Report - gbwhats.in/

Report Overview

Submitted URL
gbwhats.in/
IP
139.59.8.127
ASN
#14061 DIGITALOCEAN-ASN
Submitted
2024-04-19 04:34:59
Access
public
Website Title
GB WhatsApp Download | GBWhatsApp Apk Update 2024
Final URL
gbwhats.in/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
80

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
gbwhats.in	unknown	2022-10-03	2022-10-05	2024-02-08	9.6 kB	463 kB	139.59.8.127

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-18	medium	gbwhats.in/	WhatsApp
2024-04-18	medium	gbwhats.in/	WhatsApp
2024-04-18	medium	gbwhats.in/	WhatsApp
2024-04-18	medium	gbwhats.in/	WhatsApp
2024-04-18	medium	gbwhats.in/	WhatsApp
2024-04-18	medium	gbwhats.in/	WhatsApp
2024-04-18	medium	gbwhats.in/	WhatsApp
2024-04-18	medium	gbwhats.in/	WhatsApp
2024-04-18	medium	gbwhats.in/	WhatsApp
2024-04-18	medium	gbwhats.in/	WhatsApp
2024-04-18	medium	gbwhats.in/	WhatsApp
2024-04-18	medium	gbwhats.in/	WhatsApp
2024-04-18	medium	gbwhats.in/	WhatsApp
2024-04-18	medium	gbwhats.in/	WhatsApp
2024-04-18	medium	gbwhats.in/	WhatsApp
2024-04-18	medium	gbwhats.in/	WhatsApp
2024-04-18	medium	gbwhats.in/	WhatsApp
2024-04-18	medium	gbwhats.in/	WhatsApp
2024-04-18	medium	gbwhats.in/	WhatsApp
2024-04-18	medium	gbwhats.in/	WhatsApp

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-19	medium	gbwhats.in	Sinkholed
2024-04-19	medium	gbwhats.in	Sinkholed
2024-04-19	medium	gbwhats.in	Sinkholed
2024-04-19	medium	gbwhats.in	Sinkholed
2024-04-19	medium	gbwhats.in	Sinkholed
2024-04-19	medium	gbwhats.in	Sinkholed
2024-04-19	medium	gbwhats.in	Sinkholed
2024-04-19	medium	gbwhats.in	Sinkholed
2024-04-19	medium	gbwhats.in	Sinkholed
2024-04-19	medium	gbwhats.in	Sinkholed
2024-04-19	medium	gbwhats.in	Sinkholed
2024-04-19	medium	gbwhats.in	Sinkholed
2024-04-19	medium	gbwhats.in	Sinkholed
2024-04-19	medium	gbwhats.in	Sinkholed
2024-04-19	medium	gbwhats.in	Sinkholed
2024-04-19	medium	gbwhats.in	Sinkholed
2024-04-19	medium	gbwhats.in	Sinkholed
2024-04-19	medium	gbwhats.in	Sinkholed
2024-04-19	medium	gbwhats.in	Sinkholed
2024-04-19	medium	gbwhats.in	Sinkholed

ThreatFox

No alerts detected

JavaScript (14)

	URL	Size	First Seen	Last Seen
	gbwhats.in/wp-content/cache/breeze-minification/js/breeze_32004fd7ecc7e1d70927d63e4f14fb62.js	24 kB	2023-11-04	2024-04-19
Pretty URL gbwhats.in/wp-content/cache/breeze-minification/js/breeze_32004fd7ecc7e1d70927d63e4f14fb62.js IP 139.59.8.127 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-04 05:23:16 Last Seen2024-04-19 12:14:49 Times Seen12 Hash c55d9e0a402b42e79d385840257b4aaa fe969049fb575c79ca3ccff45a8dc28176a71a12 7143355fb5ab9561f27d05c86a36f0232fe909a3893ceaf8096c11d09275836d Loading...

	gbwhats.in/wp-content/cache/breeze-minification/js/breeze_32d8122f2b2cdfecc32fff39e0e7d4c0.js	97 B	2023-11-13	2024-04-19
Pretty URL gbwhats.in/wp-content/cache/breeze-minification/js/breeze_32d8122f2b2cdfecc32fff39e0e7d4c0.js IP 139.59.8.127 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-13 00:18:15 Last Seen2024-04-19 12:14:49 Times Seen5 Hash d929e456928554033d99826de56d8825 01a60e2ca13db90ec9f5e8819b1c6ac55d273fe4 3036f669347f6ca375d9ba2e9d52925623e5389d367e912bb918fb280a3fb856 Loading...

	gbwhats.in/wp-content/cache/breeze-minification/js/breeze_5f5b40cac175be6c823ee3f4cdb53ac4.js	1.1 kB	2024-04-19	2024-04-19
Pretty URL gbwhats.in/wp-content/cache/breeze-minification/js/breeze_5f5b40cac175be6c823ee3f4cdb53ac4.js IP 139.59.8.127 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-19 06:34:59 Last Seen2024-04-19 12:14:49 Times Seen2 Hash b047fec1c522256d12c8f9678d3faced f10850c6e9e05574a41bfde5b61d606445e8ee33 57efaab7ece3797af157f6f11a6c7c605e1735049a0750c5d41464174fbff7ff Loading...

	gbwhats.in/	382 B	2023-11-13	2024-04-19
Pretty URL gbwhats.in/ IP 139.59.8.127 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-13 00:18:15 Last Seen2024-04-19 12:14:49 Times Seen5 Hash cc2a5eb6ab7eafb7c1f6206aa2a6f02d abb9d25831075e7c62c38046de2841b6cf5f5610 89c7f99f275575dc0a9595a3631005e02d83fc4c612d10405f9591b96f206f93 Loading...

	gbwhats.in/wp-content/cache/breeze-minification/js/breeze_96aa70e645da775a1d7db42d88d9c946.js	45 B	2023-03-07	2024-05-01
Pretty URL gbwhats.in/wp-content/cache/breeze-minification/js/breeze_96aa70e645da775a1d7db42d88d9c946.js IP 139.59.8.127 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:48 Last Seen2024-05-01 00:54:33 Times Seen214 Hash 5221ac768c3abb9e2f2d68c93f7cdb45 07b844407117fa916a8eddd60ba3b38e1c20ef13 71f652d6e3c322295772c1f083ab62329a94464741c4167ea745b5da21123cc9 Loading...

	gbwhats.in/sandbox%20eval%20code	147 B	2023-04-11	2024-05-02
Pretty URL gbwhats.in/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-02 13:08:08 Times Seen344054 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	gbwhats.in/wp-content/cache/breeze-minification/js/breeze_dcfcfba67b9ea3eb7b821c2c481de437.js	7.3 kB	2024-04-19	2024-04-19
Pretty URL gbwhats.in/wp-content/cache/breeze-minification/js/breeze_dcfcfba67b9ea3eb7b821c2c481de437.js IP 139.59.8.127 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-19 06:34:59 Last Seen2024-04-19 12:14:49 Times Seen2 Hash 6fa9c5c16f7200c145437bd1cc0a04b9 380b5e773f7d1b25f8708ceeb579b9e9356f0f0b 18b3855c0d841a8944093fc848b84c34166c5b4149e19a5a7bb9140e94d18cf4 Loading...

	gbwhats.in/wp-content/cache/breeze-minification/js/breeze_59eea72e9e51a30b8c8cb67a56e56767.js	214 B	2023-03-08	2024-04-19
Pretty URL gbwhats.in/wp-content/cache/breeze-minification/js/breeze_59eea72e9e51a30b8c8cb67a56e56767.js IP 139.59.8.127 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 09:29:41 Last Seen2024-04-19 12:14:49 Times Seen35 Hash 763fe320ac0f102211d2d65c9ae99ebd cd6e680840963d05d7b6e635734493514abceb1a 92a43a4a1d645c227a17d52468a3d77e8f3098351f47839e53a535eb00bb6fba Loading...

	gbwhats.in/wp-content/cache/breeze-minification/js/breeze_db57c0b66004b78248c20a9792c910ed.js	116 B	2023-11-13	2024-04-19
Pretty URL gbwhats.in/wp-content/cache/breeze-minification/js/breeze_db57c0b66004b78248c20a9792c910ed.js IP 139.59.8.127 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-13 00:18:15 Last Seen2024-04-19 12:14:49 Times Seen5 Hash 67bcb46a7ec20ffc8f5b48154cf537ae 0c09284471ebf0c103e3cbe92bc148a8e7c5cc6e 9f13fe6cb04122038ad78b8b46ee85548aa5a67490014bb80a01c123047a8b59 Loading...

	gbwhats.in/wp-content/cache/breeze-minification/js/breeze_f09ed49482285d528660f084a61d224b.js	14 kB	2023-09-12	2024-04-19
Pretty URL gbwhats.in/wp-content/cache/breeze-minification/js/breeze_f09ed49482285d528660f084a61d224b.js IP 139.59.8.127 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-12 01:15:00 Last Seen2024-04-19 12:14:49 Times Seen38 Hash 64ac78f853824fd21d6d1cb3618b56ef b6393acb59f61bca829f7174c5809f9f8dccca85 2346c86992b88ccaaf5bff34d83cd5ea9df8d212bf38c46809d091d8da7124c9 Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-05-02
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-02 13:08:08 Times Seen343547 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	gbwhats.in/wp-content/cache/breeze-minification/js/breeze_57154eb44f55712fa6815ff26b7d0e0d.js	96 B	2023-11-13	2024-04-19
Pretty URL gbwhats.in/wp-content/cache/breeze-minification/js/breeze_57154eb44f55712fa6815ff26b7d0e0d.js IP 139.59.8.127 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-13 00:18:15 Last Seen2024-04-19 12:14:49 Times Seen5 Hash ad7919f69f42b884c7b4677d6d4bdace 1d4cad6a8ab1cb30950660bfde0607977228034d ce9b8c78e1a5ebe344fd16a834e18357236b436b4225e95e74d2e7189fff7d46 Loading...

