| dfvs.pages.dev/WhatsApp_files/video.png | 188.114.97.1 | 200 OK | 16 kB |
URL GET HTTP/3dfvs.pages.dev/WhatsApp_files/video.png IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectdfvs.pages.dev FingerprintDF:1D:AE:67:C2:FE:A7:FE:A5:57:8E:63:0F:6C:F6:EC:3A:24:1B:45 ValiditySun, 22 Oct 2023 02:52:07 GMT - Sat, 20 Jan 2024 02:52:06 GMT
File typePNG image data, 560 x 315, 8-bit colormap, non-interlaced\012- data Hash0c6ec69b054fdeb31cf3e5e10290fd8e 5b2d2ef0e3b5824addcc34d642769f5f14671411 d980ab372658f4c7c8f07d730ef6dc67e3fb3471f37928274f915c0308850994
Analyzer | Verdict | Alert | OpenPhish | phishing | WhatsApp |
GET /WhatsApp_files/video.png HTTP/1.1
Host: dfvs.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfvs.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:36:46 GMT
content-type: image/png
content-length: 16259
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "e8d82bc87223d31f958fe3a9e246895c"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x1mdOx6GLDgQSkanNh92Kd3xjcE9BWYbm8qnWMkNOUD1tpSPS3OMwZ1V0oG9QkaUxohD3Ts7tpPWyshjbhy6HHojErGZTsMGOOeH0gz46bDS8GhvRgQarw%2BSUZ3LT53WJw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830159abc8edb4eb-OSL
alt-svc: h3=":443"; ma=86400
|
|
| dfvs.pages.dev/qrcode.min.js | 188.114.97.1 | 200 OK | 9.6 kB |
URL GET HTTP/3dfvs.pages.dev/qrcode.min.js IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectdfvs.pages.dev FingerprintDF:1D:AE:67:C2:FE:A7:FE:A5:57:8E:63:0F:6C:F6:EC:3A:24:1B:45 ValiditySun, 22 Oct 2023 02:52:07 GMT - Sat, 20 Jan 2024 02:52:06 GMT
File typeASCII text, with very long lines (19927), with no line terminators Hash517b55d3688ce9ef1085a3d9632bcb97 2d06c1f823f34c19981c6ae0b0eb0f5861c5e14b c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36
Analyzer | Verdict | Alert | OpenPhish | phishing | WhatsApp |
GET /qrcode.min.js HTTP/1.1
Host: dfvs.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfvs.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:36:46 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"7ada293847f072170f0c5a32bd67bad3"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Buyminh879SCGjwi60nWSF7Gb0IuWX1lVPN7eh8%2FVUia5hMm5o0S6yEozHiggdGGdWHwVJ9ZdlY6Wyw6YJKx2f3GZc0QvvZXY3SI9%2BJzZXlBUEWcUDYODkStYDhjpYPN3g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830159abc8ecb4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| dfvs.pages.dev/WhatsApp_files/libsignal-protocol-ee5b8ba.min.js | 188.114.97.1 | 200 OK | 92 kB |
URL GET HTTP/3dfvs.pages.dev/WhatsApp_files/libsignal-protocol-ee5b8ba.min.js IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectdfvs.pages.dev FingerprintDF:1D:AE:67:C2:FE:A7:FE:A5:57:8E:63:0F:6C:F6:EC:3A:24:1B:45 ValiditySun, 22 Oct 2023 02:52:07 GMT - Sat, 20 Jan 2024 02:52:06 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hash8ab914b33a56ffa80ca1de0819a70684 0a103d668f19bd5529de831446389eabd85f3550 b32cb4726155800367b1e44af2fd940b77aed84cc9baa11c0381bf35dd993c98
Analyzer | Verdict | Alert | OpenPhish | phishing | WhatsApp |
GET /WhatsApp_files/libsignal-protocol-ee5b8ba.min.js HTTP/1.1
Host: dfvs.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfvs.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:36:47 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"8a9ebdc63ef791fcc4d7fc80f12ae130"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4cM4%2Fav5iKXM%2Fo0kaR3pLBFaEGV3bUiXdJxnS8Ej%2BFpCLkthdgdzHI6iTulazUbWsqvJuhPPiHy3jApXvjUBjfENy3WAMV2MSMCErCVMcWE%2Fsbgv4YC6ilqiKNlBQFWkRA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830159abc8eeb4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| dfvs.pages.dev/WhatsApp_files/bootstrap_qr-e2b403f65ed52d327e90.css | 188.114.97.1 | 200 OK | 177 kB |
URL GET HTTP/3dfvs.pages.dev/WhatsApp_files/bootstrap_qr-e2b403f65ed52d327e90.css IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectdfvs.pages.dev FingerprintDF:1D:AE:67:C2:FE:A7:FE:A5:57:8E:63:0F:6C:F6:EC:3A:24:1B:45 ValiditySun, 22 Oct 2023 02:52:07 GMT - Sat, 20 Jan 2024 02:52:06 GMT
Size177 kB (176830 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | WhatsApp |
GET /WhatsApp_files/bootstrap_qr-e2b403f65ed52d327e90.css HTTP/1.1
Host: dfvs.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfvs.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:36:46 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"03e94140affd61cffcdc0cc2d7d64da0"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VGbUtVnm%2B7%2Bi6xfbk1C7wzWE%2BTYeazmXNlBGwEGVGxqdT6T%2Bv2JX6cFSGnuI%2F1%2BL2xPF7G5DNtnDzGQE7hyaTkSb4QAd8JgNurerraWZzkhOGXMJQwshcawLnZki%2BZyjog%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830159abb8e5b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| dfvs.pages.dev/jquery.min.js | 188.114.97.1 | 200 OK | 93 kB |
URL GET HTTP/3dfvs.pages.dev/jquery.min.js IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectdfvs.pages.dev FingerprintDF:1D:AE:67:C2:FE:A7:FE:A5:57:8E:63:0F:6C:F6:EC:3A:24:1B:45 ValiditySun, 22 Oct 2023 02:52:07 GMT - Sat, 20 Jan 2024 02:52:06 GMT
File typeASCII text, with very long lines (32072) Hashe3f24f23b859cf718282e3806ed5ce38 c92a61cb4fbc23adb05973638f60e2999bed4a26 e0108076470765be9ef1e9b242b8a52ef78c8f4532c7263426abc05ea4b60240
Analyzer | Verdict | Alert | OpenPhish | phishing | WhatsApp |
GET /jquery.min.js HTTP/1.1
Host: dfvs.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfvs.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:36:46 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"0b037baf132504ce7005a11383470752"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZXK54sk5yprtSaGHOIFQOwH0gvMUEWIwjPHVrLoS1KXMcvlr8kpPHFKu3ElQrMFff91w2eGfiNXezk5hM9y5rwyS3azJr06DgCCSUtbZ53DB9EQ6KLSno%2F%2BIE4jP0S9roQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830159abb8e8b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| dfvs.pages.dev/WhatsApp_files/runtime.88c356058afe3d58a508.js | 188.114.97.1 | 200 OK | 16 kB |
URL GET HTTP/3dfvs.pages.dev/WhatsApp_files/runtime.88c356058afe3d58a508.js IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectdfvs.pages.dev FingerprintDF:1D:AE:67:C2:FE:A7:FE:A5:57:8E:63:0F:6C:F6:EC:3A:24:1B:45 ValiditySun, 22 Oct 2023 02:52:07 GMT - Sat, 20 Jan 2024 02:52:06 GMT
File typeASCII text, with very long lines (15564) Hash46e475d8d5495b3ad954747f1898efe9 c1672a101e0216f9cc585bc4ee4c0340a6cd8c77 cd00a8ee12254d2285a82ea490590610a500c867831301e8d91884f93ca3c564
Analyzer | Verdict | Alert | OpenPhish | phishing | WhatsApp |
GET /WhatsApp_files/runtime.88c356058afe3d58a508.js HTTP/1.1
Host: dfvs.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfvs.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:36:46 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"7430056c140c5b0c8d938cac5e9dfa97"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iO%2BItCv1tE3ZZrfuzkOeT%2BzZtd9IQneFrXBbKBjjHLWo1roIjGJn7Y64AL7qCTI293qdgdmB3092g6nvGeaHUd9GOx58FwAySD38pFF%2FVrs1j6SF0gN8CjwrKGFozywHfw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830159abc8efb4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| dfvs.pages.dev/WhatsApp_files/whatsapp-webclient-login_c09223f0813e7c3adc16476cba2a5d0d.mp4 | 188.114.97.1 | 200 OK | 120 kB |
URL GET HTTP/3dfvs.pages.dev/WhatsApp_files/whatsapp-webclient-login_c09223f0813e7c3adc16476cba2a5d0d.mp4 IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectdfvs.pages.dev FingerprintDF:1D:AE:67:C2:FE:A7:FE:A5:57:8E:63:0F:6C:F6:EC:3A:24:1B:45 ValiditySun, 22 Oct 2023 02:52:07 GMT - Sat, 20 Jan 2024 02:52:06 GMT
File typeISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data Size120 kB (120093 bytes) Hash7c63a772d153447b0d1ca7feeb71c21e 3ecf2b457b531bd96ab555a3326b862bd44c80c2 24bcb3b3187006d93ed45b5fade6b859159984322bea9d34d5fade54240ed77c
Analyzer | Verdict | Alert | OpenPhish | phishing | WhatsApp |
GET /WhatsApp_files/whatsapp-webclient-login_c09223f0813e7c3adc16476cba2a5d0d.mp4 HTTP/1.1
Host: dfvs.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Referer: https://dfvs.pages.dev/
Range: bytes=0-
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:36:48 GMT
content-type: video/mp4
content-length: 1046450
access-control-allow-origin: *
etag: "9a466ed71eb9a4f544eff9ea30abbe52"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yg0zcqk8P9JBELrkXH31f5bbBQiKRcJDbSwOlsrQEw0RN9%2FxAjl8enGWuqJQOHhXINjUTcG5SccJMTOtYa5xLAhSREqbflNS78MzXKm5Aotnfk6tL6dYBz%2F2t4mjJAB%2ByQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830159b1aba0b4eb-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ecs.zongdiao3.cyou/socket/993kZcOQO4bRJJ0R8RoyZCT1wtNDWasI | 0.0.0.0 | | 0 B |
URL GET ecs.zongdiao3.cyou/socket/993kZcOQO4bRJJ0R8RoyZCT1wtNDWasI IP0.0.0.0:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket/993kZcOQO4bRJJ0R8RoyZCT1wtNDWasI HTTP/1.1
Host: ecs.zongdiao3.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://dfvs.pages.dev
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: XsWWeCGHcx64TtktYgN4nA==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
|
|
| web.whatsapp.com/apple-touch-icon.png | 31.13.72.52 | 400 Bad Request | 0 B |
URL GET HTTP/2web.whatsapp.com/apple-touch-icon.png IP31.13.72.52:443
CertificateIssuerDigiCert Inc Subject*.whatsapp.net FingerprintDC:CD:62:0B:B0:45:06:9A:37:69:F2:D2:F7:36:42:7A:D6:E6:7B:50 ValidityTue, 12 Sep 2023 00:00:00 GMT - Mon, 11 Dec 2023 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /apple-touch-icon.png HTTP/1.1
Host: web.whatsapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfvs.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 400 Bad Request
content-encoding: br
reporting-endpoints:
cross-origin-opener-policy: unsafe-none
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: text/html; charset="utf-8"
x-fb-debug: vHDrg1IH8ZNIL8fRq5dINZ8R3L2GADfWoUUb8r/3SVDaZegbvzaVBX8BTbEn/2e8boG6f8OxNbHtKLqcJ3Olyg==
content-length: 2460
proxy-status: http_request_error; e_clientaddr="AcJZpryGnyjIkKeMvn5MM9Ex0jycgIu27zNPZhx1c_xGAYsgtNs6TRl7YcLilSigLw417PMUVoCrIpd4okQ8N3ePYVmjwjJS-5qPyifyT-BAkfmUjQ"; e_fb_vipport="AcLZz5A_De6HL6LpkV-m0pXSSuerDj4W5UlLHu56rb7Io1gcpIGlGlHBCmiz"; e_upip="AcI5yplvT_8uff0-f9KMnijaYSeful49rLMKjds2FEN6D9NueL53zE3teUwh2-q4mkNcS49-PU_Ha9u7kvCvE08eg-HG8QTIYA"; e_fb_hostheader="AcJw0uZq7OLS6Xu7PkDbd679N8JkF8BwMty6TFRVKxFE4Au_qHp4YygP7H-JIjP7cACDqcwn3olIug"; e_fb_vipaddr="AcJhtYTfiR44hPokC4DuuZ_gR_kfuhWj0a1p_o-A2lyEVxqcu8t3AT-9sdWeR7ns9FPCebSjcAP6DchmYm_zv1FMHi7AOsmLwA"; e_fb_requesthandler="AcKYM7eRQ17B_v2BoWOzI5P9AgYbCDa1SbIYdSb3mgQhqfc_jR_ik8s0wyZB1xPl_z950f_LKfw"; e_fb_builduser="AcI8P-999_m-WyWEHxMJfNZr4cbVen8UZJLPmpUtb7L-qZ7Un8eFO4GJ8mDTtLk6oDw"; e_fb_binaryversion="AcI5FJsRuaJyP7N7fFH8JJvCO65O8BlNJr3gMi18kv7Ap0yHr0aSJHfDehDxQBOyCeHDUPjLY8xYcQ9GuAHhTsOk-XvXSMRrnG8"; e_proxy="AcKmdoWWlPiXHWAyT9OVBuDjhzsIOr3qm8naA3xEo6fuur_zURmOU6ewE2aGR4-UwZ-Wewdunh6zTAJmbAVY", http_request_error; e_clientaddr="AcLDISTWNrEauiVskvACBOXifxmQBBD-kWzd4uElelc02wPYm5Dl7NDGM43ZvXRfggF-BnJHVGOd9W0T"; e_fb_vipport="AcI3__M9DoZlrkziImokEUScCPZH-Fs-qMugrwdi2CL49lTPz04k1oIoBhlU"; e_upip="AcIBjBbF26TDzC3i9tJTcTVtl2amFOTQoYPPECa2fXsiAc0rz9k53DaVTj5mvKRDuDwtn3TklVUONLD5splp3bUpF9ovzeHtIA"; e_fb_hostheader="AcIyP3w8nyjOpC0nHmd9iJC1uzjP5cbnt66iG1O5pvpLhN0z9FzVGhS2gzNgfduzQYWMdok1rBqo7A"; e_fb_vipaddr="AcJvQ4oPftr1B9J_UrTIegv8QE58R_s_LnuYe5RBHTBfKuRwzfDHjyqv5opQo6GxPtlZ6Cc"; e_fb_requesthandler="AcIEIWURnPFBvbG_6HBDlE2awOcpF_S1Gsav983phf-fXr7yB6kpQg1qZS9AQGL5-djnJGsx"; e_fb_builduser="AcJwyX81XGAs1NgbkTQ6O1khSGgO0R_8n7pvz9upM5sKl9NgFFU78a4nkbZtdVPkh8s"; e_fb_binaryversion="AcJ89IOr8Jkw8qcs_4ZyU-ipvTSELM0lu67TpxI238TMl4KNlrr9iezHcZslCvsTZbLhzhS70weO39eTPhmjo3--Urrly62gASM"; e_proxy="AcKtMpt7k9yh4PrM7ld0m27078XpPn04Mduq2dJGB4C2NYO-C6E2nat1G7OYxRFoCbkDDCG7tbh0tU8"
date: Mon, 04 Dec 2023 04:36:47 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| web.whatsapp.com/img/favicon_c5088e888c97ad440a61d247596f88e5.png | 31.13.72.52 | 400 Bad Request | 0 B |
URL GET HTTP/2web.whatsapp.com/img/favicon_c5088e888c97ad440a61d247596f88e5.png IP31.13.72.52:443
CertificateIssuerDigiCert Inc Subject*.whatsapp.net FingerprintDC:CD:62:0B:B0:45:06:9A:37:69:F2:D2:F7:36:42:7A:D6:E6:7B:50 ValidityTue, 12 Sep 2023 00:00:00 GMT - Mon, 11 Dec 2023 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /img/favicon_c5088e888c97ad440a61d247596f88e5.png HTTP/1.1
Host: web.whatsapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfvs.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 400 Bad Request
content-encoding: br
reporting-endpoints:
cross-origin-opener-policy: unsafe-none
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: text/html; charset="utf-8"
x-fb-debug: D4+nYG4iqWIFkj2Ws8EWw1J3deQUhlP9JGOKi8fgBdIxxzldcOKZMsaORXB0XWBYUcW84se7BS01UFTtfnXaMw==
content-length: 2460
proxy-status: http_request_error; e_clientaddr="AcKURVgXbhDR_V4RXWjtLnvpuNctFTBwUiLBfiZh01eIBvcofuoLtSFjvTc37u-1toD9Ie3rXsyjiX5EKXByJPZfyrn8gWuZJttba2PVtkznkl2RmA"; e_fb_vipport="AcIR092zkKlrLyFyuzrPw5pUNmiQcN0qRGqphxoHFBPt73CNSH69Eff_SCsk"; e_upip="AcI40AUZvrxxLnaKtFwczeidTJYgrCodxmODY4QIhyYZ4dAzs5MX-k7zhmJFpN18ud_F1S6jCDlDcDNxz_8lMhg7j6dce42Zi4s"; e_fb_hostheader="AcJOWUrTW_0ngokdKX6Edy8PxtJLIMFRDZeBaopBoi7gYoP73fBA6EKrg5cN4EPsUyxgn7a7hy1-uw"; e_fb_vipaddr="AcI7VgAZ7d2Ao-yrpN1rxKZDTYgXXzcPpn6zsYvM5B2xbMKz7lwly1yWa-IV4DID4e_gPfiv-RdkaQYfrNwBQJCXBJ6clTef6w"; e_fb_requesthandler="AcIuetSvskjK6cORpXhn7YR27J4rdnoKQrW3lgCmbK572mtYxkEAfqvEpmlIi4s5ga98I1Uh-hc"; e_fb_builduser="AcJB0hWmzbzfflTfsokVMILadZgGWZyVFpoSCLh-zQc-MdStKTUc3rzvn9Mu9N-svtc"; e_fb_binaryversion="AcLXGuZzvM-gyYPUbAusi7Av1r4C2_-n8K1bKgVY5-rEeEia9WCbOOrsqmrDayLC1UQeTSQSplEWu4wkxYUVoo2ZSqXF75NVvLg"; e_proxy="AcKy4cyxEQqQHmZNPfwknsodSgHmw2d2oH5UKuSPiT0keyGXqMtWySSUDGAlbjmGkRJXvMZVDY0n-OWwbGvV", http_request_error; e_clientaddr="AcJgSfUFZF0ieWxBK_8gzTZQEI0wWtxAi8qQtiqIWmymXP2g_Vd_G8S0aJ6D7Ux46Ufkcam-vibHs_05"; e_fb_vipport="AcLAm0TRhKfi8zyD2ahYJwXl_KSJ6pEeO0jcJ3jbSByzn2pW_3qPasNOL6qF"; e_upip="AcIz80BxTKd5oTXuK_hZdPhvMq0LBuQNd2Xp_hlYrMKcCCkKYYzJWXTiG6ughPstRzx8JdXw8De-TGYjT0Khm-NjQx1TXUdvBQ"; e_fb_hostheader="AcIeEuTGEf0vGSjBUSYvJmIQTa3h4qsCO7k7w_6IsQLXPKRjKAZk7vuuJhIl8JUmjIsSUzho6Usvag"; e_fb_vipaddr="AcI4m6tb4YYdNIGS6G4txivu0Ewy3kBLn1Tu-aq5NVDjpHkLYmjlFH_q7JfLNCxnadDzc-g"; e_fb_requesthandler="AcJiIRFc_wuUL9XUY1-af2JAoJBsXUVm_hdSqzAGfGQmP6fapoY4zR7wvsxMV6RBLDoLej9e"; e_fb_builduser="AcI5h4rN25n_qIjO-VsLqbQsKDFQrl3touIdWGkGFu37bMlOCd0MIWoDlYfd80uISvQ"; e_fb_binaryversion="AcKPFIGElhXpFGQK_lwCZ7m53zHjpLZ6lTO4aH-f8PiR5FWmt6Evg0GzXgsMKCTn3Rj9Vb7aAp0-Pd1TfoXrouAkOiGxQQZxvAs"; e_proxy="AcL-IZu2P-54vwscROQDAjOc-od7fedXM7_sI7hiVeeGDK2iaZZ0t_W8HsmNM4xY7G0BWOwxRQ1s8Jo"
date: Mon, 04 Dec 2023 04:36:47 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| | 188.114.97.1 | 200 OK | 18 kB |
URL User Request GET HTTP/2IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectdfvs.pages.dev FingerprintDF:1D:AE:67:C2:FE:A7:FE:A5:57:8E:63:0F:6C:F6:EC:3A:24:1B:45 ValiditySun, 22 Oct 2023 02:52:07 GMT - Sat, 20 Jan 2024 02:52:06 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | WhatsApp |
GET / HTTP/1.1
Host: dfvs.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 04:36:45 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"aef97b8ad6deb8f097d1724fbc52a768"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0KNIoUmZYrJ08BXpi9fE9nfK1%2FUhwbZJwZypEs9UMaYFRkKPi6p8m%2FEJUpSxV7yO%2Fpfho1AlTdDjaAJqYeux2WKztsqP%2BWEXWsZVNbA6oXP3%2F8Cd7tahCa3IhyjiX7PhCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830159a81899b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| dfvs.pages.dev/WhatsApp_files/stylex-2d46744708947781f1f33a0069cbc308.css | 188.114.97.1 | 200 OK | 116 kB |
URL GET HTTP/3dfvs.pages.dev/WhatsApp_files/stylex-2d46744708947781f1f33a0069cbc308.css IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectdfvs.pages.dev FingerprintDF:1D:AE:67:C2:FE:A7:FE:A5:57:8E:63:0F:6C:F6:EC:3A:24:1B:45 ValiditySun, 22 Oct 2023 02:52:07 GMT - Sat, 20 Jan 2024 02:52:06 GMT
File typeASCII text, with very long lines (937) Size116 kB (116339 bytes) Hashce08c431738ca6a8561b1c58a35b0b70 46628f24522fd5f7891a61a3668cde2aaaa80dd6 d3889a9a244c69018e4848bffa27b76845ca2c34813976342d4b122e6533bbca
Analyzer | Verdict | Alert | OpenPhish | phishing | WhatsApp |
GET /WhatsApp_files/stylex-2d46744708947781f1f33a0069cbc308.css HTTP/1.1
Host: dfvs.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfvs.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:36:46 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"65cf534a072c0cdda7d1094f883a9072"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BG2HIn%2B498GMylZ3s%2Fdyn3r%2FTix8uPwvsonYoUc8cUUhUW%2Fjwq2UuaVd0NgjIehMKcckIdE%2FYrK1QyJhBof3KmqN17eUhN02%2B0C1L1dfz7t%2Fysnohw2LGVkl2yC%2F7n1bxg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830159abb8e4b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| dfvs.pages.dev/WhatsApp_files/bootstrap_main.9d6050e3d2fff5b782d3.css | 188.114.97.1 | 200 OK | 231 kB |
URL GET HTTP/3dfvs.pages.dev/WhatsApp_files/bootstrap_main.9d6050e3d2fff5b782d3.css IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectdfvs.pages.dev FingerprintDF:1D:AE:67:C2:FE:A7:FE:A5:57:8E:63:0F:6C:F6:EC:3A:24:1B:45 ValiditySun, 22 Oct 2023 02:52:07 GMT - Sat, 20 Jan 2024 02:52:06 GMT
Size231 kB (230953 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | WhatsApp |
GET /WhatsApp_files/bootstrap_main.9d6050e3d2fff5b782d3.css HTTP/1.1
Host: dfvs.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfvs.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:36:46 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"f2144f69865583616f03de95fe1b8096"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZpHWPTvHVXViEJxJ9fMyQXOz5bVKXNi5JuEup0B3prUP5%2B78%2FiqRKpsiuhZqydLgQ%2FV83OKOB2gdQMbpI7FQZ5tJ8hmu%2BrizP5hfwqVudmMT2HaIm%2F6Y8ZMFXDueXDsoDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830159abb8e6b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| dfvs.pages.dev/jquery.cookie.js | 188.114.97.1 | 200 OK | 3.1 kB |
URL GET HTTP/3dfvs.pages.dev/jquery.cookie.js IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectdfvs.pages.dev FingerprintDF:1D:AE:67:C2:FE:A7:FE:A5:57:8E:63:0F:6C:F6:EC:3A:24:1B:45 ValiditySun, 22 Oct 2023 02:52:07 GMT - Sat, 20 Jan 2024 02:52:06 GMT
File typeASCII text, with very long lines (3439), with no line terminators Hashc776f7843da058a9030aea314d49613f b91ca11b466e153f05219e5e1a1e9f4348b2cc14 573c67cf9289d24e8756d0f86d37652e7f2383233ad50dca47f2ae5382923735
Analyzer | Verdict | Alert | OpenPhish | phishing | WhatsApp |
GET /jquery.cookie.js HTTP/1.1
Host: dfvs.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfvs.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:36:46 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"ccdb2dc189ac698dd8a582a4291c7451"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i4eDSvWLu8SwI4k6tTVHdymX018vbxg00atOuYN51wrNWiyNjGeEZU4C5IXh9mCZvwqCq0BPB27lP7vqO%2FYaqu6EwvRBVu5z5nB2pbPOszMhNMu9%2B6rbwMJoWSy1io7SRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830159abb8e9b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|