urlscan.io logo urlscan.io
SecurityTrails logo

wantsapp.fun Open in urlscan Pro
2606:4700:3033::ac43:a480  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.confirma.infoturism.net/
Effective URL: https://wantsapp.fun/?clickid=2064477444
Submission: On August 06 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 5 countries across 10 domains to perform 22 HTTP transactions. The main IP is 2606:4700:3033::ac43:a480, located in United States and belongs to CLOUDFLARENET, US. The main domain is wantsapp.fun.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 16th 2021. Valid for: a year.
This is the only time wantsapp.fun was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    188.212.255.216 (Romania)

ASN203053 (CLAUSWEB, RO)
PTR: cw188-bab-bee216.romania-webhosting.com
www.confirma.infoturism.net
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a04:4e42:3::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
3    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700:3031::ac43:b5d1 (United States)

ASN13335 (CLOUDFLARENET, US)
chat.110007.xyz
1    2606:4700:3035::ac43:bd54 (United States)

ASN13335 (CLOUDFLARENET, US)
110005.xyz
1    2001:41d0:203:2511::1 (France)

ASN16276 (OVH, FR)
s.deltraff.com
11    2606:4700:3033::ac43:a480 (United States)

ASN13335 (CLOUDFLARENET, US)
wantsapp.fun
2    109.206.162.83 (Netherlands)

ASN50245 (SERVEREL-AS, NL)
PTR: 83.162.serverel.net
trtjigpsscmv9epe10.com
1    2600:9000:2190:6800:14:cff3:2b80:21 (United States)

ASN16509 (AMAZON-02, US)
d227cncaprzd7y.cloudfront.net
Domain Requested by
11 wantsapp.fun s.deltraff.com
wantsapp.fun
3 fonts.gstatic.com fonts.googleapis.com
2 trtjigpsscmv9epe10.com wantsapp.fun
2 www.confirma.infoturism.net www.confirma.infoturism.net
1 d227cncaprzd7y.cloudfront.net wantsapp.fun
1 s.deltraff.com www.confirma.infoturism.net
1 110005.xyz 1 redirects
1 chat.110007.xyz 1 redirects
1 cdn.jsdelivr.net www.confirma.infoturism.net
1 fonts.googleapis.com www.confirma.infoturism.net
22 10

This site contains links to these domains. Also see Links.

Domain
s.deltraff.com
Subject Issuer Validity Valid
*.infoturism.net
R3		 2021-08-06 -
2021-11-04		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-30 -
2022-06-01		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
s.deltraff.com
R3		 2021-07-21 -
2021-10-19		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-16 -
2022-07-15		 a year crt.sh
trtjigpsscmv9epe10.com
R3		 2021-06-06 -
2021-09-04		 3 months crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh

This page contains 1 frames:

Primary Page: https://wantsapp.fun/?clickid=2064477444
Frame ID: 73CA7EAD8F26D44C3F38E5C0A7EA28F4
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.confirma.infoturism.net/ Page URL
  2. https://chat.110007.xyz/?offer=911&uid=c1c4341f-b248-41d7-bc7a-bbee1135384b HTTP 302
    https://110005.xyz/?offer=585&uid=c1c4341f-b248-41d7-bc7a-bbee1135384b HTTP 302
    https://s.deltraff.com/?k=5eb6c8dd4487e Page URL
  3. https://wantsapp.fun/?clickid=2064477444 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^LiteSpeed$/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

22
Requests

100 %
HTTPS

80 %
IPv6

10
Domains

10
Subdomains

8
IPs

5
Countries

620 kB
Transfer

1203 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.confirma.infoturism.net/ Page URL
  2. https://chat.110007.xyz/?offer=911&uid=c1c4341f-b248-41d7-bc7a-bbee1135384b HTTP 302
    https://110005.xyz/?offer=585&uid=c1c4341f-b248-41d7-bc7a-bbee1135384b HTTP 302
    https://s.deltraff.com/?k=5eb6c8dd4487e Page URL
  3. https://wantsapp.fun/?clickid=2064477444 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://chat.110007.xyz/?offer=911&uid=c1c4341f-b248-41d7-bc7a-bbee1135384b HTTP 302
  • https://110005.xyz/?offer=585&uid=c1c4341f-b248-41d7-bc7a-bbee1135384b HTTP 302
  • https://s.deltraff.com/?k=5eb6c8dd4487e

