hweb.wgnrt14.club Open in urlscan Pro
2606:4700:3033::ac43:8e0e  Malicious Activity! Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response hweb.wgnrt14.club/	25 KB 10 KB	211ms 157ms	Document text/html	2606:4700:3033::ac43:8e0e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hweb.wgnrt14.club/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:8e0e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 96d9214dcec77566751901db1cfd44bd4176f5b3750e9786033f1390a46a5cc9 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7fb46a8fee444337-EWR content-encoding br content-type text/html date Wed, 23 Aug 2023 15:33:50 GMT last-modified Sat, 19 Aug 2023 08:42:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KzHL7rp2t1XIsmn8DDykigVB5%2Fch5Gb0x650D%2Bp4yeJby4v3loKsZKtjZ%2F3p1N1npE6R%2BF0NnaVS6Oa9lw6J5SamTPEZ7YW5ah8I2jHziuLsxd1%2BlN10CkrtbeG1EaDzszsTvw5woKPWNazMijG96Q%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H/1.1	200 OK	jquery.min.js Show response cdn.staticfile.org/jquery/1.10.2/	91 KB 33 KB	1462ms 375ms	Script application/javascript	2408:8648:2300:21:3::3fe CHINA169-BACKBONE...
General Check archive.org Show headers Download Go to Full URL https://cdn.staticfile.org/jquery/1.10.2/jquery.min.js Requested by Host: hweb.wgnrt14.club URL: https://hweb.wgnrt14.club/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2408:8648:2300:21:3::3fe , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN), Reverse DNS Software Tengine / Resource Hash 89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e Request headers accept-language en-US,en;q=0.9 Referer https://hweb.wgnrt14.club/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers X-Log X-Log Date Tue, 22 Aug 2023 16:12:15 GMT Via cache52.l2cn3102[0,0,304-0,H], cache69.l2cn3102[0,0], cache4.cn4176[0,0,200-0,H], cache6.cn4176[2,0] Content-Encoding gzip X-Svr IO X-Reqid iDYAAAB8a3OKwH0X Age 84097 X-Swift-CacheTime 24934 X-Cache HIT TCP_HIT dirn:10:79780388 Content-Transfer-Encoding binary Content-Disposition inline; filename="jquery.min.js"; filename*=utf-8''jquery.min.js Connection keep-alive X-Swift-SaveTime Wed, 23 Aug 2023 09:16:41 GMT Content-Length 32989 Last-Modified Tue, 16 Feb 2016 04:22:54 GMT Server Tengine Etag "FuLzYD4jcR9kRvJ4pBHZBWI9ZSAe.gz" Access-Control-Max-Age 2592000 Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Ali-Swift-Global-Savetime 1692720735 Access-Control-Expose-Headers X-Log, X-Reqid Cache-Control public, max-age=31536000 Accept-Ranges bytes X-Qiniu-Zone 0 Timing-Allow-Origin * EagleId 24f9bc1a16928048323664276e
GET H2	404	qrcode.min.js hweb.wgnrt14.club/	0 0	164ms 162ms	Script text/html	2606:4700:3033::ac43:8e0e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hweb.wgnrt14.club/qrcode.min.js Requested by Host: hweb.wgnrt14.club URL: https://hweb.wgnrt14.club/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:8e0e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language en-US,en;q=0.9 Referer https://hweb.wgnrt14.club/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Wed, 23 Aug 2023 15:33:51 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bICH0XfL%2BRfOr3NGv7KHkurKAGn4cKTbfRZSv1kjYmJbfYkb5hDNtqX86I4Ml8FP%2BXIARi8HWSgOhj%2BsQLXFSbQuENdL0sBqfyDPnDwrgvvtxAzVrPaAEjZnG71uJb9AzOWnMNPp%2B6n%2Fz3cJXf0D6A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control max-age=14400 cf-ray 7fb46a9278e24337-EWR alt-svc h3=":443"; ma=86400
GET H2	200	stylex-ce269a9819ee8f292840728689a22cc5.css hweb.wgnrt14.club/WhatsApp_files/	175 KB 43 KB	299ms 298ms	Stylesheet text/css	2606:4700:3033::ac43:8e0e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hweb.wgnrt14.club/WhatsApp_files/stylex-ce269a9819ee8f292840728689a22cc5.css Requested by Host: hweb.wgnrt14.club URL: https://hweb.wgnrt14.club/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:8e0e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 775fafc214e32a36e2a39e694322fed097e37d964c9dce65663655b64492d068 Request headers accept-language en-US,en;q=0.9 Referer https://hweb.wgnrt14.club/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Wed, 23 Aug 2023 15:33:51 GMT content-encoding br cf-cache-status MISS last-modified Thu, 17 Aug 2023 19:08:16 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"64de7020-2bb72" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gzj5y45U46v6WD4jGFYarqrA3t2Q5szMnaZDGjTD0DdIhSOKQwStw3OgscFYcC3RL1PlZFQmU8WxNLAJE%2Bj4bLbglXfjmqGG4sp4tV%2Fa76ho2mUdEgS%2BblrjGWARqIMV90kLqWiJbykqBRemwuc%2B%2BA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=43200 cf-ray 7fb46a9278e14337-EWR alt-svc h3=":443"; ma=86400 expires Thu, 24 Aug 2023 03:33:51 GMT
