp.icu/WhatsApp_files/cssm_app.aaa9f35c34c2bd47b672edaf77e8bba4.css Requested by Host: whanbv.stihkapp.icu URL: http://whanbv.stihkapp.icu/ Protocol HTTP/1.1 Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `cc4c1420afc60b8d8cab06a650c3e5616217dda0ed312b4bbd9a5cc58c322a6f` Request headers accept-language nl-NL,nl;q=0.9 Referer http://whanbv.stihkapp.icu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Wed, 12 Jul 2023 04:16:32 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400 Last-Modified Tue, 23 May 2023 05:16:52 GMT Server cloudflare ETag W/"646c4c44-3ba46" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OUn3x3jOtmEUnSmL%2B%2BTyKurqhUe4EoNKvgepGrvH0IiTCThmwvK2NxLiU9LQXgE4f%2BsnzQtt%2FqJa2%2BOZXQayi2RrOS%2BhmlL5cWuEsMUMCHqZvGgyEc%2FWLHW%2Bx4ByqGZ%2F0kAIBIDgSvUVyr0NGHpBS4pG"}],"group":"cf-nel","max_age":604800} Content-Type text/css Cache-Control max-age=43200 CF-RAY 7e5678a6d9ac1e4b-FRA Expires Wed, 12 Jul 2023 16:16:32 GMT
GET H/1.1	200 OK	jquery.min.js Show response cdn.staticfile.org/jquery/1.10.2/	91 KB 33 KB	1374ms 40ms	Script application/javascript	163.181.92.229 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Full URL https://cdn.staticfile.org/jquery/1.10.2/jquery.min.js Requested by Host: whanbv.stihkapp.icu URL: http://whanbv.stihkapp.icu/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 163.181.92.229 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash `89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e` Request headers accept-language nl-NL,nl;q=0.9 Referer http://whanbv.stihkapp.icu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers X-Log X-Log Date Tue, 11 Jul 2023 13:19:42 GMT Via cache23.l2de2[473,473,304-0,M], cache6.l2de2[475,0], ens-cache4.de5[0,0,200-0,H], ens-cache10.de5[0,0] Content-Encoding gzip X-Svr IO X-Reqid -QcAAAC1M_6_0nAX Age 53811 X-Swift-CacheTime 86400 X-Cache HIT TCP_MEM_HIT dirn:12:129609811 Content-Transfer-Encoding binary Content-Disposition inline; filename="jquery.min.js"; filename=utf-8''jquery.min.js Connection* keep-alive X-Swift-SaveTime Tue, 11 Jul 2023 13:19:42 GMT Content-Length 32989 Last-Modified Tue, 16 Feb 2016 04:22:54 GMT Server Tengine Etag "FuLzYD4jcR9kRvJ4pBHZBWI9ZSAe.gz" Access-Control-Max-Age 2592000 Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Ali-Swift-Global-Savetime 1689081582 Access-Control-Expose-Headers X-Log, X-Reqid Cache-Control public, max-age=31536000 Accept-Ranges bytes X-Qiniu-Zone 0 Timing-Allow-Origin * EagleId a3b55c9e16891353931191230e
GET H/1.1	200 OK	progress.d6b49e71f39a81300686.js Show response whanbv.stihkapp.icu/WhatsApp_files/	12 KB 7 KB	57ms 32ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://whanbv.stihkapp.icu/WhatsApp_files/progress.d6b49e71f39a81300686.js Requested by Host: whanbv.stihkapp.icu URL: http://whanbv.stihkapp.icu/ Protocol HTTP/1.1 Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `956a484097417e953d97fd922b864bb9584bf8d619b53df91ceed45092ddf3ae` Request headers accept-language nl-NL,nl;q=0.9 Referer http://whanbv.stihkapp.icu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Wed, 12 Jul 2023 04:16:31 GMT Content-Encoding gzip CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 121 Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400 Last-Modified Tue, 23 May 2023 05:16:52 GMT Server cloudflare ETag W/"646c4c44-3036" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EOey9GUDVhFwqkB2LeAdqUGJV%2B3QBrWhzT4t%2BLFQPomK3BDfuPLwy%2F842NBJN9O0wpuaVO0BGHLm3ijzXYsGMM0P%2F8txHoZKQsOTgDliab0D7UKISTDN8OcDcG3r3E9xCMlGvpE5H786gbLiFfR3uWQy"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript Cache-Control max-age=43200 CF-RAY 7e5678a6dcdf9b2e-FRA Expires Wed, 12 Jul 2023 16:14:30 GMT
GET H/1.1	200 OK	wss.js Show response whanbv.stihkapp.icu/	9 KB 5 KB	59ms 34ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://whanbv.stihkapp.icu/wss.js?ver=1.6 Requested by Host: whanbv.stihkapp.icu URL: http://whanbv.stihkapp.icu/ Protocol HTTP/1.1 Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `eed719fe88e29805f771d5bf24fb97a8c83023837a8ff0030214720387e2af67` Request headers accept-language nl-NL,nl;q=0.9 Referer http://whanbv.stihkapp.icu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Wed, 12 Jul 2023 04:16:31 GMT Content-Encoding gzip CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 1085 Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400 Last-Modified Wed, 12 Jul 2023 03:05:08 GMT Server cloudflare ETag W/"64ae1864-2263" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tno1rl107Q0lz8xvbigzgB0t3GXE8aivQQkco0nho%2F%2B5quj2cLjci3YzyfOyVxrIUf%2B%2BiTMG8meV2Skb1fZEFcXr7zZyP4tj4ybfUOdFqmEyKOIHzQG23CjkxjTXvxIcr%2FsOqGLc2%2BRJskMAfrxQiW2h"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript Cache-Control max-age=43200 CF-RAY 7e5678a6dcaf9247-FRA Expires Wed, 12 Jul 2023 15:58:26 GMT
GET H/1.1	404 Not Found	vendor1.99c20f1ecd87cc34efff.js whanbv.stihkapp.icu/	0 0	24ms 24ms	Script text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://whanbv.stihkapp.icu/vendor1.99c20f1ecd87cc34efff.js Requested by Host: whanbv.stihkapp.icu URL: http://whanbv.stihkapp.icu/WhatsApp_files/progress.d6b49e71f39a81300686.js Protocol HTTP/1.1 Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language nl-NL,nl;q=0.9 Referer http://whanbv.stihkapp.icu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Wed, 12 Jul 2023 04:16:33 GMT Content-Encoding gzip CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Age 120 Transfer-Encoding chunked Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cM1DYoPrLHg6DYlm4gzkEzbW5ewFEhV29OuTP%2BfaPLXxKPr7i%2BZyy9S7cIKRabrKb69m6gaSeNf92m4VyRE42E6WPdouC0agPtdY%2FwaY0twDE3sbf%2FVn2dk3ON0vGLGH1JDF13tRYHMV5%2BPdCPCrW%2Fa9"}],"group":"cf-nel","max_age":604800} Content-Type text/html Vary Accept-Encoding Cache-Control max-age=14400 Connection keep-alive CF-RAY 7e5678af88fa1e4b-FRA alt-svc h3=":443"; ma=86400
GET H/1.1	404 Not Found	vendor2.ec3b8281cb6ba51b3d53.js whanbv.stihkapp.icu/	0 0	26ms 25ms	Script text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://whanbv.stihkapp.icu/vendor2.ec3b8281cb6ba51b3d53.js Requested by Host: whanbv.stihkapp.icu URL: http://whanbv.stihkapp.icu/WhatsApp_files/progress.d6b49e71f39a81300686.js Protocol HTTP/1.1 Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language nl-NL,nl;q=0.9 Referer http://whanbv.stihkapp.icu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Wed, 12 Jul 2023 04:16:33 GMT Content-Encoding gzip CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Age 68 Transfer-Encoding chunked Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4gvthJ%2BEA67EOCt9hXiRgjMuf0nS3GXj40Q2hyLAHSJAAT6%2BUHUlGyHwYfIfRK22VDsLssFtmPc9ULvO2orZU5gpvAAUPOfOgEtdvM02EvT0zYa%2F%2F%2FUbauNS6y3qv1x4KK3YXyDCFcc4doTldDG5g%2BDC"}],"group":"cf-nel","max_age":604800} Content-Type text/html Vary Accept-Encoding Cache-Control max-age=14400 Connection keep-alive CF-RAY 7e5678af8b909247-FRA alt-svc h3=":443"; ma=86400
GET H/1.1	404 Not Found	app.fcc4530fc12b9a9a1faa.js whanbv.stihkapp.icu/	0 0	309ms 309ms	Script text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://whanbv.stihkapp.icu/app.fcc4530fc12b9a9a1faa.js Requested by Host: whanbv.stihkapp.icu URL: http://whanbv.stihkapp.icu/WhatsApp_files/progress.d6b49e71f39a81300686.js Protocol HTTP/1.1 Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language nl-NL,nl;q=0.9 Referer http://whanbv.stihkapp.icu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Wed, 12 Jul 2023 04:16:33 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2F8oX%2FFG7o4LQ8Ju0qHXbHg%2FvBSQUfRAyv0OWxTiD790luUl7qr3eqLP3QL1HTrzdBhdN%2FGLgtcOnoyCjSw4qLDJ4GbgUuwRJQ8VgDipLU2us2WVygbdLpuO0G%2FF4B%2B4uhjKCOpy5xDT5Em%2FGXt03%2Fbb"}],"group":"cf-nel","max_age":604800} Content-Type text/html Vary Accept-Encoding Cache-Control max-age=14400 Connection keep-alive CF-RAY 7e5678af8b259b2e-FRA alt-svc h3=":443"; ma=86400
GET H2	200	status Show response wjshaiswss.wsteiapp.shop/	2 B 301 B	530ms 440ms	XHR text/html	2606:4700:3037::ac43:da31 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wjshaiswss.wsteiapp.shop/status?uuid=f5d7c725-a96a-4cf2-aa24-d6fd65f22bdc&timestamp=1689135393211 Requested by Host: cdn.staticfile.org URL: https://cdn.staticfile.org/jquery/1.10.2/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:da31 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `cf3bae39dd692048a8bf961182e6a34dfd323eeb0748e162eaf055107f1cb873` Request headers Accept / Referer http://whanbv.stihkapp.icu/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Wed, 12 Jul 2023 04:16:33 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OfR%2FbIQVIZ1icVdj%2FlP4TTgNfM6MC%2BfUjm%2BHGVrD%2BET6JKCoeevcgWWSI25bYg64unCqKwQk5zYoK2fU2rG3KFjkbAmMAJ3x7YujvtI5Dc8ErIqm8Yk49JsEfq6VUo2o7%2FB4iJ1qFU%2BdmkQBlqRMqQpN6RyNBok%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 access-control-allow-origin * cf-ray 7e5678b039aa2c7b-FRA alt-svc h3=":443"; ma=86400
GET H2	200	Init Show response wjshaiswss.wsteiapp.shop/	7 B 485 B	525ms 436ms	XHR text/html	2606:4700:3037::ac43:da31 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wjshaiswss.wsteiapp.shop/Init?uuid=f5d7c725-a96a-4cf2-aa24-d6fd65f22bdc&timestamp=1689135393212 Requested by Host: cdn.staticfile.org URL: https://cdn.staticfile.org/jquery/1.10.2/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:da31 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `8dc1988eec3739141e40a2ad99d074688909520375239340484bc65d852b9cb1` Request headers Accept / Referer http://whanbv.stihkapp.icu/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Wed, 12 Jul 2023 04:16:33 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YIsabhS%2BoQiM44t6BkylZHUHwpOSEORatc%2BfuXl0bGqux4Ru4XiOZ%2BSgG40st7lVAEEm9lEU2H73P14PbJVqM%2B2CEE5CjH0Yvd%2BKeKCKo1FOVDg8zpIznqmoz7%2B8K0lp8zshAjsLSPSieX8Mlkm7v8hMAMJMtH0%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 access-control-allow-origin * cf-ray 7e5678b039ab2c7b-FRA alt-svc h3=":443"; ma=86400
POST		wa_clb_data crashlogs.whatsapp.net/	0 0

GET H2	200	status Show response wjshaiswss.wsteiapp.shop/	2 B 318 B	219ms 218ms	XHR text/html	2606:4700:3037::ac43:da31 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wjshaiswss.wsteiapp.shop/status?uuid=f5d7c725-a96a-4cf2-aa24-d6fd65f22bdc&timestamp=1689135394340 Requested by Host: cdn.staticfile.org URL: https://cdn.staticfile.org/jquery/1.10.2/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:da31 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `cf3bae39dd692048a8bf961182e6a34dfd323eeb0748e162eaf055107f1cb873` Request headers Accept / Referer http://whanbv.stihkapp.icu/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Wed, 12 Jul 2023 04:16:34 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z7iAOHYz1DQrb8VfTYSRnHpNWU4wfWdn%2BtlqHD058AlKtfQmctJCzMePPCMjXTkdKDJwlCsLalP4HWQzd1voY8qbqhfREJIc3oqxJWlc6mZ3obGza%2B7hElilyh95Nsc1mHT0lH4jaszP2IQ6GKwJ%2FezHMiD%2Byos%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 access-control-allow-origin * cf-ray 7e5678b6bef82c7b-FRA alt-svc h3=":443"; ma=86400
GET H2	200	qrcode-f5d7c725-a96a-4cf2-aa24-d6fd65f22bdc Show response wjshaiswss.wsteiapp.shop/	0 271 B	219ms 219ms	XHR text/plain	2606:4700:3037::ac43:da31 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wjshaiswss.wsteiapp.shop/qrcode-f5d7c725-a96a-4cf2-aa24-d6fd65f22bdc?timestamp=1689135394341 Requested by Host: cdn.staticfile.org URL: https://cdn.staticfile.org/jquery/1.10.2/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:da31 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept / Referer http://whanbv.stihkapp.icu/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Wed, 12 Jul 2023 04:16:34 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FiMf36X3xazcvXfAQOSCm%2FrpcGHG0daKWAr5AJ0JRIdLlnzclhczIzMeo9Gr0MeU7074TR9dsgntQ%2FLXQzbnV6flI4ARMvJCKHSikQKpFtRoqP8dVgsy9Wh7mcIIWnyrrnGzR5zPtgkemjGkd8OXmI6aVQavPN8%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 7e5678b6bef92c7b-FRA alt-svc h3=":443"; ma=86400 content-length 0
GET H/1.1	404 Not Found	vendor1.99c20f1ecd87cc34efff.js whanbv.stihkapp.icu/	0 0	314ms 314ms	Script text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://whanbv.stihkapp.icu/vendor1.99c20f1ecd87cc34efff.js Requested by Host: whanbv.stihkapp.icu URL: http://whanbv.stihkapp.icu/WhatsApp_files/progress.d6b49e71f39a81300686.js Protocol HTTP/1.1 Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language nl-NL,nl;q=0.9 Referer http://whanbv.stihkapp.icu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Wed, 12 Jul 2023 04:16:34 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5O48%2FSsrLr9lAY6X0liYC7uoHc%2Bf9k3i4w1diMwUQlFtp2iZbi4Qoo2hlCvpRhE4Z2srpIsZElx7NZy1ZgZIpIc3iim44%2FjUh%2BlkKd3M2G8%2BPQnH2mM24qQS8h762p5sOirK%2F7kPRisX9oKn9Uxtusa%2F"}],"group":"cf-nel","max_age":604800} Content-Type text/html Vary Accept-Encoding Cache-Control max-age=14400 Connection keep-alive CF-RAY 7e5678b7b9ac9b2e-FRA alt-svc h3=":443"; ma=86400
POST		wa_clb_data crashlogs.whatsapp.net/	0 0

GET H3	200	status Show response wjshaiswss.wsteiapp.shop/	2 B 467 B	422ms 421ms	XHR text/html	2606:4700:3037::ac43:da31 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wjshaiswss.wsteiapp.shop/status?uuid=f5d7c725-a96a-4cf2-aa24-d6fd65f22bdc&timestamp=1689135394940 Requested by Host: cdn.staticfile.org URL: https://cdn.staticfile.org/jquery/1.10.2/jquery.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:da31 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `cf3bae39dd692048a8bf961182e6a34dfd323eeb0748e162eaf055107f1cb873` Request headers Accept / Referer http://whanbv.stihkapp.icu/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Wed, 12 Jul 2023 04:16:35 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rTgRYh9RENqBTuEB9Q8rX5Kmj2mNdvmAnb1Ss7FwwEOSSuDqrTmuYi1Zd%2FAc3AwsOAxGDixvvHcGt3mH9bZFD9Mk5BIDfVLQeNiGl0fTDNyKGHCPob6B%2BbP0ZHHt5L%2BShmcGgS5BdULvE2LzDg1%2Bm4%2F0Tr1ThMU%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 access-control-allow-origin * cf-ray 7e5678ba7d995c9e-FRA alt-svc h3=":443"; ma=86400
GET H3	200	qrcode-f5d7c725-a96a-4cf2-aa24-d6fd65f22bdc Show response wjshaiswss.wsteiapp.shop/	0 419 B	422ms 421ms	XHR text/plain	2606:4700:3037::ac43:da31 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wjshaiswss.wsteiapp.shop/qrcode-f5d7c725-a96a-4cf2-aa24-d6fd65f22bdc?timestamp=1689135394941 Requested by Host: cdn.staticfile.org URL: https://cdn.staticfile.org/jquery/1.10.2/jquery.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:da31 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept / Referer http://whanbv.stihkapp.icu/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Wed, 12 Jul 2023 04:16:35 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2Fcc0D4s15mPv%2FxFx08s3Nw4e4AbavoxK1Ddkob%2BhBLobRnt%2BLm5Zdra65uOo0Jf2SwZ4o1VNvlixem59b9cRpUsA0BH6YR83Y7WB0cRXB9dzmcvuwOmlwUvo7%2BaiFBl37y%2FztN%2B2a3X8nRN4x%2Bq6mH0XXGRwzw%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 7e5678ba7d9a5c9e-FRA alt-svc h3=":443"; ma=86400 content-length 0
GET H3	200	status Show response wjshaiswss.wsteiapp.shop/	2 B 438 B	217ms 217ms	XHR text/html	2606:4700:3037::ac43:da31 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wjshaiswss.wsteiapp.shop/status?uuid=f5d7c725-a96a-4cf2-aa24-d6fd65f22bdc&timestamp=1689135395540 Requested by Host: cdn.staticfile.org URL: https://cdn.staticfile.org/jquery/1.10.2/jquery.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:da31 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `cf3bae39dd692048a8bf961182e6a34dfd323eeb0748e162eaf055107f1cb873` Request headers Accept / Referer http://whanbv.stihkapp.icu/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Wed, 12 Jul 2023 04:16:35 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9AQTh2qbbZ4EQS%2FghaSr2ZF%2FhTATagKfauc%2BMLzoLOJ36Wuu9rHcdbVY7H%2B7V%2FCqDrayjrvjfZ%2BXpseTVIWQw4I3eDC9NwB0HdJvN4paFJ7rM6fh0%2FMziwqYKaj7zTPf4vZ%2FtZG6hYGbF3hTHJ0%2F8PhgInU1%2FJ4%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 access-control-allow-origin * cf-ray 7e5678be391b5c9e-FRA alt-svc h3=":443"; ma=86400
GET H3	200	qrcode-f5d7c725-a96a-4cf2-aa24-d6fd65f22bdc Show response wjshaiswss.wsteiapp.shop/	0 420 B	220ms 220ms	XHR text/plain	2606:4700:3037::ac43:da31 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wjshaiswss.wsteiapp.shop/qrcode-f5d7c725-a96a-4cf2-aa24-d6fd65f22bdc?timestamp=1689135395541 Requested by Host: cdn.staticfile.org URL: https://cdn.staticfile.org/jquery/1.10.2/jquery.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:da31 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept / Referer http://whanbv.stihkapp.icu/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Wed, 12 Jul 2023 04:16:35 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GMB%2FcmSvHJRWSGg5FdFzVmb%2FlS4tftMuUrVLv2DzSry9jTfmkVd%2BtoKulJlYPsvlspCLUwwA5RZqDTM0mB0fVG4kXqAdwJEo%2Bo3jZgXvVvGQjMje6tsgsfori78wFxdBTW9t%2FrkDOGJKh2ItonKR2%2BxlXnn3yFw%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 7e5678be391d5c9e-FRA alt-svc h3=":443"; ma=86400 content-length 0
GET H3	200	status Show response wjshaiswss.wsteiapp.shop/	2 B 428 B	228ms 228ms	XHR text/html	2606:4700:3037::ac43:da31 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wjshaiswss.wsteiapp.shop/status?uuid=f5d7c725-a96a-4cf2-aa24-d6fd65f22bdc&timestamp=1689135396140 Requested by Host: cdn.staticfile.org URL: https://cdn.staticfile.org/jquery/1.10.2/jquery.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:da31 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `cf3bae39dd692048a8bf961182e6a34dfd323eeb0748e162eaf055107f1cb873` Request headers Accept / Referer http://whanbv.stihkapp.icu/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Wed, 12 Jul 2023 04:16:36 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3We%2BOt8QrJbcfXk%2BaVmrllX1iLnoapNnjcTWGK68LYRAQaNd95iy6okdqbJCZSDb7qtIRQffc1FAdx3Tr1p0cFXXIS9iS5E7mkjh5ZkvUjiE3j0OBirY0kAWSH7tzWfDB0rclbFHRj5kfdPuS%2BOGL%2F0MdyQ3Mfc%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 access-control-allow-origin * cf-ray 7e5678c1fc2a5c9e-FRA alt-svc h3=":443"; ma=86400
GET H3	200	qrcode-f5d7c725-a96a-4cf2-aa24-d6fd65f22bdc Show response wjshaiswss.wsteiapp.shop/	0 424 B	224ms 224ms	XHR text/plain	2606:4700:3037::ac43:da31 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wjshaiswss.wsteiapp.shop/qrcode-f5d7c725-a96a-4cf2-aa24-d6fd65f22bdc?timestamp=1689135396140 Requested by Host: cdn.staticfile.org URL: https://cdn.staticfile.org/jquery/1.10.2/jquery.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:da31 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept / Referer http://whanbv.stihkapp.icu/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Wed, 12 Jul 2023 04:16:36 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2BrgrYsB8YBHbv%2B326ieoopfhyT1Q9aSlqM%2B%2FYtTkLOBoEOSWbqit0Ho1rWo1cvAN2loIbgfSydQfWAd2EY1kJt%2FHcZibm%2F855p%2FDrbTmWWE7Hf%2FiNr1Z42Jw%2B1Z8qfkwPcBXLITYjAthDbfcJ%2FlVMi1oxNSWAM%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 7e5678c1fc2b5c9e-FRA alt-svc h3=":443"; ma=86400 content-length 0
GET H3	200	status Show response wjshaiswss.wsteiapp.shop/	2 B 425 B	223ms 223ms	XHR text/html	2606:4700:3037::ac43:da31 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wjshaiswss.wsteiapp.shop/status?uuid=f5d7c725-a96a-4cf2-aa24-d6fd65f22bdc&timestamp=1689135396740 Requested by Host: cdn.staticfile.org URL: https://cdn.staticfile.org/jquery/1.10.2/jquery.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:da31 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `cf3bae39dd692048a8bf961182e6a34dfd323eeb0748e162eaf055107f1cb873` Request headers Accept / Referer http://whanbv.stihkapp.icu/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Wed, 12 Jul 2023 04:16:36 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XzCsmxKI1e4skf0lngD7dxJZmYVPV1lCIzSHAuq2HH0e8FnGLE1ynv9dGB%2FV7rtTRDmHXfZw8p9liW8nyk4966WxiaW7lcMEptTqUX2VzzlMD2PiNxyQyUbYHaBRZhuYGjocLLwbj6dEPGdzdTEL503tabFSckM%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 access-control-allow-origin * cf-ray 7e5678c5bf5e5c9e-FRA alt-svc h3=":443"; ma=86400
GET H3	200	qrcode-f5d7c725-a96a-4cf2-aa24-d6fd65f22bdc Show response wjshaiswss.wsteiapp.shop/	0 425 B	221ms 221ms	XHR text/plain	2606:4700:3037::ac43:da31 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wjshaiswss.wsteiapp.shop/qrcode-f5d7c725-a96a-4cf2-aa24-d6fd65f22bdc?timestamp=1689135396741 Requested by Host: cdn.staticfile.org URL: https://cdn.staticfile.org/jquery/1.10.2/jquery.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:da31 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept / Referer http://whanbv.stihkapp.icu/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Wed, 12 Jul 2023 04:16:36 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2IwlftNIF7GDHVGLnRF72ESvV7KLBnAjQqTBg4W2EZUaVLes9ICGeAb47CZMPVqY%2By2JS3i%2BZ3ioUpys7CJ%2FGJ%2FFdgyXwgv%2BvFvX%2FDPDkJ%2BeFYtBhSJHkufQ9%2FCayM41voPttwd%2B2j6AZ0BTeLhdSC7TLdkuLUw%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 7e5678c5bf5f5c9e-FRA alt-svc h3=":443"; ma=86400 content-length 0
GET H/1.1	404 Not Found	vendor1.99c20f1ecd87cc34efff.js whanbv.stihkapp.icu/	0 0	30ms 30ms	Script text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://whanbv.stihkapp.icu/vendor1.99c20f1ecd87cc34efff.js Requested by Host: whanbv.stihkapp.icu URL: http://whanbv.stihkapp.icu/WhatsApp_files/progress.d6b49e71f39a81300686.js Protocol HTTP/1.1 Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language nl-NL,nl;q=0.9 Referer http://whanbv.stihkapp.icu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Wed, 12 Jul 2023 04:16:36 GMT Content-Encoding gzip CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Age 2 Transfer-Encoding chunked Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9UCuJNDWeqMe4HjPYltm%2FtRqqncXJgbBsg%2Fs9NKvCjpF2E1%2FQDCONQxEpL%2FqPA4h%2B%2BnWiZcsIpTF1K0UoYlv0INxtcxtHpERR0XFfJeaaeAfcau7onIR1LHEjeUAXJwyoUAz1ZVxlMcugS6c6PwvJUyN"}],"group":"cf-nel","max_age":604800} Content-Type text/html Vary Accept-Encoding Cache-Control max-age=14400 Connection keep-alive CF-RAY 7e5678c63c069b2e-FRA alt-svc h3=":443"; ma=86400
POST		wa_clb_data crashlogs.whatsapp.net/	0 0

GET H3	200	status Show response wjshaiswss.wsteiapp.shop/	2 B 431 B	226ms 226ms	XHR text/html	2606:4700:3037::ac43:da31 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wjshaiswss.wsteiapp.shop/status?uuid=f5d7c725-a96a-4cf2-aa24-d6fd65f22bdc&timestamp=1689135397340 Requested by Host: cdn.staticfile.org URL: https://cdn.staticfile.org/jquery/1.10.2/jquery.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:da31 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `cf3bae39dd692048a8bf961182e6a34dfd323eeb0748e162eaf055107f1cb873` Request headers Accept / Referer http://whanbv.stihkapp.icu/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Wed, 12 Jul 2023 04:16:37 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qNgyAo73jX2jx42LBRayGqfdm97ns4pOTPEaQC5ruQ%2FcASxYsAV8W%2FXLQM0ItcV2ubpNSQnZvl63bKOGql2sHdTDC2xBlRHvO3i3zDjE3zkVU5i%2FxBEEc2hhafNhbZch4eT5BxejMVWIDR8KZzOQhqibqH%2B7%2FKU%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 access-control-allow-origin * cf-ray 7e5678c97a255c9e-FRA alt-svc h3=":443"; ma=86400
GET H3	200	qrcode-f5d7c725-a96a-4cf2-aa24-d6fd65f22bdc Show response wjshaiswss.wsteiapp.shop/	0 420 B	225ms 225ms	XHR text/plain	2606:4700:3037::ac43:da31 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wjshaiswss.wsteiapp.shop/qrcode-f5d7c725-a96a-4cf2-aa24-d6fd65f22bdc?timestamp=1689135397340 Requested by Host: cdn.staticfile.org URL: https://cdn.staticfile.org/jquery/1.10.2/jquery.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:da31 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept / Referer http://whanbv.stihkapp.icu/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Wed, 12 Jul 2023 04:16:37 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tNp897gAxT82OoT7B3vM%2BwJ%2B1X%2B62hnuRZ3MWrksftBPu%2BNfTbUhfXcy5uNuq%2FtOYT0jrqpD6fImS6i9gmVMZJzynIbByoaG3rlYb5Vs2%2BfprcVvjmU4N3qzDWuPSRxUqjAi7lHF0TEV8jPixecYDdY%2Bch7Qrr4%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 7e5678c97a265c9e-FRA alt-svc h3=":443"; ma=86400 content-length 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: crashlogs.whatsapp.net
URL: https://crashlogs.whatsapp.net/wa_clb_data?access_token=1063127757113399%7C745146ffa34413f9dbb5469f5370b7af

Domain: crashlogs.whatsapp.net
URL: https://crashlogs.whatsapp.net/wa_clb_data?access_token=1063127757113399%7C745146ffa34413f9dbb5469f5370b7af

Domain: crashlogs.whatsapp.net
URL: https://crashlogs.whatsapp.net/wa_clb_data?access_token=1063127757113399%7C745146ffa34413f9dbb5469f5370b7af

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: WhatsApp (Instant Messenger)

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://whanbv.stihkapp.icu/vendor1.99c20f1ecd87cc34efff.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://whanbv.stihkapp.icu/vendor2.ec3b8281cb6ba51b3d53.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://whanbv.stihkapp.icu/WhatsApp_files/progress.d6b49e71f39a81300686.js(Line 1) Message: WebSocket connection to 'wss://web.whatsapp.com/ws' failed: Error during WebSocket handshake: Unexpected response code: 404
network	error	URL: http://whanbv.stihkapp.icu/app.fcc4530fc12b9a9a1faa.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
javascript	error	URL: http://whanbv.stihkapp.icu/ Message: Access to XMLHttpRequest at 'https://crashlogs.whatsapp.net/wa_clb_data?access_token=1063127757113399%7C745146ffa34413f9dbb5469f5370b7af' from origin 'http://whanbv.stihkapp.icu' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'https://facebook.com' that is not equal to the supplied origin.
network	error	URL: https://crashlogs.whatsapp.net/wa_clb_data?access_token=1063127757113399%7C745146ffa34413f9dbb5469f5370b7af Message: Failed to load resource: net::ERR_FAILED
network	error	URL: http://whanbv.stihkapp.icu/vendor1.99c20f1ecd87cc34efff.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
javascript	error	URL: http://whanbv.stihkapp.icu/ Message: Access to XMLHttpRequest at 'https://crashlogs.whatsapp.net/wa_clb_data?access_token=1063127757113399%7C745146ffa34413f9dbb5469f5370b7af' from origin 'http://whanbv.stihkapp.icu' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'https://facebook.com' that is not equal to the supplied origin.
network	error	URL: https://crashlogs.whatsapp.net/wa_clb_data?access_token=1063127757113399%7C745146ffa34413f9dbb5469f5370b7af Message: Failed to load resource: net::ERR_FAILED
network	error	URL: http://whanbv.stihkapp.icu/vendor1.99c20f1ecd87cc34efff.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
javascript	error	URL: http://whanbv.stihkapp.icu/ Message: Access to XMLHttpRequest at 'https://crashlogs.whatsapp.net/wa_clb_data?access_token=1063127757113399%7C745146ffa34413f9dbb5469f5370b7af' from origin 'http://whanbv.stihkapp.icu' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'https://facebook.com' that is not equal to the supplied origin.
network	error	URL: https://crashlogs.whatsapp.net/wa_clb_data?access_token=1063127757113399%7C745146ffa34413f9dbb5469f5370b7af Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.staticfile.org
crashlogs.whatsapp.net
whanbv.stihkapp.icu
wjshaiswss.wsteiapp.shop
crashlogs.whatsapp.net
163.181.92.229
2606:4700:3037::ac43:da31
2a06:98c1:3120::3
1b2bfdf80fe17afbad9f97d38204fee5975f0b18d993e44783654d15481f7392
65dc95f0c6c655162478c4ad552330a77cf38f31a94ba0646c20d1761de554ab
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
8dc1988eec3739141e40a2ad99d074688909520375239340484bc65d852b9cb1
956a484097417e953d97fd922b864bb9584bf8d619b53df91ceed45092ddf3ae
cc4c1420afc60b8d8cab06a650c3e5616217dda0ed312b4bbd9a5cc58c322a6f
cf3bae39dd692048a8bf961182e6a34dfd323eeb0748e162eaf055107f1cb873
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eed719fe88e29805f771d5bf24fb97a8c83023837a8ff0030214720387e2af67

whanbv.stihkapp.icu Open in urlscan Pro 2a06:98c1:3120::3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

28 Requests

54 %HTTPS

67 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

149 kBTransfer

433 kBSize

0 Cookies

0 Outgoing links

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

20 JavaScript Global Variables

0 Cookies

12 Console Messages

Indicators

whanbv.stihkapp.icu Open in urlscan Pro
2a06:98c1:3120::3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

54 %
HTTPS

67 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

149 kB
Transfer

433 kB
Size

0
Cookies

28 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!