	gbwhats.in/wp-content/cache/breeze-minification/js/breeze_c04eb7f716ec1556c71c57f01c5f80fe.js	88 kB	2023-11-13	2024-04-19
Pretty URL gbwhats.in/wp-content/cache/breeze-minification/js/breeze_c04eb7f716ec1556c71c57f01c5f80fe.js IP 139.59.8.127 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-13 00:18:15 Last Seen2024-04-19 12:14:49 Times Seen17 Hash 91ddd2502dc90b0303954d9962144f58 d60c5a6d6c3cf2d8472515876889bc3b321dc012 6836d82c2675416ff3baac14cb9f03e7adedd39b167ac1154a73148ed1e65412 Loading...

	gbwhats.in/wp-content/cache/breeze-minification/js/breeze_22199c3b4d5a7f6b104de714ed804e66.js	606 B	2023-11-04	2024-04-19
Pretty URL gbwhats.in/wp-content/cache/breeze-minification/js/breeze_22199c3b4d5a7f6b104de714ed804e66.js IP 139.59.8.127 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-04 05:23:16 Last Seen2024-04-19 12:14:49 Times Seen11 Hash c721e5425a33c768e4d0378bccc128f2 f084c4e26718ec3adf7ab21657b375c65b4d1a5e c8855f9f3bd601fd788392e6814e11b32a482dfcaa29798fe61f28d24a238b8a Loading...

HTTP Transactions (20)

URL IP Response Size

gbwhats.in/

139.59.8.127

200 OK

15 kB

URL User Request GET HTTP/2
gbwhats.in/
IP
139.59.8.127:443
ASN
#14061 DIGITALOCEAN-ASN

Certificate
IssuerLet's Encrypt
Subjectgbwhats.in
FingerprintDA:64:F4:D5:88:BD:83:1A:C4:A8:93:7B:D7:94:E7:8C:5A:73:8D:0C
ValiditySat, 13 Apr 2024 15:19:37 GMT - Fri, 12 Jul 2024 15:19:36 GMT

File type
HTML document, ASCII text, with very long lines (20200)
Size
15 kB (14852 bytes)
Hash
d2fe168301783b12fc9d30bc7e19d2a4
c0ac5a0019e27c40d8ebbb3e3b385bf2df6ab908
debe0311cb090f38b55e56f1cba9c24128b9674fc131f278348d38da415267cf

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	WhatsApp
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: gbwhats.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 04:34:33 GMT
content-type: text/html; charset=utf-8
content-length: 14852
cache-provider: CLOUDWAYS-CACHE-DE
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
last-modified: Wed, 10 Apr 2024 03:31:58 GMT
cache-control: max-age=0, s-maxage=2592000
expires: Thu, 18 Apr 2024 21:32:36 GMT
x-xss-protection: 1; mode=block
vary: Accept-Encoding
content-encoding: gzip
age: 25317
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

gbwhats.in/wp-content/themes/softdown/assets/fonts/kufi.woff

139.59.8.127

200 OK

39 kB

URL GET HTTP/2
gbwhats.in/wp-content/themes/softdown/assets/fonts/kufi.woff
IP
139.59.8.127:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://gbwhats.in/
Certificate
IssuerLet's Encrypt
Subjectgbwhats.in
FingerprintDA:64:F4:D5:88:BD:83:1A:C4:A8:93:7B:D7:94:E7:8C:5A:73:8D:0C
ValiditySat, 13 Apr 2024 15:19:37 GMT - Fri, 12 Jul 2024 15:19:36 GMT

File type
Web Open Font Format, TrueType, length 38628, version 1.1
Size
39 kB (38628 bytes)
Hash
8d2397d1721758e5b3f16855a5b59ba8
1ebadb67e90a1e35d333d969068fb45481db065f
a5d930fb9951e4f30eaf140d04ab1cee09f4ca98485d1d0aa486c74a6b931b01

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	WhatsApp
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/softdown/assets/fonts/kufi.woff HTTP/1.1
Host: gbwhats.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gbwhats.in/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 04:34:34 GMT
content-type: application/font-woff
content-length: 38628
last-modified: Thu, 02 Nov 2023 01:30:41 GMT
etag: "6542fbc1-96e4"
cache-control: public, max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

gbwhats.in/wp-content/themes/softdown/assets/fonts/fontello/69be71.fontello.woff

139.59.8.127

200 OK

13 kB

URL GET HTTP/2
gbwhats.in/wp-content/themes/softdown/assets/fonts/fontello/69be71.fontello.woff
IP
139.59.8.127:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://gbwhats.in/
Certificate
IssuerLet's Encrypt
Subjectgbwhats.in
FingerprintDA:64:F4:D5:88:BD:83:1A:C4:A8:93:7B:D7:94:E7:8C:5A:73:8D:0C
ValiditySat, 13 Apr 2024 15:19:37 GMT - Fri, 12 Jul 2024 15:19:36 GMT

File type
Web Open Font Format, TrueType, length 12732, version 1.0
Size
13 kB (12732 bytes)
Hash
d152652705795a7bf3084b58310b19c6
9d88166bf875674b0ee03dadc89936b21eb8a24f
57741957e27bc0c04169e68103e38ea6ac551effa8a72a2ebe5597b361321abb

