ws-b4m.pages.dev/load/video.png
188.114.96.1200 OK 16 kB URL GET HTTP/3 ws-b4m.pages.dev/load/video.png
IP 188.114.96.1:443
Requested by https://ws-b4m.pages.dev/
Certificate IssuerGoogle Trust Services LLC
Subjectws-b4m.pages.dev
FingerprintF0:16:AD:F7:E6:3A:83:EB:6F:F5:09:71:06:24:F4:0F:2E:E9:98:FE
ValidityThu, 19 Oct 2023 02:17:35 GMT - Wed, 17 Jan 2024 02:17:34 GMT
File type PNG image data, 560 x 315, 8-bit colormap, non-interlaced\012- data
Hash 0c6ec69b054fdeb31cf3e5e10290fd8e
5b2d2ef0e3b5824addcc34d642769f5f14671411
d980ab372658f4c7c8f07d730ef6dc67e3fb3471f37928274f915c0308850994
Analyzer Verdict Alert OpenPhish phishing WhatsApp
PhishTank phishing WhatsApp
Quad9 DNS malicious Sinkholed
GET /load/video.png HTTP/1.1
Host: ws-b4m.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ws-b4m.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 05 Dec 2023 08:52:45 GMT
content-type: image/png
content-length: 16259
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "e8d82bc87223d31f958fe3a9e246895c"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BTCvsSJB6e4lordWgwKnRByFdVhsa%2F13DxggSi9HRpd0L89PUADsfLCtKXLKqAQch4P9XIIMlHx7XRiFcqir8mQ5rp4bg02B4xCX9XEaluXJvbah1Sy05cTCn7zilCjYYWG%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830b0e0b4e44b4f9-OSL
alt-svc: h3=":443"; ma=86400
web.whatsapp.com/binary-transparency-manifest-2.2232.8.json
31.13.72.52400 Bad Request 2.5 kB URL GET HTTP/2 web.whatsapp.com/binary-transparency-manifest-2.2232.8.json
IP 31.13.72.52:443
Requested by https://ws-b4m.pages.dev/
Certificate IssuerDigiCert Inc
Subject*.whatsapp.net
Fingerprint78:35:13:B9:4F:97:08:8A:C9:B3:F6:90:13:1F:0D:71:75:3E:C0:B0
ValidityWed, 13 Sep 2023 00:00:00 GMT - Tue, 12 Dec 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2793)
Hash f1ac791356b3b6a884f9d3341fabe1da
85c8d6a72ce89e3254dea435474c3ee04d0c8cbd
87d28f909a65f055c786a96751a9e3467ff378c56f9d38f5cffcfdaf0d724f1d
GET /binary-transparency-manifest-2.2232.8.json HTTP/1.1
Host: web.whatsapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ws-b4m.pages.dev/
Origin: https://ws-b4m.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 400 Bad Request
content-encoding: br
reporting-endpoints: coep_report="https://www.facebook.com/browser_reporting/?minimize=0"
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: unsafe-none
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: text/html; charset="utf-8"
x-fb-debug: /eAV+XNHZ81CkhPXUun0xZRqB8iMZr2wVMtvT/gxszXTijb5pp6oaHcpjZwnT/VRQRZ4Po1zOj3Bb3cyKdjRmw==
content-length: 2460
proxy-status: http_request_error; e_clientaddr="AcKQgFEICD90nSzZSvDPr-ukQjYxRHZZpxD4mnJi65xTetCXgufLJTOOC-sy1AqRZ_HzCubGph477qnfPhcPRw6uOAQMH3SFMy0Y3yZeLB6LcqDf"; e_fb_vipport="AcKxUbnBDoV5BZO3W8nRUBj6S3au9ofZfSh4R-fyGP_Eqi4NEPVwEQhvjsum"; e_upip="AcKdqK9N4tfCuMT57SW44UaENJX-OLGyjhwGwS2VpOa9xVRSf1boa7QdkrdngOhivN74iISmq_bWrcQlF8dwv3V4XXgooKp18S4"; e_fb_hostheader="AcLE4yYE51vinCwjpdI7j4pEiiXR1HnDYSVxBhcbk3xzDveONn0oBzsXFynkwuFLpqRHVYSnQLOw3w"; e_fb_vipaddr="AcJpQ8I89yEJ_h3wg0fgvSKUYJjiuJLb2ZpqP_cLFmGCVGLMe_4loXMnWeRg_DnjvUx8eIdtCGBAbgACZmg81rlYigvOY7A_rw"; e_fb_requesthandler="AcIFCJuM0_03ZfmX4Qdmd4Zd4RgaqnDLBF6eTdNPToAsd1zR55FTFRBoh9jMh6o4sxCkRomOc60"; e_fb_builduser="AcLShabAMEWsnRLrENupxt_QUc3VFY5-cUVxxZtbRqG6w_Nzz3l-1s8vVlTJv4Pgp7k"; e_fb_binaryversion="AcJmf2e7OIxZ6PJOOYpzElz5GHVLEkSEj_E9adL_aq1VP-dKZ6XtR3za97nJj6wIi2Ov_2pvQvkUmJt2E8RPC8_zKDM0MoxUGdU"; e_proxy="AcL9L8nyr7Lhh9hEFBSPP7o5kUr4-zR8qwi8kaO2MJmzf0FDArnJ7C9ICUrqf_rCl8v1nYeZxauvAyOENW4B", http_request_error; e_clientaddr="AcLeg8UvNCRMOUK1OQQUgZbEDf7H7kzR7E2E4KE8Q05Xn4Vxp9niDNocleYrzr8rm2QX88pdwgSfrInd"; e_fb_vipport="AcIm2hNsv4-YOSNc7zzdDukYCu7m67z8vDj2fDT2xjqKMfUa0y4v7VLgUbZL"; e_upip="AcJpA0IYlcQ8auHvijXjssBW3CkvBh1xlnkQim2zhvQsYyIAaSkzT68Zzuptp7RTahOrq2mXYwbK3Y7arr1UYc3hQHfaZWc06A"; e_fb_hostheader="AcJh2juSRMjwI_KWesk9t91QuRXBZbKb0dfvLy-vFSwrSBDwLlmgnyoOyddzMnH_exg6vezQK5MGYA"; e_fb_vipaddr="AcKD_YIsEPVodS8ANi5cA9Tgij_t35DcnF0hdrGlOKl_a9ifi6b4A5dv7ZczagSRujzg104"; e_fb_requesthandler="AcIAv1gTIVy_toZUWckqbWg_a3dUv98uT1V87wC7K8u7SgCvw7yKjnFsqAjb9gf4GxYN_F5r"; e_fb_builduser="AcI44y8xX1XxSU8FGmiOFc8PYZlsHUSBQLbynKIr6-MnP03_UYqKA6zcg-urlEutwHo"; e_fb_binaryversion="AcJPj0PulfU-JSX2sRhsoQJVqlqZSpgXcU9vOLWV_6s39lyHXewvMgUcViChjnEL7Md4jrF2-cZ866RZy7VmOsDsPDf_AYssygw"; e_proxy="AcJ0kgR_ac5saTddTu2NThUGtlH2CQO_kOC_GHfAcUBqI3clHSDiCXRiA74hoD29jcuYnUyvMgC936Cr"
date: Tue, 05 Dec 2023 08:52:46 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ws-b4m.pages.dev/load/whatsapp-webclient-login_c09223f0813e7c3adc16476cba2a5d0d.mp4
188.114.96.1404 Not Found 520 B URL GET HTTP/3 ws-b4m.pages.dev/load/whatsapp-webclient-login_c09223f0813e7c3adc16476cba2a5d0d.mp4
IP 188.114.96.1:443
Requested by https://ws-b4m.pages.dev/
Certificate IssuerGoogle Trust Services LLC
Subjectws-b4m.pages.dev
FingerprintF0:16:AD:F7:E6:3A:83:EB:6F:F5:09:71:06:24:F4:0F:2E:E9:98:FE
ValidityThu, 19 Oct 2023 02:17:35 GMT - Wed, 17 Jan 2024 02:17:34 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 3704f92207749f1f9b308fc856e7b7eb
b12e7554f139b239e0cb11f2138fa328e414a761
7407aa48b72bcf4fbc483d468f668297de0850af456c1a57c8fe569c932c789e
Analyzer Verdict Alert OpenPhish phishing WhatsApp
PhishTank phishing WhatsApp
Quad9 DNS malicious Sinkholed
GET /load/whatsapp-webclient-login_c09223f0813e7c3adc16476cba2a5d0d.mp4 HTTP/1.1
Host: ws-b4m.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Referer: https://ws-b4m.pages.dev/
Range: bytes=0-
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Tue, 05 Dec 2023 08:52:46 GMT
content-type: text/html; charset=utf-8
content-length: 520
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9U40CwdSjZUHau6QaDgZRRG2uOgOCPwuEzVzWMZ6MZjoOwa6GefqdSPepOInzgviUZZk0E7N%2BXm3BSzT9MhGHUkGxnL%2BlqbuZv7rDC4Ts1i0fwDVNHw29HqWlI38qEC3dNDU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830b0e0e294fb4f9-OSL
alt-svc: h3=":443"; ma=86400
ws-b4m.pages.dev/ws
188.114.96.1 307 B IP 188.114.96.1:0
Certificate IssuerGoogle Trust Services LLC
Subjectws-b4m.pages.dev
FingerprintF0:16:AD:F7:E6:3A:83:EB:6F:F5:09:71:06:24:F4:0F:2E:E9:98:FE
ValidityThu, 19 Oct 2023 02:17:35 GMT - Wed, 17 Jan 2024 02:17:34 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 3704f92207749f1f9b308fc856e7b7eb
b12e7554f139b239e0cb11f2138fa328e414a761
7407aa48b72bcf4fbc483d468f668297de0850af456c1a57c8fe569c932c789e
Analyzer Verdict Alert OpenPhish phishing WhatsApp
PhishTank phishing WhatsApp
Quad9 DNS malicious Sinkholed
GET /ws HTTP/1.1
Host: ws-b4m.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://ws-b4m.pages.dev
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: atEzIX0ZrwkBt1iYP7qGqw==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 404 Not Found
Date: Tue, 05 Dec 2023 08:52:46 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2lMNn%2FH%2FCNnFMhwo81riZ703msuT8PlTmoevdO7ikX3lTPg1H4rYad57e0MeEwcnSAGKJ4URgdnQRRvJaFHJ6mpIvPsAlptQwYzl5RMTA9%2FiI1PledQ0xg7WRqe7BYY0%2Byah"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 830b0e0e8b41b51b-OSL
Content-Encoding: br
alt-svc: h3=":443"; ma=86400
web.whatsapp.com/img/favicon_c5088e888c97ad440a61d247596f88e5.png
31.13.72.52400 Bad Request 2.5 kB URL GET HTTP/3 web.whatsapp.com/img/favicon_c5088e888c97ad440a61d247596f88e5.png
IP 31.13.72.52:443
Requested by https://ws-b4m.pages.dev/
Certificate IssuerDigiCert Inc
Subject*.whatsapp.net
Fingerprint78:35:13:B9:4F:97:08:8A:C9:B3:F6:90:13:1F:0D:71:75:3E:C0:B0
ValidityWed, 13 Sep 2023 00:00:00 GMT - Tue, 12 Dec 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2793)
Hash f1ac791356b3b6a884f9d3341fabe1da
85c8d6a72ce89e3254dea435474c3ee04d0c8cbd
87d28f909a65f055c786a96751a9e3467ff378c56f9d38f5cffcfdaf0d724f1d
GET /img/favicon_c5088e888c97ad440a61d247596f88e5.png HTTP/1.1
Host: web.whatsapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ws-b4m.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 400 Bad Request
content-encoding: br
reporting-endpoints: coep_report="https://www.facebook.com/browser_reporting/?minimize=0"
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: unsafe-none
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: text/html; charset="utf-8"
x-fb-debug: j1Q48UUiJNu2eOiyeSXIFga4odVSA6nIHnyDwtQPQ98tJMsftInUuI38qA8JeXKt5zfQ6oElHUJJfZ45exNxJA==
content-length: 2460
proxy-status: http_request_error; e_clientaddr="AcLHTt2b4feLr9s4zdH72_3E8uGK3hAhzSPN1bbcB0AU_mY7UCZvcYmXjquwO9-VQfL2xx3eKbQlz-8yAhTUQW1P7hQ7C0LMcJL2LtE1nMtJqZIK"; e_fb_vipport="AcKF14lyIADbWudcDqs4vmpzZgX7WX5Bp30mVqb5ML3zEYRepuxhD3ctA-JC"; e_upip="AcLcgIAL3jeaGrkiGH8m4otKd8U4Ymu8VRwY6XIBD9DSIi_Ro4N4xHsHSR-X6Z5b5L5-IXI3L-B2xUIyfcBK8if7OyPVheUeIzM"; e_fb_hostheader="AcJ8nP2uZoo8LnIbB20V6FoL3ScufOuE1Tki50hmOzMKyzdA-URj71s965y6bRqr9DdpztJqr587Lw"; e_fb_vipaddr="AcI_ZNfLJJCOlR5HATuIoXQJd5G-4o1Ub3-jt7nzPTyY1Yn6fMAi9eua_YkW-gm7KexE05ZoavaU9efsGJvCVmBgLcSEKZ_FTQ"; e_fb_requesthandler="AcKb0zaih1z3L3-E950K8xxLYtpFu65IfY8wEm32v4ByGniJ1Mk-1XQCOmLWh12zDn6yh-ejHwU"; e_fb_builduser="AcIVnZ02J9T-OFPVF9Bi2lM6X6fne6mBxC1QhyjsJsNcB_67_V8wyfjAVM1DasQVQ4I"; e_fb_binaryversion="AcLEM4TwSElBS7yPgxWPj3A9MoSlT_QhMHWO-c-Bp-oUVoGcVGhIxH6QurRTXd7ovdRs6RIMnqyYi_ZqMOg__FYavIFKO6DMWEE"; e_proxy="AcJHtYoYFtEqyHNo9WOyo6zDikhDc9q3n21e2IqQAwoTX9Rq62FGt4dT81MJ5imJ0G9Fs4SLky1bArV8D-Aw", http_request_error; e_clientaddr="AcINTzGZX4N6tt0wWn6Dv81cNIv9d45Yi0BBELqYRW3Ks88AA7ztYNaniZFlap-NizKMuTyJm_vRyhGx"; e_fb_vipport="AcJdY3P1tuWtqMNHKgTJTYg5kAL_xySRWUNsP2xbiZ5Apu_bGvG5GuohSrqx"; e_upip="AcLP1uFB_tIETJ5i6pnHXr5OT1y0OK_P7lkmk-HSHkMtMN7dDbhdF22x3w5awe6msggAmPPatReu1JZB_tWedk5dG5Fmc6OgDA"; e_fb_hostheader="AcKY_CJQ6WO2mSUur-erelHoU8vkEVkIIpQf7p4IBLRdF6A0Mzoxx_YQ8Hn2bp_-4lMxcE1PRrZ0nQ"; e_fb_vipaddr="AcJWqUDFOwj9b9a4aYCJlxTPkMxSxW-pnJxgexrZ4GyaAQKjRJ4ShDEQXTg1qfNG8kIe9tc"; e_fb_requesthandler="AcLrXXJCeRpTNvm07YMrymXbdHJN7mMej3AV5-LM4qaMiEArI0jZzN4XcfS2aob0oBhg2VLF"; e_fb_builduser="AcI4kgMqzj0PLg0OwJvp1CvYRaceG0_FG3gDjwhqPyd52Q2Yko_-6Jzdz50Mnhq4xUo"; e_fb_binaryversion="AcKhtRuJkECAbsGJ7MGBX6AeYZUuZPEBaXjVnapvUC01s9aFbv_FaxngR6lnsFq7Otqxgbf6lcKZv4Tfx5DNOGD4IVv0lAT2SC0"; e_proxy="AcL6rHc4ANDf7pa6VDhY5HfG5_sNhjZ_pTFJ5SDc5x_9cpjHvro6C3BYRwVpZzf1N6aDKsieHLuwm8FC"
date: Tue, 05 Dec 2023 08:52:46 GMT
alt-svc: h3=":443"; ma=86400
priority: u=6
web.whatsapp.com/apple-touch-icon.png
31.13.72.52400 Bad Request 2.5 kB URL GET HTTP/3 web.whatsapp.com/apple-touch-icon.png
IP 31.13.72.52:443
Requested by https://ws-b4m.pages.dev/
Certificate IssuerDigiCert Inc
Subject*.whatsapp.net
Fingerprint78:35:13:B9:4F:97:08:8A:C9:B3:F6:90:13:1F:0D:71:75:3E:C0:B0
ValidityWed, 13 Sep 2023 00:00:00 GMT - Tue, 12 Dec 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2793)
Hash f1ac791356b3b6a884f9d3341fabe1da
85c8d6a72ce89e3254dea435474c3ee04d0c8cbd
87d28f909a65f055c786a96751a9e3467ff378c56f9d38f5cffcfdaf0d724f1d
GET /apple-touch-icon.png HTTP/1.1
Host: web.whatsapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ws-b4m.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 400 Bad Request
content-encoding: br
reporting-endpoints: coep_report="https://www.facebook.com/browser_reporting/?minimize=0"
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: unsafe-none
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: text/html; charset="utf-8"
x-fb-debug: Eti8IbExzF8io0FBA+Mg2mET0pn6tyojtyfACr0BOZfyUuLcVLOuf1VYwDA1tDcTg3VlczxzDN6EPoxbpEinYg==
content-length: 2460
proxy-status: http_request_error; e_clientaddr="AcJtQvza3YQqpuZ0qCU0HkdtAeHUN8__t6iGMdI1ub-FuPhLpeeZL1aUq_gTJbRdX5ax4c6a90I2qVGhnaz2QJV4ibYvfi_rM11Na_l6UlwfC5bG"; e_fb_vipport="AcJNHoXOf1toApXlC3eCJHyVckGLxcIxDn9ag4mQNoRvvw3Fsr0lUhymfVBR"; e_upip="AcLTuXtL0Wo4d5AeEY4h8gmOHqzGal5nwP8V5GpcY3fu9oDGtH50-M9DmaJvdE9TzRk0-3nlR2sRLafPUHwN6ruWYfMsypwNnO0"; e_fb_hostheader="AcLmVPo-DdtHdkeUuCxnv8_Rs6n0VWNmJdUXAuPNvPayfrFyYDIA559NYJHO1ZeM8p64TxNiFCT39w"; e_fb_vipaddr="AcLFViCpc7G47Qoavs6j4ZaIsj5m-Bj4MAQP2JOsndXNia3n16PybnmUtZPgQdYcSN8kWFrNgpZE04kVRtB3ZwJuMiizICRzSA"; e_fb_requesthandler="AcJrXKWyqCLxHE27F1D6GcOO7OepkiikIyFw1vQ8m4hgv-D-ClntjvYxED6Nr5XlbR_ZjaxwHFI"; e_fb_builduser="AcJFJYYI9RhHdHEl3Nkg8UK2JRBOnq4lkEZvgnaTrPjDlUe918knujMKoUMqTl4agwA"; e_fb_binaryversion="AcJalP8drTeze0YD1-W4pqlefXdrjs77fLBpxOCunNP-ZFF2s-bBkWXl7hGz8KtCmwZzEqRC4vug0OA60U2N6oS5hBxP5_PuS_M"; e_proxy="AcJZuNs4YqazQDYCD4PyGAWwhyV75Lif46DYSaab2UvX0qI-Cj2LrhZTTfI8SU_3NwaYtmCTKNdw129akGvO", http_request_error; e_clientaddr="AcKDf2U6NNDT-d4Ym2eMf5ZrM9x058gdhLQr2Fk9Ay_JLiY4bIuKs3j-HtpegnULKwSOB7j_NA0fXKe5"; e_fb_vipport="AcKmBI-h1t5CSoGnE-X9-Y3wryya7wteR_AIIlnlXyBOKCvAmTYamjGqKHBP"; e_upip="AcIpUX05VhNmvnRLZ_v8ygnIQPguSu8xsRpra6dgriyLRqy5CH7_VQNwwNn2AZlbBCRxnTQS7Re_YeCY_NKpVFQsnVV78KITWA"; e_fb_hostheader="AcJROKYHZZ0dhpD1Ci_bbtH4YEHSNAUD9Q-dSdUx_rrG7mXQRCr-tprG6pjF_l0YKZGOanGzx3BtuQ"; e_fb_vipaddr="AcI-d0_AVqlIrMUWrY5-pVw63fI08hHyzCl08iMoyU0HCTbEEhKs_hY9H5I8H-Mx8-qRvOY"; e_fb_requesthandler="AcKO0zfQGxUIa84raSfVfjA4WGxKeoUnD712C7BOm_g8wbrUYHL_XJh0Eu58OTMJKns5HBiG"; e_fb_builduser="AcLECsIsDUzg2b8Icg55fQLunolkL1D1RjUCVGYxq0fQjGFTNDTK39-ax0MWgaL3kU4"; e_fb_binaryversion="AcJUw4qrykB4C32nnUKQtuCUKvEB236IcOiXMlv-VBEKKoGfP75DiuWZfDP551tEcZmFEPoPhEb_CkUExkL-JgxbELp0uZGY0Z4"; e_proxy="AcLzdgmPaV2YXzqFEC2GJAKwJnsojCOF3OGExAMm7HXubf1vX4StPJZQVQ_QJsxTWucd6G8yLZ33kV9t"
date: Tue, 05 Dec 2023 08:52:46 GMT
alt-svc: h3=":443"; ma=86400
priority: u=6
ws-b4m.pages.dev/ws
188.114.96.1404 Not Found 0 B IP 188.114.96.1:443
Requested by https://ws-b4m.pages.dev/
Certificate IssuerGoogle Trust Services LLC
Subjectws-b4m.pages.dev
FingerprintF0:16:AD:F7:E6:3A:83:EB:6F:F5:09:71:06:24:F4:0F:2E:E9:98:FE
ValidityThu, 19 Oct 2023 02:17:35 GMT - Wed, 17 Jan 2024 02:17:34 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert OpenPhish phishing WhatsApp
PhishTank phishing WhatsApp
Quad9 DNS malicious Sinkholed
GET /ws HTTP/1.1
Host: ws-b4m.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://ws-b4m.pages.dev
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: atEzIX0ZrwkBt1iYP7qGqw==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 404 Not Found
Date: Tue, 05 Dec 2023 08:52:46 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2lMNn%2FH%2FCNnFMhwo81riZ703msuT8PlTmoevdO7ikX3lTPg1H4rYad57e0MeEwcnSAGKJ4URgdnQRRvJaFHJ6mpIvPsAlptQwYzl5RMTA9%2FiI1PledQ0xg7WRqe7BYY0%2Byah"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 830b0e0e8b41b51b-OSL
Content-Encoding: br
alt-svc: h3=":443"; ma=86400
ws-b4m.pages.dev/load/stylex-2d46744708947781f1f33a0069cbc308.css
188.114.96.1200 OK 116 kB URL GET HTTP/3 ws-b4m.pages.dev/load/stylex-2d46744708947781f1f33a0069cbc308.css
IP 188.114.96.1:443
Requested by https://ws-b4m.pages.dev/
Certificate IssuerGoogle Trust Services LLC
Subjectws-b4m.pages.dev
FingerprintF0:16:AD:F7:E6:3A:83:EB:6F:F5:09:71:06:24:F4:0F:2E:E9:98:FE
ValidityThu, 19 Oct 2023 02:17:35 GMT - Wed, 17 Jan 2024 02:17:34 GMT
File type ASCII text, with very long lines (937)
Size 116 kB (116339 bytes)
Hash ce08c431738ca6a8561b1c58a35b0b70
46628f24522fd5f7891a61a3668cde2aaaa80dd6
d3889a9a244c69018e4848bffa27b76845ca2c34813976342d4b122e6533bbca
Analyzer Verdict Alert OpenPhish phishing WhatsApp
PhishTank phishing WhatsApp
Quad9 DNS malicious Sinkholed
GET /load/stylex-2d46744708947781f1f33a0069cbc308.css HTTP/1.1
Host: ws-b4m.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ws-b4m.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 05 Dec 2023 08:52:45 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"65cf534a072c0cdda7d1094f883a9072"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FlRNgNybFwyHIXsqOwMPlU37Ub5AcD89xXclDFDhtJJbtPWMBde5s%2BN2MPPpfmLwiRmiO8wmwKle5ruUl%2FU6pYRZYO1caHV06mQUqbaN%2Bg6xoeizHCozI%2BMtPi84X1xwCD3h"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830b0e0b3e38b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
ws-b4m.pages.dev/load/qrcode.min.js
188.114.96.1200 OK 20 kB URL GET HTTP/3 ws-b4m.pages.dev/load/qrcode.min.js
IP 188.114.96.1:443
Requested by https://ws-b4m.pages.dev/
Certificate IssuerGoogle Trust Services LLC
Subjectws-b4m.pages.dev
FingerprintF0:16:AD:F7:E6:3A:83:EB:6F:F5:09:71:06:24:F4:0F:2E:E9:98:FE
ValidityThu, 19 Oct 2023 02:17:35 GMT - Wed, 17 Jan 2024 02:17:34 GMT
File type ASCII text, with very long lines (19927), with no line terminators
Hash 517b55d3688ce9ef1085a3d9632bcb97
2d06c1f823f34c19981c6ae0b0eb0f5861c5e14b
c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36
Analyzer Verdict Alert OpenPhish phishing WhatsApp
PhishTank phishing WhatsApp
Quad9 DNS malicious Sinkholed
GET /load/qrcode.min.js HTTP/1.1
Host: ws-b4m.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ws-b4m.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 05 Dec 2023 08:52:45 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"7ada293847f072170f0c5a32bd67bad3"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FfXaVoGJC8PCPjE0pYEGqBLsCM5yapvFxmBEUrNmDGJa9OyUUxvGAB5OrpO6BNbDkUy2J4P%2FCJA0pA8FMw%2FQb3s72wckO2aWyVsFUrDDSVeKN5p015dgcEVk9vyeVlNZDBO6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830b0e0b4e41b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
ws-b4m.pages.dev/load/libsignal-protocol-ee5b8ba.min.js
188.114.96.1200 OK 250 kB URL GET HTTP/3 ws-b4m.pages.dev/load/libsignal-protocol-ee5b8ba.min.js
IP 188.114.96.1:443
Requested by https://ws-b4m.pages.dev/
Certificate IssuerGoogle Trust Services LLC
Subjectws-b4m.pages.dev
FingerprintF0:16:AD:F7:E6:3A:83:EB:6F:F5:09:71:06:24:F4:0F:2E:E9:98:FE
ValidityThu, 19 Oct 2023 02:17:35 GMT - Wed, 17 Jan 2024 02:17:34 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 250 kB (249969 bytes)
Hash 8ab914b33a56ffa80ca1de0819a70684
0a103d668f19bd5529de831446389eabd85f3550
b32cb4726155800367b1e44af2fd940b77aed84cc9baa11c0381bf35dd993c98
Analyzer Verdict Alert OpenPhish phishing WhatsApp
PhishTank phishing WhatsApp
Quad9 DNS malicious Sinkholed
GET /load/libsignal-protocol-ee5b8ba.min.js HTTP/1.1
Host: ws-b4m.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ws-b4m.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 05 Dec 2023 08:52:46 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"8a9ebdc63ef791fcc4d7fc80f12ae130"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fx6xUMiTYeAEs%2BZEQozTggEJUsNph%2B%2FI0AtTph7pfy76niMiQEWksvJ%2B5wQ0%2BcHbru2iNP07PaKFh%2B2f2bxVj21N1mBidyTECC%2Bszh%2FnMyqV3PdbVVAZgkP0TYE4JGK3BOhu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830b0e0b4e47b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
ws-b4m.pages.dev/load/runtime.88c356058afe3d58a508.js
188.114.96.1200 OK 16 kB URL GET HTTP/3 ws-b4m.pages.dev/load/runtime.88c356058afe3d58a508.js
IP 188.114.96.1:443
Requested by https://ws-b4m.pages.dev/
Certificate IssuerGoogle Trust Services LLC
Subjectws-b4m.pages.dev
FingerprintF0:16:AD:F7:E6:3A:83:EB:6F:F5:09:71:06:24:F4:0F:2E:E9:98:FE
ValidityThu, 19 Oct 2023 02:17:35 GMT - Wed, 17 Jan 2024 02:17:34 GMT
File type ASCII text, with very long lines (15564)
Hash 46e475d8d5495b3ad954747f1898efe9
c1672a101e0216f9cc585bc4ee4c0340a6cd8c77
cd00a8ee12254d2285a82ea490590610a500c867831301e8d91884f93ca3c564
Analyzer Verdict Alert OpenPhish phishing WhatsApp
PhishTank phishing WhatsApp
Quad9 DNS malicious Sinkholed
GET /load/runtime.88c356058afe3d58a508.js HTTP/1.1
Host: ws-b4m.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ws-b4m.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 05 Dec 2023 08:52:45 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"7430056c140c5b0c8d938cac5e9dfa97"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=doZwjnqdIo51YDRV1NxREuYIEMVF9l9m2stR4rj2RgaqB4niYMFS1fxfCy%2Fm9pBPiXKzHdIVzcxtXV%2BHcYIxipRRMbYOAvDL0lCInEVdoRmfZh8LXoLGFORTKFWWwlf98kwt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830b0e0b4e4cb4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
188.114.96.1200 OK 31 kB URL User Request GET HTTP/2 IP 188.114.96.1:443
Certificate IssuerGoogle Trust Services LLC
Subjectws-b4m.pages.dev
FingerprintF0:16:AD:F7:E6:3A:83:EB:6F:F5:09:71:06:24:F4:0F:2E:E9:98:FE
ValidityThu, 19 Oct 2023 02:17:35 GMT - Wed, 17 Jan 2024 02:17:34 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert OpenPhish phishing WhatsApp
PhishTank phishing WhatsApp
Quad9 DNS malicious Sinkholed
GET / HTTP/1.1
Host: ws-b4m.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 05 Dec 2023 08:52:45 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"554720f792b79cc8a07994696559ec5d"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uJdO3PclrozCTaMRiqsplmfvyZhZEuMSQrEav27PmIdiSlsmZWpNsOnAL1at%2B%2FCQUowTOyNI%2BVC00Do5rlZAD7Wvfz2UJfq%2F%2BDxsAKlFdkQ46EL%2B3Y7nUI7wtKYvEpvDfPZ6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830b0e08397fb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ws-b4m.pages.dev/load/bootstrap_qr-e2b403f65ed52d327e90.css
188.114.96.1200 OK 177 kB URL GET HTTP/3 ws-b4m.pages.dev/load/bootstrap_qr-e2b403f65ed52d327e90.css
IP 188.114.96.1:443
Requested by https://ws-b4m.pages.dev/
Certificate IssuerGoogle Trust Services LLC
Subjectws-b4m.pages.dev
FingerprintF0:16:AD:F7:E6:3A:83:EB:6F:F5:09:71:06:24:F4:0F:2E:E9:98:FE
ValidityThu, 19 Oct 2023 02:17:35 GMT - Wed, 17 Jan 2024 02:17:34 GMT
Size 177 kB (176830 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert OpenPhish phishing WhatsApp
PhishTank phishing WhatsApp
Quad9 DNS malicious Sinkholed
GET /load/bootstrap_qr-e2b403f65ed52d327e90.css HTTP/1.1
Host: ws-b4m.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ws-b4m.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 05 Dec 2023 08:52:45 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"03e94140affd61cffcdc0cc2d7d64da0"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D65rrP6iJGJC1NBYWBdkyvkaZcs%2Bms2QmcJyvPv0VySs2t2K8A3WFD3vjHvwmKoncJrHny7eII8AiFRR4BrMYa0SJTeURtUYbFsRlgd1HiocwwRDl%2FwNN7bGK5T7xEdfpp7G"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830b0e0b3e39b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
ws-b4m.pages.dev/load/bootstrap_main.9d6050e3d2fff5b782d3.css
188.114.96.1200 OK 231 kB URL GET HTTP/3 ws-b4m.pages.dev/load/bootstrap_main.9d6050e3d2fff5b782d3.css
IP 188.114.96.1:443
Requested by https://ws-b4m.pages.dev/
Certificate IssuerGoogle Trust Services LLC
Subjectws-b4m.pages.dev
FingerprintF0:16:AD:F7:E6:3A:83:EB:6F:F5:09:71:06:24:F4:0F:2E:E9:98:FE
ValidityThu, 19 Oct 2023 02:17:35 GMT - Wed, 17 Jan 2024 02:17:34 GMT
Size 231 kB (230953 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert OpenPhish phishing WhatsApp
PhishTank phishing WhatsApp
Quad9 DNS malicious Sinkholed
GET /load/bootstrap_main.9d6050e3d2fff5b782d3.css HTTP/1.1
Host: ws-b4m.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ws-b4m.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 05 Dec 2023 08:52:45 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"f2144f69865583616f03de95fe1b8096"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CWZSqkCQlbZikbUumrV34COMqS3vGwfTsAXbjU1Ph%2F%2FhkjLoqVPJifeHpURVg%2BYIQbsdAdz%2FFi3iANgyIqcY4zaLSdfFzM6ECQhX3drKtm0SwoUdfAldie%2BdCa7BpryjKzxc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830b0e0b3e3ab4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
ws-b4m.pages.dev/load/jquery.min.js
188.114.96.1200 OK 93 kB URL GET HTTP/3 ws-b4m.pages.dev/load/jquery.min.js
IP 188.114.96.1:443
Requested by https://ws-b4m.pages.dev/
Certificate IssuerGoogle Trust Services LLC
Subjectws-b4m.pages.dev
FingerprintF0:16:AD:F7:E6:3A:83:EB:6F:F5:09:71:06:24:F4:0F:2E:E9:98:FE
ValidityThu, 19 Oct 2023 02:17:35 GMT - Wed, 17 Jan 2024 02:17:34 GMT
File type ASCII text, with very long lines (32072)
Hash e3f24f23b859cf718282e3806ed5ce38
c92a61cb4fbc23adb05973638f60e2999bed4a26
e0108076470765be9ef1e9b242b8a52ef78c8f4532c7263426abc05ea4b60240
Analyzer Verdict Alert OpenPhish phishing WhatsApp
PhishTank phishing WhatsApp
Quad9 DNS malicious Sinkholed
GET /load/jquery.min.js HTTP/1.1
Host: ws-b4m.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ws-b4m.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 05 Dec 2023 08:52:45 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"0b037baf132504ce7005a11383470752"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NBTOUnSm9k5sZROVuORrscUrgqOUlKdyhRMhX0eCYDJ1oN%2B9sY5iMarL7Pn%2FSJPq2twT2hqSfLiDit73FSCC5IDDIBA9sr3gGY3oAzd7GFpfrJ3sHTJZ%2BfAfgqjdk6boskQi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830b0e0b3e3cb4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
ws-b4m.pages.dev/load/jquery.cookie.js
188.114.96.1200 OK 3.1 kB URL GET HTTP/3 ws-b4m.pages.dev/load/jquery.cookie.js
IP 188.114.96.1:443
Requested by https://ws-b4m.pages.dev/
Certificate IssuerGoogle Trust Services LLC
Subjectws-b4m.pages.dev
FingerprintF0:16:AD:F7:E6:3A:83:EB:6F:F5:09:71:06:24:F4:0F:2E:E9:98:FE
ValidityThu, 19 Oct 2023 02:17:35 GMT - Wed, 17 Jan 2024 02:17:34 GMT
File type ASCII text, with very long lines (3439), with no line terminators
Hash c776f7843da058a9030aea314d49613f
b91ca11b466e153f05219e5e1a1e9f4348b2cc14
573c67cf9289d24e8756d0f86d37652e7f2383233ad50dca47f2ae5382923735
Analyzer Verdict Alert OpenPhish phishing WhatsApp
PhishTank phishing WhatsApp
Quad9 DNS malicious Sinkholed
GET /load/jquery.cookie.js HTTP/1.1
Host: ws-b4m.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ws-b4m.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 05 Dec 2023 08:52:45 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"ccdb2dc189ac698dd8a582a4291c7451"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I4Ww8pQ4L3X8hJSim7lKBp8%2BzcDNood%2B3xFS7YCqWIUmFvOdx9YFQsyamM66I1XAxGlhwyJuomfpQajUNonnu8HngZYPMlu4D9C8%2F4uhnwCLeLH7sKm7NO0m0BBNgv8%2Bsk%2Fz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830b0e0b4e40b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400