| wa.privategirlocation.com/img/logo-2.jpg | 172.67.175.190 | 200 OK | 77 kB |
URL GET HTTP/3wa.privategirlocation.com/img/logo-2.jpg IP172.67.175.190:443
Requested byhttps://wa.privategirlocation.com/ CertificateIssuerLet's Encrypt Subjectprivategirlocation.com Fingerprint72:33:1C:94:89:E9:CE:A2:68:80:AA:3B:E2:EB:60:36:05:B4:D8:EB ValiditySun, 17 Mar 2024 22:25:37 GMT - Sat, 15 Jun 2024 22:25:36 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 675x900, components 3 Hash5252a6f2558062d891ba358607d41047 93e648f2dcfee2a8e4c6a0592d960f6767170068 ff9e2a898cad8c5d5fe310af13dfb2c82caba237d0a546e9dcc52997c7c55a56
Analyzer | Verdict | Alert | OpenPhish | phishing | WhatsApp |
GET /img/logo-2.jpg HTTP/1.1
Host: wa.privategirlocation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wa.privategirlocation.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 16:09:33 GMT
content-type: image/jpeg
content-length: 77421
cache-control: public, max-age=604800
expires: Tue, 30 Apr 2024 10:04:34 GMT
last-modified: Thu, 28 Sep 2023 07:09:05 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 194699
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HxO3yBJTLHxNiRdjphpLPQJWZtKYBUAul6lphiaU8w2fqIizHae73Tso9M7ziFzfqUB8%2BYbHMArk9xU7S4Mym3teffecc2AGoEcC4IAad1RbdA1%2FsJnjSB9fMhg66vVDjkXOucnxROqiR0gG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879f99204c5756cb-OSL
alt-svc: h3=":443"; ma=86400
|
|
| hzr0dm28m17c.com/345e1621a507b6fbaf713c8b5e94fb13/invoke.js | 192.243.59.13 | 200 OK | 12 kB |
URL GET HTTP/1.1hzr0dm28m17c.com/345e1621a507b6fbaf713c8b5e94fb13/invoke.js IP192.243.59.13:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://wa.privategirlocation.com/ CertificateIssuerLet's Encrypt Subjecthzr0dm28m17c.com Fingerprint9F:89:99:65:B2:6A:E8:8C:A8:61:55:B2:AC:E5:74:D2:72:2E:0F:F4 ValidityWed, 10 Apr 2024 07:04:16 GMT - Tue, 09 Jul 2024 07:04:15 GMT
File typeJavaScript source, ASCII text, with very long lines (31278), with no line terminators Hash244c66a780cdff69cb85c219bcb82794 a3436b9afb7a48596abe42b51b9292aa31831f45 55924336d19bcc240fe639ba256c5e1d0c9ee69f5fc4acf14b4abca8cb253fc9
GET /345e1621a507b6fbaf713c8b5e94fb13/invoke.js HTTP/1.1
Host: hzr0dm28m17c.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wa.privategirlocation.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 25 Apr 2024 16:09:34 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 63d1068c5fb9129aa9ad5b3f461f26e7
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| proftrafficcounter.com/stats | 18.185.247.192 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP18.185.247.192:443
Requested byhttps://wa.privategirlocation.com/ CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash370d11474ad7e40de6bbf8bdb7fd7bf9 b23246583380f6672e20d0756bd1e6698bb70f8d e79892398b7157b21446cc21bfd6ba1b0cc1f934040c0f855cb1ba55ffc022d0
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wa.privategirlocation.com
DNT: 1
Connection: keep-alive
Referer: https://wa.privategirlocation.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 16:09:34 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://wa.privategirlocation.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=cf306033-7e69-40ae-b468-6632a4e80a7e:1:1; expires=Sun, 23 Apr 2034 16:09:34 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| wa.privategirlocation.com/npm/bootstrap-icons-1.8.1/font/bootstrap-icons.css | 172.67.175.190 | 200 OK | 113 kB |
URL GET HTTP/3wa.privategirlocation.com/npm/bootstrap-icons-1.8.1/font/bootstrap-icons.css IP172.67.175.190:443
Requested byhttps://wa.privategirlocation.com/ CertificateIssuerLet's Encrypt Subjectprivategirlocation.com Fingerprint72:33:1C:94:89:E9:CE:A2:68:80:AA:3B:E2:EB:60:36:05:B4:D8:EB ValiditySun, 17 Mar 2024 22:25:37 GMT - Sat, 15 Jun 2024 22:25:36 GMT
Size113 kB (113408 bytes) Hashf483f87a3c57f292bd5eb4c343003b01 5f2b1fa8de5b4d52ea2b04941aa508529e6994c9 f93ce1072054f40abfa1889d47d29d227a8af86231a073ccf678f7ab8841d6f3
Analyzer | Verdict | Alert | OpenPhish | phishing | WhatsApp |
GET /npm/bootstrap-icons-1.8.1/font/bootstrap-icons.css HTTP/1.1
Host: wa.privategirlocation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wa.privategirlocation.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 16:09:33 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Tue, 30 Apr 2024 10:04:33 GMT
last-modified: Thu, 28 Sep 2023 07:09:05 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 194700
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1d9FK1x3MsBLzluECCsilhlziz8buM4xrepoxGuRtdW27KQq%2FjEqHVC%2B2%2Bcwm0CXXi9p3iLOGXVrzxbY6Rk8rqfYzzrSvVEi4YK8VItZ1MfdYcp1eXe4oYmzR%2Bxs2j1IDGxN5sgEuDCeJ7Dx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879f99204c5156cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| wa.privategirlocation.com/npm/backoffer.js | 172.67.175.190 | 200 OK | 733 B |
URL GET HTTP/3wa.privategirlocation.com/npm/backoffer.js IP172.67.175.190:443
Requested byhttps://wa.privategirlocation.com/ CertificateIssuerLet's Encrypt Subjectprivategirlocation.com Fingerprint72:33:1C:94:89:E9:CE:A2:68:80:AA:3B:E2:EB:60:36:05:B4:D8:EB ValiditySun, 17 Mar 2024 22:25:37 GMT - Sat, 15 Jun 2024 22:25:36 GMT
File typeJavaScript source, ASCII text, with CRLF line terminators Hash4e39716b4d4469996fc6e68265fa8830 c8b24994e71f4e58170e639124107fd25757f755 3cc4cdc7b3421264503656474f5b10db20bc711493bfe2df0680da0b7c81a72c
Analyzer | Verdict | Alert | OpenPhish | phishing | WhatsApp |
GET /npm/backoffer.js HTTP/1.1
Host: wa.privategirlocation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wa.privategirlocation.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 16:09:33 GMT
content-type: text/javascript
last-modified: Thu, 28 Sep 2023 07:09:05 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FxMGklSdn0RR6GHyDe2zCsOqdcmZRc4dqe2zspOYSZ%2Fi7z7vmjSVjFRQEDpg3CtD4DtD8Xn37sWIbd3dnJ5Wzxlmq4Cwf1vc2gylDWUHYJONbseoNtzyyT6Qxg9qpOZf7XPxW4rqrzrdO9E5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879f99204c5556cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ultimatumrelaxconvince.com/watch.772312760524.js?key=345e1621a507b6fbaf713c8b5e94fb13&kw=%5B%22whatsapp%22%2C%22group%22%2C%22invite%22%5D&refer=https%3A%2F%2Fwa.privategirlocation.com%2F&tz=0&dev=e&res=14.2071&uuid=cf306033-7e69-40ae-b468-6632a4e80a7e%3A1%3A1 | 172.240.127.234 | 307 Temporary Redirect | 0 B |
URL GET HTTP/1.1ultimatumrelaxconvince.com/watch.772312760524.js?key=345e1621a507b6fbaf713c8b5e94fb13&kw=%5B%22whatsapp%22%2C%22group%22%2C%22invite%22%5D&refer=https%3A%2F%2Fwa.privategirlocation.com%2F&tz=0&dev=e&res=14.2071&uuid=cf306033-7e69-40ae-b468-6632a4e80a7e%3A1%3A1 IP172.240.127.234:443
Requested byhttps://wa.privategirlocation.com/ CertificateIssuerLet's Encrypt Subjectultimatumrelaxconvince.com FingerprintED:7E:CD:40:05:B3:70:C3:C7:CF:3A:82:20:FE:24:2D:C6:55:33:F3 ValidityTue, 23 Apr 2024 10:50:54 GMT - Mon, 22 Jul 2024 10:50:53 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /watch.772312760524.js?key=345e1621a507b6fbaf713c8b5e94fb13&kw=%5B%22whatsapp%22%2C%22group%22%2C%22invite%22%5D&refer=https%3A%2F%2Fwa.privategirlocation.com%2F&tz=0&dev=e&res=14.2071&uuid=cf306033-7e69-40ae-b468-6632a4e80a7e%3A1%3A1 HTTP/1.1
Host: ultimatumrelaxconvince.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wa.privategirlocation.com
DNT: 1
Connection: keep-alive
