daweb.wencapp.club Open in urlscan Pro
2606:4700:3034::6815:158a Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://daweb.wencapp.club/
Submission: On July 15 via manual (July 15th 2023, 8:36:22 am UTC) from HK — Scanned from SG

Summary HTTP 28 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 28 HTTP transactions. The main IP is 2606:4700:3034::6815:158a, located in United States and belongs to CLOUDFLARENET, US. The main domain is daweb.wencapp.club.
TLS certificate: Issued by GTS CA 1P5 on June 27th 2023. Valid for: 3 months.

This is the only time daweb.wencapp.club was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: WhatsApp (Instant Messenger)

Domain & IP information

	IP Address	AS Autonomous System
10	2606:4700:303... 2606:4700:3034::6815:158a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	163.181.82.215 163.181.82.215	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
14	2606:4700:303... 2606:4700:3034::ac43:a06f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
28	4

10 2606:4700:3034::6815:158a (United States)

ASN13335 (CLOUDFLARENET, US)

daweb.wencapp.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.181.82.215 (Singapore)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

cdn.staticfile.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:3034::ac43:a06f (United States)

ASN13335 (CLOUDFLARENET, US)

weusiqws.wstehapp.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	wstehapp.shop weusiqws.wstehapp.shop	5 KB
10	wencapp.club daweb.wencapp.club	97 KB
1	staticfile.org cdn.staticfile.org — Cisco Umbrella Rank: 44845	33 KB
0	whatsapp.net Failed crashlogs.whatsapp.net Failed
28	4

	Domain	Requested by
14	weusiqws.wstehapp.shop	cdn.staticfile.org
10	daweb.wencapp.club	daweb.wencapp.club
1	cdn.staticfile.org	daweb.wencapp.club
0	crashlogs.whatsapp.net Failed	daweb.wencapp.club
28	4

This site contains no links.

Subject Issuer	Validity	Valid
wencapp.club GTS CA 1P5	`2023-06-27` - `2023-09-25`	3 months	crt.sh
*.staticfile.org GeoTrust RSA CN CA G2	`2022-09-05` - `2023-10-03`	a year	crt.sh
wstehapp.shop E1	`2023-07-07` - `2023-10-05`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://daweb.wencapp.club/
Frame ID: 9A510874740D0E57BDAA9B2E51BD56E9
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

WhatsApp

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

89 %
HTTPS

67 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

136 kB
Transfer

434 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response daweb.wencapp.club/	19 KB 6 KB	408ms 381ms	Document text/html	2606:4700:3034::6815:158a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://daweb.wencapp.club/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:158a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `9686666823685f39807d5f711981f556576417cb709794883ee860300b9494f9` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7e70ad4349d84d3f-SIN content-encoding br content-type text/html date Sat, 15 Jul 2023 08:36:16 GMT last-modified Wed, 12 Jul 2023 04:24:14 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ju91a9vkA8kSqe%2B3UlJ1IjGIVQCKg1PS01UA0%2B3ScTfp6uJFZaaDWPKSJoVCIBrGsq1kIx7mNkGj5J8Szdq%2FFikWr%2B0bgZF4cRfSgpri8BWk5BnXMWJ837mRUpvuj2EJzqsRAlE1H2l33s%2Be8xNSTKs%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	qrcss.css daweb.wencapp.club/WhatsApp_files/	63 KB 31 KB	16ms 13ms	Stylesheet text/css	2606:4700:3034::6815:158a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://daweb.wencapp.club/WhatsApp_files/qrcss.css Requested by Host: daweb.wencapp.club URL: https://daweb.wencapp.club/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:158a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `da02ec62e31e9fef6c3305223c8f9b7d53ac94ae092751e940af42a66be53c7c` Request headers accept-language zh-SG,zh;q=0.9 Referer https://daweb.wencapp.club/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 15 Jul 2023 08:36:16 GMT content-encoding br cf-cache-status HIT last-modified Sat, 01 Jul 2023 13:30:23 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 18142 etag W/"64a02a6f-fdcc" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qFx4YRAOTH%2BIQfq6mC%2BnSToc7s%2FMyozmvHsvjkaROl0ii9bb1LTJiONDrhuL7uyMLUa5MQztdhaJpCXQVSidqZ1W%2F93rJqOObgCIH6bcfyNJ%2BrFkBsOeyBw%2Ft2GixPSB6sj%2BUMa6NNA3XMb4mO5yOiY%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=43200 cf-ray 7e70ad45bd0d4d3f-SIN alt-svc h3=":443"; ma=86400 expires Sat, 15 Jul 2023 15:33:51 GMT
GET H2	200	cssm_app.aaa9f35c34c2bd47b672edaf77e8bba4.css daweb.wencapp.club/WhatsApp_files/	239 KB 50 KB	18ms 16ms	Stylesheet text/css	2606:4700:3034::6815:158a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://daweb.wencapp.club/WhatsApp_files/cssm_app.aaa9f35c34c2bd47b672edaf77e8bba4.css Requested by Host: daweb.wencapp.club URL: https://daweb.wencapp.club/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:158a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `cc4c1420afc60b8d8cab06a650c3e5616217dda0ed312b4bbd9a5cc58c322a6f` Request headers accept-language zh-SG,zh;q=0.9 Referer https://daweb.wencapp.club/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 15 Jul 2023 08:36:16 GMT content-encoding br cf-cache-status HIT last-modified Tue, 23 May 2023 05:16:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 18142 etag W/"646c4c44-3ba46" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dHbJJArActidiHwZLdlerzyFE7uIBuKRrwJVS9Y5apPG4flr%2F6K3l%2BweeMMUGqVqiS7oK%2FfDz3gIhAm96IqwPzDgO018YkuqcfqBo4eELuit9XMlKJRYLpEC7KOlmfluKRKv78qZcbZzkmdLyij92Fo%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=43200 cf-ray 7e70ad45bd114d3f-SIN alt-svc h3=":443"; ma=86400 expires Sat, 15 Jul 2023 15:33:51 GMT
GET H/1.1	200 OK	jquery.min.js Show response cdn.staticfile.org/jquery/1.10.2/	91 KB 33 KB	629ms 15ms	Script application/javascript	163.181.82.215 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Full URL https://cdn.staticfile.org/jquery/1.10.2/jquery.min.js Requested by Host: daweb.wencapp.club URL: https://daweb.wencapp.club/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 163.181.82.215 , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash `89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e` Request headers accept-language zh-SG,zh;q=0.9 Referer https://daweb.wencapp.club/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers X-Log X-Log Date Sat, 15 Jul 2023 07:36:03 GMT Via cache25.l2sg3[0,0,304-0,H], cache11.l2sg3[10,0], ens-cache7.sg13[0,0,200-0,H], ens-cache7.sg13[7,0] Content-Encoding gzip X-Svr IO X-Reqid dSMAAAAReq9R-nEX Age 3613 X-Swift-CacheTime 86400 X-Cache HIT TCP_MEM_HIT dirn:12:832872451 Content-Transfer-Encoding binary Content-Disposition inline; filename="jquery.min.js"; filename=utf-8''jquery.min.js Connection* keep-alive X-Swift-SaveTime Sat, 15 Jul 2023 07:36:04 GMT Content-Length 32989 Last-Modified Tue, 16 Feb 2016 04:22:54 GMT Server Tengine Etag "FuLzYD4jcR9kRvJ4pBHZBWI9ZSAe.gz" Access-Control-Max-Age 2592000 Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Ali-Swift-Global-Savetime 1689406564 Access-Control-Expose-Headers X-Log, X-Reqid Cache-Control public, max-age=31536000 Accept-Ranges bytes X-Qiniu-Zone 0 Timing-Allow-Origin * EagleId a3b5529b16894101775345200e
GET H2	200	progress.d6b49e71f39a81300686.js Show response daweb.wencapp.club/WhatsApp_files/	12 KB 6 KB	15ms 14ms	Script application/javascript	2606:4700:3034::6815:158a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://daweb.wencapp.club/WhatsApp_files/progress.d6b49e71f39a81300686.js Requested by Host: daweb.wencapp.club URL: https://daweb.wencapp.club/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:158a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `956a484097417e953d97fd922b864bb9584bf8d619b53df91ceed45092ddf3ae` Request headers accept-language zh-SG,zh;q=0.9 Referer https://daweb.wencapp.club/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 15 Jul 2023 08:36:16 GMT content-encoding br cf-cache-status HIT last-modified Tue, 23 May 2023 05:16:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 18142 etag W/"646c4c44-3036" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CDf5iwAj%2Fcvdr3pr2UtITeZHdFuq8cw7MWI97WVsdIYnLIjFxWCe46Yh%2FaHdYi475OqEjidr4%2BY6ckTow1VnK0iANhaWEaq6aOG1D96S%2BKTHzytNeI51kKrFF6Yc2rUzaa5HEerW%2BEJG5ItOAhanZWc%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=43200 cf-ray 7e70ad45bd154d3f-SIN alt-svc h3=":443"; ma=86400 expires Sat, 15 Jul 2023 15:33:51 GMT
GET H2	200	ss.js Show response daweb.wencapp.club/	9 KB 4 KB	12ms 11ms	Script application/javascript	2606:4700:3034::6815:158a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://daweb.wencapp.club/ss.js?ver=1.6 Requested by Host: daweb.wencapp.club URL: https://daweb.wencapp.club/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:158a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `860b190e6e6aed10fa5d3fa41cdb432856b92f7cb94ad9ea80d308f5d2573af1` Request headers accept-language zh-SG,zh;q=0.9 Referer https://daweb.wencapp.club/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 15 Jul 2023 08:36:16 GMT content-encoding br cf-cache-status HIT last-modified Wed, 12 Jul 2023 04:24:14 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 18142 etag W/"64ae2aee-253b" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wz7Hy3DSs%2B8kM%2FK97wqjn5%2BOpcYACurkAmopcpcEuHbEh6X8yD57nH9a%2BXEM6h85rA6mtvBIdJ9NEtKrUEu6EYUfVyZMWJc0KhzZr6r7OaNnI5HTmQfhSLixolUEeE43LLIxXQXPxEI0z7%2FAzujm7dE%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=43200 cf-ray 7e70ad45bd174d3f-SIN alt-svc h3=":443"; ma=86400 expires Sat, 15 Jul 2023 15:33:51 GMT
GET H3	404	vendor1.99c20f1ecd87cc34efff.js daweb.wencapp.club/	0 0	372ms 372ms	Script text/html	2606:4700:3034::6815:158a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://daweb.wencapp.club/vendor1.99c20f1ecd87cc34efff.js Requested by Host: daweb.wencapp.club URL: https://daweb.wencapp.club/WhatsApp_files/progress.d6b49e71f39a81300686.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:158a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language zh-SG,zh;q=0.9 Referer https://daweb.wencapp.club/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 15 Jul 2023 08:36:17 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uwfro7%2BNaJ2U%2Fc3m54D5ODmODobRG9HHHiC1QjUaNOgxpYJsNtqcEoBN1rxFkLt%2BqdaIUwwRF6tXqMJBKo%2FjM0PF44Ik6LlQ%2FzNc2JOwBZ55qfOxzNa4rP%2FuAy3icZpaiaDHUDMbFMHClZA1SrN%2BHEg%3D"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control max-age=14400 cf-ray 7e70ad49df323db3-SIN alt-svc h3=":443"; ma=86400
GET H3	404	vendor2.ec3b8281cb6ba51b3d53.js daweb.wencapp.club/	0 0	370ms 369ms	Script text/html	2606:4700:3034::6815:158a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://daweb.wencapp.club/vendor2.ec3b8281cb6ba51b3d53.js Requested by Host: daweb.wencapp.club URL: https://daweb.wencapp.club/WhatsApp_files/progress.d6b49e71f39a81300686.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:158a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language zh-SG,zh;q=0.9 Referer https://daweb.wencapp.club/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 15 Jul 2023 08:36:17 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x8ArDLFLIRZ7mD2cB1lZxqRwLQDKfveIcG%2BntDePe1dfkz6exY%2BKjbaaa%2FO90IVf1vfjTVUf07M%2Bm5RVTbvp74qT0sMvy4sDMIjZqEbdZKf7ptaA9llQn8j0E1s3JP3PYcXP%2Fr3Fja1s7Flg6abVSoI%3D"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control max-age=14400 cf-ray 7e70ad49df353db3-SIN alt-svc h3=":443"; ma=86400
GET H3	404	app.fcc4530fc12b9a9a1faa.js daweb.wencapp.club/	0 0	369ms 368ms	Script text/html	2606:4700:3034::6815:158a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://daweb.wencapp.club/app.fcc4530fc12b9a9a1faa.js Requested by Host: daweb.wencapp.club URL: https://daweb.wencapp.club/WhatsApp_files/progress.d6b49e71f39a81300686.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:158a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language zh-SG,zh;q=0.9 Referer https://daweb.wencapp.club/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 15 Jul 2023 08:36:17 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=njJ9OnveRd1gQ7VQsIz18KbM7N2ruprfD7bRW0g5550Jx0YhEoVzJX7QjeU00De5kXJScGXQnmw4jj8kYBYi%2F1ccbHZry5U01RW%2FG%2FgFztppQ%2B%2FJRMbrr5Mw1wrHJnzDAOkJFr1Zwkn4GJtElmbW17o%3D"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control max-age=14400 cf-ray 7e70ad49df373db3-SIN alt-svc h3=":443"; ma=86400
GET H2	200	status Show response weusiqws.wstehapp.shop/	2 B 293 B	437ms 406ms	XHR text/html	2606:4700:3034::ac43:a06f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://weusiqws.wstehapp.shop/status?uuid=db40b405-62ae-4fc7-9a88-f6af5a7d75cc&timestamp=1689410177587 Requested by Host: cdn.staticfile.org URL: https://cdn.staticfile.org/jquery/1.10.2/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:a06f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `cf3bae39dd692048a8bf961182e6a34dfd323eeb0748e162eaf055107f1cb873` Request headers Accept / Referer https://daweb.wencapp.club/ accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 15 Jul 2023 08:36:18 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GHCb0aUrruO59lh3Norvtg889GuyHmd%2FMUnb0fV2ZHsUGbtFDDG5UF3F2%2F63kev%2FdA0eOAombFbyuRBqPoZuTvANwcERTH2XMMQTkmiwsnXIy%2Ba7Mehrq9h%2FQjZk60yT6W9qddNOwBdsWhEVLTSYS0TnJGtz"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 access-control-allow-origin * cf-ray 7e70ad4a2d4c40a2-SIN alt-svc h3=":443"; ma=86400
GET H2	200	Init Show response weusiqws.wstehapp.shop/	7 B 481 B	431ms 401ms	XHR text/html	2606:4700:3034::ac43:a06f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://weusiqws.wstehapp.shop/Init?uuid=db40b405-62ae-4fc7-9a88-f6af5a7d75cc&timestamp=1689410177588 Requested by Host: cdn.staticfile.org URL: https://cdn.staticfile.org/jquery/1.10.2/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:a06f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `8dc1988eec3739141e40a2ad99d074688909520375239340484bc65d852b9cb1` Request headers Accept / Referer https://daweb.wencapp.club/ accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 15 Jul 2023 08:36:18 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5GSkxzgtx95REgxe0h8lKQBETVBHbPraobZa%2FrOdO%2Fmpe4SQXviyEkxzgwFFKASXHO8e1zAPLQVTR%2BCRC2%2BQAzVHYP8eLxV1qWRM5kZpXmsetnZaAf0TxobNzUGAWCw8zTT7F0GtrrT2vwSut6C%2BYDxjKuCe"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 access-control-allow-origin * cf-ray 7e70ad4a2d4f40a2-SIN alt-svc h3=":443"; ma=86400
POST		wa_clb_data crashlogs.whatsapp.net/	0 0

GET H2	200	status Show response weusiqws.wstehapp.shop/	2 B 285 B	206ms 205ms	XHR text/html	2606:4700:3034::ac43:a06f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://weusiqws.wstehapp.shop/status?uuid=db40b405-62ae-4fc7-9a88-f6af5a7d75cc&timestamp=1689410178623 Requested by Host: cdn.staticfile.org URL: https://cdn.staticfile.org/jquery/1.10.2/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:a06f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `cf3bae39dd692048a8bf961182e6a34dfd323eeb0748e162eaf055107f1cb873` Request headers Accept / Referer https://daweb.wencapp.club/ accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 15 Jul 2023 08:36:18 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WWc836swtp4QJRf4xkM44gUeuKfg4mIcaQg3XOJVIRqwz061KBaMGQnN3IP0wnYlX6sQESbpOeD2V2I0F25NmmWryU6d2vamcP9Z204qLQGgiBZOY74iar1zlTSKQqzHUCCfTCPSTQPKLXrrcdze343AwY1q"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 access-control-allow-origin * cf-ray 7e70ad506b6840a2-SIN alt-svc h3=":443"; ma=86400
GET H2	200	qrcode-db40b405-62ae-4fc7-9a88-f6af5a7d75cc Show response weusiqws.wstehapp.shop/	0 269 B	214ms 214ms	XHR text/plain	2606:4700:3034::ac43:a06f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://weusiqws.wstehapp.shop/qrcode-db40b405-62ae-4fc7-9a88-f6af5a7d75cc?timestamp=1689410178623 Requested by Host: cdn.staticfile.org URL: https://cdn.staticfile.org/jquery/1.10.2/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:a06f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept / Referer https://daweb.wencapp.club/ accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 15 Jul 2023 08:36:18 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B8qsmFP9oVl9vauPcTnbOoM2J4UStqRQ17PLJiS6TKLj82XtFSkU7ZRDBeTB8%2BBZXDJxXO3%2BXrhbwlvQkl6PLhGus5R9lGmRrzImv7AQhAgtXLohMR816%2Bc0uGpvyLKbQ1cBVqWOwW4SBW5PWkNN9LnGu9Ib"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 7e70ad506b6a40a2-SIN alt-svc h3=":443"; ma=86400 content-length 0
GET H3	404	app.fcc4530fc12b9a9a1faa.js daweb.wencapp.club/	0 0	11ms 10ms	Script text/html	2606:4700:3034::6815:158a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://daweb.wencapp.club/app.fcc4530fc12b9a9a1faa.js Requested by Host: daweb.wencapp.club URL: https://daweb.wencapp.club/WhatsApp_files/progress.d6b49e71f39a81300686.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:158a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language zh-SG,zh;q=0.9 Referer https://daweb.wencapp.club/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 15 Jul 2023 08:36:18 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JH558ZXMHViVPGdBRhTcHW%2FnUX3TbMwUP8s8ewTp068v65CwFnv7x%2FMLXdCVYH0BCDr%2BSx3pKNBQCAY8XNoi1k7fm6D5JZyK%2B34X%2F7KzuOHD5oQVs1LWD7sr71UhVJWOoGDDf4CydApnPE0jinObbMo%3D"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control max-age=14400 cf-ray 7e70ad52689e3db3-SIN alt-svc h3=":443"; ma=86400
POST		wa_clb_data crashlogs.whatsapp.net/	0 0

GET H3	200	status Show response weusiqws.wstehapp.shop/	2 B 461 B	398ms 398ms	XHR text/html	2606:4700:3034::ac43:a06f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://weusiqws.wstehapp.shop/status?uuid=db40b405-62ae-4fc7-9a88-f6af5a7d75cc&timestamp=1689410179222 Requested by Host: cdn.staticfile.org URL: https://cdn.staticfile.org/jquery/1.10.2/jquery.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:a06f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `cf3bae39dd692048a8bf961182e6a34dfd323eeb0748e162eaf055107f1cb873` Request headers Accept / Referer https://daweb.wencapp.club/ accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 15 Jul 2023 08:36:19 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NDUCMT%2FNrl51SZ6rDr2CQUi2JuE17YZEpHC2HWdGtbtgyNXzpegEzeUxRLpDFca%2BMLjql9Xrr3kQ4j14INw6%2BdbCJV9ZwIGTcrTWTDA6JGnSMqVx73FGNVisC20pe2V9VWuQdOrN%2BnPYjj20QcgJAE2DC52b"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 access-control-allow-origin * cf-ray 7e70ad542f48ab68-SIN alt-svc h3=":443"; ma=86400
GET H3	200	qrcode-db40b405-62ae-4fc7-9a88-f6af5a7d75cc Show response weusiqws.wstehapp.shop/	0 417 B	409ms 409ms	XHR text/plain	2606:4700:3034::ac43:a06f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://weusiqws.wstehapp.shop/qrcode-db40b405-62ae-4fc7-9a88-f6af5a7d75cc?timestamp=1689410179223 Requested by Host: cdn.staticfile.org URL: https://cdn.staticfile.org/jquery/1.10.2/jquery.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:a06f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept / Referer https://daweb.wencapp.club/ accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 15 Jul 2023 08:36:19 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CkSd1sEttSu3M3bzVU%2FtQqb1PjxF8V4UYl0Ml5uSWv%2B7le0M%2BbTTCRnxBS1DPES2PhdTAglJ0rer521FxZNrGJl7QA8TtW%2BvcVktMC8q5n%2BXUvDVSzRpIKTn%2FTcDb9Y%2FYAfe2IBLmPt7O5U0SKSHI%2FmFfVd0"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 7e70ad542f49ab68-SIN alt-svc h3=":443"; ma=86400 content-length 0
GET H3	200	status Show response weusiqws.wstehapp.shop/	2 B 428 B	213ms 212ms	XHR text/html	2606:4700:3034::ac43:a06f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://weusiqws.wstehapp.shop/status?uuid=db40b405-62ae-4fc7-9a88-f6af5a7d75cc&timestamp=1689410179822 Requested by Host: cdn.staticfile.org URL: https://cdn.staticfile.org/jquery/1.10.2/jquery.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:a06f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `cf3bae39dd692048a8bf961182e6a34dfd323eeb0748e162eaf055107f1cb873` Request headers Accept / Referer https://daweb.wencapp.club/ accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 15 Jul 2023 08:36:20 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ROy0omIB9vUIwa3MFifkdHxsflAX4fw%2BTvBdsz3yArIhl8%2BEa1dTelrq%2FSolF7JnSxJnFnVOPGInCe%2F5cDQPgH2ZwdZ8oPssyk30%2FR2XMXxJ4ItVdqAiXiVaMLhIz%2Bl4QgOBXFAHyrMla9LaCfP2uHpNPySG"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 access-control-allow-origin * cf-ray 7e70ad57eb73ab68-SIN alt-svc h3=":443"; ma=86400
GET H3	200	qrcode-db40b405-62ae-4fc7-9a88-f6af5a7d75cc Show response weusiqws.wstehapp.shop/	0 417 B	205ms 205ms	XHR text/plain	2606:4700:3034::ac43:a06f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://weusiqws.wstehapp.shop/qrcode-db40b405-62ae-4fc7-9a88-f6af5a7d75cc?timestamp=1689410179823 Requested by Host: cdn.staticfile.org URL: https://cdn.staticfile.org/jquery/1.10.2/jquery.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:a06f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept / Referer https://daweb.wencapp.club/ accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 15 Jul 2023 08:36:20 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=amIIkH71Fw%2FB5DNaKa8LVT5tSTEqGgJQD1sxH5wsytgGzY%2ByRQLC%2FWblGnSX7tN6ZWLSU5cypqF3x3z6Iaz3kDOjzVhIXxluZOsbOLUM6jCKFZI%2F7vIbM22z2GrGfihHBwlJXIuaw1GFv3GGahzg%2BN%2FrknHq"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 7e70ad57eb77ab68-SIN alt-svc h3=":443"; ma=86400 content-length 0
GET H3	200	status Show response weusiqws.wstehapp.shop/	2 B 429 B	203ms 203ms	XHR text/html	2606:4700:3034::ac43:a06f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://weusiqws.wstehapp.shop/status?uuid=db40b405-62ae-4fc7-9a88-f6af5a7d75cc&timestamp=1689410180422 Requested by Host: cdn.staticfile.org URL: https://cdn.staticfile.org/jquery/1.10.2/jquery.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:a06f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `cf3bae39dd692048a8bf961182e6a34dfd323eeb0748e162eaf055107f1cb873` Request headers Accept / Referer https://daweb.wencapp.club/ accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 15 Jul 2023 08:36:20 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KPUASIq9zEYp4LX5dyh7Am0QKj68XW3yGerS5b7hP%2BndbTxJxfKb1H9%2Fsam4yGNeIHT9OR4fLGWifwAqtRCf4GLnB%2B8heK%2BK%2BFbLjv3DTDbJUYC%2BuxIoLRB4FgfdZFk8rNgOoqlFAwjW5rHDvwvVkU51Q6yJ"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 access-control-allow-origin * cf-ray 7e70ad5baf77ab68-SIN alt-svc h3=":443"; ma=86400
GET H3	200	qrcode-db40b405-62ae-4fc7-9a88-f6af5a7d75cc Show response weusiqws.wstehapp.shop/	0 407 B	209ms 209ms	XHR text/plain	2606:4700:3034::ac43:a06f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://weusiqws.wstehapp.shop/qrcode-db40b405-62ae-4fc7-9a88-f6af5a7d75cc?timestamp=1689410180423 Requested by Host: cdn.staticfile.org URL: https://cdn.staticfile.org/jquery/1.10.2/jquery.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:a06f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept / Referer https://daweb.wencapp.club/ accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 15 Jul 2023 08:36:20 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xqipTiCelEJrWp7QDN8GCMuMIe5PYEUMV0IINGEI1NIzzrFOSruiFppOetRWGzNWcuaRfnl5xXb2Khqcbuy3q87fpqJleZsYoMApeETR9kDtnYtPTodN4aYGaK4BPqVl4%2BwpLzRgDTukYuL6OjKuFtVhmkps"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 7e70ad5baf78ab68-SIN alt-svc h3=":443"; ma=86400 content-length 0
GET H3	404	app.fcc4530fc12b9a9a1faa.js daweb.wencapp.club/	0 0	11ms 11ms	Script text/html	2606:4700:3034::6815:158a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://daweb.wencapp.club/app.fcc4530fc12b9a9a1faa.js Requested by Host: daweb.wencapp.club URL: https://daweb.wencapp.club/WhatsApp_files/progress.d6b49e71f39a81300686.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:158a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language zh-SG,zh;q=0.9 Referer https://daweb.wencapp.club/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 15 Jul 2023 08:36:20 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 3 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BdYDofSLDQVnsyOoWQBbpWaIr%2BvkC%2FU7ypSTDARt00QpfL7t2pw0lHKhAlg2Wt1UmHpluhwX4u1cOt5NAoXU3%2FoX3pdRdcvirtr8lMowXXqAIp3r8OUD9c12XlcvfiSSgzAfgqNR0Sh48jDya9euIoo%3D"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control max-age=14400 cf-ray 7e70ad5f0fba3db3-SIN alt-svc h3=":443"; ma=86400
POST		wa_clb_data crashlogs.whatsapp.net/	0 0

GET H3	200	status Show response weusiqws.wstehapp.shop/	2 B 423 B	204ms 203ms	XHR text/html	2606:4700:3034::ac43:a06f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://weusiqws.wstehapp.shop/status?uuid=db40b405-62ae-4fc7-9a88-f6af5a7d75cc&timestamp=1689410181022 Requested by Host: cdn.staticfile.org URL: https://cdn.staticfile.org/jquery/1.10.2/jquery.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:a06f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `cf3bae39dd692048a8bf961182e6a34dfd323eeb0748e162eaf055107f1cb873` Request headers Accept / Referer https://daweb.wencapp.club/ accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 15 Jul 2023 08:36:21 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2Bby30542n5Hml%2BxIZ%2FHXpVO7h57tH9XKLpw9gPUHbwfsapKporhHknBinsbtv2TX7Addpg81CiiLuW4uMXqtUSk%2FH0jpU6gtQL3bWUpJGCEx12GTKzqilGCYFqiAMUGa4fap4iCPak2LLQAIH1KePimYKUe"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 access-control-allow-origin * cf-ray 7e70ad5f6aafab68-SIN alt-svc h3=":443"; ma=86400
GET H3	200	qrcode-db40b405-62ae-4fc7-9a88-f6af5a7d75cc Show response weusiqws.wstehapp.shop/	0 414 B	209ms 208ms	XHR text/plain	2606:4700:3034::ac43:a06f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://weusiqws.wstehapp.shop/qrcode-db40b405-62ae-4fc7-9a88-f6af5a7d75cc?timestamp=1689410181023 Requested by Host: cdn.staticfile.org URL: https://cdn.staticfile.org/jquery/1.10.2/jquery.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:a06f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept / Referer https://daweb.wencapp.club/ accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 15 Jul 2023 08:36:21 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uiam74mBM9xb1a%2FuQshvVStz%2Bkxh7ZNnrptH4AHBqap6StBrDrrXVMvwAGJCwGg7j6qsilF63Wj%2FYwHmJz67kGz6o7jOTWHa5g7EVlNLzkvGCLLMgjnp%2BNSagzAtRZQKekKgqHkNFYzjtC%2F0L1VYNWD1huXc"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 7e70ad5f6ab0ab68-SIN alt-svc h3=":443"; ma=86400 content-length 0
GET H3	200	status Show response weusiqws.wstehapp.shop/	2 B 426 B	208ms 208ms	XHR text/html	2606:4700:3034::ac43:a06f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://weusiqws.wstehapp.shop/status?uuid=db40b405-62ae-4fc7-9a88-f6af5a7d75cc&timestamp=1689410181622 Requested by Host: cdn.staticfile.org URL: https://cdn.staticfile.org/jquery/1.10.2/jquery.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:a06f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `cf3bae39dd692048a8bf961182e6a34dfd323eeb0748e162eaf055107f1cb873` Request headers Accept / Referer https://daweb.wencapp.club/ accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 15 Jul 2023 08:36:21 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uiV3W6c%2B7gWnCsrkKmnj2o%2FgYuF9i9sEuXHH3DaAtFNOXpvP8MfuAj02JvuxepD0pfpHt%2B5YQz1glahp50hpHmk%2FtxcBz73wnqfO%2BGUJPzNl2V5FGYxeSApjXTdnxpZgHpCqFYIgAVRY12p%2B7pyHU5pTEVBr"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 access-control-allow-origin * cf-ray 7e70ad632eeaab68-SIN alt-svc h3=":443"; ma=86400
GET H3	200	qrcode-db40b405-62ae-4fc7-9a88-f6af5a7d75cc Show response weusiqws.wstehapp.shop/	0 415 B	209ms 209ms	XHR text/plain	2606:4700:3034::ac43:a06f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://weusiqws.wstehapp.shop/qrcode-db40b405-62ae-4fc7-9a88-f6af5a7d75cc?timestamp=1689410181623 Requested by Host: cdn.staticfile.org URL: https://cdn.staticfile.org/jquery/1.10.2/jquery.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:a06f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept / Referer https://daweb.wencapp.club/ accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 15 Jul 2023 08:36:21 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vs3leWQGFCkorN2hYm86JWOg2rH3epB7kKYmXPji14Cax%2Bz4FYxomMnCZ0r4RKsUEzuCjb%2FMoMU6DvLKc%2FOZ%2FIEYGIR2KuAwI6zu%2FZKKqhoaJF0Diexsl1EyBgtRxH1aV8vfCRSX0VDW8HA%2BdsxL6n9AOcCR"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 7e70ad632eebab68-SIN alt-svc h3=":443"; ma=86400 content-length 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: crashlogs.whatsapp.net
URL: https://crashlogs.whatsapp.net/wa_clb_data?access_token=1063127757113399%7C745146ffa34413f9dbb5469f5370b7af

Domain: crashlogs.whatsapp.net
URL: https://crashlogs.whatsapp.net/wa_clb_data?access_token=1063127757113399%7C745146ffa34413f9dbb5469f5370b7af

Domain: crashlogs.whatsapp.net
URL: https://crashlogs.whatsapp.net/wa_clb_data?access_token=1063127757113399%7C745146ffa34413f9dbb5469f5370b7af

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: WhatsApp (Instant Messenger)

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://daweb.wencapp.club/WhatsApp_files/progress.d6b49e71f39a81300686.js(Line 1) Message: WebSocket connection to 'wss://web.whatsapp.com/ws' failed: Error during WebSocket handshake: Unexpected response code: 404
network	error	URL: https://daweb.wencapp.club/app.fcc4530fc12b9a9a1faa.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://daweb.wencapp.club/vendor2.ec3b8281cb6ba51b3d53.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://daweb.wencapp.club/vendor1.99c20f1ecd87cc34efff.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	Message: A bad HTTP response code (404) was received when fetching the script.
javascript	error	URL: https://daweb.wencapp.club/ Message: Access to XMLHttpRequest at 'https://crashlogs.whatsapp.net/wa_clb_data?access_token=1063127757113399%7C745146ffa34413f9dbb5469f5370b7af' from origin 'https://daweb.wencapp.club' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'https://facebook.com' that is not equal to the supplied origin.
network	error	URL: https://crashlogs.whatsapp.net/wa_clb_data?access_token=1063127757113399%7C745146ffa34413f9dbb5469f5370b7af Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://daweb.wencapp.club/app.fcc4530fc12b9a9a1faa.js Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://daweb.wencapp.club/ Message: Access to XMLHttpRequest at 'https://crashlogs.whatsapp.net/wa_clb_data?access_token=1063127757113399%7C745146ffa34413f9dbb5469f5370b7af' from origin 'https://daweb.wencapp.club' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'https://facebook.com' that is not equal to the supplied origin.
network	error	URL: https://crashlogs.whatsapp.net/wa_clb_data?access_token=1063127757113399%7C745146ffa34413f9dbb5469f5370b7af Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://daweb.wencapp.club/app.fcc4530fc12b9a9a1faa.js Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://daweb.wencapp.club/ Message: Access to XMLHttpRequest at 'https://crashlogs.whatsapp.net/wa_clb_data?access_token=1063127757113399%7C745146ffa34413f9dbb5469f5370b7af' from origin 'https://daweb.wencapp.club' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'https://facebook.com' that is not equal to the supplied origin.
network	error	URL: https://crashlogs.whatsapp.net/wa_clb_data?access_token=1063127757113399%7C745146ffa34413f9dbb5469f5370b7af Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.staticfile.org
crashlogs.whatsapp.net
daweb.wencapp.club
weusiqws.wstehapp.shop
crashlogs.whatsapp.net
163.181.82.215
2606:4700:3034::6815:158a
2606:4700:3034::ac43:a06f
860b190e6e6aed10fa5d3fa41cdb432856b92f7cb94ad9ea80d308f5d2573af1
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
8dc1988eec3739141e40a2ad99d074688909520375239340484bc65d852b9cb1
956a484097417e953d97fd922b864bb9584bf8d619b53df91ceed45092ddf3ae
9686666823685f39807d5f711981f556576417cb709794883ee860300b9494f9
cc4c1420afc60b8d8cab06a650c3e5616217dda0ed312b4bbd9a5cc58c322a6f
cf3bae39dd692048a8bf961182e6a34dfd323eeb0748e162eaf055107f1cb873
da02ec62e31e9fef6c3305223c8f9b7d53ac94ae092751e940af42a66be53c7c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

daweb.wencapp.club Open in urlscan Pro 2606:4700:3034::6815:158a Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

28 Requests

89 %HTTPS

67 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

136 kBTransfer

434 kBSize

0 Cookies

0 Outgoing links

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

20 JavaScript Global Variables

0 Cookies

13 Console Messages

Indicators

daweb.wencapp.club Open in urlscan Pro
2606:4700:3034::6815:158a Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

89 %
HTTPS

67 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

136 kB
Transfer

434 kB
Size

0
Cookies

28 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!