GET H2	200	app-6d34864fd47903428794.css hweb.wgnrt14.club/WhatsApp_files/	187 KB 57 KB	301ms 300ms	Stylesheet text/css	2606:4700:3033::ac43:8e0e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hweb.wgnrt14.club/WhatsApp_files/app-6d34864fd47903428794.css Requested by Host: hweb.wgnrt14.club URL: https://hweb.wgnrt14.club/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:8e0e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 69acbe3d7c92af1a509b7351cabfac35b356c18eef8c9299f5ac354acfdba079 Request headers accept-language en-US,en;q=0.9 Referer https://hweb.wgnrt14.club/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Wed, 23 Aug 2023 15:33:51 GMT content-encoding br cf-cache-status MISS last-modified Thu, 17 Aug 2023 19:08:09 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"64de7019-2eab4" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lbFDBqO55e9bWccAKy%2BAIwzEGGW7IlCed7a%2FkqrCGsvMuzGeyJ66q%2BIDgw836z8l7jjAsBGOozE9gnb8ytFndQX4TygiU%2BMCzU8ZksFvfBtcpVyv8nuumyIicOjXTQ%2FLxM%2FBl%2FAjqAwLgApwAErYcg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=43200 cf-ray 7fb46a9278e34337-EWR alt-svc h3=":443"; ma=86400 expires Thu, 24 Aug 2023 03:33:51 GMT
GET H2	200	main~.b66100b3486cd1857cd3.css hweb.wgnrt14.club/WhatsApp_files/	21 KB 5 KB	155ms 154ms	Stylesheet text/css	2606:4700:3033::ac43:8e0e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hweb.wgnrt14.club/WhatsApp_files/main~.b66100b3486cd1857cd3.css Requested by Host: hweb.wgnrt14.club URL: https://hweb.wgnrt14.club/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:8e0e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8a636dbd66666f13902713e7bc7d2e1cab497b299f533495759a2c68c459c5a4 Request headers accept-language en-US,en;q=0.9 Referer https://hweb.wgnrt14.club/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Wed, 23 Aug 2023 15:33:51 GMT content-encoding br cf-cache-status MISS last-modified Thu, 17 Aug 2023 19:08:14 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"64de701e-55b9" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rFWyFcK7p9riimgZ%2BFC5OBesEbVTsz%2F02vy%2BarMRZ08YhIXDmlG7OMDX8v4dbcqAdqaxcKcdwXahSmNkoX2Tj1aoDtdEOWMmDpBkePOw%2FNDWn0%2FCs1XO5iXt%2BTjz2ibvYf%2BOq00k7b4V%2FxM%2FdY0K0Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=43200 cf-ray 7fb46a9278e44337-EWR alt-svc h3=":443"; ma=86400 expires Thu, 24 Aug 2023 03:33:51 GMT
GET H2	200	main.fdf0caa2786c3269572d.css hweb.wgnrt14.club/WhatsApp_files/	150 KB 30 KB	234ms 233ms	Stylesheet text/css	2606:4700:3033::ac43:8e0e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hweb.wgnrt14.club/WhatsApp_files/main.fdf0caa2786c3269572d.css Requested by Host: hweb.wgnrt14.club URL: https://hweb.wgnrt14.club/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:8e0e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 79acde4aa0ad3feafd96271141640066d0c52c050724b13272b1ca3d6930f8d1 Request headers accept-language en-US,en;q=0.9 Referer https://hweb.wgnrt14.club/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Wed, 23 Aug 2023 15:33:51 GMT content-encoding br cf-cache-status MISS last-modified Thu, 17 Aug 2023 19:08:14 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"64de701e-257df" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m2rCuryn59NQkrzsGHNXpnKgVbuIn%2B1AaQXe0YkY4m5qGrZ7nQs1ClRxZkoUAmjzX3inRtyewqRRfTAl%2FWz8oJszLKvy65MI5%2BYr64ddMi4nnyEBQYarDrnNggOsfes4Vdl4brmxGajtgx2zeJXJeQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=43200 cf-ray 7fb46a9278e54337-EWR alt-svc h3=":443"; ma=86400 expires Thu, 24 Aug 2023 03:33:51 GMT
GET H3	200	qr-video_0c6ec69b054fdeb31cf3e5e10290fd8e.png hweb.wgnrt14.club/WhatsApp_files/	16 KB 16 KB	154ms 154ms	Image image/png	2606:4700:3033::ac43:8e0e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hweb.wgnrt14.club/WhatsApp_files/qr-video_0c6ec69b054fdeb31cf3e5e10290fd8e.png Requested by Host: hweb.wgnrt14.club URL: https://hweb.wgnrt14.club/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:8e0e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d980ab372658f4c7c8f07d730ef6dc67e3fb3471f37928274f915c0308850994 Request headers Referer https://hweb.wgnrt14.club/ Origin https://hweb.wgnrt14.club accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Wed, 23 Aug 2023 15:33:52 GMT cf-cache-status MISS last-modified Thu, 17 Aug 2023 19:08:15 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "64de701f-3f83" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l5D3pgh%2BUVq%2B1oDfqbD9KOTgfkXgrTHbQn42RpQI2ihUjNpvWkRS5GIo%2FXTKZCqWj8HxPo04I3A9Xm0cN5uLw3223%2ByxFHDlz0TeAiYat0I892OxePZ2%2FUiteOCHrBGElHCGnIQ5%2B%2BcjNnt0TiVTwg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=2592000 accept-ranges bytes cf-ray 7fb46a993eae439f-EWR alt-svc h3=":443"; ma=86400 content-length 16259 expires Fri, 22 Sep 2023 15:33:52 GMT
GET		binary-transparency-manifest-2.2325.3.json web.whatsapp.com/	0 0
GET H3	200	main.js Show response hweb.wgnrt14.club/	24 KB 8 KB	177ms 176ms	Script application/javascript	2606:4700:3033::ac43:8e0e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hweb.wgnrt14.club/main.js?ver=7.15 Requested by Host: hweb.wgnrt14.club URL: https://hweb.wgnrt14.club/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:8e0e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d1b03d51502bb6f110457df631770285eaea8e4dde3f3c937e580d1a425fe111 Request headers accept-language en-US,en;q=0.9 Referer https://hweb.wgnrt14.club/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Wed, 23 Aug 2023 15:33:51 GMT content-encoding br cf-cache-status MISS last-modified Sat, 19 Aug 2023 08:42:36 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"64e0807c-5fa7" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z0EBHFPz%2B%2F5e%2Fv3%2FN4BtE5wvXFg5B9hwWFoqJpY8b1SX%2BBeZi0%2FAJii8eSXaNSpyCFcpzNvbvPgHbrVYTaqZmPsi%2BobtKcWDp0OsyF%2B%2BCviRZF8MrU0wCVvHrIjgApB%2B8vltZkU2xHh6l8ENB5%2FRGQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=43200 cf-ray 7fb46a946948439f-EWR alt-svc h3=":443"; ma=86400 expires Thu, 24 Aug 2023 03:33:51 GMT
GET H3	200	d7fb7fff-b9e3-4011-9c63-bb8877112088.png 119srv.anscxnyfrtg.com/qrcodes/	2 KB 2 KB	688ms 491ms	Image image/png	2606:4700:3030::ac43:d2bd CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://119srv.anscxnyfrtg.com/qrcodes/d7fb7fff-b9e3-4011-9c63-bb8877112088.png?1692804834341 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:d2bd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 1b2416101e1f81065c1e9be8f3ac644004de1dd0c07cbb01419133d1f6d910f2 Request headers accept-language en-US,en;q=0.9 Referer https://hweb.wgnrt14.club/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Wed, 23 Aug 2023 15:33:55 GMT cf-cache-status MISS last-modified Wed, 23 Aug 2023 15:33:11 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"6bd-18a23073cfd" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wk3Yo%2FwIuQr5SBSEvo7U9Cvfh0lMDw%2FQfEdk4SZ0RzhqzDRbvALZPy1eF%2FRgBmgYaEV3y7vqTBmYGGcqmTFNUQn3CSRQ4uGaZQ%2B5Iw9COkCpXyqN6ByIAY97XyZ9%2FbFetF2SFVVGdS%2B6pM4bvBKlKxYICxPi"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=14400 accept-ranges bytes cf-ray 7fb46aa7ee4719db-EWR alt-svc h3=":443"; ma=86400 content-length 1725
GET H3	200	d7fb7fff-b9e3-4011-9c63-bb8877112088.png 119srv.anscxnyfrtg.com/qrcodes/	2 KB 2 KB	485ms 485ms	Image image/png	2606:4700:3030::ac43:d2bd CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://119srv.anscxnyfrtg.com/qrcodes/d7fb7fff-b9e3-4011-9c63-bb8877112088.png?1692804837343 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:d2bd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 1b2416101e1f81065c1e9be8f3ac644004de1dd0c07cbb01419133d1f6d910f2 Request headers accept-language en-US,en;q=0.9 Referer https://hweb.wgnrt14.club/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Wed, 23 Aug 2023 15:33:57 GMT cf-cache-status MISS last-modified Wed, 23 Aug 2023 15:33:11 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"6bd-18a23073cfd" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WzVPKSbMCAGXuiEn%2Bk8Un37jQnxRPBMIu9Xj2TuTQCWAKCVOcw%2FyDI4ymZvYmwpxhmSlMfuEX28A5wBLHY1pBTe0B91wt9iBqgzG62ximnZjgHpHkJQnzouTjvl4TX%2BmSvK9v2LoCO5vg%2F8aU59TY1PdY%2FiQ"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=14400 accept-ranges bytes cf-ray 7fb46ab96f8819db-EWR alt-svc h3=":443"; ma=86400 content-length 1725

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

web.whatsapp.com

URL

https://web.whatsapp.com/binary-transparency-manifest-2.2325.3.json

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: WhatsApp (Instant Messenger)

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| $ function| jQuery function| guid function| getUUID string| uuid boolean| systemThemeDark object| theme object| systemThemeMode object| systemTheme boolean| darkTheme object| webpackChunkwhatsapp_web_client function| version_ function| _0x631fb string| srv number| i_referer number| isEnable function| _0x2194 function| _0x5cac function| xorEncryptDecrypt object| ws function| status_callback function| refershQrCode boolean| webdriver object| json number| code string| qrcode_text

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://hweb.wgnrt14.club/ Message: Access to link element resource at 'https://web.whatsapp.com/binary-transparency-manifest-2.2325.3.json' from origin 'https://hweb.wgnrt14.club' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://web.whatsapp.com/binary-transparency-manifest-2.2325.3.json Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://hweb.wgnrt14.club/qrcode.min.js Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

119srv.anscxnyfrtg.com
cdn.staticfile.org
hweb.wgnrt14.club
web.whatsapp.com
web.whatsapp.com
2408:8648:2300:21:3::3fe
2606:4700:3030::ac43:d2bd
2606:4700:3033::ac43:8e0e
1b2416101e1f81065c1e9be8f3ac644004de1dd0c07cbb01419133d1f6d910f2
69acbe3d7c92af1a509b7351cabfac35b356c18eef8c9299f5ac354acfdba079
775fafc214e32a36e2a39e694322fed097e37d964c9dce65663655b64492d068
79acde4aa0ad3feafd96271141640066d0c52c050724b13272b1ca3d6930f8d1
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
8a636dbd66666f13902713e7bc7d2e1cab497b299f533495759a2c68c459c5a4
96d9214dcec77566751901db1cfd44bd4176f5b3750e9786033f1390a46a5cc9
d1b03d51502bb6f110457df631770285eaea8e4dde3f3c937e580d1a425fe111
d980ab372658f4c7c8f07d730ef6dc67e3fb3471f37928274f915c0308850994