w-whatsapp.cyou Open in urlscan Pro
20.2.233.220  Malicious Activity! Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response w-whatsapp.cyou/	799 B 953 B	1613ms 301ms	Document text/html	20.2.233.220 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://w-whatsapp.cyou/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 20.2.233.220 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash 5391a1d566b9b1a0b809e7cf90c3a2af3dbea458520cd47323b9584b7cdd35c0 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers accept-ranges bytes content-length 799 content-type text/html date Fri, 26 Jul 2024 10:39:50 GMT etag "669fa875-31f" last-modified Tue, 23 Jul 2024 12:56:21 GMT server nginx strict-transport-security max-age=31536000
GET H2	200	uni.8bb7e59c.css w-whatsapp.cyou/assets/	9 KB 3 KB	304ms 303ms	Stylesheet text/css	20.2.233.220 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://w-whatsapp.cyou/assets/uni.8bb7e59c.css Requested by Host: w-whatsapp.cyou URL: https://w-whatsapp.cyou/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 20.2.233.220 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash 8bb7e59c86c570cf4fbe6d412b07f88ae69af081f252502fefb8b5756b727b29 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://w-whatsapp.cyou/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 10:39:51 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Tue, 23 Jul 2024 12:56:21 GMT server nginx etag W/"669fa875-24aa" vary Accept-Encoding content-type text/css cache-control max-age=43200 expires Fri, 26 Jul 2024 22:39:51 GMT
GET H2	200	index-DU0lxCQB.js Show response w-whatsapp.cyou/assets/	241 KB 94 KB	907ms 906ms	Script application/javascript	20.2.233.220 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://w-whatsapp.cyou/assets/index-DU0lxCQB.js Requested by Host: w-whatsapp.cyou URL: https://w-whatsapp.cyou/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 20.2.233.220 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash f5969580ac388206fcdbaacc9f6a8da02e7ee37278f386174a82253e15093301 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://w-whatsapp.cyou/ Origin https://w-whatsapp.cyou User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 10:39:51 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Tue, 23 Jul 2024 12:56:21 GMT server nginx etag W/"669fa875-3c2d5" vary Accept-Encoding content-type application/javascript cache-control max-age=43200 expires Fri, 26 Jul 2024 22:39:51 GMT
GET H2	200	index-DHkOwtX7.css w-whatsapp.cyou/assets/	365 KB 117 KB	603ms 603ms	Stylesheet text/css	20.2.233.220 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://w-whatsapp.cyou/assets/index-DHkOwtX7.css Requested by Host: w-whatsapp.cyou URL: https://w-whatsapp.cyou/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 20.2.233.220 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash 7da116fcf7379dfc647737140efcb1b291ba81d82de43d7df9cc3eeeb66d230d Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://w-whatsapp.cyou/ Origin https://w-whatsapp.cyou User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 10:39:51 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Tue, 23 Jul 2024 12:56:21 GMT server nginx etag W/"669fa875-5b3e4" vary Accept-Encoding content-type text/css cache-control max-age=43200 expires Fri, 26 Jul 2024 22:39:51 GMT
GET H2	200	pages-index-index.Bao1UBEq.js Show response w-whatsapp.cyou/assets/	31 KB 14 KB	308ms 307ms	Script application/javascript	20.2.233.220 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://w-whatsapp.cyou/assets/pages-index-index.Bao1UBEq.js Requested by Host: w-whatsapp.cyou URL: https://w-whatsapp.cyou/assets/index-DU0lxCQB.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 20.2.233.220 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash ba0cfb8a3298b4f6cb82131c4110f57206378231dad5d85d6955376bf8b08392 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer Origin https://w-whatsapp.cyou User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 10:39:52 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Tue, 23 Jul 2024 12:56:21 GMT server nginx etag W/"669fa875-7c27" vary Accept-Encoding content-type application/javascript cache-control max-age=43200 expires Fri, 26 Jul 2024 22:39:52 GMT
GET H2	200	index-ePB48sXp.css w-whatsapp.cyou/assets/	370 KB 84 KB	305ms 305ms	Stylesheet text/css	20.2.233.220 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://w-whatsapp.cyou/assets/index-ePB48sXp.css Requested by Host: w-whatsapp.cyou URL: https://w-whatsapp.cyou/assets/index-DU0lxCQB.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 20.2.233.220 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash 111b7dcca8142a465f15416db19ea4a7ed0c60cbe43142d21e05b4ef6ca79664 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://w-whatsapp.cyou/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 10:39:52 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Tue, 23 Jul 2024 12:56:21 GMT server nginx etag W/"669fa875-5c992" vary Accept-Encoding content-type text/css cache-control max-age=43200 expires Fri, 26 Jul 2024 22:39:52 GMT
