35.220.255.95200 OK 14 kB URL User Request GET HTTP/2 IP 35.220.255.95:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subjectb.ljym1k.icu
FingerprintF6:49:AC:86:43:80:9E:C1:5E:73:9F:08:23:C1:67:D3:EC:B9:93:2F
ValidityMon, 15 Apr 2024 07:10:24 GMT - Sun, 14 Jul 2024 07:10:23 GMT
File type gzip compressed data, from Unix
Hash b9288c0676e4056e056bd399f806fc79
38418aa2099582a2c44c3834fa14b43db5c87ccb
dec58215543b93293e94eb2d13d47ddd039cc8194e248df7c4fcf652d5a9abe0
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET / HTTP/1.1
Host: b.ljym1k.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 03:36:45 GMT
content-type: text/html
last-modified: Wed, 10 Apr 2024 14:02:50 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"66169c0a-19f7"
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
b.ljym1k.icu/stylex.css
35.220.255.95200 OK 57 kB IP 35.220.255.95:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subjectb.ljym1k.icu
FingerprintF6:49:AC:86:43:80:9E:C1:5E:73:9F:08:23:C1:67:D3:EC:B9:93:2F
ValidityMon, 15 Apr 2024 07:10:24 GMT - Sun, 14 Jul 2024 07:10:23 GMT
File type gzip compressed data, from Unix
Hash 72ead044d080f1fb0fc2a130f25c78af
fbb6266492b231ba5cd6607663557d5e1c994b78
62ea0233e111cf73fb7caec7912f818696203e94716eef683424b5c32a50cc0b
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /stylex.css HTTP/1.1
Host: b.ljym1k.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.ljym1k.icu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 03:36:46 GMT
content-type: text/css
last-modified: Wed, 10 Apr 2024 14:02:50 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"66169c0a-36ca4"
expires: Tue, 16 Apr 2024 06:50:58 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
b.ljym1k.icu/assets/Guide-b915acd8.css
35.220.255.95200 OK 167 B URL GET HTTP/2 b.ljym1k.icu/assets/Guide-b915acd8.css
IP 35.220.255.95:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subjectb.ljym1k.icu
FingerprintF6:49:AC:86:43:80:9E:C1:5E:73:9F:08:23:C1:67:D3:EC:B9:93:2F
ValidityMon, 15 Apr 2024 07:10:24 GMT - Sun, 14 Jul 2024 07:10:23 GMT
Hash 6e646cd14d0b5001d927f98b0152df35
102fb3acf536ab5c016e54512db152864821bd06
b915acd878290d75d9aaa86e9ac55b3d341b8924de20e774f2c2e62ef25f2fc9
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /assets/Guide-b915acd8.css HTTP/1.1
Host: b.ljym1k.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.ljym1k.icu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 03:36:47 GMT
content-type: text/css
content-length: 167
last-modified: Wed, 10 Apr 2024 14:02:50 GMT
etag: "66169c0a-a7"
expires: Tue, 16 Apr 2024 14:54:40 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
b.ljym1k.icu/assets/_plugin-vue_export-helper-c27b6911.js
35.220.255.95200 OK 91 B URL GET HTTP/2 b.ljym1k.icu/assets/_plugin-vue_export-helper-c27b6911.js
IP 35.220.255.95:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subjectb.ljym1k.icu
FingerprintF6:49:AC:86:43:80:9E:C1:5E:73:9F:08:23:C1:67:D3:EC:B9:93:2F
ValidityMon, 15 Apr 2024 07:10:24 GMT - Sun, 14 Jul 2024 07:10:23 GMT
Hash 25e3a5dcaf00fb2b1ba0c8ecea6d2560
7850b3fd4aeb69387bdb5a60025d15c41351d5eb
cb85b0f263dbe24e857338301c0627076592e9f1f1a5662929f86d2c126444aa
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /assets/_plugin-vue_export-helper-c27b6911.js HTTP/1.1
Host: b.ljym1k.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b.ljym1k.icu/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 03:36:47 GMT
content-type: application/javascript
content-length: 91
last-modified: Wed, 10 Apr 2024 14:02:50 GMT
etag: "66169c0a-5b"
expires: Tue, 16 Apr 2024 11:50:58 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
b.ljym1k.icu/apple-touch-icon.png
35.220.255.95200 OK 4.8 kB URL GET HTTP/2 b.ljym1k.icu/apple-touch-icon.png
IP 35.220.255.95:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subjectb.ljym1k.icu
FingerprintF6:49:AC:86:43:80:9E:C1:5E:73:9F:08:23:C1:67:D3:EC:B9:93:2F
ValidityMon, 15 Apr 2024 07:10:24 GMT - Sun, 14 Jul 2024 07:10:23 GMT
File type PNG image data, 194 x 194, 8-bit colormap, non-interlaced
Hash e872691e449e137aac21b048c42b9539
bc1d23d193fdee85fad4e0c392a512645d07dd30
8286d412dd31e8fab1f6d67092d86685fbc4f9702863f8262ce8fef566c96592
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /apple-touch-icon.png HTTP/1.1
Host: b.ljym1k.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.ljym1k.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 03:36:48 GMT
content-type: image/png
content-length: 4803
last-modified: Wed, 10 Apr 2024 14:02:50 GMT
etag: "66169c0a-12c3"
expires: Wed, 15 May 2024 08:30:54 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
b.ljym1k.icu/img/favicon.png
35.220.255.95200 OK 787 B URL GET HTTP/2 b.ljym1k.icu/img/favicon.png
IP 35.220.255.95:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subjectb.ljym1k.icu
FingerprintF6:49:AC:86:43:80:9E:C1:5E:73:9F:08:23:C1:67:D3:EC:B9:93:2F
ValidityMon, 15 Apr 2024 07:10:24 GMT - Sun, 14 Jul 2024 07:10:23 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Hash c5088e888c97ad440a61d247596f88e5
865a0d1bb7e1245e046c5e1bae988cce53330280
d0cadf240e89340b93df35240e7809039c1c574be05fbe2cf3243e2f487bc9ec
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /img/favicon.png HTTP/1.1
Host: b.ljym1k.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.ljym1k.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 03:36:48 GMT
content-type: image/png
content-length: 787
last-modified: Mon, 18 Mar 2024 08:59:39 GMT
etag: "65f8027b-313"
expires: Sat, 04 May 2024 13:04:22 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
b.ljym1k.icu/assets/_plugin-vue_export-helper-c27b6911.js
35.220.255.95200 OK 91 B URL GET HTTP/2 b.ljym1k.icu/assets/_plugin-vue_export-helper-c27b6911.js
IP 35.220.255.95:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subjectb.ljym1k.icu
FingerprintF6:49:AC:86:43:80:9E:C1:5E:73:9F:08:23:C1:67:D3:EC:B9:93:2F
ValidityMon, 15 Apr 2024 07:10:24 GMT - Sun, 14 Jul 2024 07:10:23 GMT
Hash 25e3a5dcaf00fb2b1ba0c8ecea6d2560
7850b3fd4aeb69387bdb5a60025d15c41351d5eb
cb85b0f263dbe24e857338301c0627076592e9f1f1a5662929f86d2c126444aa
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /assets/_plugin-vue_export-helper-c27b6911.js HTTP/1.1
Host: b.ljym1k.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.ljym1k.icu/assets/Index-23339c69.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 03:36:48 GMT
content-type: application/javascript
content-length: 91
last-modified: Wed, 10 Apr 2024 14:02:50 GMT
etag: "66169c0a-5b"
expires: Tue, 16 Apr 2024 11:50:58 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?56999c069800319574299541bbc6f466
103.235.46.191200 OK 11 kB URL GET HTTP/1.1 hm.baidu.com/hm.js?56999c069800319574299541bbc6f466
IP 103.235.46.191:443
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type JavaScript source, ASCII text, with very long lines (629)
Hash d98de290e70721541c2f4456f8126276
0242d04c8b6a0d4f76928048e74880fe380b450c
91802b1f6d31772ad0d7d192222bc11db0ee3f63509c86cedffbcf7329889cc8
GET /hm.js?56999c069800319574299541bbc6f466 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.ljym1k.icu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11267
Content-Type: application/javascript
Date: Tue, 16 Apr 2024 03:36:48 GMT
Etag: 5d3d32ac4b9d98849e97934c2f02193e
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=8D318ED94CA01CE1; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
b.ljym1k.icu/assets/Index-16b09b8b.css
35.220.255.95200 OK 302 kB URL GET HTTP/2 b.ljym1k.icu/assets/Index-16b09b8b.css
IP 35.220.255.95:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subjectb.ljym1k.icu
FingerprintF6:49:AC:86:43:80:9E:C1:5E:73:9F:08:23:C1:67:D3:EC:B9:93:2F
ValidityMon, 15 Apr 2024 07:10:24 GMT - Sun, 14 Jul 2024 07:10:23 GMT
File type gzip compressed data, from Unix
Size 302 kB (301868 bytes)
Hash b4312841c59acd10d5bcad56cd310c16
574d865cf8e467569217226f49fe567f529e8e80
0c964391c507ee1ee32520f8997ecf85af250ec5562366ba325adcfd90f0935e
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /assets/Index-16b09b8b.css HTTP/1.1
Host: b.ljym1k.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.ljym1k.icu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 03:36:47 GMT
content-type: text/css
last-modified: Wed, 10 Apr 2024 14:02:50 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"66169c0a-18f3"
expires: Tue, 16 Apr 2024 06:51:01 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1560503487&si=56999c069800319574299541bbc6f466&v=1.3.0&lv=1&sn=22639&r=0&ww=1280&u=https%3A%2F%2Fb.ljym1k.icu%2F%23%2F&tt=WhatsApp%20Web
103.235.46.191200 OK 43 B URL GET HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1560503487&si=56999c069800319574299541bbc6f466&v=1.3.0&lv=1&sn=22639&r=0&ww=1280&u=https%3A%2F%2Fb.ljym1k.icu%2F%23%2F&tt=WhatsApp%20Web
IP 103.235.46.191:443
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1560503487&si=56999c069800319574299541bbc6f466&v=1.3.0&lv=1&sn=22639&r=0&ww=1280&u=https%3A%2F%2Fb.ljym1k.icu%2F%23%2F&tt=WhatsApp%20Web HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.ljym1k.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 16 Apr 2024 03:36:48 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=04C9C9F7C931D789; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
b.ljym1k.icu/assets/index-f7548255.js
35.220.255.95200 OK 549 kB URL GET HTTP/2 b.ljym1k.icu/assets/index-f7548255.js
IP 35.220.255.95:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subjectb.ljym1k.icu
FingerprintF6:49:AC:86:43:80:9E:C1:5E:73:9F:08:23:C1:67:D3:EC:B9:93:2F
ValidityMon, 15 Apr 2024 07:10:24 GMT - Sun, 14 Jul 2024 07:10:23 GMT
File type gzip compressed data, from Unix
Size 549 kB (548795 bytes)
Hash 7b98382ed34d3a1fb27b47bfa7b117a7
c8ea4df75e6d2b2f0a27d38327489ae713eb6178
8caa8236f0e3692bcbd29a5ecf41a9e0c652b74675ddbf9215cd2ac643ff347d
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /assets/index-f7548255.js HTTP/1.1
Host: b.ljym1k.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.ljym1k.icu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 03:36:46 GMT
content-type: application/javascript
last-modified: Wed, 10 Apr 2024 14:02:50 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"66169c0a-1658cc"
expires: Tue, 16 Apr 2024 09:58:19 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
b.ljym1k.icu/assets/Index-23339c69.js
35.220.255.95200 OK 30 kB URL GET HTTP/2 b.ljym1k.icu/assets/Index-23339c69.js
IP 35.220.255.95:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subjectb.ljym1k.icu
FingerprintF6:49:AC:86:43:80:9E:C1:5E:73:9F:08:23:C1:67:D3:EC:B9:93:2F
ValidityMon, 15 Apr 2024 07:10:24 GMT - Sun, 14 Jul 2024 07:10:23 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (56370)
Hash 6240ca9cf7603dc40de9c9f6bdf09ee1
f14a17089e7b6ef29df467614e42304003999ab6
a4bba81087fdf3c428c04f3b07bef21db3c1b11ee81f93d8d5b30c400d8a163d
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /assets/Index-23339c69.js HTTP/1.1
Host: b.ljym1k.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.ljym1k.icu/assets/index-f7548255.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 03:36:48 GMT
content-type: application/javascript
last-modified: Wed, 10 Apr 2024 14:02:50 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"66169c0a-dc52"
expires: Tue, 16 Apr 2024 11:50:58 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
wsadmu.icu/api/registerChat
47.76.254.147204 No Content 23 kB URL OPTIONS HTTP/2 wsadmu.icu/api/registerChat
IP 47.76.254.147:443
ASN #45102 Alibaba US Technology Co., Ltd.
Certificate IssuerLet's Encrypt
Subjectwsadmu.icu
FingerprintFF:CF:67:C3:CD:17:8B:D2:98:5F:F5:E4:43:CE:2A:B3:38:93:DC:49
ValiditySat, 16 Mar 2024 04:52:09 GMT - Fri, 14 Jun 2024 04:52:08 GMT
Hash 08d06e64af61b3cb3230c38021acb6a4
269538bd93d2562c41a688c53b48566b116af085
7d9d27387d641228cc255d38168aa238112553ef2a652c7c4c20818a4758f1d0
POST /api/registerChat HTTP/1.1
Host: wsadmu.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 20
Origin: https://b.ljym1k.icu
DNT: 1
Connection: keep-alive
Referer: https://b.ljym1k.icu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json
cache-control: no-cache, private
date: Tue, 16 Apr 2024 03:36:50 GMT
x-ratelimit-limit: 60
x-ratelimit-remaining: 59
access-control-allow-origin: *
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
b.ljym1k.icu/assets/Guide-973a9ab2.js
35.220.255.95200 OK 8.0 kB URL GET HTTP/2 b.ljym1k.icu/assets/Guide-973a9ab2.js
IP 35.220.255.95:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subjectb.ljym1k.icu
FingerprintF6:49:AC:86:43:80:9E:C1:5E:73:9F:08:23:C1:67:D3:EC:B9:93:2F
ValidityMon, 15 Apr 2024 07:10:24 GMT - Sun, 14 Jul 2024 07:10:23 GMT
File type gzip compressed data, from Unix
Hash 58ee9ee8edb292571881ce45dcb91ef4
da376fa9ffbbb39bf827a35bcc7320de074f62b1
14570fb22eb3bda9c09f9613a6bb5021ae60def436f9ff194d34b334553ebe02
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /assets/Guide-973a9ab2.js HTTP/1.1
Host: b.ljym1k.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b.ljym1k.icu/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 03:36:47 GMT
content-type: application/javascript
last-modified: Wed, 10 Apr 2024 14:02:50 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"66169c0a-2a05"
expires: Tue, 16 Apr 2024 11:50:58 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
wsadmu.icu/api/getSocketAddress
47.76.254.147204 No Content 0 B URL OPTIONS HTTP/2 wsadmu.icu/api/getSocketAddress
IP 47.76.254.147:443
ASN #45102 Alibaba US Technology Co., Ltd.
Certificate IssuerLet's Encrypt
Subjectwsadmu.icu
FingerprintFF:CF:67:C3:CD:17:8B:D2:98:5F:F5:E4:43:CE:2A:B3:38:93:DC:49
ValiditySat, 16 Mar 2024 04:52:09 GMT - Fri, 14 Jun 2024 04:52:08 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/getSocketAddress HTTP/1.1
Host: wsadmu.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://b.ljym1k.icu/
Origin: https://b.ljym1k.icu
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
server: nginx
cache-control: no-cache, private
date: Tue, 16 Apr 2024 03:36:50 GMT
access-control-allow-origin: *
vary: Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST
access-control-allow-headers: content-type
access-control-max-age: 0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
wsadmu.icu/api/webhook?event=msg.reload
47.76.254.147200 OK 0 B URL POST HTTP/2 wsadmu.icu/api/webhook?event=msg.reload
IP 47.76.254.147:443
ASN #45102 Alibaba US Technology Co., Ltd.
Certificate IssuerLet's Encrypt
Subjectwsadmu.icu
FingerprintFF:CF:67:C3:CD:17:8B:D2:98:5F:F5:E4:43:CE:2A:B3:38:93:DC:49
ValiditySat, 16 Mar 2024 04:52:09 GMT - Fri, 14 Jun 2024 04:52:08 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/webhook?event=msg.reload HTTP/1.1
Host: wsadmu.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://b.ljym1k.icu/
Origin: https://b.ljym1k.icu
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
server: nginx
cache-control: no-cache, private
date: Tue, 16 Apr 2024 03:36:50 GMT
access-control-allow-origin: *
vary: Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST
access-control-allow-headers: content-type
access-control-max-age: 0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
b.ljym1k.icu/assets/photo-265cdaea.svg
35.220.255.95200 OK 140 kB URL GET HTTP/2 b.ljym1k.icu/assets/photo-265cdaea.svg
IP 35.220.255.95:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subjectb.ljym1k.icu
FingerprintF6:49:AC:86:43:80:9E:C1:5E:73:9F:08:23:C1:67:D3:EC:B9:93:2F
ValidityMon, 15 Apr 2024 07:10:24 GMT - Sun, 14 Jul 2024 07:10:23 GMT
File type SVG Scalable Vector Graphics image
Size 140 kB (140125 bytes)
Hash 1cfbb750f23757aa09c2fd25fd8f5b90
0934bdb1906a8c5f6804d376fb58db621aee70af
265cdaeafd9290b671b7c8ac839c19f1f4dc2a306941303f03a415b0490aa52e
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /assets/photo-265cdaea.svg HTTP/1.1
Host: b.ljym1k.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.ljym1k.icu/
Cookie: Hm_lvt_56999c069800319574299541bbc6f466=1713238609; Hm_lpvt_56999c069800319574299541bbc6f466=1713238609
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 03:36:50 GMT
content-type: image/svg+xml
content-length: 140125
last-modified: Wed, 10 Apr 2024 14:02:50 GMT
etag: "66169c0a-2235d"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
b.ljym1k.icu/assets/msgloadding-2dcd60de.svg
35.220.255.95200 OK 1.8 kB URL GET HTTP/2 b.ljym1k.icu/assets/msgloadding-2dcd60de.svg
IP 35.220.255.95:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subjectb.ljym1k.icu
FingerprintF6:49:AC:86:43:80:9E:C1:5E:73:9F:08:23:C1:67:D3:EC:B9:93:2F
ValidityMon, 15 Apr 2024 07:10:24 GMT - Sun, 14 Jul 2024 07:10:23 GMT
File type SVG Scalable Vector Graphics image
Hash e5ad9f252400104557820922a28930c9
0798be5aa825f239554eec573ad9012a39048f77
2dcd60dec742f9917a82b6c39a2694b244327af1419a3862ca836122698d722f
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /assets/msgloadding-2dcd60de.svg HTTP/1.1
Host: b.ljym1k.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.ljym1k.icu/
Cookie: Hm_lvt_56999c069800319574299541bbc6f466=1713238609; Hm_lpvt_56999c069800319574299541bbc6f466=1713238609
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 03:36:50 GMT
content-type: image/svg+xml
content-length: 1828
last-modified: Wed, 10 Apr 2024 14:02:50 GMT
etag: "66169c0a-724"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
b.ljym1k.icu/assets/xiaolian-33f1b2b8.svg
35.220.255.95200 OK 2.4 kB URL GET HTTP/2 b.ljym1k.icu/assets/xiaolian-33f1b2b8.svg
IP 35.220.255.95:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subjectb.ljym1k.icu
FingerprintF6:49:AC:86:43:80:9E:C1:5E:73:9F:08:23:C1:67:D3:EC:B9:93:2F
ValidityMon, 15 Apr 2024 07:10:24 GMT - Sun, 14 Jul 2024 07:10:23 GMT
File type SVG Scalable Vector Graphics image
Hash f710611094f42cbe754f0a692c81bad6
3a63c6fffd5986ccb9a341928d666f4bae2079c8
33f1b2b8beb484536f9f46e015b540ea3cb40362c310c6f07fdfe6274494bd7b
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /assets/xiaolian-33f1b2b8.svg HTTP/1.1
Host: b.ljym1k.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.ljym1k.icu/
Cookie: Hm_lvt_56999c069800319574299541bbc6f466=1713238609; Hm_lpvt_56999c069800319574299541bbc6f466=1713238609
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 03:36:50 GMT
content-type: image/svg+xml
content-length: 2377
last-modified: Wed, 10 Apr 2024 14:02:50 GMT
etag: "66169c0a-949"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
b.ljym1k.icu/assets/tupian-75b5624a.svg
35.220.255.95200 OK 1.9 kB URL GET HTTP/2 b.ljym1k.icu/assets/tupian-75b5624a.svg
IP 35.220.255.95:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subjectb.ljym1k.icu
FingerprintF6:49:AC:86:43:80:9E:C1:5E:73:9F:08:23:C1:67:D3:EC:B9:93:2F
ValidityMon, 15 Apr 2024 07:10:24 GMT - Sun, 14 Jul 2024 07:10:23 GMT
File type SVG Scalable Vector Graphics image
Hash 78a332f85a8edc6de50e77ec146201dd
064251199e997f4ada05cfbfba475098009cdb47
75b5624a5ec7b46246241edd329b65edbc075960a48dcdeca4cb78a4b95a151b
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /assets/tupian-75b5624a.svg HTTP/1.1
Host: b.ljym1k.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.ljym1k.icu/
Cookie: Hm_lvt_56999c069800319574299541bbc6f466=1713238609; Hm_lpvt_56999c069800319574299541bbc6f466=1713238609
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 03:36:50 GMT
content-type: image/svg+xml
content-length: 1888
last-modified: Wed, 10 Apr 2024 14:02:50 GMT
etag: "66169c0a-760"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
b.ljym1k.icu/assets/zhifeiji-49de122b.svg
35.220.255.95200 OK 1.5 kB URL GET HTTP/2 b.ljym1k.icu/assets/zhifeiji-49de122b.svg
IP 35.220.255.95:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subjectb.ljym1k.icu
FingerprintF6:49:AC:86:43:80:9E:C1:5E:73:9F:08:23:C1:67:D3:EC:B9:93:2F
ValidityMon, 15 Apr 2024 07:10:24 GMT - Sun, 14 Jul 2024 07:10:23 GMT
File type SVG Scalable Vector Graphics image
Hash e8490c63435bb93738084ae05c6bb819
115e420e80c0cd175e6fa095f2ef0c5fd15dbe2c
49de122b277839b45cbec28816ba51198be3818fdc0668a30d8c6edcaa7f5ab0
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /assets/zhifeiji-49de122b.svg HTTP/1.1
Host: b.ljym1k.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.ljym1k.icu/
Cookie: Hm_lvt_56999c069800319574299541bbc6f466=1713238609; Hm_lpvt_56999c069800319574299541bbc6f466=1713238609
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 03:36:50 GMT
content-type: image/svg+xml
content-length: 1527
last-modified: Wed, 10 Apr 2024 14:02:50 GMT
etag: "66169c0a-5f7"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
b.ljym1k.icu/assets/huixingzheng-98a8f77f.svg
35.220.255.95200 OK 3.6 kB URL GET HTTP/2 b.ljym1k.icu/assets/huixingzheng-98a8f77f.svg
IP 35.220.255.95:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subjectb.ljym1k.icu
FingerprintF6:49:AC:86:43:80:9E:C1:5E:73:9F:08:23:C1:67:D3:EC:B9:93:2F
ValidityMon, 15 Apr 2024 07:10:24 GMT - Sun, 14 Jul 2024 07:10:23 GMT
File type SVG Scalable Vector Graphics image
Hash f251b50a44dfcbd47d64184512376fc6
276cfa8c809597977f4dec3466128d4ceac37930
98a8f77f2aca32a2a1b67788f514827c1373f589d5309f227a9c04d9bbf3e46d
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /assets/huixingzheng-98a8f77f.svg HTTP/1.1
Host: b.ljym1k.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.ljym1k.icu/
Cookie: Hm_lvt_56999c069800319574299541bbc6f466=1713238609; Hm_lpvt_56999c069800319574299541bbc6f466=1713238609
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 03:36:50 GMT
content-type: image/svg+xml
content-length: 3561
last-modified: Wed, 10 Apr 2024 14:02:50 GMT
etag: "66169c0a-de9"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
b.ljym1k.icu/assets/bg-b0fa5029.png
35.220.255.95200 OK 88 kB URL GET HTTP/2 b.ljym1k.icu/assets/bg-b0fa5029.png
IP 35.220.255.95:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subjectb.ljym1k.icu
FingerprintF6:49:AC:86:43:80:9E:C1:5E:73:9F:08:23:C1:67:D3:EC:B9:93:2F
ValidityMon, 15 Apr 2024 07:10:24 GMT - Sun, 14 Jul 2024 07:10:23 GMT
File type PNG image data, 540 x 981, 4-bit colormap, non-interlaced
Hash a4be512e7195b6b733d9110b408f075d
216772b72be47c45b2b975cc6d2ca591798cd09a
b0fa502976056ad9b9613c59d1f264b70da06afe9f3a03321602dfeb1575b158
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /assets/bg-b0fa5029.png HTTP/1.1
Host: b.ljym1k.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.ljym1k.icu/assets/Index-16b09b8b.css
Cookie: Hm_lvt_56999c069800319574299541bbc6f466=1713238609; Hm_lpvt_56999c069800319574299541bbc6f466=1713238609
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 03:36:50 GMT
content-type: image/png
content-length: 88534
last-modified: Mon, 18 Mar 2024 08:59:39 GMT
etag: "65f8027b-159d6"
expires: Sat, 04 May 2024 13:03:25 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
b.ljym1k.icu/assets/bg.png
35.220.255.95404 Not Found 146 B URL GET HTTP/2 b.ljym1k.icu/assets/bg.png
IP 35.220.255.95:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subjectb.ljym1k.icu
FingerprintF6:49:AC:86:43:80:9E:C1:5E:73:9F:08:23:C1:67:D3:EC:B9:93:2F
ValidityMon, 15 Apr 2024 07:10:24 GMT - Sun, 14 Jul 2024 07:10:23 GMT
File type HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /assets/bg.png HTTP/1.1
Host: b.ljym1k.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.ljym1k.icu/
Cookie: Hm_lvt_56999c069800319574299541bbc6f466=1713238609; Hm_lpvt_56999c069800319574299541bbc6f466=1713238609
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 16 Apr 2024 03:36:50 GMT
content-type: text/html
content-length: 146
X-Firefox-Spdy: h2
wsadmu.icu/wsapi/channel/messagesync
47.76.254.147200 OK 0 B URL POST HTTP/2 wsadmu.icu/wsapi/channel/messagesync
IP 47.76.254.147:443
ASN #45102 Alibaba US Technology Co., Ltd.
Certificate IssuerLet's Encrypt
Subjectwsadmu.icu
FingerprintFF:CF:67:C3:CD:17:8B:D2:98:5F:F5:E4:43:CE:2A:B3:38:93:DC:49
ValiditySat, 16 Mar 2024 04:52:09 GMT - Fri, 14 Jun 2024 04:52:08 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /wsapi/channel/messagesync HTTP/1.1
Host: wsadmu.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://b.ljym1k.icu/
Origin: https://b.ljym1k.icu
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Tue, 16 Apr 2024 03:36:51 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, token, accept, origin, Cache-Control, X-Requested-With, appid, noncestr, sign, timestamp
access-control-allow-methods: POST, OPTIONS, GET, PUT,DELETE,PATCH
access-control-allow-origin: *
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
wsadmu.icu/wsapi/channel/messagesync
47.76.254.147200 OK 66 B URL POST HTTP/2 wsadmu.icu/wsapi/channel/messagesync
IP 47.76.254.147:443
ASN #45102 Alibaba US Technology Co., Ltd.
Certificate IssuerLet's Encrypt
Subjectwsadmu.icu
FingerprintFF:CF:67:C3:CD:17:8B:D2:98:5F:F5:E4:43:CE:2A:B3:38:93:DC:49
ValiditySat, 16 Mar 2024 04:52:09 GMT - Fri, 14 Jun 2024 04:52:08 GMT
Hash 2b23a9b90345473b8052b5e2c1841fc4
cd98328d7d120665cc77c4bf46bf2a3186b2453e
bb4f9144a8cbfa2e83d65e879979bc37e93824f9941fd90bd91be954ce2309fc
POST /wsapi/channel/messagesync HTTP/1.1
Host: wsadmu.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 126
Origin: https://b.ljym1k.icu
DNT: 1
Connection: keep-alive
Referer: https://b.ljym1k.icu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 03:36:52 GMT
content-type: application/json; charset=utf-8
content-length: 66
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, token, accept, origin, Cache-Control, X-Requested-With, appid, noncestr, sign, timestamp
access-control-allow-methods: POST, OPTIONS, GET, PUT,DELETE,PATCH
access-control-allow-origin: *
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
wsadmu.icu/api/webhook?event=msg.reload
47.76.254.147200 OK 228 B URL POST HTTP/2 wsadmu.icu/api/webhook?event=msg.reload
IP 47.76.254.147:443
ASN #45102 Alibaba US Technology Co., Ltd.
Certificate IssuerLet's Encrypt
Subjectwsadmu.icu
FingerprintFF:CF:67:C3:CD:17:8B:D2:98:5F:F5:E4:43:CE:2A:B3:38:93:DC:49
ValiditySat, 16 Mar 2024 04:52:09 GMT - Fri, 14 Jun 2024 04:52:08 GMT
Hash 6c0de1a429b220270b36e71a44ed7b37
6dd8592be830a7666efe859d32dd6cdab592e347
f43e7ebdffb361abfdd43895de59ab67ca46daafdb1c3fd227df51fa7c7328d5
POST /api/webhook?event=msg.reload HTTP/1.1
Host: wsadmu.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 128
Origin: https://b.ljym1k.icu
DNT: 1
Connection: keep-alive
Referer: https://b.ljym1k.icu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json
cache-control: no-cache, private
date: Tue, 16 Apr 2024 03:36:51 GMT
x-ratelimit-limit: 60
x-ratelimit-remaining: 57
access-control-allow-origin: *
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
b.ljym1k.icu/assets/duihua-1ccb10f9.svg
35.220.255.95200 OK 88 kB URL GET HTTP/2 b.ljym1k.icu/assets/duihua-1ccb10f9.svg
IP 35.220.255.95:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subjectb.ljym1k.icu
FingerprintF6:49:AC:86:43:80:9E:C1:5E:73:9F:08:23:C1:67:D3:EC:B9:93:2F
ValidityMon, 15 Apr 2024 07:10:24 GMT - Sun, 14 Jul 2024 07:10:23 GMT
File type SVG Scalable Vector Graphics image
Hash 2b9f4599159760a9ae92a6590c5b07af
d4ed568e8ea865a2073eeb8627bfddf4fac4a36b
1ccb10f9123fed78b3f869177d478d6ab5906600d51f41677dff0b4a40d635ab
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /assets/duihua-1ccb10f9.svg HTTP/1.1
Host: b.ljym1k.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.ljym1k.icu/assets/Index-16b09b8b.css
Cookie: Hm_lvt_56999c069800319574299541bbc6f466=1713238609; Hm_lpvt_56999c069800319574299541bbc6f466=1713238609
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 03:36:53 GMT
content-type: image/svg+xml
content-length: 88240
last-modified: Wed, 10 Apr 2024 14:02:50 GMT
etag: "66169c0a-158b0"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
b.ljym1k.icu/assets/Index-23339c69.js
35.220.255.95200 OK 46 kB URL GET HTTP/2 b.ljym1k.icu/assets/Index-23339c69.js
IP 35.220.255.95:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subjectb.ljym1k.icu
FingerprintF6:49:AC:86:43:80:9E:C1:5E:73:9F:08:23:C1:67:D3:EC:B9:93:2F
ValidityMon, 15 Apr 2024 07:10:24 GMT - Sun, 14 Jul 2024 07:10:23 GMT
File type gzip compressed data, from Unix
Hash a79e837b5e2de8ced53c1d339756600a
94691247d458ca25752bf21da57d53914c7d4db3
4a0082f1241b0e4fa01f8040454d324c2ed4ab9a08acae59927753ee0564243b
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /assets/Index-23339c69.js HTTP/1.1
Host: b.ljym1k.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b.ljym1k.icu/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 03:36:47 GMT
content-type: application/javascript
last-modified: Wed, 10 Apr 2024 14:02:50 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"66169c0a-dc52"
expires: Tue, 16 Apr 2024 11:50:58 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-101-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml
35.244.181.201 444 B URL aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-101-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml
IP 35.244.181.201:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type XML 1.0 document, ASCII text, with very long lines (332)
Hash 3b324dec137a87ef7e24a30a65b13dd0
c0faa95b2f1018e264b3a14aaf50d1003e6c27b3
6cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463
GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-101-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-05-20-00-15-28.chain; p384ecdsa=pCy52D43BJ0t5ES_XAZ8gg2l0tpSlLdEGZ1MVmqoQcri8OlX-B8nD_AA2s_s1F9GARUcJc-nji6Ckyd49bZBEtlRuSdg8y8hfUiZtnl6Mk2JDonulN534bf1SXqZSvCp
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: EXPIRED
content-encoding: gzip
via: 1.1 google
date: Tue, 16 Apr 2024 03:36:24 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
content-length: 444
age: 40
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2
b.ljym1k.icu/assets/laba-441f0c04.svg
35.220.255.95200 OK 2.5 kB URL GET HTTP/2 b.ljym1k.icu/assets/laba-441f0c04.svg
IP 35.220.255.95:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subjectb.ljym1k.icu
FingerprintF6:49:AC:86:43:80:9E:C1:5E:73:9F:08:23:C1:67:D3:EC:B9:93:2F
ValidityMon, 15 Apr 2024 07:10:24 GMT - Sun, 14 Jul 2024 07:10:23 GMT
File type SVG Scalable Vector Graphics image
Hash c3277a7e19e9038f07a99f941b6fecb7
d55d4b5dcfd25e72be19d63507e7329e33cc4877
7c6739815f59ef6c73b56899a0bf56c32b1741f133ac36d10f7b034893062dca
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /assets/laba-441f0c04.svg HTTP/1.1
Host: b.ljym1k.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.ljym1k.icu/
Cookie: Hm_lvt_56999c069800319574299541bbc6f466=1713238609; Hm_lpvt_56999c069800319574299541bbc6f466=1713238609
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 03:36:50 GMT
content-type: image/svg+xml
content-length: 2499
last-modified: Wed, 10 Apr 2024 14:02:50 GMT
etag: "66169c0a-9c3"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
b.ljym1k.icu/assets/index-931903a7.css
35.220.255.95200 OK 524 kB URL GET HTTP/2 b.ljym1k.icu/assets/index-931903a7.css
IP 35.220.255.95:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subjectb.ljym1k.icu
FingerprintF6:49:AC:86:43:80:9E:C1:5E:73:9F:08:23:C1:67:D3:EC:B9:93:2F
ValidityMon, 15 Apr 2024 07:10:24 GMT - Sun, 14 Jul 2024 07:10:23 GMT
Size 524 kB (523956 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /assets/index-931903a7.css HTTP/1.1
Host: b.ljym1k.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.ljym1k.icu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 03:36:46 GMT
content-type: text/css
last-modified: Wed, 10 Apr 2024 14:02:50 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"66169c0a-7feb4"
expires: Tue, 16 Apr 2024 06:50:58 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
wsadmu.icu/ws/
47.76.254.147101 Switching Protocols 0 B IP 47.76.254.147:443
ASN #45102 Alibaba US Technology Co., Ltd.
Certificate IssuerLet's Encrypt
Subjectwsadmu.icu
FingerprintFF:CF:67:C3:CD:17:8B:D2:98:5F:F5:E4:43:CE:2A:B3:38:93:DC:49
ValiditySat, 16 Mar 2024 04:52:09 GMT - Fri, 14 Jun 2024 04:52:08 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ws/ HTTP/1.1
Host: wsadmu.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://b.ljym1k.icu
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: A0jXprPLPbMAFrAE3Ba35Q==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Tue, 16 Apr 2024 03:36:52 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: VEIFui6BtkqWnvQki6DgX4sewwM=
b.ljym1k.icu/index.css
35.220.255.95200 OK 327 kB IP 35.220.255.95:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subjectb.ljym1k.icu
FingerprintF6:49:AC:86:43:80:9E:C1:5E:73:9F:08:23:C1:67:D3:EC:B9:93:2F
ValidityMon, 15 Apr 2024 07:10:24 GMT - Sun, 14 Jul 2024 07:10:23 GMT
Size 327 kB (326636 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /index.css HTTP/1.1
Host: b.ljym1k.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.ljym1k.icu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 03:36:46 GMT
content-type: text/css
last-modified: Wed, 10 Apr 2024 14:02:50 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"66169c0a-4fbec"
expires: Tue, 16 Apr 2024 06:50:58 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
b.ljym1k.icu/assets/en-4020694c.js
35.220.255.95200 OK 2.5 kB URL GET HTTP/2 b.ljym1k.icu/assets/en-4020694c.js
IP 35.220.255.95:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subjectb.ljym1k.icu
FingerprintF6:49:AC:86:43:80:9E:C1:5E:73:9F:08:23:C1:67:D3:EC:B9:93:2F
ValidityMon, 15 Apr 2024 07:10:24 GMT - Sun, 14 Jul 2024 07:10:23 GMT
File type Unicode text, UTF-8 text, with very long lines (2535), with no line terminators
Hash ae3d4eb4f17a3f6d16e01753f483f39d
09363789ce856e8fe77d6b885c7b19062b996969
bcb520d74acbdc9cb36e3102ebca9d4b06cc1377f88440aedbfbffea00712891
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /assets/en-4020694c.js HTTP/1.1
Host: b.ljym1k.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.ljym1k.icu/assets/index-f7548255.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 03:36:47 GMT
content-type: application/javascript
last-modified: Wed, 10 Apr 2024 14:02:50 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"66169c0a-9a4"
expires: Tue, 16 Apr 2024 11:50:58 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
b.ljym1k.icu/assets/duihao-2f6339d6.png
35.220.255.95200 OK 18 kB URL GET HTTP/2 b.ljym1k.icu/assets/duihao-2f6339d6.png
IP 35.220.255.95:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subjectb.ljym1k.icu
FingerprintF6:49:AC:86:43:80:9E:C1:5E:73:9F:08:23:C1:67:D3:EC:B9:93:2F
ValidityMon, 15 Apr 2024 07:10:24 GMT - Sun, 14 Jul 2024 07:10:23 GMT
File type PNG image data, 461 x 464, 8-bit/color RGBA, non-interlaced
Hash fa20d34143683442dbb6dff3ddba3102
b2a5fac1718e47e661ebdcc8cdfba0b7b23ceef2
2f6339d62088f4c277cccfb6dc83c72f1db263c20f353e5201210d1a031402c7
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /assets/duihao-2f6339d6.png HTTP/1.1
Host: b.ljym1k.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.ljym1k.icu/
Cookie: Hm_lvt_56999c069800319574299541bbc6f466=1713238609; Hm_lpvt_56999c069800319574299541bbc6f466=1713238609
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 03:36:50 GMT
content-type: image/png
content-length: 17553
last-modified: Mon, 18 Mar 2024 08:59:39 GMT
etag: "65f8027b-4491"
expires: Sat, 04 May 2024 13:03:25 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
b.ljym1k.icu/app.css
35.220.255.95200 OK 240 kB IP 35.220.255.95:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subjectb.ljym1k.icu
FingerprintF6:49:AC:86:43:80:9E:C1:5E:73:9F:08:23:C1:67:D3:EC:B9:93:2F
ValidityMon, 15 Apr 2024 07:10:24 GMT - Sun, 14 Jul 2024 07:10:23 GMT
Size 240 kB (239722 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /app.css HTTP/1.1
Host: b.ljym1k.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.ljym1k.icu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 03:36:46 GMT
content-type: text/css
last-modified: Wed, 10 Apr 2024 14:02:50 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"66169c0a-3a86a"
expires: Tue, 16 Apr 2024 06:50:58 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
b.ljym1k.icu/assets/en-1fe2d0b7.png
35.220.255.95200 OK 300 kB URL GET HTTP/2 b.ljym1k.icu/assets/en-1fe2d0b7.png
IP 35.220.255.95:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerLet's Encrypt
Subjectb.ljym1k.icu
FingerprintF6:49:AC:86:43:80:9E:C1:5E:73:9F:08:23:C1:67:D3:EC:B9:93:2F
ValidityMon, 15 Apr 2024 07:10:24 GMT - Sun, 14 Jul 2024 07:10:23 GMT
File type PNG image data, 750 x 1621, 8-bit colormap, non-interlaced
Size 300 kB (300024 bytes)
Hash 31ccf89bf040de48419e9cb90f700471
f7e2df3a00b162c2336cf0c929e70894c684898b
1fe2d0b753d23b34cfb679553079b1a943e7cbf2277c5f86193f0346877c42af
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /assets/en-1fe2d0b7.png HTTP/1.1
Host: b.ljym1k.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.ljym1k.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 03:36:48 GMT
content-type: image/png
content-length: 300024
last-modified: Wed, 10 Apr 2024 14:02:50 GMT
etag: "66169c0a-493f8"
expires: Fri, 10 May 2024 14:20:59 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2