77-a7w.pages.dev/WhatsApp_files/video.png
188.114.97.1200 OK 16 kB URL GET HTTP/3 77-a7w.pages.dev/WhatsApp_files/video.png
IP 188.114.97.1:443
Requested by https://77-a7w.pages.dev/
Certificate IssuerGoogle Trust Services LLC
Subject77-a7w.pages.dev
Fingerprint27:9F:AD:D1:63:BF:D3:DB:04:54:56:C4:F7:18:99:C1:60:F5:0B:51
ValidityWed, 01 Nov 2023 09:41:09 GMT - Tue, 30 Jan 2024 09:41:08 GMT
File type PNG image data, 560 x 315, 8-bit colormap, non-interlaced\012- data
Hash 0c6ec69b054fdeb31cf3e5e10290fd8e
5b2d2ef0e3b5824addcc34d642769f5f14671411
d980ab372658f4c7c8f07d730ef6dc67e3fb3471f37928274f915c0308850994
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /WhatsApp_files/video.png HTTP/1.1
Host: 77-a7w.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://77-a7w.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 02:36:31 GMT
content-type: image/png
content-length: 16259
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "e8d82bc87223d31f958fe3a9e246895c"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rD7vTNfl7k6x%2F1wTbpkfUVbkuutYfufxLRXnfOOtxv8S5i2c0%2FdoVnmAlzXaZfpGQBATslvOJ1vnvpeqCG4B4cxzPze5m6qZqL7I1txOPaNSWvAeR9rrDJEVE12SnxXK7qvo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8300a988c89e56a5-OSL
alt-svc: h3=":443"; ma=86400
188.114.97.1200 OK 15 kB URL User Request GET HTTP/2 IP 188.114.97.1:443
Certificate IssuerGoogle Trust Services LLC
Subject77-a7w.pages.dev
Fingerprint27:9F:AD:D1:63:BF:D3:DB:04:54:56:C4:F7:18:99:C1:60:F5:0B:51
ValidityWed, 01 Nov 2023 09:41:09 GMT - Tue, 30 Jan 2024 09:41:08 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2394), with CRLF line terminators
Hash 774700eade250a0db1a82d817103a521
5f3ea0aaf1a45b2fa3928791f97b4dc9b4334b5c
ee155750d79cc6e49897188cacac2755a5286e0404e92935caa50045840be374
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET / HTTP/1.1
Host: 77-a7w.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 02:36:31 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"03aa4e9d5e30bf7710c0eb6ea9bbbd4f"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vXivR5xlb91Wu5tgF%2B%2Bw%2Fed%2BOyJPylmWfhVnG6itEsMS3i7ur4eEoNgEFbkZvZ57uQARu86acRWkCkO1TM1gzA2TmHY26s%2BKCUgBsYh8gcMWXM2PqmO72%2BOWcV0BhY%2BNrW0U"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8300a9856e8eb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
web.whatsapp.com/img/favicon_c5088e888c97ad440a61d247596f88e5.png
31.13.72.52400 Bad Request 2.5 kB URL GET HTTP/2 web.whatsapp.com/img/favicon_c5088e888c97ad440a61d247596f88e5.png
IP 31.13.72.52:443
Requested by https://77-a7w.pages.dev/
Certificate IssuerDigiCert Inc
Subject*.whatsapp.net
FingerprintDC:CD:62:0B:B0:45:06:9A:37:69:F2:D2:F7:36:42:7A:D6:E6:7B:50
ValidityTue, 12 Sep 2023 00:00:00 GMT - Mon, 11 Dec 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2793)
Hash f1ac791356b3b6a884f9d3341fabe1da
85c8d6a72ce89e3254dea435474c3ee04d0c8cbd
87d28f909a65f055c786a96751a9e3467ff378c56f9d38f5cffcfdaf0d724f1d
GET /img/favicon_c5088e888c97ad440a61d247596f88e5.png HTTP/1.1
Host: web.whatsapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://77-a7w.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 400 Bad Request
content-encoding: br
reporting-endpoints:
cross-origin-opener-policy: unsafe-none
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: text/html; charset="utf-8"
x-fb-debug: x7Ic8/7z6Qh0a2UT9k74RTjeV5MexWfsIyLaRpMaiXfgIay860FYH2nS/hJNKJc5XAQ1Jycr5pLBUk32R5+S9g==
content-length: 2460
proxy-status: http_request_error; e_clientaddr="AcJfxwKQYUffda0zrlhX7y7vlS4jXvnu0ho-K6DwWFW1cqTBBghbU0Vg9sGvFkk9nPN6wCew9qvOdQ1OVKVf50sHXb4u9b_rIEixIiHqlxPG5xF0Sg"; e_fb_vipport="AcLGglVvulTpuuk-5RjKDTojHSMCoDZHnt6DW_Pt9I-55NxipSIiz4rPC354"; e_upip="AcKB8_vPIsybS9q9bYrWjI4X4bcCabP56wkzWzzpMlNjTbLEZokFI3OrdZip-i6sGnoFN7JVnIg6kYK__E6FR_VQOqRPxSDW7Xk"; e_fb_hostheader="AcJp-kXNemHAssAczAN-uDb0ucX5x-zyEVMOlaCA-0Vb9AxbFUme8G6-cOvudzFGwVMSsoXdyZ3aiw"; e_fb_vipaddr="AcJx7fnBvIYYpbfzuKSIfI-4Xkeko08NAH3_okjzU2TSOKd9SwpcDrHTStG4ssXgCA3sEYPvLjNtsj42PKQFBCloXgibndMHiw"; e_fb_requesthandler="AcKoK8ZXVUx0Y6_h7WBKcfNmn9QU2yInqlZsGdMXpE9RTj7066R5kH89Uc2IAdNi7D1xseNdBKE"; e_fb_builduser="AcL5dgmamMQ_BBBc7kTVVZXBeqT1p9MokMIGqIAVFnL1WOq7WIqtNeOoB0rkqg0YHUY"; e_fb_binaryversion="AcLebihuY8tkz_5wnaOvK8hkpRQlUiCD1bh_u4_f8lZQ-4jp8V1WcKuty1KCVepAm3q9DMLxxdkmvwYtovPPuz40OZ5oP1H4sbo"; e_proxy="AcKZFjEMVkFtLpSv06VhTGhGQd59lAe7ZF0nDl-8FuyFsmf-BlFQOZXLDcdRcg9IdpjFGm2SQEFiGYQtF3Ed", http_request_error; e_clientaddr="AcI6MA3rbTzBlS566os8JHYZ_tmWlAVn2CKL7Txkp9nScWM6uGTHOcGhemTyzCTHbUFpJb6QLtOaeTCZ"; e_fb_vipport="AcJwB037_r5S5wXWsD8MZKdNf2fWenmOFlSixWswI6xvT84kUIFHocdj8SXx"; e_upip="AcJsbMdubsutxvJvCt5Lz8-Bx3lJir1kYh2vVeIbdj26BdLdHyY4sm_jtwyHd37N_qmMb0d8wmy2-n7xSVnC-xFrSYUaRUS5PQ"; e_fb_hostheader="AcJFHa3keM9GfzzEpgelCgwD476PhBauH2Ooau0PM3hYOo_aGpeJra0GTvmNAD2x9CruwY95vS3lHA"; e_fb_vipaddr="AcKuThqX4UV5OPaGQx-6M5oc0b4z2HVpMmjfGhVeJjzXDS6fz3ReClCnBiDvVXqteEKd2WE"; e_fb_requesthandler="AcJBC5OtXUtt-Xt7P9MSM3Be-5N5c5yQeNruZIN7Dw89wQYp5GJgNtadr8K3O5Po3z70yEEx"; e_fb_builduser="AcKXmLxnfZ4EwNFUZjuqDW9QNAH0fiekJuQwWiAifZaLyO7mbM3L7g8fYmvLHs--Tv0"; e_fb_binaryversion="AcIfooXQrPCLJhNIn7JSe3X6UXOI-huhcjlDEZ5Sp128qeyqY9X3P0zIfznq8aIhl2FXQbLQ_PJSfsi49GKpRy-oQ-5nFXG-RE4"; e_proxy="AcL2pcozBDWnuhuAZgSeRW6P_1DFfozoUsqGovZun-4TquUBwgR9vszyKEDS-jwlrJ9QAgMah6cd0b4"
date: Mon, 04 Dec 2023 02:36:32 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
web.whatsapp.com/apple-touch-icon.png
31.13.72.52400 Bad Request 2.5 kB URL GET HTTP/2 web.whatsapp.com/apple-touch-icon.png
IP 31.13.72.52:443
Requested by https://77-a7w.pages.dev/
Certificate IssuerDigiCert Inc
Subject*.whatsapp.net
FingerprintDC:CD:62:0B:B0:45:06:9A:37:69:F2:D2:F7:36:42:7A:D6:E6:7B:50