GET DATA	200 OK	truncated /	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0ccf8dd29c61715a6364ea9ec36d32c295e82ca837488590130c51cee298b7d3 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	photo.jpg w-whatsapp.cyou/static/img/	4 KB 3 KB	303ms 302ms	Image image/jpeg	20.2.233.220 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://w-whatsapp.cyou/static/img/photo.jpg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 20.2.233.220 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash dcc382764aca43c0541ae7bd54d0f06458d429e05280bcd8fe6de205b08049d0 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://w-whatsapp.cyou/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 10:39:52 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Wed, 10 Apr 2024 09:03:45 GMT server nginx etag W/"661655f1-f89" vary Accept-Encoding content-type image/jpeg cache-control max-age=2592000 expires Sun, 25 Aug 2024 10:39:52 GMT
GET H2	200	duihao.png w-whatsapp.cyou/static/img/	4 KB 4 KB	304ms 303ms	Image image/png	20.2.233.220 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://w-whatsapp.cyou/static/img/duihao.png Protocol H2 Security TLS 1.3, , AES_256_GCM Server 20.2.233.220 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash 34f1c77d2d4a93afb80b6b515a8fabf37013640b8e517bab8aba27e56d82d543 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://w-whatsapp.cyou/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 10:39:52 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Wed, 10 Apr 2024 09:03:45 GMT server nginx etag W/"661655f1-e37" vary Accept-Encoding content-type image/png cache-control max-age=2592000 expires Sun, 25 Aug 2024 10:39:52 GMT
GET H2	200	tips_en.jpg w-whatsapp.cyou/static/img/	280 KB 212 KB	305ms 304ms	Image image/jpeg	20.2.233.220 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://w-whatsapp.cyou/static/img/tips_en.jpg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 20.2.233.220 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash c208b56bb4fbc45f842c73360a32f5bfd1eb10677e436c1398f74c315d145b69 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://w-whatsapp.cyou/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 10:39:52 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Tue, 14 May 2024 07:26:23 GMT server nginx etag W/"6643121f-4605a" vary Accept-Encoding content-type image/jpeg cache-control max-age=2592000 expires Sun, 25 Aug 2024 10:39:52 GMT
GET H2	200	tips-iphone-en.png w-whatsapp.cyou/static/img/	232 KB 229 KB	605ms 604ms	Image image/png	20.2.233.220 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://w-whatsapp.cyou/static/img/tips-iphone-en.png Protocol H2 Security TLS 1.3, , AES_256_GCM Server 20.2.233.220 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash 6b2d061ceb4ce505f117b9f88304eeb4eba524da63b40a765cb552ffa7dda30b Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://w-whatsapp.cyou/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 10:39:52 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Tue, 14 May 2024 07:27:00 GMT server nginx etag W/"66431244-39ecd" vary Accept-Encoding content-type image/png cache-control max-age=2592000 expires Sun, 25 Aug 2024 10:39:52 GMT
GET H2	200	tips-android-en.png w-whatsapp.cyou/static/img/	337 KB 331 KB	606ms 605ms	Image image/png	20.2.233.220 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://w-whatsapp.cyou/static/img/tips-android-en.png Protocol H2 Security TLS 1.3, , AES_256_GCM Server 20.2.233.220 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash 96ece3b22d54e868ea8b097c2e36c4a25ed8b2db58bde95db1b55bf61c8efba4 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://w-whatsapp.cyou/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 10:39:52 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Tue, 14 May 2024 07:27:21 GMT server nginx etag W/"66431259-5426e" vary Accept-Encoding content-type image/png cache-control max-age=2592000 expires Sun, 25 Aug 2024 10:39:52 GMT
GET H2	404	undefined.svg w-whatsapp.cyou/static/nation/	2 KB 2 KB	606ms 606ms	Image text/html	20.2.233.220 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://w-whatsapp.cyou/static/nation/undefined.svg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 20.2.233.220 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash 5fe644d0ca6af0463a1318e51203640c072058737b43472a451f09de62dc267a Request headers Referer https://w-whatsapp.cyou/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 10:39:52 GMT content-encoding gzip server nginx etag W/"66a340c9-e3b0" vary Accept-Encoding content-type text/html
GET H2	404	favicon.ico w-whatsapp.cyou/	57 KB 44 KB	594ms 594ms	Other text/html	20.2.233.220 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://w-whatsapp.cyou/favicon.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 20.2.233.220 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash dc676cc52046a252ee86c463e49bce5b517c932ab100f21cb62e231cb3d7ed7a Request headers Referer https://w-whatsapp.cyou/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 10:39:52 GMT content-encoding gzip server nginx etag W/"66a340c9-e3b0" vary Accept-Encoding content-type text/html
GET H/1.1	200 OK	shadow-grey.png cdn.dcloud.net.cn/img/	136 B 579 B	921ms 208ms	Image image/png	124.220.205.65 TENCENT-NET-AP Sh...
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.dcloud.net.cn/img/shadow-grey.png Requested by Host: w-whatsapp.cyou URL: https://w-whatsapp.cyou/assets/index-DHkOwtX7.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 124.220.205.65 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN), Reverse DNS Software nginx / Resource Hash ad4ebea1c3496dd2924789ee009174a2c6289d1200e9811f458fd46f172d1d6f Request headers Referer https://w-whatsapp.cyou/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Fri, 26 Jul 2024 10:39:56 GMT Last-Modified Thu, 06 Jun 2019 06:42:07 GMT Server nginx ETag "5cf8b5bf-88" Content-Type image/png Cache-Control max-age=7200 Connection close Accept-Ranges bytes Content-Length 136 Expires Fri, 26 Jul 2024 12:39:56 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: WhatsApp (Instant Messenger)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| coverSupport object| __VUE_INSTANCE_SETTERS__ object| __VUE_SSR_SETTERS__ object| uni object| wx function| rpx2px object| __uniConfig object| __uniLayout object| __uniRoutes boolean| __VUE__

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.dcloud.net.cn/	1970-01-21 07:55:50	Name: __uni__uid Value: rBEQRWajfPxE36faP/HfAg==

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://w-whatsapp.cyou/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://w-whatsapp.cyou/static/nation/undefined.svg Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.dcloud.net.cn
w-whatsapp.cyou
124.220.205.65
20.2.233.220
0ccf8dd29c61715a6364ea9ec36d32c295e82ca837488590130c51cee298b7d3
111b7dcca8142a465f15416db19ea4a7ed0c60cbe43142d21e05b4ef6ca79664
34f1c77d2d4a93afb80b6b515a8fabf37013640b8e517bab8aba27e56d82d543
5391a1d566b9b1a0b809e7cf90c3a2af3dbea458520cd47323b9584b7cdd35c0
5fe644d0ca6af0463a1318e51203640c072058737b43472a451f09de62dc267a
6b2d061ceb4ce505f117b9f88304eeb4eba524da63b40a765cb552ffa7dda30b
7da116fcf7379dfc647737140efcb1b291ba81d82de43d7df9cc3eeeb66d230d
8bb7e59c86c570cf4fbe6d412b07f88ae69af081f252502fefb8b5756b727b29
96ece3b22d54e868ea8b097c2e36c4a25ed8b2db58bde95db1b55bf61c8efba4
ad4ebea1c3496dd2924789ee009174a2c6289d1200e9811f458fd46f172d1d6f
ba0cfb8a3298b4f6cb82131c4110f57206378231dad5d85d6955376bf8b08392
c208b56bb4fbc45f842c73360a32f5bfd1eb10677e436c1398f74c315d145b69
dc676cc52046a252ee86c463e49bce5b517c932ab100f21cb62e231cb3d7ed7a
dcc382764aca43c0541ae7bd54d0f06458d429e05280bcd8fe6de205b08049d0
f5969580ac388206fcdbaacc9f6a8da02e7ee37278f386174a82253e15093301