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	WhatsApp
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/softdown/assets/fonts/fontello/69be71.fontello.woff HTTP/1.1
Host: gbwhats.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gbwhats.in/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 04:34:34 GMT
content-type: application/font-woff
content-length: 12732
last-modified: Thu, 02 Nov 2023 02:11:28 GMT
etag: "65430550-31bc"
cache-control: public, max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

gbwhats.in/wp-content/cache/breeze-minification/js/breeze_32004fd7ecc7e1d70927d63e4f14fb62.js

139.59.8.127

200 OK

8.1 kB

URL GET HTTP/2
gbwhats.in/wp-content/cache/breeze-minification/js/breeze_32004fd7ecc7e1d70927d63e4f14fb62.js
IP
139.59.8.127:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://gbwhats.in/
Certificate
IssuerLet's Encrypt
Subjectgbwhats.in
FingerprintDA:64:F4:D5:88:BD:83:1A:C4:A8:93:7B:D7:94:E7:8C:5A:73:8D:0C
ValiditySat, 13 Apr 2024 15:19:37 GMT - Fri, 12 Jul 2024 15:19:36 GMT

File type
gzip compressed data, from Unix
Size
8.1 kB (8136 bytes)
Hash
88f28335712517104b408a4b9c37fc9f
8aa204bd24edf83f8ff2eee7562716ad27aede1c
a04441f199d21c9ab228362047dbe802b4921c44281783ee31cea1350de43153

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	WhatsApp
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/cache/breeze-minification/js/breeze_32004fd7ecc7e1d70927d63e4f14fb62.js HTTP/1.1
Host: gbwhats.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gbwhats.in/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 04:34:34 GMT
content-type: application/javascript
last-modified: Sun, 31 Mar 2024 20:44:23 GMT
vary: Accept-Encoding
etag: W/"6609cb27-5c58"
cache-control: public, max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

gbwhats.in/wp-content/cache/breeze-minification/js/breeze_f09ed49482285d528660f084a61d224b.js

139.59.8.127

200 OK

5.4 kB

URL GET HTTP/2
gbwhats.in/wp-content/cache/breeze-minification/js/breeze_f09ed49482285d528660f084a61d224b.js
IP
139.59.8.127:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://gbwhats.in/
Certificate
IssuerLet's Encrypt
Subjectgbwhats.in
FingerprintDA:64:F4:D5:88:BD:83:1A:C4:A8:93:7B:D7:94:E7:8C:5A:73:8D:0C
ValiditySat, 13 Apr 2024 15:19:37 GMT - Fri, 12 Jul 2024 15:19:36 GMT

File type
gzip compressed data, from Unix
Size
5.4 kB (5379 bytes)
Hash
1e953fca6165f1b1d107b850712a96fb
407be8db695431c6d365f6a01c4822b55ba8e779
a263719843114617a3c842098505632d63c3de140d199f3d2dbaa11d974daf44

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	WhatsApp
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/cache/breeze-minification/js/breeze_f09ed49482285d528660f084a61d224b.js HTTP/1.1
Host: gbwhats.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gbwhats.in/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 04:34:34 GMT
content-type: application/javascript
last-modified: Sun, 31 Mar 2024 20:44:23 GMT
vary: Accept-Encoding
etag: W/"6609cb27-350b"
cache-control: public, max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

gbwhats.in/wp-content/cache/breeze-minification/js/breeze_22199c3b4d5a7f6b104de714ed804e66.js

139.59.8.127

200 OK

4.8 kB

URL GET HTTP/2
gbwhats.in/wp-content/cache/breeze-minification/js/breeze_22199c3b4d5a7f6b104de714ed804e66.js
IP
139.59.8.127:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://gbwhats.in/
Certificate
IssuerLet's Encrypt
Subjectgbwhats.in
FingerprintDA:64:F4:D5:88:BD:83:1A:C4:A8:93:7B:D7:94:E7:8C:5A:73:8D:0C
ValiditySat, 13 Apr 2024 15:19:37 GMT - Fri, 12 Jul 2024 15:19:36 GMT

File type
gzip compressed data, from Unix
Size
4.8 kB (4771 bytes)
Hash
b26719a00f4c0346faa965960c61e248
f8c519540a9ac93d68d65aa1bc3dc00f355a168e
52b02dc5c0f31c762537efdb75d8852befd2eaa0fe469b5137c4285fd47dbdd1

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	WhatsApp
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/cache/breeze-minification/js/breeze_22199c3b4d5a7f6b104de714ed804e66.js HTTP/1.1
Host: gbwhats.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gbwhats.in/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 04:34:34 GMT
content-type: application/javascript
last-modified: Sun, 31 Mar 2024 20:44:23 GMT
vary: Accept-Encoding
etag: W/"6609cb27-25e"
cache-control: public, max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

gbwhats.in/wp-content/cache/breeze-minification/js/breeze_96aa70e645da775a1d7db42d88d9c946.js

