ann.what0htdhv.cyou Open in urlscan Pro
2606:4700:3031::6815:3a32 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ann.what0htdhv.cyou/
Submission: On July 08 via api (July 8th 2024, 8:35:42 pm UTC) from US — Scanned from DE

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 13 HTTP transactions. The main IP is 2606:4700:3031::6815:3a32, located in United States and belongs to CLOUDFLARENET, US. The main domain is ann.what0htdhv.cyou.
TLS certificate: Issued by WE1 on July 7th 2024. Valid for: 3 months.

This is the only time ann.what0htdhv.cyou was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: WhatsApp (Instant Messenger)

Domain & IP information

	IP Address		AS Autonomous System
13	2606:4700:303... 2606:4700:3031::6815:3a32		13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2

13 2606:4700:3031::6815:3a32 (United States)

ASN13335 (CLOUDFLARENET, US)

ann.what0htdhv.cyou	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	what0htdhv.cyou ann.what0htdhv.cyou	405 KB
13	1

	Domain	Requested by
13	ann.what0htdhv.cyou	ann.what0htdhv.cyou
13	1

This site contains no links.

Subject Issuer	Validity	Valid
what0htdhv.cyou WE1	`2024-07-07` - `2024-10-05`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://ann.what0htdhv.cyou/
Frame ID: 946E73EED79337C25DC649A8378CDA26
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ann.what0htdhv.cyou

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Page Statistics

13
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

405 kB
Transfer

1335 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response ann.what0htdhv.cyou/	1 KB 946 B	498ms 466ms	Document text/html	2606:4700:3031::6815:3a32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ann.what0htdhv.cyou/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:3a32 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `94d19eed9a1fee2cef132d393711f3756b5835ac48a1b1c1ef9e1496d05dacfe` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8a02dc993afb6922-FRA content-encoding br content-type text/html date Mon, 08 Jul 2024 20:35:36 GMT last-modified Sun, 07 Jul 2024 13:01:07 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XYeut2j16QvxL1G9x8LBq9v9t4Y3Kp%2BN1q2BcGw3ho29D00J8EChUXvtwDwcdsBiueB0%2BMET1fjWvM%2BojygUgBRlrzkdy2wgq2K906PLiexv0kaXEG3TEqmPRagpzGa3gS%2F7XhF76zE6pQNfDAEMVbvd"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H3	200	1eeIM8Xgjv.css ann.what0htdhv.cyou/static/css/	624 KB 167 KB	647ms 646ms	Stylesheet text/css	2606:4700:3031::6815:3a32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ann.what0htdhv.cyou/static/css/1eeIM8Xgjv.css Requested by Host: ann.what0htdhv.cyou URL: https://ann.what0htdhv.cyou/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:3a32 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0d01d617f126f1ea839757569abad5dd9ab1e99248b8ab635076d9a015487f87` Request headers Referer https://ann.what0htdhv.cyou/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 08 Jul 2024 20:35:37 GMT content-encoding gzip cf-cache-status MISS last-modified Sun, 07 Jul 2024 13:01:07 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"668a9193-9c092" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jf3C3MWRk7mOjkrsw0l5UFh7vMWrcsf4%2Ffhm1TyEmzC5MBGLL09wM8eVHCs7QTzK3Zjvod3uj5lG6AD8lAqYegCCvuew6ghe4dxpHgjr6WvvDfxA%2Fqzm0SwKgQzXWr2B1LdDnBPRnSXRD3qHIGAKMu1x"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 8a02dc9c3ef66922-FRA alt-svc h3=":443"; ma=86400
GET H3	200	b84OfEIlk7.css ann.what0htdhv.cyou/static/css/	1 KB 904 B	478ms 478ms	Stylesheet text/css	2606:4700:3031::6815:3a32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ann.what0htdhv.cyou/static/css/b84OfEIlk7.css Requested by Host: ann.what0htdhv.cyou URL: https://ann.what0htdhv.cyou/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:3a32 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `759dc14a647618bcae5099437c89998c28a2828fd56784bf1ce88edea1c037fa` Request headers Referer https://ann.what0htdhv.cyou/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 08 Jul 2024 20:35:37 GMT content-encoding gzip cf-cache-status MISS last-modified Sun, 07 Jul 2024 13:01:07 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"668a9193-47e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z9YSgarBzm3D1LQt%2BYQUmUxa1XsqQVcvj8nZEJA6R5yhs%2BmkyJ2sEnRvakXlkgmmgGIKYB%2F1Bkm9C4%2BlfWPP3v6n8tbliqT8UNYUP4xLIPTsoM%2FZ9fMN7q6wzbxbm2QbFHsXx7m0%2FkdaxbFp6HEPdSCl"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 8a02dc9c3ef86922-FRA alt-svc h3=":443"; ma=86400
GET H3	200	LESdw6Pt.js Show response ann.what0htdhv.cyou/static/js/	25 KB 9 KB	432ms 431ms	Script application/javascript	2606:4700:3031::6815:3a32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ann.what0htdhv.cyou/static/js/LESdw6Pt.js Requested by Host: ann.what0htdhv.cyou URL: https://ann.what0htdhv.cyou/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:3a32 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1160f4a3691e84eeb85fece0b9d6682661c35f7aba056b30697bffae9d69be5e` Request headers Referer https://ann.what0htdhv.cyou/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 08 Jul 2024 20:35:37 GMT content-encoding gzip cf-cache-status MISS last-modified Sun, 07 Jul 2024 13:01:07 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"668a9193-6354" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rGad90lE7P0J8sNn8DXf0sqz1NupZKAUVtfQH%2BrWewmdc0juRicTRDLQFJEfW6kRUzMh89EFrTGH0hJ%2FxslazbmOqMm8bVpL%2BRzOTTjgoPaKHZ6wp5oio2o7UgSuxApclUllSVThlmCZcaIrmxxcn8e7"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 8a02dc9c3ef96922-FRA alt-svc h3=":443"; ma=86400
GET H3	200	f3NB4y7ZDM.js Show response ann.what0htdhv.cyou/static/js/	517 KB 166 KB	700ms 699ms	Script application/javascript	2606:4700:3031::6815:3a32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ann.what0htdhv.cyou/static/js/f3NB4y7ZDM.js Requested by Host: ann.what0htdhv.cyou URL: https://ann.what0htdhv.cyou/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:3a32 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `306871f8a6eb477bdee44bccf7282e04e33b9c82353084e89f6f15212babe953` Request headers Referer https://ann.what0htdhv.cyou/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 08 Jul 2024 20:35:37 GMT content-encoding gzip cf-cache-status MISS last-modified Sun, 07 Jul 2024 13:01:07 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"668a9193-814c0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dSV2R1EvbsCocGrX4LPDt2qlLnSvTp%2Fh%2FYeFMVrId4HzuWsW7VRyrttB0hAaw7nHR2AQA4hYgAV8HuNp%2F%2BKzFAenlFWRmBCnbLrC%2Fp1tYDWpanoPnJ%2BMVaO4oM7fNUCwibZptxUo%2FBwLKZPZDxsdyIHd"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 8a02dc9c3efb6922-FRA alt-svc h3=":443"; ma=86400
GET H3	200	644OfEIlk7.css ann.what0htdhv.cyou/static/css/	0 1 KB	470ms 470ms	Other text/css	2606:4700:3031::6815:3a32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ann.what0htdhv.cyou/static/css/644OfEIlk7.css Requested by Host: ann.what0htdhv.cyou URL: https://ann.what0htdhv.cyou/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:3a32 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://ann.what0htdhv.cyou/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 08 Jul 2024 20:35:37 GMT content-encoding gzip cf-cache-status MISS last-modified Sun, 07 Jul 2024 13:01:07 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"668a9193-e93" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mXgPotgfKyVU0dVcc9fLvbTgk4AurWfWGlWMExtceP0XaAfppqDwkc3uIGA%2B2SfX%2BsQh%2Fgjf67CsiJNeK%2BFXHbkpmn6G5cNDrJ5A8oKYU7ANfDjrZCC%2B48f2uvK8naC%2ByYsAPRuOvEveKCGGNXFbLbbz"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 8a02dc9c3f006922-FRA alt-svc h3=":443"; ma=86400
GET H3	200	8c4OfEIlk7.css ann.what0htdhv.cyou/static/css/	0 627 B	479ms 479ms	Other text/css	2606:4700:3031::6815:3a32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ann.what0htdhv.cyou/static/css/8c4OfEIlk7.css Requested by Host: ann.what0htdhv.cyou URL: https://ann.what0htdhv.cyou/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:3a32 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://ann.what0htdhv.cyou/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 08 Jul 2024 20:35:37 GMT content-encoding br cf-cache-status MISS last-modified Sun, 07 Jul 2024 13:01:07 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"668a9193-16f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WSEc76NYyG28Dc5lha2BJnXBIgjynhawL59cv8rMygsF3sMv59oDZMwA4ie0XVEkI8VcQuyo8nDHEpaLAF7DeLLTgGFMoe24vtWZyKqRZpb%2FONWKyaepzSsjUh%2FUaSV2Zjbv4UYgiknpfAPEbDCExSVd"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 8a02dc9c3f046922-FRA alt-svc h3=":443"; ma=86400
GET H3	200	19NB4y7ZDM.js ann.what0htdhv.cyou/static/js/	0 38 KB	674ms 673ms	Other application/javascript	2606:4700:3031::6815:3a32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ann.what0htdhv.cyou/static/js/19NB4y7ZDM.js Requested by Host: ann.what0htdhv.cyou URL: https://ann.what0htdhv.cyou/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:3a32 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://ann.what0htdhv.cyou/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 08 Jul 2024 20:35:37 GMT content-encoding gzip cf-cache-status MISS last-modified Sun, 07 Jul 2024 13:01:07 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"668a9193-22440" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uLYxMjzOtuzXF9HhudpDrZVfynfcnmcIgvNIBgJ1WjHQKDtY5fbbOjXneGUd8X1WOFvoGtsILz%2BLwIwpQCVXQcpqQsggYxFBMW5EHAM8xrsmLh09jid9xgUlOX47zXQr29qNH8KUw73nDEQLQWFnLnYG"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 8a02dc9c3f066922-FRA alt-svc h3=":443"; ma=86400
GET H3	200	f9NB4y7ZDM.js ann.what0htdhv.cyou/static/js/	0 4 KB	478ms 478ms	Other application/javascript	2606:4700:3031::6815:3a32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ann.what0htdhv.cyou/static/js/f9NB4y7ZDM.js Requested by Host: ann.what0htdhv.cyou URL: https://ann.what0htdhv.cyou/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:3a32 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://ann.what0htdhv.cyou/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 08 Jul 2024 20:35:37 GMT content-encoding gzip cf-cache-status MISS last-modified Sun, 07 Jul 2024 13:01:07 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"668a9193-2237" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vr7XiMLon8%2FEdlEka9RntoYwKRrHLOPbdd%2BHSGwagVxWqn9kWk%2F6GyqoMMGtYW%2FiHcy5KSTFnWGys%2BZI3KpS6FHx9TbTNGpzQdprOcm4GU%2FKQo42u2CUZoNgSQuPmwpKlXRVfPrJ9PLiSdpBg5YRG%2Fd6"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 8a02dc9c3f086922-FRA alt-svc h3=":443"; ma=86400
GET H3	200	644OfEIlk7.css ann.what0htdhv.cyou/static/css/	4 KB 0	0ms 0ms	Stylesheet text/css	2606:4700:3031::6815:3a32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ann.what0htdhv.cyou/static/css/644OfEIlk7.css Requested by Host: ann.what0htdhv.cyou URL: https://ann.what0htdhv.cyou/static/js/LESdw6Pt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:3a32 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f9d1c35016f08c47c1867183e2347313bd84811083c2451d5d522967f1d15eb0` Request headers Referer https://ann.what0htdhv.cyou/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 08 Jul 2024 20:35:37 GMT content-encoding gzip cf-cache-status MISS last-modified Sun, 07 Jul 2024 13:01:07 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"668a9193-e93" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mXgPotgfKyVU0dVcc9fLvbTgk4AurWfWGlWMExtceP0XaAfppqDwkc3uIGA%2B2SfX%2BsQh%2Fgjf67CsiJNeK%2BFXHbkpmn6G5cNDrJ5A8oKYU7ANfDjrZCC%2B48f2uvK8naC%2ByYsAPRuOvEveKCGGNXFbLbbz"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 8a02dc9c3f006922-FRA alt-svc h3=":443"; ma=86400
GET H3	200	19NB4y7ZDM.js Show response ann.what0htdhv.cyou/static/js/	137 KB 0	1ms 1ms	Script application/javascript	2606:4700:3031::6815:3a32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ann.what0htdhv.cyou/static/js/19NB4y7ZDM.js Requested by Host: ann.what0htdhv.cyou URL: https://ann.what0htdhv.cyou/static/js/LESdw6Pt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:3a32 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `087519851ff3b71f5e7657b93bfa027c3e70a68e144abdf4094cb41ff75058f4` Request headers Referer https://ann.what0htdhv.cyou/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 08 Jul 2024 20:35:37 GMT content-encoding gzip cf-cache-status MISS last-modified Sun, 07 Jul 2024 13:01:07 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"668a9193-22440" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uLYxMjzOtuzXF9HhudpDrZVfynfcnmcIgvNIBgJ1WjHQKDtY5fbbOjXneGUd8X1WOFvoGtsILz%2BLwIwpQCVXQcpqQsggYxFBMW5EHAM8xrsmLh09jid9xgUlOX47zXQr29qNH8KUw73nDEQLQWFnLnYG"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 8a02dc9c3f066922-FRA alt-svc h3=":443"; ma=86400
GET H3	200	qr-video.0c6ec69b.png ann.what0htdhv.cyou/static/img/	16 KB 16 KB	686ms 686ms	Image image/png	2606:4700:3031::6815:3a32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ann.what0htdhv.cyou/static/img/qr-video.0c6ec69b.png Requested by Host: ann.what0htdhv.cyou URL: https://ann.what0htdhv.cyou/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:3a32 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d980ab372658f4c7c8f07d730ef6dc67e3fb3471f37928274f915c0308850994` Request headers Referer https://ann.what0htdhv.cyou/ Origin https://ann.what0htdhv.cyou User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 08 Jul 2024 20:35:39 GMT cf-cache-status MISS last-modified Sun, 07 Jul 2024 13:01:07 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "668a9193-3f83" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SLAnUx6QlssznTu0vO%2Fb8lqtDRpR1kZkLZW6Dh0RRvwXevJGAvv68aokpHcmexlxhF9cGizVNJ9gce6SDIIT6IVjxorX2W%2BXps01P37Tkl5sAaFUhLZFavMdguT1mJXe1ZlBxl1jfnxBH0OdkXUuIDiS"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 8a02dca56a876922-FRA alt-svc h3=":443"; ma=86400 content-length 16259
GET H3	200	favicon.ico ann.what0htdhv.cyou/	787 B 1 KB	467ms 466ms	Other image/x-icon	2606:4700:3031::6815:3a32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ann.what0htdhv.cyou/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:3a32 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d0cadf240e89340b93df35240e7809039c1c574be05fbe2cf3243e2f487bc9ec` Request headers Referer https://ann.what0htdhv.cyou/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 08 Jul 2024 20:35:39 GMT content-encoding br cf-cache-status MISS last-modified Sun, 07 Jul 2024 13:01:07 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"668a9193-313" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yzjksvpeh7fKDoaL4DdSOFjvF4Mum9DuT3AY7Bm2G1BmW%2FFsyDMrm%2BA4OOUEvWKT%2BJn9vtlM07N82iC7P3PIEKKUnl5%2FdBE%2FxIaG%2BkYs5bbgn0oe5%2FIBDRLgUxWbHKDt%2FWZnS2%2BpBOEMDDhWcG3gIyVX"}],"group":"cf-nel","max_age":604800} content-type image/x-icon cache-control max-age=14400 cf-ray 8a02dca9c8026922-FRA alt-svc h3=":443"; ma=86400
GET DATA	200 OK	truncated /	85 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `4a711f5cd03c09fd79ae2f19bb2f71168e71c18b7562626a1ae8d99ebc3212ff` Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/gif
GET DATA	200 OK	truncated /	9 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `a6d7f70edcfc650a270cc68ad12770b28e58b3de73dd37ecb49b207d81695bf6` Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: WhatsApp (Instant Messenger)

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ann.what0htdhv.cyou
2606:4700:3031::6815:3a32
087519851ff3b71f5e7657b93bfa027c3e70a68e144abdf4094cb41ff75058f4
0d01d617f126f1ea839757569abad5dd9ab1e99248b8ab635076d9a015487f87
1160f4a3691e84eeb85fece0b9d6682661c35f7aba056b30697bffae9d69be5e
306871f8a6eb477bdee44bccf7282e04e33b9c82353084e89f6f15212babe953
4a711f5cd03c09fd79ae2f19bb2f71168e71c18b7562626a1ae8d99ebc3212ff
759dc14a647618bcae5099437c89998c28a2828fd56784bf1ce88edea1c037fa
94d19eed9a1fee2cef132d393711f3756b5835ac48a1b1c1ef9e1496d05dacfe
a6d7f70edcfc650a270cc68ad12770b28e58b3de73dd37ecb49b207d81695bf6
d0cadf240e89340b93df35240e7809039c1c574be05fbe2cf3243e2f487bc9ec
d980ab372658f4c7c8f07d730ef6dc67e3fb3471f37928274f915c0308850994
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f9d1c35016f08c47c1867183e2347313bd84811083c2451d5d522967f1d15eb0

ann.what0htdhv.cyou Open in urlscan Pro 2606:4700:3031::6815:3a32 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

405 kBTransfer

1335 kBSize

0 Cookies

0 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

19 JavaScript Global Variables

0 Cookies

Indicators

ann.what0htdhv.cyou Open in urlscan Pro
2606:4700:3031::6815:3a32 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

405 kB
Transfer

1335 kB
Size

0
Cookies

13 HTTP transactions
2 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!