| netdna.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 | 104.18.11.207 | 200 OK | 77 kB |
URL GET HTTP/2netdna.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 IP104.18.11.207:443
CertificateIssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63 ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 77160, version 4.459 Hashaf7ae505a9eed503f8b8e6982036873e d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: netdna.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://whatsappred.app/
Origin: https://whatsappred.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:03:18 GMT
content-type: font/woff2
content-length: 77160
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "af7ae505a9eed503f8b8e6982036873e"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 10/31/2023 19:08:24
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 9ab51734ca5b1ebb52f0a0b039d14eb3
cdn-cache: HIT
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8794937b5b01569a-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| whatsappred.app/assets/an1/fonts/Tajawal-nr.woff2 | 104.21.65.247 | 200 OK | 8.6 kB |
URL GET HTTP/3whatsappred.app/assets/an1/fonts/Tajawal-nr.woff2 IP104.21.65.247:443
CertificateIssuerLet's Encrypt Subjectwhatsappred.app Fingerprint94:EC:7F:83:C0:80:78:99:E2:0C:EC:5A:21:C3:87:80:C1:EC:17:C8 ValidityThu, 28 Mar 2024 12:07:37 GMT - Wed, 26 Jun 2024 12:07:36 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 8556, version 1.0 Hash23d6a1d03659b4d43e77d92987d3d026 db53a540082a83402b7353332f14c054a49301ea d74cd1d599cd8aca54efc604395358abd1c34f331304aa34cf7b2cc6c80916d0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/an1/fonts/Tajawal-nr.woff2 HTTP/1.1
Host: whatsappred.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://whatsappred.app/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:03:18 GMT
content-type: font/woff2
content-length: 8556
last-modified: Mon, 30 May 2022 22:37:12 GMT
etag: "216c-5e0424c0df600"
cache-control: max-age=31536000
expires: Thu, 24 Apr 2025 08:03:18 GMT
access-control-allow-headers: *
access-control-allow-origin: *
x-cache: HIT from Backend
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RrjNm1Y8q2akzR8mDRTgwcKPEm6%2FZ%2F%2FCvg94MiTbz5xWP9Rki3LRwVlomme1VR0gMq4cxgVLdVkSZzbKYmPBGa44beBLZDzpukL4kE8iaB6hMRMvbgYpVbyqO31NqllGAIk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8794937afbecb50f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| whatsappred.app/cdn-cgi/challenge-platform/scripts/jsd/main.js | 104.21.65.247 | 302 Found | 0 B |
URL GET HTTP/3whatsappred.app/cdn-cgi/challenge-platform/scripts/jsd/main.js IP104.21.65.247:443
CertificateIssuerLet's Encrypt Subjectwhatsappred.app Fingerprint94:EC:7F:83:C0:80:78:99:E2:0C:EC:5A:21:C3:87:80:C1:EC:17:C8 ValidityThu, 28 Mar 2024 12:07:37 GMT - Wed, 26 Jun 2024 12:07:36 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: whatsappred.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Wed, 24 Apr 2024 08:03:19 GMT
content-length: 0
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
cache-control: max-age=300, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dwejhnoz9OUJpw9QY5fo%2FB9h9%2FuKujGhOVEG8rNlsaj0c4PK96EHsVmjzFpfYSy7zQn29BCoEbGrBcJP7B07opMltjyIwvPh9fG0EPyb%2F0pY0%2BvUqYRJozZ1NhcOpz%2Fisk0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8794937c0ce4b50f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| whatsappred.app/wp-content/uploads/_xxxxxx92/528524/whatsappred-logo.webp | 104.21.65.247 | 200 OK | 6.2 kB |
URL GET HTTP/3whatsappred.app/wp-content/uploads/_xxxxxx92/528524/whatsappred-logo.webp IP104.21.65.247:443
CertificateIssuerLet's Encrypt Subjectwhatsappred.app Fingerprint94:EC:7F:83:C0:80:78:99:E2:0C:EC:5A:21:C3:87:80:C1:EC:17:C8 ValidityThu, 28 Mar 2024 12:07:37 GMT - Wed, 26 Jun 2024 12:07:36 GMT
File typeRIFF (little-endian) data, Web/P image Hash9be4f2cfdb4b01bf78a396f928eb840a 9493fe687f9c0ce1c6f865eaf917de799c11d3ad 1c931a24f4b244266c3666cfaf3a5a9dc08e557afd9e546510b46c2143b2dd6d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/_xxxxxx92/528524/whatsappred-logo.webp HTTP/1.1
Host: whatsappred.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://whatsappred.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:03:19 GMT
content-type: image/webp
content-length: 6226
last-modified: Sun, 06 Aug 2023 22:53:12 GMT
etag: "64d02458-1852"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache: HIT from Backend
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wxy%2FvZucuPo0iPvx1UBGi6CytmQ%2BDpQka139FDlhyLM5wJEnwX3q8ekMZ7rDZcgt1nQ9d2z5FopZ3rGvWg4UguHo%2BXdrmuiIbrFKhg8ezYOlqOyKBKc%2BrvKGNSV55UGVJNw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8794937b0bf6b50f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| whatsappred.app/wp-content/uploads/_x122/528526/blurred_2023-08-06-223648_yrim.webp | 104.21.65.247 | 200 OK | 960 B |
URL GET HTTP/3whatsappred.app/wp-content/uploads/_x122/528526/blurred_2023-08-06-223648_yrim.webp IP104.21.65.247:443
CertificateIssuerLet's Encrypt Subjectwhatsappred.app Fingerprint94:EC:7F:83:C0:80:78:99:E2:0C:EC:5A:21:C3:87:80:C1:EC:17:C8 ValidityThu, 28 Mar 2024 12:07:37 GMT - Wed, 26 Jun 2024 12:07:36 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 122x122, Scaling: [none]x[none], YUV color, decoders should clamp Hash4d2cf758fb928da168d8d3742d1513b8 d7ce4bd3fff84cd996ee60041d1cb584dd20b416 8d5bab68d1e7294d20806d9abb63661f7ae098a552c11e6c942ea64848dc303f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/_x122/528526/blurred_2023-08-06-223648_yrim.webp HTTP/1.1
Host: whatsappred.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://whatsappred.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:03:19 GMT
content-type: image/webp
content-length: 960
last-modified: Sun, 06 Aug 2023 22:53:12 GMT
etag: "64d02458-3c0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache: HIT from Backend
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kqd%2FpBXwsLeag0Y%2Fz2tyKAM3wWsONMsTmnekKqGnKZC5FIQ%2FrsVQV6%2Fmpyn%2BjiUD%2FIaY3LD%2BR8RJjAPXeZuXwqhtfPPWEop8KYgfcnpJJjvLG6dTj3XrYdV0YedMjHw09Q8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8794937b0bfbb50f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| whatsappred.app/assets/an1/fonts/Tajawal-BOLD.woff2 | 104.21.65.247 | 200 OK | 8.6 kB |
URL GET HTTP/3whatsappred.app/assets/an1/fonts/Tajawal-BOLD.woff2 IP104.21.65.247:443
CertificateIssuerLet's Encrypt Subjectwhatsappred.app Fingerprint94:EC:7F:83:C0:80:78:99:E2:0C:EC:5A:21:C3:87:80:C1:EC:17:C8 ValidityThu, 28 Mar 2024 12:07:37 GMT - Wed, 26 Jun 2024 12:07:36 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 8588, version 1.0 Hash20ecdf3b9c5a5f3173b9b57609eb5e65 6e0c05ea9ca10295908a1c3d592d8a7136c0fdc6 9c31422dc22d89f10b886829058f1f77ddfc42e612b29724c8fbef5a3fbaf0e9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/an1/fonts/Tajawal-BOLD.woff2 HTTP/1.1
Host: whatsappred.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://whatsappred.app/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:03:19 GMT
content-type: font/woff2
content-length: 8588
last-modified: Mon, 30 May 2022 22:37:02 GMT
etag: "218c-5e0424b755f80"
cache-control: max-age=31536000
expires: Thu, 24 Apr 2025 08:03:19 GMT
access-control-allow-headers: *
access-control-allow-origin: *
x-cache: HIT from Backend
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MP8Z3waNF4XmPo%2Flfiuo%2F4Km1X9h54WPIwxTjaU%2FDxtlFptWpKdgujsTWZQUQgL30Gem54sGQrFdRlT3zlJN1yjaJNggvmuiyLupQLKAlRAdylPMTBQxTpqYgXkdQMb3TLI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8794937afbeeb50f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| whatsappred.app/webfonts/fa-brands-400.woff2 | 104.21.65.247 | 200 OK | 74 kB |
URL GET HTTP/3whatsappred.app/webfonts/fa-brands-400.woff2 IP104.21.65.247:443
CertificateIssuerLet's Encrypt Subjectwhatsappred.app Fingerprint94:EC:7F:83:C0:80:78:99:E2:0C:EC:5A:21:C3:87:80:C1:EC:17:C8 ValidityThu, 28 Mar 2024 12:07:37 GMT - Wed, 26 Jun 2024 12:07:36 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 74524, version 330.15859 Hash3e1b2a654a784ceb385157140b4ccd71 24354ccf21fb13a37b4484dfac21a90e33953fb0 975714c6cb70ba105bfa87d2415df2fddde4a46c1d3ab9d0cf45465e56cba97d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /webfonts/fa-brands-400.woff2 HTTP/1.1
Host: whatsappred.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://whatsappred.app/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:03:19 GMT
content-type: font/woff2
content-length: 74524
last-modified: Sat, 28 May 2022 20:30:00 GMT
etag: "1231c-5e01849782200"
cache-control: max-age=31536000
expires: Thu, 24 Apr 2025 08:03:19 GMT
access-control-allow-headers: *
access-control-allow-origin: *
x-cache: HIT from Backend
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vGMrQZ7kOJXV2LJV7UuegweAXsVE441ilwERnj4Yw8kz1WH4vjeRrIms08mF%2F0qoICnMflv7RktrCm2pQzFx6YkCV%2BkxS0xg237jPu9i8QaTwPBDR7PyLFHRZLDKZTZsIJ0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8794937afbf0b50f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| whatsappred.app/cdn-cgi/challenge-platform/h/b/jsd/r/879493780a0ab518 | 104.21.65.247 | 200 OK | 0 B |
URL POST HTTP/3whatsappred.app/cdn-cgi/challenge-platform/h/b/jsd/r/879493780a0ab518 IP104.21.65.247:443
CertificateIssuerLet's Encrypt Subjectwhatsappred.app Fingerprint94:EC:7F:83:C0:80:78:99:E2:0C:EC:5A:21:C3:87:80:C1:EC:17:C8 ValidityThu, 28 Mar 2024 12:07:37 GMT - Wed, 26 Jun 2024 12:07:36 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/b/jsd/r/879493780a0ab518 HTTP/1.1
Host: whatsappred.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12136
Origin: https://whatsappred.app
DNT: 1
Connection: keep-alive
Referer: https://whatsappred.app/
Cookie: cfz_google-analytics=%7B%22DRCr__ga%22%3A%7B%22v%22%3A%22e10139e2-9a24-415b-868e-bd1270c174b3%22%2C%22e%22%3A1745481799050%7D%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:03:19 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
set-cookie: cf_clearance=uMamvoy2..HMGFqcyLoB4RustOWcX14gGRtiFgbRASA-1713945799-1.0.1.1-e93GjJsfAbDwmnjA_awihP.4xLYfCP05xvrLDWFck7tJJ2bTseCGc7sdNMwP.BTZnBfCQgwWYCs9QXYTKNtLaA; path=/; expires=Thu, 24-Apr-25 08:03:19 GMT; domain=.whatsappred.app; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RDSy5cQdNqkczflaICCkTZjLu0sh%2BBENSBADbU3IgfzhNSg2i2Kqm5%2Fo5owqmnbdNhv%2By%2F7C0jnJaUNSOfBDUnXxTA0AwAYKrQbTGTiHGL%2BOAs%2F%2Fv9JlIF1yi3kW%2F9oz5bg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794937d9e17b50f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| whatsappred.app/wp-content/uploads/_x32/whats-red.png | 104.21.65.247 | 200 OK | 10 kB |
URL GET HTTP/3whatsappred.app/wp-content/uploads/_x32/whats-red.png IP104.21.65.247:443
CertificateIssuerLet's Encrypt Subjectwhatsappred.app Fingerprint94:EC:7F:83:C0:80:78:99:E2:0C:EC:5A:21:C3:87:80:C1:EC:17:C8 ValidityThu, 28 Mar 2024 12:07:37 GMT - Wed, 26 Jun 2024 12:07:36 GMT
File typePNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced Hash1802e573104df729096351899d1622f8 a935c20411ac6c354241ed2ef2242bd0b3d6576c 655b4e9270a5a8836bb9c8e0dfaa405d41191a9bdc92500ab9e4664bc60d6215
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/_x32/whats-red.png HTTP/1.1
Host: whatsappred.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://whatsappred.app/
Cookie: cfz_google-analytics=%7B%22DRCr__ga%22%3A%7B%22v%22%3A%22e10139e2-9a24-415b-868e-bd1270c174b3%22%2C%22e%22%3A1745481799050%7D%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:03:19 GMT
content-type: image/png
last-modified: Sun, 06 Aug 2023 22:53:12 GMT
vary: Accept-Encoding
etag: W/"64d02458-871"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache: HIT from Backend
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ROeUisAu4JwJk4zmWfgf%2BUTuyo%2BelOoi4BnO4spK2DoxWU4ivsQNVzY1HxFj2tMt89e2Qp7Bq6w2eMOFgFcC9frnLWsypBrXMZrijjd4Hf8tyi5QyKQ2ABohtdgvsfSp3wk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794937d4de0b50f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| | 104.21.65.247 | 200 OK | 32 kB |
URL User Request GET HTTP/2IP104.21.65.247:443
CertificateIssuerLet's Encrypt Subjectwhatsappred.app Fingerprint94:EC:7F:83:C0:80:78:99:E2:0C:EC:5A:21:C3:87:80:C1:EC:17:C8 ValidityThu, 28 Mar 2024 12:07:37 GMT - Wed, 26 Jun 2024 12:07:36 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (41221) Hasha50de0ba255bf100d22384b8de6c9dc9 fd1599132275b5c66896a2d7f02650c6db557c0f f792d98f6ffb38aa057117ec898ba9fbb845635431097f15de5787128e747929
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: whatsappred.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:03:18 GMT
content-type: text/html
cf-ray: 879493780a0ab518-OSL
cf-cache-status: DYNAMIC
cache-control: max-age=31536000
expires: Thu, 24 Apr 2025 08:03:18 GMT
last-modified: Mon, 22 Apr 2024 21:31:12 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding
access-control-allow-headers: *
x-cache: HIT from Backend
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Et0C0CSqnMbrafr7jyrUL%2FIKNPIpWZUSzMQsb0JtRJ2urNB6HThVjvMLwxDSIa0phQHv91C%2B%2Fvg944lOCLVrTvQrRRkD6BMUx4m2d9rtVsXqQi5%2Bj5xzxX7mAVto9Ia7dI0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| netdna.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css | 104.18.11.207 | 200 OK | 31 kB |
URL GET HTTP/2netdna.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css IP104.18.11.207:443
CertificateIssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63 ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT
File typeASCII text, with very long lines (30837) Hash269550530cc127b6aa5a35925a7de6ce 512c7d79033e3028a9be61b540cf1a6870c896f8 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: netdna.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://whatsappred.app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:03:18 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 10/31/2023 18:48:06
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 722
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 80f8aafddd0209efde488e1048444b77
cdn-cache: HIT
cf-cache-status: HIT
age: 13143976
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8794937b5d55b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| whatsappred.app/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyV2hhdHNBcHAlMjBSZWQlMjAlN0MlMjBXaGF0c0FwcCUyMFJlZCUyMiUyQyUyMnglMjIlM0EwLjg1NTI4NTQxMDU0OTY0MjglMkMlMjJ3JTIyJTNBMTI4MCUyQyUyMmglMjIlM0ExMDI0JTJDJTIyaiUyMiUzQTEwMjQlMkMlMjJlJTIyJTNBMTI4MCUyQyUyMmwlMjIlM0ElMjJodHRwcyUzQSUyRiUyRndoYXRzYXBwcmVkLmFwcCUyRiUyMiUyQyUyMnIlMjIlM0ElMjIlMjIlMkMlMjJrJTIyJTNBMjQlMkMlMjJuJTIyJTNBJTIyVVRGLTglMjIlMkMlMjJvJTIyJTNBMCUyQyUyMnElMjIlM0ElNUIlNUQlN0Q= | 104.21.65.247 | 200 OK | 4.9 kB |
URL GET HTTP/3whatsappred.app/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyV2hhdHNBcHAlMjBSZWQlMjAlN0MlMjBXaGF0c0FwcCUyMFJlZCUyMiUyQyUyMnglMjIlM0EwLjg1NTI4NTQxMDU0OTY0MjglMkMlMjJ3JTIyJTNBMTI4MCUyQyUyMmglMjIlM0ExMDI0JTJDJTIyaiUyMiUzQTEwMjQlMkMlMjJlJTIyJTNBMTI4MCUyQyUyMmwlMjIlM0ElMjJodHRwcyUzQSUyRiUyRndoYXRzYXBwcmVkLmFwcCUyRiUyMiUyQyUyMnIlMjIlM0ElMjIlMjIlMkMlMjJrJTIyJTNBMjQlMkMlMjJuJTIyJTNBJTIyVVRGLTglMjIlMkMlMjJvJTIyJTNBMCUyQyUyMnElMjIlM0ElNUIlNUQlN0Q= IP104.21.65.247:443
CertificateIssuerLet's Encrypt Subjectwhatsappred.app Fingerprint94:EC:7F:83:C0:80:78:99:E2:0C:EC:5A:21:C3:87:80:C1:EC:17:C8 ValidityThu, 28 Mar 2024 12:07:37 GMT - Wed, 26 Jun 2024 12:07:36 GMT
File typeJavaScript source, ASCII text, with very long lines (5044), with no line terminators Hash4f8e7bece0e33eebe4e125006a962faa 02df4701a7a073a8ecdf239a4bf72cef2479c5b6 8e51ff96ef81e6ed83a5e9eac293c4e3817601e91050a7b350daeb4ec3359356
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyV2hhdHNBcHAlMjBSZWQlMjAlN0MlMjBXaGF0c0FwcCUyMFJlZCUyMiUyQyUyMnglMjIlM0EwLjg1NTI4NTQxMDU0OTY0MjglMkMlMjJ3JTIyJTNBMTI4MCUyQyUyMmglMjIlM0ExMDI0JTJDJTIyaiUyMiUzQTEwMjQlMkMlMjJlJTIyJTNBMTI4MCUyQyUyMmwlMjIlM0ElMjJodHRwcyUzQSUyRiUyRndoYXRzYXBwcmVkLmFwcCUyRiUyMiUyQyUyMnIlMjIlM0ElMjIlMjIlMkMlMjJrJTIyJTNBMjQlMkMlMjJuJTIyJTNBJTIyVVRGLTglMjIlMkMlMjJvJTIyJTNBMCUyQyUyMnElMjIlM0ElNUIlNUQlN0Q= HTTP/1.1
Host: whatsappred.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://whatsappred.app/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:03:19 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://whatsappred.app
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Set-Cookie, Cache-Control
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-max-age: 600
set-cookie: google-analytics_DRCr___ga=; Domain=whatsappred.app; Path=/; Max-Age=0; HttpOnly; Secure; SameSite=Lax
cfz_google-analytics=%7B%22DRCr__ga%22%3A%7B%22v%22%3A%22e10139e2-9a24-415b-868e-bd1270c174b3%22%2C%22e%22%3A1745481799050%7D%7D; Domain=whatsappred.app; Path=/; Max-Age=31536000000; HttpOnly; Secure; SameSite=Lax
x-robots-tag: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=po%2BbliMN80NQps3RgBIE%2FlcpufZ2KsAzYj42gIGGwZPCgigz%2Brgwe%2BkA5lrRwpNmC8EMAFQQT2%2FXmjsfJ1w8dgeQEFpcRk9dwn9Zai4%2FyVvB60oaG8gxBSZrW0oAIYgIilQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794937c0ce7b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| whatsappred.app/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js | 104.21.65.247 | 200 OK | 7.8 kB |
URL GET HTTP/3whatsappred.app/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js IP104.21.65.247:443
CertificateIssuerLet's Encrypt Subjectwhatsappred.app Fingerprint94:EC:7F:83:C0:80:78:99:E2:0C:EC:5A:21:C3:87:80:C1:EC:17:C8 ValidityThu, 28 Mar 2024 12:07:37 GMT - Wed, 26 Jun 2024 12:07:36 GMT
File typeJavaScript source, ASCII text, with very long lines (7802), with no line terminators Hash626fe503dce623d19576b5c3595cb4de b8f317f26e08602d37898adfecb9b958554ba7c4 c8f80574a49778e4c8315723b22f4669d51ba98cc12c174204ab760fa457bde1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js HTTP/1.1
Host: whatsappred.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: cfz_google-analytics=%7B%22DRCr__ga%22%3A%7B%22v%22%3A%22e10139e2-9a24-415b-868e-bd1270c174b3%22%2C%22e%22%3A1745481799050%7D%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:03:19 GMT
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
cache-control: max-age=14400, public
content-encoding: br
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pNNlgffV%2FTsgMH5d6Uwoy4Wpv6SnWz%2FIwdMWI9vbNRm6x9DLSA5fwGlAUQS2%2BoENesYp6Y2oBlhKdEi1sVn8W20nTGkmT2mQL%2FcK5o%2BKET%2BW35dsB%2FBjYhRdF8STdMOQJCY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794937c5d42b50f-OSL
alt-svc: h3=":443"; ma=86400
|
|