urlscan.io logo urlscan.io
SecurityTrails logo

wzz.whatsllotq.icu Open in urlscan Pro
2606:4700:3032::6815:22f7  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://wzz.whatsllotq.icu/
Effective URL: https://wzz.whatsllotq.icu/
Submission: On July 04 via api from HK — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 14 HTTP transactions. The main IP is 2606:4700:3032::6815:22f7, located in United States and belongs to CLOUDFLARENET, US. The main domain is wzz.whatsllotq.icu.
TLS certificate: Issued by WE1 on July 2nd 2024. Valid for: 3 months.
This is the only time wzz.whatsllotq.icu was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: WhatsApp (Instant Messenger) Generic Cloudflare (Online)

Domain & IP information

IP Address AS Autonomous System
1 15 2606:4700:303... 13335 (CLOUDFLAR...)
14 2
Apex Domain
Subdomains		 Transfer
15 whatsllotq.icu
wzz.whatsllotq.icu
216 KB
14 1
Domain Requested by
15 wzz.whatsllotq.icu 1 redirects wzz.whatsllotq.icu
14 1

This site contains no links.

Subject Issuer Validity Valid
whatsllotq.icu
WE1		 2024-07-02 -
2024-09-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://wzz.whatsllotq.icu/
Frame ID: A975A286C9509F89B62370DE4B578417
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

QR code Login

Page URL History Show full URLs

  1. http://wzz.whatsllotq.icu/ HTTP 307
    https://wzz.whatsllotq.icu/ Page URL
  2. https://wzz.whatsllotq.icu/cdn-cgi/phish-bypass?atok=xDVFz_279ifSG.2CBbLUjkPLRIVPzgkWrW1NZjejdgM-172008... HTTP 301
    https://wzz.whatsllotq.icu/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Page Statistics

14
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

216 kB
Transfer

674 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://wzz.whatsllotq.icu/ HTTP 307
    https://wzz.whatsllotq.icu/ Page URL
  2. https://wzz.whatsllotq.icu/cdn-cgi/phish-bypass?atok=xDVFz_279ifSG.2CBbLUjkPLRIVPzgkWrW1NZjejdgM-1720085195-0.0.1.1-%2F HTTP 301
    https://wzz.whatsllotq.icu/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://wzz.whatsllotq.icu/ HTTP 307
  • https://wzz.whatsllotq.icu/

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
wzz.whatsllotq.icu/
Redirect Chain
  • http://wzz.whatsllotq.icu/
  • https://wzz.whatsllotq.icu/
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wzz.whatsllotq.icu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:22f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
652037e3c9a9f1cba87dbabe3263c5945361cf4909c875f2e8b9e3caeaf3d218
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cf-ray
89de1316dc222c1e-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 04 Jul 2024 09:26:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZG2iTwGWnjQ58imWdlrk4IgbamOdf5j8qO92ABnN2A53Wotms9FUhrSHtUq52uib%2Fsjbykzkr%2FINAvEE%2FG81v4Eb0J61ATV0BQaiPG6t9x5KGY9n3sz37grHIz1hIZ5jcO9ZllGLQA8iU55sR1AH5dU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN

Redirect headers

Location
https://wzz.whatsllotq.icu/
Non-Authoritative-Reason
HttpsUpgrades
cf.errors.css
wzz.whatsllotq.icu/cdn-cgi/styles/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wzz.whatsllotq.icu/cdn-cgi/styles/cf.errors.css
Requested by
Host: wzz.whatsllotq.icu
URL: https://wzz.whatsllotq.icu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:22f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://wzz.whatsllotq.icu/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 09:26:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 28 Jun 2024 11:25:31 GMT
server
cloudflare
etag
W/"667e9dab-5df3"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=7200, public
cf-ray
89de13171c752c1e-FRA
expires
Thu, 04 Jul 2024 11:26:35 GMT
icon-exclamation.png
wzz.whatsllotq.icu/cdn-cgi/images/ 		452 B
540 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wzz.whatsllotq.icu/cdn-cgi/images/icon-exclamation.png?1376755637
Requested by
Host: wzz.whatsllotq.icu
URL: https://wzz.whatsllotq.icu/cdn-cgi/styles/cf.errors.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:22f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://wzz.whatsllotq.icu/cdn-cgi/styles/cf.errors.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 09:26:35 GMT
x-content-type-options
nosniff
last-modified
Fri, 28 Jun 2024 11:25:31 GMT
server
cloudflare
etag
"667e9dab-1c4"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
89de13174ca92c1e-FRA
content-length
452
expires
Thu, 04 Jul 2024 11:26:35 GMT
favicon.ico
wzz.whatsllotq.icu/ 		787 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://wzz.whatsllotq.icu/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:22f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0cadf240e89340b93df35240e7809039c1c574be05fbe2cf3243e2f487bc9ec