ValidityTue, 12 Sep 2023 00:00:00 GMT - Mon, 11 Dec 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2793)
Hash f1ac791356b3b6a884f9d3341fabe1da
85c8d6a72ce89e3254dea435474c3ee04d0c8cbd
87d28f909a65f055c786a96751a9e3467ff378c56f9d38f5cffcfdaf0d724f1d
GET /apple-touch-icon.png HTTP/1.1
Host: web.whatsapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://77-a7w.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 400 Bad Request
content-encoding: br
reporting-endpoints:
cross-origin-opener-policy: unsafe-none
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: text/html; charset="utf-8"
x-fb-debug: JI4E89F0qUUXWBVD4f9l+8u6uHkmlGi2HqAd3VL341sJ1TPbEyJNkFHrC8kRZ6y8QfpjtnoaCY8rygMQtDAQZg==
content-length: 2460
proxy-status: http_request_error; e_clientaddr="AcIrDlCRwrOUY-yqVOeAghBrJiRARKPj77AJvG9eH1LFGrM0tNai1rDzXtsi74bCFWTQIadlXU-2cRIn9jKMB0rw7ijLSn_J1YECD4nxtnCwYVFUuw"; e_fb_vipport="AcJYSMQbb2T0p9Jur265vSLZh2a4_Tu9y9kDeo3CKVb3etWppqXl9QLUDQ5V"; e_upip="AcL3CSeqSqxbMMOZoW0GTErRe9lSxp9mU1obiQZjCY-0tKdfFtwlmBq5BMYZXNWJj-tVYjI9x_k4lFJcRjVMNEFRM_a6mz-Z8pM"; e_fb_hostheader="AcLKByAWgYmR0CFodE1vgLS_r3jel3vv2t8HyAVVxsmCq6hHXMZQLq_Yl-pDFaY9egaLXQKh7aSGIw"; e_fb_vipaddr="AcIuHEbeb7OtMiWv1Sxw5Hkq4ud6R-PqVW45FhcYHmFncEQHkm6yBdybasqp351vnOAaMpzpBT2CMKMqcxH5uUsa-rWgz6_IFQ"; e_fb_requesthandler="AcJ8WwW49N4mwSR1knIDmDBYDRIOrpmQ58qGQ3n2tl4IrF3tp6bISYEtL4aVSLWK_k6nSUx2340"; e_fb_builduser="AcLM5HRS-uN8pfjvyGZZh6KWxH_W5a1TAUcdt4GYWTQ4Vz7ObIKnM_WQyiYiVNuzSGo"; e_fb_binaryversion="AcJ-xmn1MNeec-fSDGoh8t7XT2u1qyc-o9frzxi2Vc1VLReP9Su9wcDbeOr2Kakgu9FWar33akIiiiyDmarmqeMCjBFYK9Z30EA"; e_proxy="AcIYsSraUS6F0bRaegSV_g26a-XXpdy867U9qwEBsTKkoh4lcpK_zF0I0wek1OmDYD2X62-ipA-p5u6AmejS", http_request_error; e_clientaddr="AcI8Evx803OAO7DqvvIMGdJOqfmFfXYvNDh69DoghpVnqLNjXET4tJuo0QnpwXn9rZPgalWbonz2x_KF"; e_fb_vipport="AcLPEshGMM61DnkpySIcBIvQkzy1yWkhg__ff9WiJN2Xe6PoI0My6LWmtSiy"; e_upip="AcLStgdcMgGZkCFGgDNyuLBZxH3JZhwm348k2ftQDTQ66-F6M7EllSfnm78Y1CmKKywJcAq-DFQMwMHM7t1Xp_d4tYnPGIfLew"; e_fb_hostheader="AcJUYl1AxbG9V7Q2RNUqQWc2UPVBmTsqgqCNVmNSaBKMaaUTlnMxV4Ch5_lUrRgkPYBHgYK1qtVeTQ"; e_fb_vipaddr="AcIhWAeSGJEJT6SLq_m5Vm4Jthz2WQelmSnaMimBZgR1z2_XKLPKg8EVDW_4er5V7CGT1ok"; e_fb_requesthandler="AcLoekGUJ8lgSDnCbnKss3C0QBvGau6vQMWiwR7avGwdq79qOoM6SQxD-OzOUaVa-z7lXEVl"; e_fb_builduser="AcI3Srqn0b1SLk9tyE4WhU_j-XCjsgR2TEhAw5_rWN6tKF7pI0dPkWCG-BJlGjTUt_k"; e_fb_binaryversion="AcKpx7N9qE0Er17lwuxvHCDigKZyaS-h4VV_v1Ejbnk1vaYqFytj6VtZSrO3YcLNbCJqqacTnRBtpNEnNb4U7sibMnR8W1f-5fQ"; e_proxy="AcLV3stDj_NkWkeLXFIqzSm284tjJtCTmbwefbYCHKwoPJ1yamyZwz461E3wWb2MZJw0mB3NJiYJytU"
date: Mon, 04 Dec 2023 02:36:32 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
77-a7w.pages.dev/jquery.cookie.js
188.114.97.1200 OK 3.1 kB URL GET HTTP/3 77-a7w.pages.dev/jquery.cookie.js
IP 188.114.97.1:443
Requested by https://77-a7w.pages.dev/
Certificate IssuerGoogle Trust Services LLC
Subject77-a7w.pages.dev
Fingerprint27:9F:AD:D1:63:BF:D3:DB:04:54:56:C4:F7:18:99:C1:60:F5:0B:51
ValidityWed, 01 Nov 2023 09:41:09 GMT - Tue, 30 Jan 2024 09:41:08 GMT
File type ASCII text, with very long lines (3439), with no line terminators
Hash c776f7843da058a9030aea314d49613f
b91ca11b466e153f05219e5e1a1e9f4348b2cc14
573c67cf9289d24e8756d0f86d37652e7f2383233ad50dca47f2ae5382923735
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /jquery.cookie.js HTTP/1.1
Host: 77-a7w.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://77-a7w.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 02:36:31 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"ccdb2dc189ac698dd8a582a4291c7451"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hj%2BIP8dwoIH5Hs5frBrdJxioHd2zPJeddBM%2BOlUPtq1kARpv0K6ftKiqg3jsipS9UYw3n57a8HoP%2B21u9cNyUbABCdQbw%2Bfmb99dd%2BLx9Ub1xEzS3VBAQBYyBfP1KZH5TGrP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8300a988c89a56a5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
77-a7w.pages.dev/WhatsApp_files/libsignal-protocol-ee5b8ba.min.js
188.114.97.1200 OK 250 kB URL GET HTTP/3 77-a7w.pages.dev/WhatsApp_files/libsignal-protocol-ee5b8ba.min.js
IP 188.114.97.1:443
Requested by https://77-a7w.pages.dev/
Certificate IssuerGoogle Trust Services LLC
Subject77-a7w.pages.dev
Fingerprint27:9F:AD:D1:63:BF:D3:DB:04:54:56:C4:F7:18:99:C1:60:F5:0B:51
ValidityWed, 01 Nov 2023 09:41:09 GMT - Tue, 30 Jan 2024 09:41:08 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 250 kB (249969 bytes)
Hash 8ab914b33a56ffa80ca1de0819a70684
0a103d668f19bd5529de831446389eabd85f3550
b32cb4726155800367b1e44af2fd940b77aed84cc9baa11c0381bf35dd993c98
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /WhatsApp_files/libsignal-protocol-ee5b8ba.min.js HTTP/1.1
Host: 77-a7w.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://77-a7w.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 02:36:32 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"8a9ebdc63ef791fcc4d7fc80f12ae130"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NbQNriwMP7v25ZBf5SH8avFMGsCCRa2PPHxdJjB8uVUmN3lBv%2BM%2FzCPn%2F2KzzsBSM5as%2Bjg5PXzYNdjahUDSxNcIm4nrxFDNSyX%2B7gLMFop3AxJceN4sS9le7enGviiqI1uq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8300a988c89f56a5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
77-a7w.pages.dev/jquery.min.js
188.114.97.1200 OK 93 kB URL GET HTTP/3 77-a7w.pages.dev/jquery.min.js
IP 188.114.97.1:443
Requested by https://77-a7w.pages.dev/
Certificate IssuerGoogle Trust Services LLC
Subject77-a7w.pages.dev
Fingerprint27:9F:AD:D1:63:BF:D3:DB:04:54:56:C4:F7:18:99:C1:60:F5:0B:51
ValidityWed, 01 Nov 2023 09:41:09 GMT - Tue, 30 Jan 2024 09:41:08 GMT
File type ASCII text, with very long lines (32072)
Hash e3f24f23b859cf718282e3806ed5ce38
c92a61cb4fbc23adb05973638f60e2999bed4a26
e0108076470765be9ef1e9b242b8a52ef78c8f4532c7263426abc05ea4b60240
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /jquery.min.js HTTP/1.1
Host: 77-a7w.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://77-a7w.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 02:36:32 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"0b037baf132504ce7005a11383470752"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cfEhMxPwFDbfgXKAeARP9FkSuqxBOD%2Bb1yxUzQXiJafod7%2F4lnbwlz66RwYFHKNW3crPe8UsGYAJ6p5yHX8JXH4S%2Fvz1v3yZaT1kn7l86wMlwWV1pgiC4m6VPP7YarW2UlDQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8300a988c89956a5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
77-a7w.pages.dev/WhatsApp_files/bootstrap_qr-e2b403f65ed52d327e90.css
188.114.97.1200 OK 177 kB URL GET HTTP/3 77-a7w.pages.dev/WhatsApp_files/bootstrap_qr-e2b403f65ed52d327e90.css
IP 188.114.97.1:443
Requested by https://77-a7w.pages.dev/
Certificate IssuerGoogle Trust Services LLC
Subject77-a7w.pages.dev
Fingerprint27:9F:AD:D1:63:BF:D3:DB:04:54:56:C4:F7:18:99:C1:60:F5:0B:51
ValidityWed, 01 Nov 2023 09:41:09 GMT - Tue, 30 Jan 2024 09:41:08 GMT
Size 177 kB (176830 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /WhatsApp_files/bootstrap_qr-e2b403f65ed52d327e90.css HTTP/1.1
Host: 77-a7w.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://77-a7w.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 02:36:32 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"03e94140affd61cffcdc0cc2d7d64da0"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zSbzFE2NX6iBFYPRkQjWeQdy2c6nzsIs%2F8d%2BS39gdnJKPKEah%2BLRCvWPGjA6RGeGwsMnjB9vFsHhrTYZMx7XMJQi42izq24NoNSEbgwbtbdYWL2tfoXQ7N%2FJMTpjQuWmHL5r"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8300a988b89756a5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
77-a7w.pages.dev/WhatsApp_files/bootstrap_main.9d6050e3d2fff5b782d3.css
188.114.97.1200 OK 231 kB URL GET HTTP/3 77-a7w.pages.dev/WhatsApp_files/bootstrap_main.9d6050e3d2fff5b782d3.css
IP 188.114.97.1:443
Requested by https://77-a7w.pages.dev/
Certificate IssuerGoogle Trust Services LLC
Subject77-a7w.pages.dev
Fingerprint27:9F:AD:D1:63:BF:D3:DB:04:54:56:C4:F7:18:99:C1:60:F5:0B:51
ValidityWed, 01 Nov 2023 09:41:09 GMT - Tue, 30 Jan 2024 09:41:08 GMT
Size 231 kB (230953 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /WhatsApp_files/bootstrap_main.9d6050e3d2fff5b782d3.css HTTP/1.1
Host: 77-a7w.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://77-a7w.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 02:36:32 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"f2144f69865583616f03de95fe1b8096"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7CtJt24JRyyY1OWGJ3BZWt0Nff1RraPwofJlV%2Fwureib%2B2I%2BSIaxu%2Fy7zcWsLdStfW8Jh13rbXlBT5iE5w8ssEX9HruJ6LFO3kDO5TTbk7ZmEQCSKMSH6ZpK6MMcoD6XLn6j"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8300a988c89856a5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
ecs.zongdiao2.cyou/socket/993kZcOQO4bRJJ0R8RoyZCT1wtNDWasI
0.0.0.0 0 B URL GET ecs.zongdiao2.cyou/socket/993kZcOQO4bRJJ0R8RoyZCT1wtNDWasI
IP 0.0.0.0:0
Requested by https://77-a7w.pages.dev/
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket/993kZcOQO4bRJJ0R8RoyZCT1wtNDWasI HTTP/1.1
Host: ecs.zongdiao2.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://77-a7w.pages.dev
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: a+xJvDglN+AyL4DOnMRZ8w==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
77-a7w.pages.dev/WhatsApp_files/stylex-2d46744708947781f1f33a0069cbc308.css
188.114.97.1200 OK 116 kB URL GET HTTP/3 77-a7w.pages.dev/WhatsApp_files/stylex-2d46744708947781f1f33a0069cbc308.css
IP 188.114.97.1:443
Requested by https://77-a7w.pages.dev/
Certificate IssuerGoogle Trust Services LLC
Subject77-a7w.pages.dev
Fingerprint27:9F:AD:D1:63:BF:D3:DB:04:54:56:C4:F7:18:99:C1:60:F5:0B:51
ValidityWed, 01 Nov 2023 09:41:09 GMT - Tue, 30 Jan 2024 09:41:08 GMT
File type ASCII text, with very long lines (937)
Size 116 kB (116339 bytes)
Hash ce08c431738ca6a8561b1c58a35b0b70
46628f24522fd5f7891a61a3668cde2aaaa80dd6
d3889a9a244c69018e4848bffa27b76845ca2c34813976342d4b122e6533bbca
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /WhatsApp_files/stylex-2d46744708947781f1f33a0069cbc308.css HTTP/1.1
Host: 77-a7w.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://77-a7w.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 02:36:32 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"65cf534a072c0cdda7d1094f883a9072"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tRBJcr0B0pNJp1K8OccutMyj21NdjX%2F33RyMSaY0zaTZieWBPeX3Y8tDuBjkInX%2BALKAScLyNxekBHa%2FKfV3Dyzy00a9oVealABmVwKyNuJZ%2Fd6%2FgbTWPEK3AdpgnHy18C7Q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8300a988b89656a5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
77-a7w.pages.dev/qrcode.min.js
188.114.97.1200 OK 20 kB URL GET HTTP/3 77-a7w.pages.dev/qrcode.min.js
IP 188.114.97.1:443
Requested by https://77-a7w.pages.dev/
Certificate IssuerGoogle Trust Services LLC
Subject77-a7w.pages.dev
Fingerprint27:9F:AD:D1:63:BF:D3:DB:04:54:56:C4:F7:18:99:C1:60:F5:0B:51
ValidityWed, 01 Nov 2023 09:41:09 GMT - Tue, 30 Jan 2024 09:41:08 GMT
File type ASCII text, with very long lines (19927), with no line terminators
Hash 517b55d3688ce9ef1085a3d9632bcb97
2d06c1f823f34c19981c6ae0b0eb0f5861c5e14b
c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /qrcode.min.js HTTP/1.1
Host: 77-a7w.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://77-a7w.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 02:36:31 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"7ada293847f072170f0c5a32bd67bad3"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dnh0%2FrjoyWpr6nhFZKYBwpaQ1ec%2F6nwuw%2B4tjHCFP%2BvM6AsyAES%2B%2FdrTrp1V2cgqZu2XTu6vkDw7bVK%2BcDb1Tobu%2FYB8YTNOQ0EmEub%2BvU%2Bmpp7N849G10ieecuWeWM8lBMo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8300a988c89d56a5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
77-a7w.pages.dev/WhatsApp_files/runtime.88c356058afe3d58a508.js
188.114.97.1200 OK 16 kB URL GET HTTP/3 77-a7w.pages.dev/WhatsApp_files/runtime.88c356058afe3d58a508.js
IP 188.114.97.1:443
Requested by https://77-a7w.pages.dev/
Certificate IssuerGoogle Trust Services LLC
Subject77-a7w.pages.dev
Fingerprint27:9F:AD:D1:63:BF:D3:DB:04:54:56:C4:F7:18:99:C1:60:F5:0B:51
ValidityWed, 01 Nov 2023 09:41:09 GMT - Tue, 30 Jan 2024 09:41:08 GMT
File type ASCII text, with very long lines (15564)
Hash 46e475d8d5495b3ad954747f1898efe9
c1672a101e0216f9cc585bc4ee4c0340a6cd8c77
cd00a8ee12254d2285a82ea490590610a500c867831301e8d91884f93ca3c564
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /WhatsApp_files/runtime.88c356058afe3d58a508.js HTTP/1.1
Host: 77-a7w.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://77-a7w.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 02:36:31 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"7430056c140c5b0c8d938cac5e9dfa97"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z4T64MEd7nGd7siUwysr%2FyezZGMoWQ%2FnPU24l5kyizpunJ%2BKuzDaZ%2FxCq6w0U7HZXMFUhUNWC3ygTtBV918a4XEzqOZK%2FptvLqFDKgDqFJUA6RwVKuIMu21SSdXaBlNKj8EZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8300a988c8a056a5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
77-a7w.pages.dev/WhatsApp_files/whatsapp-webclient-login_c09223f0813e7c3adc16476cba2a5d0d.mp4
188.114.97.1200 OK 223 kB URL GET HTTP/3 77-a7w.pages.dev/WhatsApp_files/whatsapp-webclient-login_c09223f0813e7c3adc16476cba2a5d0d.mp4
IP 188.114.97.1:443
Requested by https://77-a7w.pages.dev/
Certificate IssuerGoogle Trust Services LLC
Subject77-a7w.pages.dev
Fingerprint27:9F:AD:D1:63:BF:D3:DB:04:54:56:C4:F7:18:99:C1:60:F5:0B:51
ValidityWed, 01 Nov 2023 09:41:09 GMT - Tue, 30 Jan 2024 09:41:08 GMT
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size 223 kB (222826 bytes)
Hash 52d80340c4f288fac474413e8e3f725f
4739fa1319d9aaf649b29a1426a5ea4345742f71
4363d405db27a810b129bfa9782b02c74736814e59d4b10f6eafea62939ea2b1
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /WhatsApp_files/whatsapp-webclient-login_c09223f0813e7c3adc16476cba2a5d0d.mp4 HTTP/1.1
Host: 77-a7w.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Referer: https://77-a7w.pages.dev/
Range: bytes=0-
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 02:36:33 GMT
content-type: video/mp4
content-length: 1046450
access-control-allow-origin: *
etag: "9a466ed71eb9a4f544eff9ea30abbe52"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ycrnPtpZpyDamwT9%2Fi6yGfOw5nIvmr71tscotp7IpO1AEIoBoGDBDBEUPPwoKw4NHC4mKy0YE8mQEpaz4W3Sw00In75CIP3lQx6wUUUhco5WtJ0mj2yE7dzcEeIIxn7x7E3c"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8300a98f9aaf56a5-OSL
alt-svc: h3=":443"; ma=86400