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www.confirma.infoturism.net/ 		1 KB
889 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.confirma.infoturism.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
188.212.255.216 , Romania, ASN203053 (CLAUSWEB, RO),
Reverse DNS
cw188-bab-bee216.romania-webhosting.com
Software
LiteSpeed /
Resource Hash
bcf5b69515c3d09b8ea2f68e7f432f69f591facdcbeb40a8d537fafc75564c69

Request headers

:method
GET
:authority
www.confirma.infoturism.net
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html
last-modified
Tue, 06 Jul 2021 11:13:30 GMT
accept-ranges
bytes
content-encoding
br
vary
Accept-Encoding
content-length
633
date
Fri, 06 Aug 2021 18:30:57 GMT
server
LiteSpeed
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
css
fonts.googleapis.com/ 		13 KB
994 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,700,300italic,400italic,700italic
Requested by
Host: www.confirma.infoturism.net
URL: https://www.confirma.infoturism.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
935a5d597d4798d93483a89122e391cfe188f8d943c25c977d414e7da8009efc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.confirma.infoturism.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 06 Aug 2021 18:12:24 GMT
server
ESF
date
Fri, 06 Aug 2021 18:30:56 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 06 Aug 2021 18:30:56 GMT
styles.css
www.confirma.infoturism.net/css/ 		198 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.confirma.infoturism.net/css/styles.css
Requested by
Host: www.confirma.infoturism.net
URL: https://www.confirma.infoturism.net/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
188.212.255.216 , Romania, ASN203053 (CLAUSWEB, RO),
Reverse DNS
cw188-bab-bee216.romania-webhosting.com
Software
LiteSpeed /
Resource Hash
f8a9f8d764e513d2d76dc48c07611f7a6cf16c11b95a6e2727b91e6630030db3

Request headers

:path
/css/styles.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.confirma.infoturism.net
referer
https://www.confirma.infoturism.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.confirma.infoturism.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 18:30:58 GMT
content-encoding
br
last-modified
Tue, 06 Jul 2021 07:08:52 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
23680
expires
Fri, 13 Aug 2021 18:30:58 GMT
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/ 		77 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js
Requested by
Host: www.confirma.infoturism.net
URL: https://www.confirma.infoturism.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.confirma.infoturism.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
3177427
x-jsd-version
5.0.2
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
22442
etag
W/"13397-kBFpUnUH/55mLPZNjjYfNZMIlw0"
x-served-by
cache-fra19134-FRA
x-jsd-version-type
version
date
Fri, 06 Aug 2021 18:30:56 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,700,300italic,400italic,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.confirma.infoturism.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 20:30:51 GMT
x-content-type-options
nosniff
age
338405
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15764
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:17 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 Aug 2022 20:30:51 GMT
6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZclSds18Q.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZclSds18Q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,700,300italic,400italic,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f7a0936b6088ba92724552532f25bc5265a9683af16678aecfe3a7f67423004
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.confirma.infoturism.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 11:53:57 GMT
x-content-type-options
nosniff
age
283019
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15188
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:11:13 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Aug 2022 11:53:57 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,700,300italic,400italic,700italic
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.confirma.infoturism.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 13:27:21 GMT
x-content-type-options
nosniff
age
277415
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16112
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:09 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Aug 2022 13:27:21 GMT
/
s.deltraff.com/
Redirect Chain
  • https://chat.110007.xyz/?offer=911&uid=c1c4341f-b248-41d7-bc7a-bbee1135384b
  • https://110005.xyz/?offer=585&uid=c1c4341f-b248-41d7-bc7a-bbee1135384b
  • https://s.deltraff.com/?k=5eb6c8dd4487e
221 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.deltraff.com/?k=5eb6c8dd4487e
Requested by
Host: www.confirma.infoturism.net
URL: https://www.confirma.infoturism.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:41d0:203:2511::1 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:method
GET
:authority
s.deltraff.com
:scheme
https
:path
/?k=5eb6c8dd4487e
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://www.confirma.infoturism.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.confirma.infoturism.net/

Response headers

server
nginx
date
Fri, 06 Aug 2021 18:30:58 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
TA2667=1; expires=Fri, 06-Aug-2021 19:00:58 GMT; Max-Age=1800; path=/; secure; SameSite=None TAcku=1; expires=Sat, 07-Aug-2021 06:30:58 GMT; Max-Age=43200; path=/; secure; SameSite=None
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
expires
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip

Redirect headers

date
Fri, 06 Aug 2021 18:30:58 GMT
content-type
text/html; charset=UTF-8
location
https://s.deltraff.com/?k=5eb6c8dd4487e
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2BsujuypQCsjsvTva3ykVtgskg9VrB%2F3REr5S78QW7SNiZxDj975yubcGn2AUwXp%2BJm8r6oiGQY%2FveyQiQKjxdd71Kq1UuqEm2H9yDImkhSuJyoLSlKjODmW%2FHt9%2BqRdkXPP6ZLr5h%2BU"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
67aa56e7afe9535d-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Primary Request /
wantsapp.fun/ 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wantsapp.fun/?clickid=2064477444
Requested by
Host: s.deltraff.com
URL: https://s.deltraff.com/?k=5eb6c8dd4487e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a480 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
827214aa8086c5aa4b8d0a920e7eb9aea314717671fa491793f292386587aac5

Request headers

:method
GET
:authority
wantsapp.fun
:scheme
https
:path
/?clickid=2064477444
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://s.deltraff.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://s.deltraff.com/

Response headers

date
Fri, 06 Aug 2021 18:30:58 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
set-cookie
wantsp-visited=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AzVaj7zPSKVcfp7QY6AqVQfO3%2BNBr1Owb6VpMtGXQUkTfyFEPrGv1glEngDuKYBbGWfiULgHTlcfY2Hc5yxvRmX7cIb3L0LJbtTZz9A3WuT%2FzOYh3Anuig8%2Fe6z8xH8B2%2FK2Yo2547ES5AY%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
67aa56e87bc02c56-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
main.css
wantsapp.fun/files/ 		7 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wantsapp.fun/files/main.css
Requested by
Host: wantsapp.fun
URL: https://wantsapp.fun/?clickid=2064477444
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a480 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf870f77175286775f5f42905d8425a3b8b078f6eb5313d49ab27952dae86a15

Request headers

:path
/files/main.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
wantsapp.fun
referer
https://wantsapp.fun/?clickid=2064477444
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://wantsapp.fun/?clickid=2064477444
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 18:30:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 30 Oct 2019 15:56:21 GMT
server
cloudflare
age
5459
etag
W/"5db9b2a5-1c4b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7XXb7R7BCiE%2B0PZM38zLgbHitw7bQtezJY3d%2FqkSIBcRg2%2BALPUVrZV37%2BILnLAOSShQSA5IU1qE7%2FxlOHtQf5O9j4WRsRkfvh7yM7mg67pMIn%2BWN2gN9u0ih0HpO2ZEZw5hBFI%2Ben1aWzg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67aa56e98c9642f1-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
code.js
trtjigpsscmv9epe10.com/i/npage/1794176/ 		233 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trtjigpsscmv9epe10.com/i/npage/1794176/code.js
Requested by
Host: wantsapp.fun
URL: https://wantsapp.fun/?clickid=2064477444
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
3826f95713462e1ae2b0c186907389ee27a7e7357793792708f3ccc41d715813

Request headers

Referer
https://wantsapp.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 18:30:58 GMT
content-encoding
gzip
last-modified
Mon, 02 Aug 2021 13:43:26 GMT
server
nginx
etag
W/"6107f67e-3a34c"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
lib.js
trtjigpsscmv9epe10.com/pn21ywqw/z/sc/scssx/1794175/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trtjigpsscmv9epe10.com/pn21ywqw/z/sc/scssx/1794175/lib.js
Requested by
Host: wantsapp.fun
URL: https://wantsapp.fun/?clickid=2064477444
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
44c5f2e4cb6c2c7a5065c811d2caa6c7d561283a0cf3b761cf7a77beca8efb69

Request headers

Referer
https://wantsapp.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 18:30:59 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
/
d227cncaprzd7y.cloudfront.net/ 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d227cncaprzd7y.cloudfront.net/?acncd=905183
Requested by
Host: wantsapp.fun
URL: https://wantsapp.fun/?clickid=2064477444
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:6800:14:cff3:2b80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
512d255a96b4746e1c1581aa30c27d9ca99822ad0a640b80c88ffad70d9b3de6

Request headers

Referer
https://wantsapp.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Aug 2021 18:30:58 GMT
content-encoding
gzip
x-amz-cf-pop
ZRH50-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length
48609
via
1.1 697e9166a29142e018dae0e083c25f18.cloudfront.net (CloudFront)
x-amz-cf-id
oO9AP4MpLduLzs98Rj0TxYNAqtOrN9ch91s0WYAx7D88MQHecnsV_w==
p1.jpg
wantsapp.fun/media/ 		119 KB
120 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wantsapp.fun/media/p1.jpg
Requested by
Host: wantsapp.fun
URL: https://wantsapp.fun/?clickid=2064477444
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a480 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35d24553fad74164efc8528a4ab74e9358951a885378fb3562595413553b39f6

Request headers

:path
/media/p1.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
wantsapp.fun
referer
https://wantsapp.fun/?clickid=2064477444
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://wantsapp.fun/?clickid=2064477444
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 18:30:59 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3514
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
122096
last-modified
Wed, 30 Oct 2019 15:56:22 GMT
server
cloudflare
etag
"5db9b2a6-1dcf0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T37tuYlaFSFwxRzmZP9mLmrBLB4SU8hD93uJHNICBTRf9947hGRXosPNlOKdQ8h5KJcWv5Mxoqp4UU75jDVfD7AD1C7wlzQuVs0ANZkZILjkvmOgaNV3rV67MlIzM15IQKz0hjIDcD7vNso%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
67aa56ead84742f1-FRA
beso.png
wantsapp.fun/files/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wantsapp.fun/files/beso.png
Requested by
Host: wantsapp.fun
URL: https://wantsapp.fun/?clickid=2064477444
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a480 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e9b9aae52fe0c31a007d77aaf94ec2c00d5cb53006722196d6740a877417d23

Request headers

:path
/files/beso.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
wantsapp.fun
referer
https://wantsapp.fun/?clickid=2064477444
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://wantsapp.fun/?clickid=2064477444
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 18:30:59 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5347
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
3903
last-modified
Wed, 30 Oct 2019 15:56:20 GMT
server
cloudflare
etag
"5db9b2a4-f3f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fWkM6gULsY1frKSus48%2B7lh5WeuKIudLvnmy06Osznhw1dUGVngPfxgULPAWnKyUbuUP0ihHCw9tY3nJ4LB7RanR3GA2ySPcKGeA%2FR8jfvxmB%2B6mEYdRSLUuGCT72PzxSTVuKUkmKeVWfWQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
67aa56eae86a42f1-FRA
besos.png
wantsapp.fun/files/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wantsapp.fun/files/besos.png
Requested by
Host: wantsapp.fun
URL: https://wantsapp.fun/?clickid=2064477444
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a480 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e47fe1928b2853d7f6ec254a3d051d8e72f965376a5272992b7c963ca633804

Request headers

:path
/files/besos.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
wantsapp.fun
referer
https://wantsapp.fun/?clickid=2064477444
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://wantsapp.fun/?clickid=2064477444
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 18:30:59 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5347
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
3721
last-modified
Wed, 30 Oct 2019 15:56:20 GMT
server
cloudflare
etag
"5db9b2a4-e89"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9T5CxghHvvIr5iOPaffVHAdaEFu2Bc840mCSPqrE8puk%2FxsHCWd2cdHWgYdIqbgmqZcdvkh2BrFBGu5WrgqV%2FxkEZcHgAFCiJc9hJuq40MsBenXXc2FRFzg5Rj2QJFUZKNRz4u%2B8wlWYmX8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
67aa56eae86f42f1-FRA
carita.png
wantsapp.fun/files/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wantsapp.fun/files/carita.png
Requested by
Host: wantsapp.fun
URL: https://wantsapp.fun/?clickid=2064477444
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a480 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8b4c0ce74d8cc3fc124d97e390d4ceef68d888fd36b4dbf3ff9fa33df47e101

Request headers

:path
/files/carita.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
wantsapp.fun
referer
https://wantsapp.fun/?clickid=2064477444
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://wantsapp.fun/?clickid=2064477444
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 18:30:59 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5347
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
6209
last-modified
Wed, 30 Oct 2019 15:56:21 GMT
server
cloudflare
etag
"5db9b2a5-1841"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2BZy%2FfPtck38B67vDWN8zHlns1aM%2B%2B3IVm6rgVdrL639WVEa8Msa7QC%2FK08Wo9tZ4VNhLjGuEmeqhjgA2I2yJjHy%2BGefDxUF1PhcQG6Gh0TkaP8Y4SVRu5g8AoqBf2euWgbzbqamrrx%2FKxU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
67aa56eae87142f1-FRA
enviar.png
wantsapp.fun/files/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wantsapp.fun/files/enviar.png
Requested by
Host: wantsapp.fun
URL: https://wantsapp.fun/?clickid=2064477444
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a480 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0422bc484069bc137717aa57e0419ed4f6aa17504d06a07a36688cedc785f01

Request headers

:path
/files/enviar.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
wantsapp.fun
referer
https://wantsapp.fun/?clickid=2064477444
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://wantsapp.fun/?clickid=2064477444
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 18:30:59 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5368
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
3547
last-modified
Wed, 30 Oct 2019 15:56:21 GMT
server
cloudflare
etag
"5db9b2a5-ddb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=utylWB2sJQM%2FQGWc92%2BLvPPH%2FBmd4jN%2FQ%2FzQqcnAc%2B%2FplRopYgSEWh0n7DEUZyMkIOZScPhx2Ijac5gkDO59zi0ox2U66TLIhRmeYwvczU%2BetZeTHWkoHykI22WQYlQ2SyawWZcWgsXItXQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
67aa56eae87642f1-FRA
jquery-3.0.0.min.js
wantsapp.fun/files/ 		84 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wantsapp.fun/files/jquery-3.0.0.min.js
Requested by
Host: wantsapp.fun
URL: https://wantsapp.fun/?clickid=2064477444
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a480 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d

Request headers

:path
/files/jquery-3.0.0.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
wantsapp.fun
referer
https://wantsapp.fun/?clickid=2064477444
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://wantsapp.fun/?clickid=2064477444
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 18:30:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 30 Oct 2019 15:56:21 GMT
server
cloudflare
age
5459
etag
W/"5db9b2a5-15145"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CeW9%2FZRDgpEp91ja89laWZ%2Bm%2FM0Hc3TRajzae%2B73blkwQCuHIgm9wLNXr1JOsMrEyttgnwo2L0Fh45yNAJnkp%2B7BQdou1NxpbDA4Css2L0sBlbfXYwBB4rTxY1%2Fs4nSCKk7xcz9Hjvddd%2BE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67aa56e9dd7742f1-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
fondowsp.png
wantsapp.fun/files/ 		215 KB
216 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wantsapp.fun/files/fondowsp.png
Requested by
Host: wantsapp.fun
URL: https://wantsapp.fun/files/main.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a480 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba4c00a7a4798bb779e708b3a2108efd4eb500e6d36922f5dee4d05b28714bd2

Request headers

:path
/files/fondowsp.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
wantsapp.fun
referer
https://wantsapp.fun/files/main.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://wantsapp.fun/files/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 18:30:59 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5347
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
220101
last-modified
Wed, 30 Oct 2019 15:56:21 GMT
server
cloudflare
etag
"5db9b2a5-35bc5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LYsffmf2FEIR62ZT1dAWngvpV1PU%2FYt3Q4E2XPjOA8Az3uT8AsHDpeO7U79XVr2HWJE2wVMW8FmOaBxqPfzRqQAGxdXN3mlX0Ot5m39yUyRDU%2FqxibWhVknu%2FkXY89nvPgkdLhyoF6V7wKk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
67aa56eaf88142f1-FRA
cabfd.png
wantsapp.fun/files/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wantsapp.fun/files/cabfd.png
Requested by
Host: wantsapp.fun
URL: https://wantsapp.fun/files/main.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a480 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42d2fcb81efbe198a0b7c82ee13d36a531481ec812bb183014caaaccf86cb3d5

Request headers

:path
/files/cabfd.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
wantsapp.fun
referer
https://wantsapp.fun/files/main.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://wantsapp.fun/files/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 18:30:59 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1492
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
3176
last-modified
Wed, 30 Oct 2019 15:56:20 GMT
server
cloudflare
etag
"5db9b2a4-c68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KFhpqJbnOcG6IahZqoGNND9nQxD6GyC63Xm527S%2FRZ9z%2B4KY3r8pchHqEfkrh9Tf5obPDhrbdzMaU%2Fc2hMVDKUqk%2Bu2xkUUlSe%2FURSHIJmlPCR3TQGLkmWQs2jIGE1082htgfjzgt00OuTM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
67aa56eaf88542f1-FRA
ge.png
wantsapp.fun/files/ 		533 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wantsapp.fun/files/ge.png
Requested by
Host: wantsapp.fun
URL: https://wantsapp.fun/files/main.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a480 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e2ae4ae93aa30992eef607e6b28423bc7f226ed6cca922467d9d03e5072cdc6

Request headers

:path
/files/ge.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
wantsapp.fun
referer
https://wantsapp.fun/files/main.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://wantsapp.fun/files/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 18:30:59 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1492
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
533
last-modified
Wed, 30 Oct 2019 15:56:21 GMT
server
cloudflare
etag
"5db9b2a5-215"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qTqI447b3ltNDPadvjrCw0fZjnS0LOTALIg6ODFnV53%2B2tAmXTtHNbXB8OomPiTVZOnfOQ007Z%2BFTNamEkgIvE%2FDO3N1103rP63a3l8XEDq4ZmfQUYRgKnneHnmJj%2FGYKGfZ%2FsAB%2F5%2B9dus%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
67aa56eaf88942f1-FRA

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated number| X0TTTT function| K2f function| F0hh function| S0hh undefined| handleException function| O7FF function| _cl1kprpbfrg1mg1hagnggi function| $ function| jQuery function| g4ii

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

110005.xyz
cdn.jsdelivr.net
chat.110007.xyz
d227cncaprzd7y.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
s.deltraff.com
trtjigpsscmv9epe10.com
wantsapp.fun
www.confirma.infoturism.net
109.206.162.83
188.212.255.216
2001:41d0:203:2511::1
2600:9000:2190:6800:14:cff3:2b80:21
2606:4700:3031::ac43:b5d1
2606:4700:3033::ac43:a480
2606:4700:3035::ac43:bd54
2a00:1450:4001:812::2003
2a00:1450:4001:831::200a
2a04:4e42:3::485
1f7a0936b6088ba92724552532f25bc5265a9683af16678aecfe3a7f67423004
24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
35d24553fad74164efc8528a4ab74e9358951a885378fb3562595413553b39f6
3826f95713462e1ae2b0c186907389ee27a7e7357793792708f3ccc41d715813
3e9b9aae52fe0c31a007d77aaf94ec2c00d5cb53006722196d6740a877417d23
42d2fcb81efbe198a0b7c82ee13d36a531481ec812bb183014caaaccf86cb3d5
44c5f2e4cb6c2c7a5065c811d2caa6c7d561283a0cf3b761cf7a77beca8efb69
512d255a96b4746e1c1581aa30c27d9ca99822ad0a640b80c88ffad70d9b3de6
6e47fe1928b2853d7f6ec254a3d051d8e72f965376a5272992b7c963ca633804
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe
7e2ae4ae93aa30992eef607e6b28423bc7f226ed6cca922467d9d03e5072cdc6
827214aa8086c5aa4b8d0a920e7eb9aea314717671fa491793f292386587aac5
935a5d597d4798d93483a89122e391cfe188f8d943c25c977d414e7da8009efc
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
ba4c00a7a4798bb779e708b3a2108efd4eb500e6d36922f5dee4d05b28714bd2
bcf5b69515c3d09b8ea2f68e7f432f69f591facdcbeb40a8d537fafc75564c69
bf870f77175286775f5f42905d8425a3b8b078f6eb5313d49ab27952dae86a15
d8b4c0ce74d8cc3fc124d97e390d4ceef68d888fd36b4dbf3ff9fa33df47e101
e0422bc484069bc137717aa57e0419ed4f6aa17504d06a07a36688cedc785f01
f8a9f8d764e513d2d76dc48c07611f7a6cf16c11b95a6e2727b91e6630030db3