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://wzz.whatsllotq.icu/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 09:26:35 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 14 Jun 2024 15:16:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"666c5ebd-313"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Uc3ikzG6DnKn2QSMRdA5PG%2FMS7TqLw2E21YgaVzpjEEl7FstdXIhdRLG6zvlOeSFBcaocm96hFke849FgxJBPCbLaysVnN5Z3lktAjFc3dFmEW4FA5nJ0cJLAZuNfG9yR1ozDMd992219HHaVZzHZn8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
max-age=14400
cf-ray
89de13176cea2c1e-FRA
alt-svc
h3=":443"; ma=86400
Primary Request /
wzz.whatsllotq.icu/
Redirect Chain
  • https://wzz.whatsllotq.icu/cdn-cgi/phish-bypass?atok=xDVFz_279ifSG.2CBbLUjkPLRIVPzgkWrW1NZjejdgM-1720085195-0.0.1.1-%2F
  • https://wzz.whatsllotq.icu/
1 KB
723 B 		Document
General
Check archive.org
Download Go to
Full URL
https://wzz.whatsllotq.icu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:22f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eae74f3767a11fc1b6accf9aa631fd71018ddc92f82e2b7bea85778f0db479db

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://wzz.whatsllotq.icu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
89de132e3b032c1e-FRA
content-encoding
br
content-type
text/html
date
Thu, 04 Jul 2024 09:26:39 GMT
last-modified
Sat, 15 Jun 2024 11:35:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4%2BDg9%2FBltiyYbq73XtskTHB%2BPWomag6J7qi6Caf5QDYGnGtwdR2FDU1JhQw7poI2iQMFF6y7AX7bOM1CLz6gvbW3yFexeTA4IAOXPTglokSkiYL17em90jV41JZLWihVXXQ3We1%2FbcVbofHroAXoWrk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
private, no-cache
cf-ray
89de132d9a4f2c1e-FRA
content-length
167
content-type
text/html
date
Thu, 04 Jul 2024 09:26:38 GMT
location
https://wzz.whatsllotq.icu/
server
cloudflare
x-content-type-options
nosniff
x-frame-options
DENY
b81f3f69.css
wzz.whatsllotq.icu/static/css/ 		1 KB
909 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wzz.whatsllotq.icu/static/css/b81f3f69.css
Requested by
Host: wzz.whatsllotq.icu
URL: https://wzz.whatsllotq.icu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:22f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
759dc14a647618bcae5099437c89998c28a2828fd56784bf1ce88edea1c037fa

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://wzz.whatsllotq.icu/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 09:26:40 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sat, 15 Jun 2024 11:35:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"666d7c84-47e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZhQPe3EqXLQcwVOguperhcgTUUmIDXPZo9obxu%2FV1FVXxF6%2Fw%2FPfOFj7rI96kq4%2BFT%2BNfK8lagTgjorRL9%2B2hbFjrmJRvCzNELRGhDnyFehMexoQveTMR5HcGUk4y4Gv9sc%2Fiwb%2FzxynquBMb4Cl61o%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
89de13310db7367b-FRA
alt-svc
h3=":443"; ma=86400
ed74c755.css
wzz.whatsllotq.icu/static/css/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wzz.whatsllotq.icu/static/css/ed74c755.css
Requested by
Host: wzz.whatsllotq.icu
URL: https://wzz.whatsllotq.icu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:22f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ad47184b37f307576748d5c619b3c760fc87ecb0f7916b5b427e1a30a0fd25c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://wzz.whatsllotq.icu/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 09:26:39 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sat, 15 Jun 2024 11:35:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"666d7c85-29a4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tERFOck%2FHntuJ4WaGjnRtA5pVLMZDlnLNUBubLeZxsxlpAGqIUqD8W6jCRmtgvRq6GBvIhzFn0au2EKpvC0qPaXoF%2FQxwrb3lCQkTJkxww2wfVvPT979t3rkDPj9rdqQSnRulqf9eSMnAgP715uxAMs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
89de13310dba367b-FRA
alt-svc
h3=":443"; ma=86400
d35de392.js
wzz.whatsllotq.icu/static/js/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wzz.whatsllotq.icu/static/js/d35de392.js
Requested by
Host: wzz.whatsllotq.icu
URL: https://wzz.whatsllotq.icu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:22f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49ef8f9f3383ce25457cfa17d4f11e1c76e6bc21856c85f6f6a1888f142be5d7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://wzz.whatsllotq.icu/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 09:26:39 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sat, 15 Jun 2024 11:35:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"666d7c81-6032"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hrttMJfAPamUsJSOF%2F98aXH9c1Bv4atAo8%2FfEfhElsuePEAm8Bu5EH7aMK4ypCO6bZaoX60KrrcEVVohtj9tfcyV9bukuE1qKz3tXnBpVcOBMCXKa6HLL%2BSbghSwwbuTcwsJsvrd3RrtzxII0XTa2zY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
89de13310dbd367b-FRA
alt-svc
h3=":443"; ma=86400
f31354d5.js
wzz.whatsllotq.icu/static/js/ 		517 KB
165 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wzz.whatsllotq.icu/static/js/f31354d5.js
Requested by
Host: wzz.whatsllotq.icu
URL: https://wzz.whatsllotq.icu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:22f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c366f0448ef28db6b2daac87ff13dfa80867c321a10bb65cc4ca7965c087f41

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://wzz.whatsllotq.icu/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 09:26:40 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sat, 15 Jun 2024 11:35:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"666d7c83-81402"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EFQn1aUZ830vgXV8x3iYZCOT5RdgWCygQvakpL1zi0xqEPdNFtQmyIbb4fp0cqTEAJMhJu9o53QcrUucRIPEoXnKsPOzL8GdpQWraRNdtIcUrTXUNupckGNfVdG6OxzRDh%2F8fkN%2BR9QMtvrdQEv5r%2B4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
89de13310dc0367b-FRA
alt-svc
h3=":443"; ma=86400
8cb0399b.css
wzz.whatsllotq.icu/static/css/ 		0
670 B 		Other
General
Check archive.org
Download Go to
Full URL
https://wzz.whatsllotq.icu/static/css/8cb0399b.css
Requested by
Host: wzz.whatsllotq.icu
URL: https://wzz.whatsllotq.icu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:22f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://wzz.whatsllotq.icu/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 09:26:39 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 15 Jun 2024 11:35:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"666d7c84-16f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VBBjrcsa8nkCbimAlLiLGuvxfbHgf2rhqlONqKO9%2FPMRw7BX%2FQGMSXW%2FxKgFP70lPMRif5fyYwPdd5%2Bs9GYuYCJNIc7N8f1sUcr769Dk6fBedoHxAdsbyMKxWFNb2p7K%2FSeAycSW86aHavpPdNptWH8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
89de13311dd1367b-FRA
alt-svc
h3=":443"; ma=86400
c65a02c0.js
wzz.whatsllotq.icu/static/js/ 		0
24 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://wzz.whatsllotq.icu/static/js/c65a02c0.js
Requested by
Host: wzz.whatsllotq.icu
URL: https://wzz.whatsllotq.icu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:22f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://wzz.whatsllotq.icu/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 09:26:40 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sat, 15 Jun 2024 11:35:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"666d7c81-14602"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H6ye3YDXcO%2BcJh%2BT4h6CYxI4b45snq0GMFwylu5zRgMy%2BIx8hJ0IlEAiXki1EdxF2tJFdb1dj4IDMSItgSCfPGLmUY3HcT1DABtpV7ffTuIK0u4QxSYr9av8M7rjf2Ub5wMwFXnskgd1fkskGVV8YH8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
89de13311dd4367b-FRA
alt-svc
h3=":443"; ma=86400
efb0b0c2.js
wzz.whatsllotq.icu/static/js/ 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://wzz.whatsllotq.icu/static/js/efb0b0c2.js
Requested by
Host: wzz.whatsllotq.icu
URL: https://wzz.whatsllotq.icu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:22f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://wzz.whatsllotq.icu/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 09:26:39 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sat, 15 Jun 2024 11:35:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"666d7c82-2155"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Iwu4nM1Jw8K7pHE7NVIBsHucEAn6tcahoG35nLJOrvPCte52d3z%2BwaQH%2BqFxbq72QEoo2pw1OheCj7aoIcRPYEo0eG3hEGryHAGOReMTKTYDod4w32cFtnp9WmuM04mmvIi%2FClfamMnfXuGvwFIg7fc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
89de13311dd5367b-FRA
alt-svc
h3=":443"; ma=86400
c65a02c0.js
wzz.whatsllotq.icu/static/js/ 		82 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://wzz.whatsllotq.icu/static/js/c65a02c0.js
Requested by
Host: wzz.whatsllotq.icu
URL: https://wzz.whatsllotq.icu/static/js/d35de392.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:22f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
099a36d4c6594642d2d794431e94712b85599b6960e122b7c1e76b2362a4aff6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://wzz.whatsllotq.icu/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 09:26:40 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sat, 15 Jun 2024 11:35:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"666d7c81-14602"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H6ye3YDXcO%2BcJh%2BT4h6CYxI4b45snq0GMFwylu5zRgMy%2BIx8hJ0IlEAiXki1EdxF2tJFdb1dj4IDMSItgSCfPGLmUY3HcT1DABtpV7ffTuIK0u4QxSYr9av8M7rjf2Ub5wMwFXnskgd1fkskGVV8YH8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
89de13311dd4367b-FRA
alt-svc
h3=":443"; ma=86400
favicon.ico
wzz.whatsllotq.icu/ 		787 B
0 		Other
General
Check archive.org
Download Go to
Full URL
https://wzz.whatsllotq.icu/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:22f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0cadf240e89340b93df35240e7809039c1c574be05fbe2cf3243e2f487bc9ec

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://wzz.whatsllotq.icu/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 09:26:35 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 14 Jun 2024 15:16:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"666c5ebd-313"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Uc3ikzG6DnKn2QSMRdA5PG%2FMS7TqLw2E21YgaVzpjEEl7FstdXIhdRLG6zvlOeSFBcaocm96hFke849FgxJBPCbLaysVnN5Z3lktAjFc3dFmEW4FA5nJ0cJLAZuNfG9yR1ozDMd992219HHaVZzHZn8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
max-age=14400
cf-ray
89de13176cea2c1e-FRA
alt-svc
h3=":443"; ma=86400
truncated
/ 		85 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4a711f5cd03c09fd79ae2f19bb2f71168e71c18b7562626a1ae8d99ebc3212ff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3cc20c9c6af34ae062c52af6365ee9a4b5d35014759bd700736a796430571345

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: WhatsApp (Instant Messenger) Generic Cloudflare (Online)

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| a3_0x368856 function| a3_0x100a63 function| a3_0x5017d7 function| a3_0x399d function| a3_0x5c139e function| a3_0x3d7b function| a3_0x5c4ff3 object| webpackJsonp function| a0_0x1133 function| a0_0x5396 function| _0x11cd3a object| $cookies function| a1_0x5a05 function| a1_0x3f03 function| a1_0x1c805f function| a1_0x231591 function| a1_0x1eca59 function| a1_0x4fc022 function| a1_0x3cb7ec

1 Cookies

Domain/Path Name / Value
.wzz.whatsllotq.icu/ Name: __cf_mw_byp
Value: xDVFz_279ifSG.2CBbLUjkPLRIVPzgkWrW1NZjejdgM-1720085195-0.0.1.1-/

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN