| cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js | 151.101.193.229 | 200 OK | 24 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js IP151.101.193.229:443
Requested byhttps://qwqwqwqwqw2w.pages.dev/ CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeJavaScript source, ASCII text, with very long lines (65299) Hash7ccd9d390d31af98110f74f842ea9b32 a85e681624c91a106a514c31eacf80de817b2cc3 f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3
GET /npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://qwqwqwqwqw2w.pages.dev/
Origin: https://qwqwqwqwqw2w.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 5.1.3
x-jsd-version-type: version
etag: W/"13131-qF5oFiTJGhBqUUwx6s+A3oF7LMM"
content-encoding: br
accept-ranges: bytes
date: Wed, 17 Apr 2024 04:48:45 GMT
age: 28868666
x-served-by: cache-fra-eddf8230075-FRA, cache-hel1410024-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 24376
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/bootstrap-icons.css | 151.101.193.229 | 200 OK | 11 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/bootstrap-icons.css IP151.101.193.229:443
Requested byhttps://qwqwqwqwqw2w.pages.dev/ CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
Hash79877fb82de8ca50845081e3c9a201c5 4f6ea69c0e03431ffa1a097a45453b5b3b246d8b af35cc6aba34e5005de77099dfa72d4c1a7715d28ddcec343f48031dc8cb08bc
GET /npm/bootstrap-icons@1.8.1/font/bootstrap-icons.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://qwqwqwqwqw2w.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 1.8.1
x-jsd-version-type: version
etag: W/"13a7e-T26mnA4DQx/6Ggl6RUU7WzskbYs"
content-encoding: br
accept-ranges: bytes
date: Wed, 17 Apr 2024 04:48:45 GMT
age: 217089
x-served-by: cache-fra-etou8220090-FRA, cache-hel1410025-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 10883
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css | 151.101.193.229 | 200 OK | 26 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css IP151.101.193.229:443
Requested byhttps://qwqwqwqwqw2w.pages.dev/ CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeUnicode text, UTF-8 text, with very long lines (65306) Hash94994c66fec8c3468b269dc0cc242151 ec16bd19bf4ae9bc2e2336ac409a503bbbdaacad 62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
GET /npm/bootstrap@5.1.3/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://qwqwqwqwqw2w.pages.dev/
Origin: https://qwqwqwqwqw2w.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 5.1.3
x-jsd-version-type: version
etag: W/"28021-7Ba9Gb9K6bwuIzasQJpQO7varK0"
content-encoding: br
accept-ranges: bytes
date: Wed, 17 Apr 2024 04:48:45 GMT
age: 89067
x-served-by: cache-fra-etou8220101-FRA, cache-hel1410024-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26333
X-Firefox-Spdy: h2
|
|
| qwqwqwqwqw2w.pages.dev/img/logo-1.jpg | 172.66.47.108 | 200 OK | 196 kB |
URL GET HTTP/3qwqwqwqwqw2w.pages.dev/img/logo-1.jpg IP172.66.47.108:443
Requested byhttps://qwqwqwqwqw2w.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectqwqwqwqwqw2w.pages.dev Fingerprint74:0E:27:25:BE:13:91:82:BE:3C:4C:CE:BB:DD:F7:74:E0:37:DF:F1 ValidityTue, 16 Apr 2024 03:21:55 GMT - Mon, 15 Jul 2024 03:21:54 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1000x1000, components 3 Size196 kB (196521 bytes) Hash8e78e1e695094c80050edac9358cad72 3ea3438000afe7b6b2738a133fb7c1933c877f0d 4bb739a4ad997013657ae57ee2e1ff6048f3a43db2ed786c93662a74f15b1c31
Analyzer | Verdict | Alert | OpenPhish | phishing | WhatsApp |
GET /img/logo-1.jpg HTTP/1.1
Host: qwqwqwqwqw2w.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://qwqwqwqwqw2w.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 04:48:45 GMT