139.59.8.127

200 OK

4.5 kB

URL GET HTTP/2
gbwhats.in/wp-content/cache/breeze-minification/js/breeze_96aa70e645da775a1d7db42d88d9c946.js
IP
139.59.8.127:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://gbwhats.in/
Certificate
IssuerLet's Encrypt
Subjectgbwhats.in
FingerprintDA:64:F4:D5:88:BD:83:1A:C4:A8:93:7B:D7:94:E7:8C:5A:73:8D:0C
ValiditySat, 13 Apr 2024 15:19:37 GMT - Fri, 12 Jul 2024 15:19:36 GMT

File type
gzip compressed data, from Unix
Size
4.5 kB (4517 bytes)
Hash
a6115464dffa20326ba8635f4255b391
b8c978733261786bd82ab41e0f457bdebd9c3273
da32b8dea5da441ac73db5995a159c4a521e5151c4ad7a7ffa3cf2706d247424

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	WhatsApp
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/cache/breeze-minification/js/breeze_96aa70e645da775a1d7db42d88d9c946.js HTTP/1.1
Host: gbwhats.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gbwhats.in/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 04:34:34 GMT
content-type: application/javascript
last-modified: Sun, 31 Mar 2024 20:44:23 GMT
vary: Accept-Encoding
etag: W/"6609cb27-2d"
cache-control: public, max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

gbwhats.in/wp-content/uploads/2023/03/GBWhatsApp-favicon-300x300.webp

139.59.8.127

200 OK

7.3 kB

URL GET HTTP/2
gbwhats.in/wp-content/uploads/2023/03/GBWhatsApp-favicon-300x300.webp
IP
139.59.8.127:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://gbwhats.in/
Certificate
IssuerLet's Encrypt
Subjectgbwhats.in
FingerprintDA:64:F4:D5:88:BD:83:1A:C4:A8:93:7B:D7:94:E7:8C:5A:73:8D:0C
ValiditySat, 13 Apr 2024 15:19:37 GMT - Fri, 12 Jul 2024 15:19:36 GMT

File type
RIFF (little-endian) data, Web/P image
Size
7.3 kB (7254 bytes)
Hash
d012bad6ea0e663bf6da8a3b8abefb3f
f63788449d934d104fe6da5a34213bfc47df7458
20786ed2d06ac17d56fa7467fd7a555fabede3b65430afd4cbf872323f0fac6e

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	WhatsApp
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2023/03/GBWhatsApp-favicon-300x300.webp HTTP/1.1
Host: gbwhats.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gbwhats.in/
DNT: 1
Connection: keep-alive
Cookie: pll_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 04:34:35 GMT
content-type: image/webp
content-length: 7254
last-modified: Thu, 02 Nov 2023 01:30:41 GMT
etag: "6542fbc1-1c56"
cache-control: public, max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

gbwhats.in/wp-content/uploads/2023/03/GBWhatsApp-favicon-55x55.webp

139.59.8.127

200 OK

1.4 kB

URL GET HTTP/2
gbwhats.in/wp-content/uploads/2023/03/GBWhatsApp-favicon-55x55.webp
IP
139.59.8.127:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://gbwhats.in/
Certificate
IssuerLet's Encrypt
Subjectgbwhats.in
FingerprintDA:64:F4:D5:88:BD:83:1A:C4:A8:93:7B:D7:94:E7:8C:5A:73:8D:0C
ValiditySat, 13 Apr 2024 15:19:37 GMT - Fri, 12 Jul 2024 15:19:36 GMT

File type
RIFF (little-endian) data, Web/P image
Size
1.4 kB (1352 bytes)
Hash
06a81805ff10e1c87b418097fa2c311c
00857f1a9d47b2010c6a578bb2268f4ff3730dcb
a966c746c97201c68f5a12e1f603f4c5f19313aac81f58b37fda19a38133f551

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	WhatsApp
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2023/03/GBWhatsApp-favicon-55x55.webp HTTP/1.1
Host: gbwhats.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gbwhats.in/
DNT: 1
Connection: keep-alive
Cookie: pll_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 04:34:35 GMT
content-type: image/webp
content-length: 1352
last-modified: Thu, 02 Nov 2023 01:30:41 GMT
etag: "6542fbc1-548"
cache-control: public, max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

gbwhats.in/wp-content/cache/breeze-minification/js/breeze_59eea72e9e51a30b8c8cb67a56e56767.js

139.59.8.127

200 OK

20 kB

URL GET HTTP/2
gbwhats.in/wp-content/cache/breeze-minification/js/breeze_59eea72e9e51a30b8c8cb67a56e56767.js
IP
139.59.8.127:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://gbwhats.in/
Certificate
IssuerLet's Encrypt
Subjectgbwhats.in
FingerprintDA:64:F4:D5:88:BD:83:1A:C4:A8:93:7B:D7:94:E7:8C:5A:73:8D:0C
ValiditySat, 13 Apr 2024 15:19:37 GMT - Fri, 12 Jul 2024 15:19:36 GMT

File type
gzip compressed data, from Unix
Size
20 kB (20373 bytes)
Hash
d1af91b596377ca0848ef212bca5ebeb
42c8964d68991bcbb2f0a74b527c7b012b9a43a8
413639de386ee37b42a1d9a2eae79f3ddba60ee207b656236020fcfd74568364

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	WhatsApp
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/cache/breeze-minification/js/breeze_59eea72e9e51a30b8c8cb67a56e56767.js HTTP/1.1
Host: gbwhats.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gbwhats.in/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 04:34:34 GMT
content-type: application/javascript
last-modified: Sun, 31 Mar 2024 20:44:23 GMT
vary: Accept-Encoding
etag: W/"6609cb27-d6"
cache-control: public, max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

gbwhats.in/wp-content/uploads/2023/03/gb-whatsapp-apk.webp

139.59.8.127

200 OK

6.8 kB

URL GET HTTP/2
gbwhats.in/wp-content/uploads/2023/03/gb-whatsapp-apk.webp
IP
139.59.8.127:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://gbwhats.in/
Certificate
IssuerLet's Encrypt
Subjectgbwhats.in
FingerprintDA:64:F4:D5:88:BD:83:1A:C4:A8:93:7B:D7:94:E7:8C:5A:73:8D:0C
ValiditySat, 13 Apr 2024 15:19:37 GMT - Fri, 12 Jul 2024 15:19:36 GMT

File type
RIFF (little-endian) data, Web/P image
Size
6.8 kB (6826 bytes)
Hash
2737a9e39f5236bd1ac40e42f0c88837
ba6bab80de3553375e93ca55b0f33b8f4c2cddf9
534ebe27aa220b652897f79b56472d0b2332af58dbf183f22f2abee924938b6c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	WhatsApp
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2023/03/gb-whatsapp-apk.webp HTTP/1.1
Host: gbwhats.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gbwhats.in/
DNT: 1
Connection: keep-alive
Cookie: pll_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 04:34:35 GMT
content-type: image/webp
content-length: 6826
last-modified: Thu, 02 Nov 2023 01:30:41 GMT
etag: "6542fbc1-1aaa"
cache-control: public, max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

gbwhats.in/wp-content/cache/breeze-minification/js/breeze_db57c0b66004b78248c20a9792c910ed.js

139.59.8.127

200 OK

25 kB

URL GET HTTP/2
gbwhats.in/wp-content/cache/breeze-minification/js/breeze_db57c0b66004b78248c20a9792c910ed.js
IP
139.59.8.127:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://gbwhats.in/
Certificate
IssuerLet's Encrypt
Subjectgbwhats.in
FingerprintDA:64:F4:D5:88:BD:83:1A:C4:A8:93:7B:D7:94:E7:8C:5A:73:8D:0C
ValiditySat, 13 Apr 2024 15:19:37 GMT - Fri, 12 Jul 2024 15:19:36 GMT

File type
gzip compressed data, from Unix
Size
25 kB (24965 bytes)
Hash
6bdd338d22c84b834fb1e3275dd94e03
ddfe9e24000905b2b64d6f0f135edd072d371475
d74299325b815f9848c364da955247d1eda9d25409303649308869e78880e739

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	WhatsApp
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/cache/breeze-minification/js/breeze_db57c0b66004b78248c20a9792c910ed.js HTTP/1.1
Host: gbwhats.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gbwhats.in/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 04:34:34 GMT
content-type: application/javascript
last-modified: Sun, 31 Mar 2024 20:44:23 GMT
vary: Accept-Encoding
etag: W/"6609cb27-74"
cache-control: public, max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

gbwhats.in/wp-content/cache/breeze-minification/js/breeze_57154eb44f55712fa6815ff26b7d0e0d.js

139.59.8.127

200 OK

96 B

URL GET HTTP/2
gbwhats.in/wp-content/cache/breeze-minification/js/breeze_57154eb44f55712fa6815ff26b7d0e0d.js
IP
139.59.8.127:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://gbwhats.in/
Certificate
IssuerLet's Encrypt
Subjectgbwhats.in
FingerprintDA:64:F4:D5:88:BD:83:1A:C4:A8:93:7B:D7:94:E7:8C:5A:73:8D:0C
ValiditySat, 13 Apr 2024 15:19:37 GMT - Fri, 12 Jul 2024 15:19:36 GMT

File type
ASCII text, with no line terminators
Size
96 B (96 bytes)
Hash
15d4a9eebfb9dbd4783c0cdbbe9d65ba
c604b9f2ca1f45dec9d90d162adecadf38abdccf
d7c464d2f638aebaf063088451f7e57bd4a273533eca303fa74c7b1d63f1452d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	WhatsApp
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/cache/breeze-minification/js/breeze_57154eb44f55712fa6815ff26b7d0e0d.js HTTP/1.1
Host: gbwhats.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gbwhats.in/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 04:34:34 GMT
content-type: application/javascript
last-modified: Sun, 31 Mar 2024 20:44:23 GMT
vary: Accept-Encoding
etag: W/"6609cb27-60"
cache-control: public, max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

gbwhats.in/wp-content/cache/breeze-minification/js/breeze_dcfcfba67b9ea3eb7b821c2c481de437.js

139.59.8.127

200 OK

7.3 kB

URL GET HTTP/2
gbwhats.in/wp-content/cache/breeze-minification/js/breeze_dcfcfba67b9ea3eb7b821c2c481de437.js
IP
139.59.8.127:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://gbwhats.in/
Certificate
IssuerLet's Encrypt
Subjectgbwhats.in
FingerprintDA:64:F4:D5:88:BD:83:1A:C4:A8:93:7B:D7:94:E7:8C:5A:73:8D:0C
ValiditySat, 13 Apr 2024 15:19:37 GMT - Fri, 12 Jul 2024 15:19:36 GMT

File type
JavaScript source, ASCII text, with very long lines (7491), with no line terminators
Size
7.3 kB (7306 bytes)
Hash
db9c21575e0135bd8793bafc0b5cf6c6
d05fe04889f429b44c8a9b8bddada567c23cffe3
b3e1eb8e481a0b33f61d52d38fa2e5363b0aa2d0748edcac5bdd2d94fb9cf997

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	WhatsApp
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/cache/breeze-minification/js/breeze_dcfcfba67b9ea3eb7b821c2c481de437.js HTTP/1.1
Host: gbwhats.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gbwhats.in/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 04:34:34 GMT
content-type: application/javascript
last-modified: Sun, 31 Mar 2024 20:44:23 GMT
vary: Accept-Encoding
etag: W/"6609cb27-1c8a"
cache-control: public, max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

gbwhats.in/wp-content/cache/breeze-minification/css/breeze_c093ab60570c9986eeb8434823b9201d.css

139.59.8.127

200 OK

166 kB

URL GET HTTP/2
gbwhats.in/wp-content/cache/breeze-minification/css/breeze_c093ab60570c9986eeb8434823b9201d.css
IP
139.59.8.127:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://gbwhats.in/
Certificate
IssuerLet's Encrypt
Subjectgbwhats.in
FingerprintDA:64:F4:D5:88:BD:83:1A:C4:A8:93:7B:D7:94:E7:8C:5A:73:8D:0C
ValiditySat, 13 Apr 2024 15:19:37 GMT - Fri, 12 Jul 2024 15:19:36 GMT

File type

Size
166 kB (166397 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	WhatsApp
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/cache/breeze-minification/css/breeze_c093ab60570c9986eeb8434823b9201d.css HTTP/1.1
Host: gbwhats.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gbwhats.in/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 04:34:34 GMT
content-type: text/css
last-modified: Tue, 02 Apr 2024 23:13:22 GMT
vary: Accept-Encoding
etag: W/"660c9112-289fd"
cache-control: public, max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

gbwhats.in/wp-content/cache/breeze-minification/js/breeze_5f5b40cac175be6c823ee3f4cdb53ac4.js

139.59.8.127

200 OK

1.1 kB

URL GET HTTP/2
gbwhats.in/wp-content/cache/breeze-minification/js/breeze_5f5b40cac175be6c823ee3f4cdb53ac4.js
IP
139.59.8.127:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://gbwhats.in/
Certificate
IssuerLet's Encrypt
Subjectgbwhats.in
FingerprintDA:64:F4:D5:88:BD:83:1A:C4:A8:93:7B:D7:94:E7:8C:5A:73:8D:0C
ValiditySat, 13 Apr 2024 15:19:37 GMT - Fri, 12 Jul 2024 15:19:36 GMT

File type
JavaScript source, ASCII text, with very long lines (1165), with no line terminators
Size
1.1 kB (1142 bytes)
Hash
7d4529418f35e119a1ee7954d8050cfe
fbb082ba5747aab4c324c62ede84da8cd0f45821
7adba9f0c355b92c85bfd4cb94eb3ecbf7d17fd041a7bbc65ff7514b189a7991

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	WhatsApp
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/cache/breeze-minification/js/breeze_5f5b40cac175be6c823ee3f4cdb53ac4.js HTTP/1.1
Host: gbwhats.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gbwhats.in/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 04:34:34 GMT
content-type: application/javascript
last-modified: Sun, 31 Mar 2024 20:44:23 GMT
vary: Accept-Encoding
etag: W/"6609cb27-476"
cache-control: public, max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

gbwhats.in/wp-content/cache/breeze-minification/js/breeze_32d8122f2b2cdfecc32fff39e0e7d4c0.js

139.59.8.127

200 OK

97 B

URL GET HTTP/2
gbwhats.in/wp-content/cache/breeze-minification/js/breeze_32d8122f2b2cdfecc32fff39e0e7d4c0.js
IP
139.59.8.127:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://gbwhats.in/
Certificate
IssuerLet's Encrypt
Subjectgbwhats.in
FingerprintDA:64:F4:D5:88:BD:83:1A:C4:A8:93:7B:D7:94:E7:8C:5A:73:8D:0C
ValiditySat, 13 Apr 2024 15:19:37 GMT - Fri, 12 Jul 2024 15:19:36 GMT

File type
ASCII text, with no line terminators
Size
97 B (97 bytes)
Hash
b7c345ff5c75057fdae4907daf447414
becaf7603f3766bed72e12095e3ab21c3d4e0638
8a0a1b99c5d25d298774fdfe1ce77655b3c32176327299f4adbfc29e05e846fd

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	WhatsApp
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/cache/breeze-minification/js/breeze_32d8122f2b2cdfecc32fff39e0e7d4c0.js HTTP/1.1
Host: gbwhats.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gbwhats.in/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 04:34:34 GMT
content-type: application/javascript
last-modified: Sun, 31 Mar 2024 20:44:23 GMT
vary: Accept-Encoding
etag: W/"6609cb27-61"
cache-control: public, max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

gbwhats.in/wp-content/uploads/2022/10/GBWhatsApp.webp

139.59.8.127

200 OK

25 kB

URL GET HTTP/2
gbwhats.in/wp-content/uploads/2022/10/GBWhatsApp.webp
IP
139.59.8.127:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://gbwhats.in/
Certificate
IssuerLet's Encrypt
Subjectgbwhats.in
FingerprintDA:64:F4:D5:88:BD:83:1A:C4:A8:93:7B:D7:94:E7:8C:5A:73:8D:0C
ValiditySat, 13 Apr 2024 15:19:37 GMT - Fri, 12 Jul 2024 15:19:36 GMT

File type
RIFF (little-endian) data, Web/P image
Size
25 kB (24852 bytes)
Hash
4db3162c18aa7ca03dd1c5303d1e1bc1
0e8fab71f8cf0290c5527983f9388f8115c625fd
f80d3b77672a67d164cde38b57093ffeaa2017d77714b979ba829948051854cb

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	WhatsApp
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/10/GBWhatsApp.webp HTTP/1.1
Host: gbwhats.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gbwhats.in/
DNT: 1
Connection: keep-alive
Cookie: pll_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 04:34:35 GMT
content-type: image/webp
content-length: 24852
last-modified: Thu, 02 Nov 2023 01:30:41 GMT
etag: "6542fbc1-6114"
cache-control: public, max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

gbwhats.in/wp-content/cache/breeze-minification/js/breeze_c04eb7f716ec1556c71c57f01c5f80fe.js

139.59.8.127

200 OK

88 kB

URL GET HTTP/2
gbwhats.in/wp-content/cache/breeze-minification/js/breeze_c04eb7f716ec1556c71c57f01c5f80fe.js
IP
139.59.8.127:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://gbwhats.in/
Certificate
IssuerLet's Encrypt
Subjectgbwhats.in
FingerprintDA:64:F4:D5:88:BD:83:1A:C4:A8:93:7B:D7:94:E7:8C:5A:73:8D:0C
ValiditySat, 13 Apr 2024 15:19:37 GMT - Fri, 12 Jul 2024 15:19:36 GMT

File type
JavaScript source, ASCII text, with very long lines (65446)
Size
88 kB (87554 bytes)
Hash
91ddd2502dc90b0303954d9962144f58
d60c5a6d6c3cf2d8472515876889bc3b321dc012
6836d82c2675416ff3baac14cb9f03e7adedd39b167ac1154a73148ed1e65412

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	WhatsApp
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/cache/breeze-minification/js/breeze_c04eb7f716ec1556c71c57f01c5f80fe.js HTTP/1.1
Host: gbwhats.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gbwhats.in/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 04:34:34 GMT
content-type: application/javascript
last-modified: Sun, 31 Mar 2024 20:44:23 GMT
vary: Accept-Encoding
etag: W/"6609cb27-15602"
cache-control: public, max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

gbwhats.in/wp-content/uploads/2022/10/gbwhatsapp-download-page.webp

139.59.8.127

200 OK

20 kB

URL GET HTTP/2
gbwhats.in/wp-content/uploads/2022/10/gbwhatsapp-download-page.webp
IP
139.59.8.127:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://gbwhats.in/
Certificate
IssuerLet's Encrypt
Subjectgbwhats.in
FingerprintDA:64:F4:D5:88:BD:83:1A:C4:A8:93:7B:D7:94:E7:8C:5A:73:8D:0C
ValiditySat, 13 Apr 2024 15:19:37 GMT - Fri, 12 Jul 2024 15:19:36 GMT

File type
RIFF (little-endian) data, Web/P image
Size
20 kB (20202 bytes)
Hash
256a680605c06d6cd08311f717c721b5
15402b8a0d51af63a2e64963eef8b954c89aa620
f0fb5b4f8034052139fc597564b6bc20876377d52d0434a428b848124eedf059

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	WhatsApp
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/10/gbwhatsapp-download-page.webp HTTP/1.1
Host: gbwhats.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gbwhats.in/
DNT: 1
Connection: keep-alive
Cookie: pll_language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 04:34:35 GMT
content-type: image/webp
content-length: 20202
last-modified: Thu, 02 Nov 2023 01:30:41 GMT
etag: "6542fbc1-4eea"
cache-control: public, max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (14)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML