yweb.wfgrrr.club Open in urlscan Pro
2606:4700:3036::ac43:8bf4  Malicious Activity! Public Scan

URL: http://yweb.wfgrrr.club/?gclid=EAIaIQobChMIw9TjqPDUgAMVC6WWCh2VjQfREAMYASAAEgKMJvD_BwE
Submission: On August 22 via api from US — Scanned from US

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 15 HTTP transactions. The main IP is 2606:4700:3036::ac43:8bf4, located in United States and belongs to CLOUDFLARENET, US. The main domain is yweb.wfgrrr.club.
This is the only time yweb.wfgrrr.club was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: WhatsApp (Instant Messenger)

Domain & IP information

IP Address AS Autonomous System
8 2606:4700:303... 13335 (CLOUDFLAR...)
1 240e:908:8003... 137698 (CHINATELE...)
5 2606:4700:303... 13335 (CLOUDFLAR...)
15 4
Apex Domain
Subdomains
Transfer
8 wfgrrr.club
yweb.wfgrrr.club
195 KB
5 anscxnyfrtg.com
16srv.anscxnyfrtg.com
11 KB
1 staticfile.org
cdn.staticfile.org — Cisco Umbrella Rank: 55793
33 KB
0 whatsapp.com Failed
web.whatsapp.com Failed
15 4
Domain Requested by
8 yweb.wfgrrr.club yweb.wfgrrr.club
5 16srv.anscxnyfrtg.com
1 cdn.staticfile.org yweb.wfgrrr.club
0 web.whatsapp.com Failed yweb.wfgrrr.club
15 4

This site contains links to these domains. Also see Links.

Domain
whaydf.yexap.site
faq.whatsapp.com
Subject Issuer Validity Valid
*.staticfile.org
GeoTrust RSA CN CA G2
2022-09-05 -
2023-10-03
a year crt.sh
anscxnyfrtg.com
GTS CA 1P5
2023-08-04 -
2023-11-02
3 months crt.sh

This page contains 1 frames:

Primary Page: http://yweb.wfgrrr.club/?gclid=EAIaIQobChMIw9TjqPDUgAMVC6WWCh2VjQfREAMYASAAEgKMJvD_BwE
Frame ID: 528E97F7ADA13156C92DE65CE4E0C8DF
Requests: 15 HTTP requests in this frame

Screenshot

Page Title

WhatsApp

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

40 %
HTTPS

100 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

239 kB
Transfer

696 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
yweb.wfgrrr.club/
25 KB
10 KB
Document
General
Full URL
http://yweb.wfgrrr.club/?gclid=EAIaIQobChMIw9TjqPDUgAMVC6WWCh2VjQfREAMYASAAEgKMJvD_BwE
Protocol
HTTP/1.1
Server
2606:4700:3036::ac43:8bf4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9295a6ed18d9d2b4862a98086cd85f881656426850489e30849de791b6dd6191

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
7fae193f6c4142e5-EWR
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Tue, 22 Aug 2023 21:09:45 GMT
Last-Modified
Sat, 19 Aug 2023 08:48:50 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4O2XZ7PslvEwgq8HO%2BtNpoGGu1zxbEz1ROoPZC27S98%2FCQ0gtB92c7CT4FW0v4yXi7k1kn9nhURIlFpnWab%2BMUyEmpLEpY%2BYzgN2PvmY8VS6JbbpZ9WFJpvWXy1JvuzReilVqspxk2ZZBJvRDLbz"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
jquery.min.js
cdn.staticfile.org/jquery/1.10.2/
91 KB
33 KB
Script
General
Full URL
https://cdn.staticfile.org/jquery/1.10.2/jquery.min.js
Requested by
Host: yweb.wfgrrr.club
URL: http://yweb.wfgrrr.club/?gclid=EAIaIQobChMIw9TjqPDUgAMVC6WWCh2VjQfREAMYASAAEgKMJvD_BwE
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:908:8003:1:3::3fe , China, ASN137698 (CHINATELECOM-HEILONGJIANG-HANAN-IDC HaerbingHeilongjiang Province, P.R.China., CN),
Reverse DNS
Software
Tengine /
Resource Hash
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

Request headers

accept-language
en-US,en;q=0.9
Referer
http://yweb.wfgrrr.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

X-Log
X-Log
Date
Tue, 22 Aug 2023 16:12:15 GMT
Via
cache52.l2cn3102[46,45,304-0,M], cache4.l2cn3102[47,0], vcache10.cn3465[0,0,200-0,H], vcache7.cn3465[6,0]
Content-Encoding
gzip
X-Svr
IO
X-Reqid
iDYAAAB8a3OKwH0X
Age
17851
X-Swift-CacheTime
86400
X-Cache
HIT TCP_MEM_HIT dirn:11:256307308
Content-Transfer-Encoding
binary
Content-Disposition
inline; filename="jquery.min.js"; filename*=utf-8''jquery.min.js
Connection
keep-alive
X-Swift-SaveTime
Tue, 22 Aug 2023 16:12:15 GMT
Content-Length
32989
Last-Modified
Tue, 16 Feb 2016 04:22:54 GMT
Server
Tengine
Etag
"FuLzYD4jcR9kRvJ4pBHZBWI9ZSAe.gz"
Access-Control-Max-Age
2592000
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Ali-Swift-Global-Savetime
1692720735
Access-Control-Expose-Headers
X-Log, X-Reqid
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
X-Qiniu-Zone
0
Timing-Allow-Origin
*
EagleId
2a65001b16927385867698623e
qrcode.min.js
yweb.wfgrrr.club/
0
0
Script
General
Full URL
http://yweb.wfgrrr.club/qrcode.min.js
Requested by
Host: yweb.wfgrrr.club
URL: http://yweb.wfgrrr.club/?gclid=EAIaIQobChMIw9TjqPDUgAMVC6WWCh2VjQfREAMYASAAEgKMJvD_BwE
Protocol
HTTP/1.1
Server
2606:4700:3036::ac43:8bf4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://yweb.wfgrrr.club/?gclid=EAIaIQobChMIw9TjqPDUgAMVC6WWCh2VjQfREAMYASAAEgKMJvD_BwE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Tue, 22 Aug 2023 21:09:46 GMT
Content-Encoding
gzip
CF-Cache-Status
EXPIRED
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0rrfDns2FdkIEcTnrlfCQmF9TsqJLf7rOUQB%2Buf7HP4WlKI8QmQu6kkFfFxlvH07HQzAE%2ByyYhNm7whn7dhp2D3Yhpx20ncKVl%2Fjpxa7BtleHreTlR2csI8UD7GCQh10cbPF7NKHzSWj0tdm%2FosM"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html
Vary
Accept-Encoding
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
7fae1942ef6442e5-EWR
alt-svc
h3=":443"; ma=86400
stylex-ce269a9819ee8f292840728689a22cc5.css
yweb.wfgrrr.club/WhatsApp_files/
175 KB
50 KB
Stylesheet
General
Full URL
http://yweb.wfgrrr.club/WhatsApp_files/stylex-ce269a9819ee8f292840728689a22cc5.css
Requested by
Host: yweb.wfgrrr.club
URL: http://yweb.wfgrrr.club/?gclid=EAIaIQobChMIw9TjqPDUgAMVC6WWCh2VjQfREAMYASAAEgKMJvD_BwE
Protocol
HTTP/1.1
Server
2606:4700:3036::ac43:8bf4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
775fafc214e32a36e2a39e694322fed097e37d964c9dce65663655b64492d068

Request headers

accept-language
en-US,en;q=0.9
Referer
http://yweb.wfgrrr.club/?gclid=EAIaIQobChMIw9TjqPDUgAMVC6WWCh2VjQfREAMYASAAEgKMJvD_BwE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Tue, 22 Aug 2023 21:09:46 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Last-Modified
Thu, 17 Aug 2023 19:01:45 GMT
Server
cloudflare
ETag
W/"64de6e99-2bb72"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MO9OiLAH3tbkqs5dYLqc46BhpUG2KBsf57pukVadzOGqMI3wDHq1Kzu2WrumiGXntwFlNPyw2e2yHozDea8eTh79xNkq1jMeI8%2Be9bgHlgFdjk3iyN25KVMvvr5IYDxiMPAEpzPgf6nX3FybhrQ7"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=43200
CF-RAY
7fae1942e877438d-EWR
Expires
Wed, 23 Aug 2023 09:09:46 GMT
app-6d34864fd47903428794.css
yweb.wfgrrr.club/WhatsApp_files/
187 KB
66 KB
Stylesheet
General
Full URL
http://yweb.wfgrrr.club/WhatsApp_files/app-6d34864fd47903428794.css
Requested by
Host: yweb.wfgrrr.club
URL: http://yweb.wfgrrr.club/?gclid=EAIaIQobChMIw9TjqPDUgAMVC6WWCh2VjQfREAMYASAAEgKMJvD_BwE
Protocol
HTTP/1.1
Server
2606:4700:3036::ac43:8bf4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69acbe3d7c92af1a509b7351cabfac35b356c18eef8c9299f5ac354acfdba079

Request headers

accept-language
en-US,en;q=0.9
Referer
http://yweb.wfgrrr.club/?gclid=EAIaIQobChMIw9TjqPDUgAMVC6WWCh2VjQfREAMYASAAEgKMJvD_BwE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Tue, 22 Aug 2023 21:09:46 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Last-Modified
Thu, 17 Aug 2023 19:01:35 GMT
Server
cloudflare
ETag
W/"64de6e8f-2eab4"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pqla0AFOVmKIe880H9RRa974ZE7BnG8gVLl3NpyMp2C8udwxcvu6Q%2FOXj1QD8XQDvppHRoey5FSs%2BK5fuw7q39hDD9e06KjpMdfmRELFYdAZBEa3p9uB%2B5AkD12uOqD9L9X9mPib1%2F8VI3oRB1AE"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=43200
CF-RAY
7fae1942ef8f4375-EWR
Expires
Wed, 23 Aug 2023 09:09:46 GMT
main~.b66100b3486cd1857cd3.css
yweb.wfgrrr.club/WhatsApp_files/
21 KB
6 KB
Stylesheet
General
Full URL
http://yweb.wfgrrr.club/WhatsApp_files/main~.b66100b3486cd1857cd3.css
Requested by
Host: yweb.wfgrrr.club
URL: http://yweb.wfgrrr.club/?gclid=EAIaIQobChMIw9TjqPDUgAMVC6WWCh2VjQfREAMYASAAEgKMJvD_BwE
Protocol
HTTP/1.1
Server
2606:4700:3036::ac43:8bf4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a636dbd66666f13902713e7bc7d2e1cab497b299f533495759a2c68c459c5a4

Request headers

accept-language
en-US,en;q=0.9
Referer
http://yweb.wfgrrr.club/?gclid=EAIaIQobChMIw9TjqPDUgAMVC6WWCh2VjQfREAMYASAAEgKMJvD_BwE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Tue, 22 Aug 2023 21:09:46 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
3032
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Last-Modified
Thu, 17 Aug 2023 19:01:43 GMT
Server
cloudflare
ETag
W/"64de6e97-55b9"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gHTADxJ0nnqyMythDtoPDBsC3ZyCCXYcSnZsReLujoRy8t3Mvo4iX8mkSjW152o7dBR7rmK7x%2BD462eI0LcJqtSY%2BtlKbHnhVTdHZetk0phmvAlA2Z6Om9iXP53CkV8KwIX5bTkJMEvYl8vvFMjb"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=43200
CF-RAY
7fae1942eebe42cf-EWR
Expires
Wed, 23 Aug 2023 08:19:14 GMT
main.fdf0caa2786c3269572d.css
yweb.wfgrrr.club/WhatsApp_files/
150 KB
37 KB
Stylesheet
General
Full URL
http://yweb.wfgrrr.club/WhatsApp_files/main.fdf0caa2786c3269572d.css
Requested by
Host: yweb.wfgrrr.club
URL: http://yweb.wfgrrr.club/?gclid=EAIaIQobChMIw9TjqPDUgAMVC6WWCh2VjQfREAMYASAAEgKMJvD_BwE
Protocol
HTTP/1.1
Server
2606:4700:3036::ac43:8bf4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79acde4aa0ad3feafd96271141640066d0c52c050724b13272b1ca3d6930f8d1

Request headers

accept-language
en-US,en;q=0.9
Referer
http://yweb.wfgrrr.club/?gclid=EAIaIQobChMIw9TjqPDUgAMVC6WWCh2VjQfREAMYASAAEgKMJvD_BwE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Tue, 22 Aug 2023 21:09:46 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Last-Modified
Thu, 17 Aug 2023 19:01:43 GMT
Server
cloudflare
ETag
W/"64de6e97-257df"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=noKNosk2guRcOwO7J927580URupcjkMlu580zrpHXLCAfmHB33olLf3sTlNKLZjyz6D6Ep7tcshwCsISDDBlE%2FwA6NLvSFU0yu4F5XYqJL9%2FgtKFjV0yZUq4ZWJed6lWMgrqHPrmwt8WTq7J4JYd"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=43200
CF-RAY
7fae1942e81a32d9-EWR
Expires
Wed, 23 Aug 2023 09:09:46 GMT
qr-video_0c6ec69b054fdeb31cf3e5e10290fd8e.png
yweb.wfgrrr.club/WhatsApp_files/
16 KB
17 KB
Image
General
Full URL
http://yweb.wfgrrr.club/WhatsApp_files/qr-video_0c6ec69b054fdeb31cf3e5e10290fd8e.png
Requested by
Host: yweb.wfgrrr.club
URL: http://yweb.wfgrrr.club/?gclid=EAIaIQobChMIw9TjqPDUgAMVC6WWCh2VjQfREAMYASAAEgKMJvD_BwE
Protocol
HTTP/1.1
Server
2606:4700:3036::ac43:8bf4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d980ab372658f4c7c8f07d730ef6dc67e3fb3471f37928274f915c0308850994

Request headers

Referer
http://yweb.wfgrrr.club/?gclid=EAIaIQobChMIw9TjqPDUgAMVC6WWCh2VjQfREAMYASAAEgKMJvD_BwE
Origin
http://yweb.wfgrrr.club
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Tue, 22 Aug 2023 21:09:46 GMT
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
16259
Last-Modified
Thu, 17 Aug 2023 19:01:44 GMT
Server
cloudflare
ETag
"64de6e98-3f83"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x135Wq26nBA%2FXP3C6RMt59wmsveqDJI%2BFPdCbsv7BXn8tQTHOlQe6pGavu%2FfyekeJNIGOELEpQEx6Gu%2BBzQ9R6eBP1yIYRGJu01FDi3OH8J%2BOoY72c%2FYvXP1%2Bpqr1LCnmVvMIbSLDtc35%2BqhcV2q"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=2592000
Accept-Ranges
bytes
CF-RAY
7fae1945db304375-EWR
Expires
Thu, 21 Sep 2023 21:09:46 GMT
binary-transparency-manifest-2.2325.3.json
web.whatsapp.com/
0
0

main.js
yweb.wfgrrr.club/
23 KB
9 KB
Script
General
Full URL
http://yweb.wfgrrr.club/main.js?ver=7.15b
Requested by
Host: yweb.wfgrrr.club
URL: http://yweb.wfgrrr.club/?gclid=EAIaIQobChMIw9TjqPDUgAMVC6WWCh2VjQfREAMYASAAEgKMJvD_BwE
Protocol
HTTP/1.1
Server
2606:4700:3036::ac43:8bf4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82ce4cc05c54c0f013f3d5de0ff009acd0e22ca0e050c94359271ac63a209e66

Request headers

accept-language
en-US,en;q=0.9
Referer
http://yweb.wfgrrr.club/?gclid=EAIaIQobChMIw9TjqPDUgAMVC6WWCh2VjQfREAMYASAAEgKMJvD_BwE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Tue, 22 Aug 2023 21:09:46 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Last-Modified
Sat, 19 Aug 2023 08:48:41 GMT
Server
cloudflare
ETag
W/"64e081e9-5bac"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lc%2FOovo6%2BPAy74ZHzx6OxJFQq5exE7bYSRiXSblp1Sv3b%2BgNtYH37E7MIs%2B53BH0m1pqgLar%2BH8XJ6BJZPn3k%2Fshq%2Fq8IZUQd7MDvH55n6poeuZ9aScm23DSwIxNskXnV3waCTa3hePlkcMDLEV%2F"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=43200
CF-RAY
7fae1944d9c44375-EWR
Expires
Wed, 23 Aug 2023 09:09:46 GMT
6f7e8e87-3e98-4ee2-992f-5f307ae82119.png
16srv.anscxnyfrtg.com/qrcodes/
2 KB
2 KB
Image
General
Full URL
https://16srv.anscxnyfrtg.com/qrcodes/6f7e8e87-3e98-4ee2-992f-5f307ae82119.png?1692738588844
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
f5a70fda609c2d58bbe8725c317e222cbab1e1fa977314c56b245c4240083ac9

Request headers

accept-language
en-US,en;q=0.9
Referer
http://yweb.wfgrrr.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 21:09:49 GMT
cf-cache-status
MISS
last-modified
Tue, 22 Aug 2023 21:08:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"69f-18a1f142e53"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=88i4bGrfHN5E4roxJ%2BZMvQ57PiXqYN%2BbsSMNIoeAw1V9GRtSAB7x3sYNxqiopvwBurgDH8%2BFF%2F5VjuCfKEdRGbkbz9osBYxa358kK8x3Z8OacL0dvMo1Pt8SUgdoOiLh%2BGUjzj0bdIMr%2BOGQXV%2BHO0a2vXA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7fae1955aa6b19e7-EWR
alt-svc
h3=":443"; ma=86400
content-length
1695
6f7e8e87-3e98-4ee2-992f-5f307ae82119.png
16srv.anscxnyfrtg.com/qrcodes/
2 KB
2 KB
Image
General
Full URL
https://16srv.anscxnyfrtg.com/qrcodes/6f7e8e87-3e98-4ee2-992f-5f307ae82119.png?1692738591853
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
1daa343fb80d565a7616601a75a1c25b8f4e1c654e8760c717fa8f6f915c93d5

Request headers

accept-language
en-US,en;q=0.9
Referer
http://yweb.wfgrrr.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 21:09:52 GMT
cf-cache-status
MISS
last-modified
Tue, 22 Aug 2023 21:09:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"6aa-18a1f1518b8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zNC6r6gB4qxRP0gsRiOBahZ7pv29%2FqjhsB0qYeHDTlXsqNFyBo9sGGuqCHZoYZWpjGG1DiSeZGLXa9SQyDgNQIYJwKmK1%2F5I4O6ZSNlHm0Vv%2F%2Bbfwz85666UTRBrH%2FEtjgScw%2BCYuPQuqkO9nH10gRTwnUs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7fae19672eba19e7-EWR
alt-svc
h3=":443"; ma=86400
content-length
1706
6f7e8e87-3e98-4ee2-992f-5f307ae82119.png
16srv.anscxnyfrtg.com/qrcodes/
2 KB
2 KB
Image
General
Full URL
https://16srv.anscxnyfrtg.com/qrcodes/6f7e8e87-3e98-4ee2-992f-5f307ae82119.png?1692738594850
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
1daa343fb80d565a7616601a75a1c25b8f4e1c654e8760c717fa8f6f915c93d5

Request headers

accept-language
en-US,en;q=0.9
Referer
http://yweb.wfgrrr.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 21:09:55 GMT
cf-cache-status
MISS
last-modified
Tue, 22 Aug 2023 21:09:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"6aa-18a1f1518b8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2Fk%2FJuI%2BqlUlpBSjl6EXkNeYW5TLDoQi95J%2BV2%2FuUcCwJ7RXbyomphlHTr9Hya59yt%2FZa9sd22ovxkoKe4CmNyaHNsuyqEJKBI4mppL3ZU9Wljilt%2B01UFp0qGIPUcQXKRFh6YRGAtNsqxlTY2VU5Jlyemk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7fae197a6e2419e7-EWR
alt-svc
h3=":443"; ma=86400
content-length
1706
6f7e8e87-3e98-4ee2-992f-5f307ae82119.png
16srv.anscxnyfrtg.com/qrcodes/
2 KB
2 KB
Image
General
Full URL
https://16srv.anscxnyfrtg.com/qrcodes/6f7e8e87-3e98-4ee2-992f-5f307ae82119.png?1692738597848
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
1daa343fb80d565a7616601a75a1c25b8f4e1c654e8760c717fa8f6f915c93d5

Request headers

accept-language
en-US,en;q=0.9
Referer
http://yweb.wfgrrr.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 21:09:58 GMT
cf-cache-status
MISS
last-modified
Tue, 22 Aug 2023 21:09:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"6aa-18a1f1518b8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3kDogvYsXAyc%2FArlEXlcKCZRj3G%2B5fEWLnLflXBG09W5SXHA2%2FJpChRBi4MB1dpU%2Fz8XLAGdhq7KygcKh5%2FLZhjWWobT%2FzM5%2FNhKYAY6Z7cYaJCfrbNW%2BQhoA%2BCQ8LGoMFzLEHkP2DJT6gqZKgeTcdttR2Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7fae198c9dcd19e7-EWR
alt-svc
h3=":443"; ma=86400
content-length
1706
6f7e8e87-3e98-4ee2-992f-5f307ae82119.png
16srv.anscxnyfrtg.com/qrcodes/
2 KB
2 KB
Image
General
Full URL
https://16srv.anscxnyfrtg.com/qrcodes/6f7e8e87-3e98-4ee2-992f-5f307ae82119.png?1692738600848
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2d41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
1daa343fb80d565a7616601a75a1c25b8f4e1c654e8760c717fa8f6f915c93d5

Request headers

accept-language
en-US,en;q=0.9
Referer
http://yweb.wfgrrr.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 21:10:01 GMT
cf-cache-status
MISS
last-modified
Tue, 22 Aug 2023 21:09:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"6aa-18a1f1518b8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wykce0jwJ2n2fmI%2BXo5uIk2b5Z8Rqo8KsUabeMjGy1u0XEmDdFUEPMuFM6kNcqzl9zV7vfOpmlPCfOkt4uazb6LtjPBkG2%2BGmvPHnPWO6oyFmx0cssallaM1Pbngyw1s1wvv4dujKZynKZoZy8MNecFLeC8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7fae199f5e9a19e7-EWR
alt-svc
h3=":443"; ma=86400
content-length
1706

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
web.whatsapp.com
URL
https://web.whatsapp.com/binary-transparency-manifest-2.2325.3.json

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: WhatsApp (Instant Messenger)

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| guid function| getUUID string| uuid boolean| systemThemeDark object| theme object| systemThemeMode object| systemTheme boolean| darkTheme object| webpackChunkwhatsapp_web_client function| version_ function| _0x3f21f7 string| srv number| i_referer number| isEnable function| _0x3e2f function| _0x2c83 function| xorEncryptDecrypt object| ws function| status_callback function| refershQrCode boolean| webdriver object| json number| code string| qrcode_text

0 Cookies

3 Console Messages

Source Level URL
Text
network error URL: http://yweb.wfgrrr.club/qrcode.min.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
javascript error URL: http://yweb.wfgrrr.club/?gclid=EAIaIQobChMIw9TjqPDUgAMVC6WWCh2VjQfREAMYASAAEgKMJvD_BwE
Message:
Access to link element resource at 'https://web.whatsapp.com/binary-transparency-manifest-2.2325.3.json' from origin 'http://yweb.wfgrrr.club' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://web.whatsapp.com/binary-transparency-manifest-2.2325.3.json
Message:
Failed to load resource: net::ERR_FAILED