content-type: image/jpeg
content-length: 196521
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "54d9fb749fdf1429c01bf069983f54f9"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CNOo816oadTjR%2FARdZ4niMiTfJ9yo2j7hpXyzPSxiT3fhMUsIHAUMfjzCaeTz53Qy9W5nbf%2FjFb4GkEl4eYrC8blee9OzEw8RSMKldwuEceVTbyDEvmFYQBdaLQaT89H8kUKpfGfC04G"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8759c8db0bd092cd-CPH
alt-svc: h3=":443"; ma=86400
|
|
| cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/fonts/bootstrap-icons.woff2?524846017b983fc8ded9325d94ed40f3 | 151.101.193.229 | 200 OK | 102 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/fonts/bootstrap-icons.woff2?524846017b983fc8ded9325d94ed40f3 IP151.101.193.229:443
Requested byhttps://qwqwqwqwqw2w.pages.dev/ CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 102536, version 1.0 Size102 kB (102536 bytes) Hash1ed478a6b265d4b4f5c26bb063203588 1ca5e8c7d2fb8e9d60ad1a1feb2a46e98c248a3d c874e14c63db86c4c5318c77cb557fce7036645edc7d690dcc1d23b389631b13
GET /npm/bootstrap-icons@1.8.1/font/fonts/bootstrap-icons.woff2?524846017b983fc8ded9325d94ed40f3 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://qwqwqwqwqw2w.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://cdn.jsdelivr.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
x-jsd-version: 1.8.1
x-jsd-version-type: version
etag: W/"19088-HKXox9L7jp1grRof6ypG6Ywkij0"
accept-ranges: bytes
age: 1275321
date: Wed, 17 Apr 2024 04:48:45 GMT
x-served-by: cache-fra-eddf8230061-FRA, cache-hel1410024-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 102536
X-Firefox-Spdy: h2
|
|
| www.effectivedisplayformats.com/ec1d5833d2bf6bc82c7673fd1737b3b3/invoke.js | 192.243.59.20 | 200 OK | 12 kB |
URL GET HTTP/1.1www.effectivedisplayformats.com/ec1d5833d2bf6bc82c7673fd1737b3b3/invoke.js IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://qwqwqwqwqw2w.pages.dev/ CertificateIssuerLet's Encrypt Subjecteffectivedisplayformats.com Fingerprint7E:B2:FB:30:AF:21:EE:F2:A2:03:AD:47:32:77:63:FA:C4:F2:F0:98 ValidityMon, 11 Mar 2024 06:44:27 GMT - Sun, 09 Jun 2024 06:44:26 GMT
File typeJavaScript source, ASCII text, with very long lines (31256), with no line terminators Hashfb077d45e549d31d4a99de836aef8d24 fffe01392ddb9b55cd2c579ae92cc32aae46c178 c3990d67875197406a6e6df16c030bb6b63d2800468a500fcdcd7a2e0de0b881
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ec1d5833d2bf6bc82c7673fd1737b3b3/invoke.js HTTP/1.1
Host: www.effectivedisplayformats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://qwqwqwqwqw2w.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 17 Apr 2024 04:48:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6350dec6c11e0d2a23f718207b915b94
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| ocsp.r2m03.amazontrust.com/ | 18.238.246.206 | | 471 B |
URL ocsp.r2m03.amazontrust.com/ IP18.238.246.206:0
Hashb02330fe70e031c54a12c30e8436d13c 5983227c1b6fd73a71c0fb01854174aae24bc991 d8d2ee03769735fe68e9b9a89f3c508e8789c127b892dd6856141c874740c2e2
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Wed, 17 Apr 2024 04:48:46 GMT
Last-Modified: Wed, 17 Apr 2024 03:02:49 GMT
Server: ECAcc (ama/48DF)
X-Cache: Miss from cloudfront
Via: 1.1 d86b0ef5c17f755a14a26fbae67aba4e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS58-P1
X-Amz-Cf-Id: igFTHItOlJsIFCz6Fxu6cOrUJtKrP3b1BTp_3ZZ3LYR4jSHYPyf6PQ==
Age: 6357
|
|
| proftrafficcounter.com/stats | 18.196.110.226 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP18.196.110.226:443
Requested byhttps://qwqwqwqwqw2w.pages.dev/ CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash5a8752891e48f7bfbb902d367920109f 7229aa1383954257bd7d0ee41e0d32f7642e560a 66eeaf034fbe8079cf160636a2f2e9b08f78be6a5a54cca0b1c008d058bba2b8
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://qwqwqwqwqw2w.pages.dev/
Origin: https://qwqwqwqwqw2w.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 04:48:46 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://qwqwqwqwqw2w.pages.dev
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=3cbf796a-a3fd-49fe-ade0-19764859d666:1:1; expires=Sat, 15 Apr 2034 04:48:46 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| qwqwqwqwqw2w.pages.dev/favicon.ico | 172.66.47.108 | 200 OK | 13 kB |
URL GET HTTP/3qwqwqwqwqw2w.pages.dev/favicon.ico IP172.66.47.108:443
Requested byhttps://qwqwqwqwqw2w.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectqwqwqwqwqw2w.pages.dev Fingerprint74:0E:27:25:BE:13:91:82:BE:3C:4C:CE:BB:DD:F7:74:E0:37:DF:F1 ValidityTue, 16 Apr 2024 03:21:55 GMT - Mon, 15 Jul 2024 03:21:54 GMT
File typeHTML document, Unicode text, UTF-8 text, with CRLF line terminators Hash8d1d5d747a33eb39ee8cdcc19366bf5c 86fee37dd26699ca9c503263a0bc8145e82afa6b da8784c38ca9a1959f195a282add86b770a68a2a5fb8327ca469043860701d39
Analyzer | Verdict | Alert | OpenPhish | phishing | WhatsApp |
GET /favicon.ico HTTP/1.1
Host: qwqwqwqwqw2w.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://qwqwqwqwqw2w.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 04:48:46 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"7c17aace6cb5d707bb2cc16752ec11af"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PKWQb0bDMJunGTyaww6HfF23oZR2QLwACVUvgT7E%2B391F2Yv%2FVSb5fqwFyMKcnUoXjO47lqPMJS6Nncla4QwaraME5Jgh436LAcpVWDVWOdEl2ttI90tfvP3fxCB4N9K6vmmob9mrmhD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8759c8e2b9d792cd-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| reorganizeglaze.com/watch.1407318967920.js?key=ec1d5833d2bf6bc82c7673fd1737b3b3&kw=%5B%22whatsapp%22%2C%22group%22%2C%22invite%22%5D&refer=https%3A%2F%2Fqwqwqwqwqw2w.pages.dev%2F&tz=0&dev=e&res=14.2071&uuid=3cbf796a-a3fd-49fe-ade0-19764859d666%3A1%3A1 | 172.240.253.132 | 307 Temporary Redirect | 0 B |
URL GET HTTP/1.1reorganizeglaze.com/watch.1407318967920.js?key=ec1d5833d2bf6bc82c7673fd1737b3b3&kw=%5B%22whatsapp%22%2C%22group%22%2C%22invite%22%5D&refer=https%3A%2F%2Fqwqwqwqwqw2w.pages.dev%2F&tz=0&dev=e&res=14.2071&uuid=3cbf796a-a3fd-49fe-ade0-19764859d666%3A1%3A1 IP172.240.253.132:443
Requested byhttps://qwqwqwqwqw2w.pages.dev/ CertificateIssuerLet's Encrypt Subjectreorganizeglaze.com Fingerprint22:89:D6:25:50:57:C4:4F:35:6E:C6:A9:B9:2F:7B:09:20:BF:27:27 ValidityTue, 16 Apr 2024 10:27:09 GMT - Mon, 15 Jul 2024 10:27:08 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch.1407318967920.js?key=ec1d5833d2bf6bc82c7673fd1737b3b3&kw=%5B%22whatsapp%22%2C%22group%22%2C%22invite%22%5D&refer=https%3A%2F%2Fqwqwqwqwqw2w.pages.dev%2F&tz=0&dev=e&res=14.2071&uuid=3cbf796a-a3fd-49fe-ade0-19764859d666%3A1%3A1 HTTP/1.1
Host: reorganizeglaze.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://qwqwqwqwqw2w.pages.dev/
Origin: https://qwqwqwqwqw2w.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Wed, 17 Apr 2024 04:48:46 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://qwqwqwqwqw2w.pages.dev
Access-Control-Allow-Origin: https://qwqwqwqwqw2w.pages.dev
Access-Control-Allow-Credentials: true
Location: https://reorganizeglaze.com/watch.1407318967920.js?dev=e&key=ec1d5833d2bf6bc82c7673fd1737b3b3&kw=%5B%22whatsapp%22%2C%22group%22%2C%22invite%22%5D&pst=1713329386&refer=https%3A%2F%2Fqwqwqwqwqw2w.pages.dev%2F&res=14.2071&rmtc=t&shu=82dc9522abdff41935f6ccc71dc8311ee6c3d18f50b17e8a550a870cc615f5dd6b5304f1e281fdc84a9c04ef654915600dce000cc834f8e065f32bf407fe762f23665bef5a5e2f4c91d3b4c20f40aa864d2b3484b0edb1c936b1864dfe71ae8d&tz=0&uuid=3cbf796a-a3fd-49fe-ade0-19764859d666%3A1%3A1
Set-Cookie: u_pl=17065166; expires=Thu, 18 Apr 2024 04:48:46 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzA2NTE2NiwiayI6ImVjMWQ1ODMzZDJiZjZiYzgyYzc2NzNmZDE3MzdiM2IzIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODA1OTgzLCJwaWQiOjQ0MjA0NiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyLCJhaWQiOjUsInB0Ijo0LCJwayI6ImtjZHlrOWVnIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vcXdxd3F3cXdxdzJ3LnBhZ2VzLmRldi8iLCJhciI6W119fQ.Z-TVIaB8Ecgvk6wiEvjnv6ffzTjavsdxJmI14SjB27k; expires=Wed, 17 Apr 2024 04:49:46 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a1284735d795799a1040c4f84cb71764
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| reorganizeglaze.com/watch.1407318967920.js?dev=e&key=ec1d5833d2bf6bc82c7673fd1737b3b3&kw=%5B%22whatsapp%22%2C%22group%22%2C%22invite%22%5D&pst=1713329386&refer=https%3A%2F%2Fqwqwqwqwqw2w.pages.dev%2F&res=14.2071&rmtc=t&shu=82dc9522abdff41935f6ccc71dc8311ee6c3d18f50b17e8a550a870cc615f5dd6b5304f1e281fdc84a9c04ef654915600dce000cc834f8e065f32bf407fe762f23665bef5a5e2f4c91d3b4c20f40aa864d2b3484b0edb1c936b1864dfe71ae8d&tz=0&uuid=3cbf796a-a3fd-49fe-ade0-19764859d666%3A1%3A1 | 172.240.253.132 | 200 OK | 0 B |
URL GET HTTP/1.1reorganizeglaze.com/watch.1407318967920.js?dev=e&key=ec1d5833d2bf6bc82c7673fd1737b3b3&kw=%5B%22whatsapp%22%2C%22group%22%2C%22invite%22%5D&pst=1713329386&refer=https%3A%2F%2Fqwqwqwqwqw2w.pages.dev%2F&res=14.2071&rmtc=t&shu=82dc9522abdff41935f6ccc71dc8311ee6c3d18f50b17e8a550a870cc615f5dd6b5304f1e281fdc84a9c04ef654915600dce000cc834f8e065f32bf407fe762f23665bef5a5e2f4c91d3b4c20f40aa864d2b3484b0edb1c936b1864dfe71ae8d&tz=0&uuid=3cbf796a-a3fd-49fe-ade0-19764859d666%3A1%3A1 IP172.240.253.132:443
Requested byhttps://qwqwqwqwqw2w.pages.dev/ CertificateIssuerLet's Encrypt Subjectreorganizeglaze.com Fingerprint22:89:D6:25:50:57:C4:4F:35:6E:C6:A9:B9:2F:7B:09:20:BF:27:27 ValidityTue, 16 Apr 2024 10:27:09 GMT - Mon, 15 Jul 2024 10:27:08 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch.1407318967920.js?dev=e&key=ec1d5833d2bf6bc82c7673fd1737b3b3&kw=%5B%22whatsapp%22%2C%22group%22%2C%22invite%22%5D&pst=1713329386&refer=https%3A%2F%2Fqwqwqwqwqw2w.pages.dev%2F&res=14.2071&rmtc=t&shu=82dc9522abdff41935f6ccc71dc8311ee6c3d18f50b17e8a550a870cc615f5dd6b5304f1e281fdc84a9c04ef654915600dce000cc834f8e065f32bf407fe762f23665bef5a5e2f4c91d3b4c20f40aa864d2b3484b0edb1c936b1864dfe71ae8d&tz=0&uuid=3cbf796a-a3fd-49fe-ade0-19764859d666%3A1%3A1 HTTP/1.1
Host: reorganizeglaze.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://qwqwqwqwqw2w.pages.dev
Referer: https://qwqwqwqwqw2w.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: u_pl=17065166; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzA2NTE2NiwiayI6ImVjMWQ1ODMzZDJiZjZiYzgyYzc2NzNmZDE3MzdiM2IzIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODA1OTgzLCJwaWQiOjQ0MjA0NiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyLCJhaWQiOjUsInB0Ijo0LCJwayI6ImtjZHlrOWVnIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vcXdxd3F3cXdxdzJ3LnBhZ2VzLmRldi8iLCJhciI6W119fQ.Z-TVIaB8Ecgvk6wiEvjnv6ffzTjavsdxJmI14SjB27k
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 17 Apr 2024 04:48:47 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://qwqwqwqwqw2w.pages.dev
Access-Control-Allow-Origin: https://qwqwqwqwqw2w.pages.dev
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=3cbf796a-a3fd-49fe-ade0-19764859d666:1:1; expires=Wed, 24 Apr 2024 04:48:47 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ac8583c23f3d73a3507505c762a986db
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-101-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml | 35.244.181.201 | | 444 B |
URL aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-101-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml IP35.244.181.201:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typeXML 1.0 document, ASCII text, with very long lines (332) Hash3b324dec137a87ef7e24a30a65b13dd0 c0faa95b2f1018e264b3a14aaf50d1003e6c27b3 6cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463
GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-101-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-05-20-00-15-28.chain; p384ecdsa=yReiIQU49EaVEnNaB5w3VJPB31xalXHgLGRc8keW0suuhpIiTUPzXFr-7fpbnxFqS_OUDYboxEfgizD9mI54DmWsM3n3brwR46YwrAifZNb29Re29qvEuLsHRRyjhcbY
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: MISS
content-encoding: gzip
via: 1.1 google
date: Wed, 17 Apr 2024 04:48:34 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
content-length: 444
age: 29
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| | 172.66.47.108 | 200 OK | 4.6 kB |
URL User Request GET HTTP/2IP172.66.47.108:443
CertificateIssuerGoogle Trust Services LLC Subjectqwqwqwqwqw2w.pages.dev Fingerprint74:0E:27:25:BE:13:91:82:BE:3C:4C:CE:BB:DD:F7:74:E0:37:DF:F1 ValidityTue, 16 Apr 2024 03:21:55 GMT - Mon, 15 Jul 2024 03:21:54 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (4980), with no line terminators Hash32b313832049101393afadb2a0f139e4 11ead9c24509168432b965e476e550b86b0b12c7 3420d843f77c0e039d8fa808bc0bc3d7f39f1c1ffafd3295ed7e254948d927df
Analyzer | Verdict | Alert | OpenPhish | phishing | WhatsApp |
GET / HTTP/1.1
Host: qwqwqwqwqw2w.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 04:48:44 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"7c17aace6cb5d707bb2cc16752ec11af"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H7tngG8DmTySheVUcdnFtRaQkmVzFupfWto72cr9QdGBMwIqhpLVJvHhE23Y3%2FHcA77d7oYteojHvtaeYHZjupURh4ExJfsHtzt20RNyOK68LCPjbAizYdadRQQhzokB7j0Hc7hgJi3B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8759c8d838658f5a-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| qwqwqwqwqw2w.pages.dev/img/wa-logo.svg | 172.66.47.108 | 200 OK | 2.6 kB |
URL GET HTTP/3qwqwqwqwqw2w.pages.dev/img/wa-logo.svg IP172.66.47.108:443
Requested byhttps://qwqwqwqwqw2w.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectqwqwqwqwqw2w.pages.dev Fingerprint74:0E:27:25:BE:13:91:82:BE:3C:4C:CE:BB:DD:F7:74:E0:37:DF:F1 ValidityTue, 16 Apr 2024 03:21:55 GMT - Mon, 15 Jul 2024 03:21:54 GMT
File typeSVG Scalable Vector Graphics image Hashaf4465a12513351224543990c7d6bd22 2a824b9ae72775384714868ac1f2dc68fc773c5c dfe902bf2459c47cd760687ea56a3fcf81e0cc0f1c2f677d763a4eeb485c87a6
Analyzer | Verdict | Alert | OpenPhish | phishing | WhatsApp |
GET /img/wa-logo.svg HTTP/1.1
Host: qwqwqwqwqw2w.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://qwqwqwqwqw2w.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 04:48:45 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"25c86fe408000f9d7d23dd184c483eb2"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iWDAYBK310eSLfWK8ZTDWh9f5%2BCnKkhNd0GTEMOFU2piC2J7AwrLIp6ZHTElUZIz17rBJEjiMdxU0dvHnOJa8t81Kvj%2BZyZgFD3IaB59BN%2BWvXsOxhuHh4QOupEuyGuz8NriZAVnyGb6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8759c8db0bcf92cd-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|