Referer: https://wa.privategirlocation.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Thu, 25 Apr 2024 16:09:35 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://wa.privategirlocation.com
Access-Control-Allow-Origin: https://wa.privategirlocation.com
Access-Control-Allow-Credentials: true
Location: https://ultimatumrelaxconvince.com/watch.772312760524.js?dev=e&key=345e1621a507b6fbaf713c8b5e94fb13&kw=%5B%22whatsapp%22%2C%22group%22%2C%22invite%22%5D&pst=1714061435&refer=https%3A%2F%2Fwa.privategirlocation.com%2F&res=14.2071&rmtc=t&shu=288fba3655543569eeff21511589ee8d5c8f7b59311c26c03e9c1aa0362f5d934a67f81013fe45f3fa1c5bcd4ca192bdba2453171f2a98799849a40bc82ffa18e6796f73eb0dfad1eb5032adc686b6b232393f205fca612b1b2a37608f60&tz=0&uuid=cf306033-7e69-40ae-b468-6632a4e80a7e%3A1%3A1
Set-Cookie: u_pl=20909317; expires=Fri, 26 Apr 2024 16:09:35 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMDkwOTMxNywiayI6IjM0NWUxNjIxYTUwN2I2ZmJhZjcxM2M4YjVlOTRmYjEzIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozMDc5NzYzLCJwaWQiOjg5MzkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjE2LCJhaWQiOjI3LCJwdCI6NCwicGsiOiJycXVpdjhqbSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3dhLnByaXZhdGVnaXJsb2NhdGlvbi5jb20vIiwiYXIiOltdfX0.D81-y4yDcrcYSDmhLtjgOvd1_e3unk77LJqEj2sGa0k; expires=Thu, 25 Apr 2024 16:10:35 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0f0d46c0b8b877b19a8b9f0c71571438
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| ultimatumrelaxconvince.com/watch.772312760524.js?dev=e&key=345e1621a507b6fbaf713c8b5e94fb13&kw=%5B%22whatsapp%22%2C%22group%22%2C%22invite%22%5D&pst=1714061435&refer=https%3A%2F%2Fwa.privategirlocation.com%2F&res=14.2071&rmtc=t&shu=288fba3655543569eeff21511589ee8d5c8f7b59311c26c03e9c1aa0362f5d934a67f81013fe45f3fa1c5bcd4ca192bdba2453171f2a98799849a40bc82ffa18e6796f73eb0dfad1eb5032adc686b6b232393f205fca612b1b2a37608f60&tz=0&uuid=cf306033-7e69-40ae-b468-6632a4e80a7e%3A1%3A1 | 172.240.127.234 | 200 OK | 0 B |
URL GET HTTP/1.1ultimatumrelaxconvince.com/watch.772312760524.js?dev=e&key=345e1621a507b6fbaf713c8b5e94fb13&kw=%5B%22whatsapp%22%2C%22group%22%2C%22invite%22%5D&pst=1714061435&refer=https%3A%2F%2Fwa.privategirlocation.com%2F&res=14.2071&rmtc=t&shu=288fba3655543569eeff21511589ee8d5c8f7b59311c26c03e9c1aa0362f5d934a67f81013fe45f3fa1c5bcd4ca192bdba2453171f2a98799849a40bc82ffa18e6796f73eb0dfad1eb5032adc686b6b232393f205fca612b1b2a37608f60&tz=0&uuid=cf306033-7e69-40ae-b468-6632a4e80a7e%3A1%3A1 IP172.240.127.234:443
Requested byhttps://wa.privategirlocation.com/ CertificateIssuerLet's Encrypt Subjectultimatumrelaxconvince.com FingerprintED:7E:CD:40:05:B3:70:C3:C7:CF:3A:82:20:FE:24:2D:C6:55:33:F3 ValidityTue, 23 Apr 2024 10:50:54 GMT - Mon, 22 Jul 2024 10:50:53 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /watch.772312760524.js?dev=e&key=345e1621a507b6fbaf713c8b5e94fb13&kw=%5B%22whatsapp%22%2C%22group%22%2C%22invite%22%5D&pst=1714061435&refer=https%3A%2F%2Fwa.privategirlocation.com%2F&res=14.2071&rmtc=t&shu=288fba3655543569eeff21511589ee8d5c8f7b59311c26c03e9c1aa0362f5d934a67f81013fe45f3fa1c5bcd4ca192bdba2453171f2a98799849a40bc82ffa18e6796f73eb0dfad1eb5032adc686b6b232393f205fca612b1b2a37608f60&tz=0&uuid=cf306033-7e69-40ae-b468-6632a4e80a7e%3A1%3A1 HTTP/1.1
Host: ultimatumrelaxconvince.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wa.privategirlocation.com
Referer: https://wa.privategirlocation.com/
DNT: 1
Connection: keep-alive
Cookie: u_pl=20909317; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMDkwOTMxNywiayI6IjM0NWUxNjIxYTUwN2I2ZmJhZjcxM2M4YjVlOTRmYjEzIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozMDc5NzYzLCJwaWQiOjg5MzkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjE2LCJhaWQiOjI3LCJwdCI6NCwicGsiOiJycXVpdjhqbSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3dhLnByaXZhdGVnaXJsb2NhdGlvbi5jb20vIiwiYXIiOltdfX0.D81-y4yDcrcYSDmhLtjgOvd1_e3unk77LJqEj2sGa0k
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 25 Apr 2024 16:09:35 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://wa.privategirlocation.com
Access-Control-Allow-Origin: https://wa.privategirlocation.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=cf306033-7e69-40ae-b468-6632a4e80a7e:1:1; expires=Thu, 02 May 2024 16:09:35 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8a9d22d4cedb3287b7e585e88403d585
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| wa.privategirlocation.com/favicon.ico | 172.67.175.190 | 404 Not Found | 5.2 kB |
URL GET HTTP/3wa.privategirlocation.com/favicon.ico IP172.67.175.190:443
Requested byhttps://wa.privategirlocation.com/ CertificateIssuerLet's Encrypt Subjectprivategirlocation.com Fingerprint72:33:1C:94:89:E9:CE:A2:68:80:AA:3B:E2:EB:60:36:05:B4:D8:EB ValiditySun, 17 Mar 2024 22:25:37 GMT - Sat, 15 Jun 2024 22:25:36 GMT
File typeHTML document, ASCII text, with CRLF, LF line terminators Hash8150f458ed6fb9b1db4e5cfa57a1a281 6e5726854d28687b560d7fdcb5c782c425c7dfb9 4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896
Analyzer | Verdict | Alert | OpenPhish | phishing | WhatsApp |
GET /favicon.ico HTTP/1.1
Host: wa.privategirlocation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wa.privategirlocation.com/
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=cf306033-7e69-40ae-b468-6632a4e80a7e%3A1%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Thu, 25 Apr 2024 16:09:35 GMT
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mvtGvWExU6KjOCNnFhVzwBsrYnKLyZDUuA6pRcs3iEiQoYP04CttOTFFY97iz6ppTKyJpb%2BU%2FsUL6KTLpRV23kmlopyhkouYJWSI%2Fbkb2gJKHXxXEzCmAvS0gD%2F53%2BnU5qZarpHsMNPWZ4cq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879f99292e5b56cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| wa.privategirlocation.com/npm/bootstrap-5.1.3/dist/css/bootstrap.min.css | 172.67.175.190 | 200 OK | 164 kB |
URL GET HTTP/3wa.privategirlocation.com/npm/bootstrap-5.1.3/dist/css/bootstrap.min.css IP172.67.175.190:443
Requested byhttps://wa.privategirlocation.com/ CertificateIssuerLet's Encrypt Subjectprivategirlocation.com Fingerprint72:33:1C:94:89:E9:CE:A2:68:80:AA:3B:E2:EB:60:36:05:B4:D8:EB ValiditySun, 17 Mar 2024 22:25:37 GMT - Sat, 15 Jun 2024 22:25:36 GMT
Size164 kB (163887 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | WhatsApp |
GET /npm/bootstrap-5.1.3/dist/css/bootstrap.min.css HTTP/1.1
Host: wa.privategirlocation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wa.privategirlocation.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 16:09:33 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Tue, 30 Apr 2024 10:04:33 GMT
last-modified: Thu, 28 Sep 2023 07:09:05 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 194700
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=boKoS17H%2BPGKF1jzrLCe%2F5UneGhOCni05zBs1h4cSkaicgoXzk1itsgiHjxwxGU61qgQYOrYBnwut3PkJCUzVCzm53OZMOkP2XdzZ6CjEjwASnEoGGF2hW2%2FHv4ePHT2ZjLrdoh4jEkl3nV%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879f99204c5456cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| wa.privategirlocation.com/img/wa-logo.svg | 172.67.175.190 | 200 OK | 2.6 kB |
URL GET HTTP/3wa.privategirlocation.com/img/wa-logo.svg IP172.67.175.190:443
Requested byhttps://wa.privategirlocation.com/ CertificateIssuerLet's Encrypt Subjectprivategirlocation.com Fingerprint72:33:1C:94:89:E9:CE:A2:68:80:AA:3B:E2:EB:60:36:05:B4:D8:EB ValiditySun, 17 Mar 2024 22:25:37 GMT - Sat, 15 Jun 2024 22:25:36 GMT
File typeSVG Scalable Vector Graphics image Hashaf4465a12513351224543990c7d6bd22 2a824b9ae72775384714868ac1f2dc68fc773c5c dfe902bf2459c47cd760687ea56a3fcf81e0cc0f1c2f677d763a4eeb485c87a6
Analyzer | Verdict | Alert | OpenPhish | phishing | WhatsApp |
GET /img/wa-logo.svg HTTP/1.1
Host: wa.privategirlocation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wa.privategirlocation.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 16:09:33 GMT
content-type: image/svg+xml
cache-control: public, max-age=604800
expires: Tue, 30 Apr 2024 10:04:34 GMT
last-modified: Thu, 28 Sep 2023 07:09:05 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 194699
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HDFFrlWWJzfqVh2jqdsEB5KQYfZSE9gSbrY1jmi2abBZKwe3BlCEyxiDY2VOo2R%2BTHTbeovzKndTFEhgjJpz7x8fhKlpA%2BIj747En7keX1ta2DeW9sAVazr5bcbwX7DreF0TQ7zuzGgXxN5A"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879f99204c5656cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| wa.privategirlocation.com/npm/bootstrap-icons-1.8.1/font/fonts/bootstrap-icons.woff | 172.67.175.190 | 200 OK | 102 kB |
URL GET HTTP/3wa.privategirlocation.com/npm/bootstrap-icons-1.8.1/font/fonts/bootstrap-icons.woff IP172.67.175.190:443
Requested byhttps://wa.privategirlocation.com/ CertificateIssuerLet's Encrypt Subjectprivategirlocation.com Fingerprint72:33:1C:94:89:E9:CE:A2:68:80:AA:3B:E2:EB:60:36:05:B4:D8:EB ValiditySun, 17 Mar 2024 22:25:37 GMT - Sat, 15 Jun 2024 22:25:36 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 102536, version 1.0 Size102 kB (102536 bytes) Hash1ed478a6b265d4b4f5c26bb063203588 1ca5e8c7d2fb8e9d60ad1a1feb2a46e98c248a3d c874e14c63db86c4c5318c77cb557fce7036645edc7d690dcc1d23b389631b13
Analyzer | Verdict | Alert | OpenPhish | phishing | WhatsApp |
GET /npm/bootstrap-icons-1.8.1/font/fonts/bootstrap-icons.woff HTTP/1.1
Host: wa.privategirlocation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://wa.privategirlocation.com/npm/bootstrap-icons-1.8.1/font/bootstrap-icons.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 16:09:34 GMT
content-type: font/woff
content-length: 102536
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 16:09:34 GMT
last-modified: Thu, 28 Sep 2023 07:09:05 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jObG%2Fo1wrzREOyaIGYRPWd6SeJWMxY1o9bWLRSjdPObHbvttlgGJ2dV7hY3%2FcdJft7p8DvSw9yIuYrrYDSFstcjOZKx01sTq%2BGgVUQooirQTUYN4UyVAP2hqz98JGXxXDUeJKp9xVO%2Bj03Og"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879f9922ef1d56cb-OSL
alt-svc: h3=":443"; ma=86400
|
|
| wa.privategirlocation.com/ | 172.67.175.190 | 200 OK | 8.4 kB |
URL User Request GET HTTP/2wa.privategirlocation.com/ IP172.67.175.190:443
CertificateIssuerLet's Encrypt Subjectprivategirlocation.com Fingerprint72:33:1C:94:89:E9:CE:A2:68:80:AA:3B:E2:EB:60:36:05:B4:D8:EB ValiditySun, 17 Mar 2024 22:25:37 GMT - Sat, 15 Jun 2024 22:25:36 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (8700), with no line terminators Hash759b4420d2620bab98389f8d0fbe8d9c 2aa7b13b71d04151e315864f18d24d62238ebd1b e2222031c162ac32ceacd75921917718b55195108b0e5fdfe6f3a03e45147282
Analyzer | Verdict | Alert | OpenPhish | phishing | WhatsApp |
GET / HTTP/1.1
Host: wa.privategirlocation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 16:09:33 GMT
content-type: text/html
last-modified: Wed, 18 Oct 2023 23:48:39 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4d9VbQ39VsdACEKGDIR61PXaiVTEKKRz6t8%2FxNONuiOv7FKFozeowAf1HW70P6%2BDFfpog7kisxnfvEjybY6DvrbyKpQyqtQoa0XzMUVcroVWM1Z%2Fzv8A0DgfL9L7nsKREnUCGw3z1pcwJ0lm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879f991cd82eb523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|