wss.whasm.top Open in urlscan Pro
2a06:98c1:3121::9  Malicious Activity! Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response wss.whasm.top/	13 KB 6 KB	1257ms 473ms	Document text/html	2a06:98c1:3121::9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://wss.whasm.top/ Protocol HTTP/1.1 Server 2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 63c8877915b8cd02f7a013cdcf305a0ea54353920552a84805847ec2d54ddc26 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers CF-Cache-Status DYNAMIC CF-RAY 7fbfbe30dbeb0e44-AMS Connection keep-alive Content-Encoding gzip Content-Type text/html Date Fri, 25 Aug 2023 00:33:19 GMT Last-Modified Sat, 19 Aug 2023 06:51:48 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2Fbwp8EQyFYWgD%2Bs6%2BQ6kU9RXziECYZxIiWJHNkbXTuUoEoIy1e6JBxs98ldZkfPRTZZi7iMa0tMs71eifTDKzc74VKxv9Ycx%2BXI6ZVFPMihVUMX%2BoVyoWVlWOiGROP66m62OFcur69pskK1"}],"group":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked Vary Accept-Encoding alt-svc h3=":443"; ma=86400
GET H/1.1	200 OK	stylex-2d46744708947781f1f33a0069cbc308.css wss.whasm.top/static/	114 KB 34 KB	34ms 34ms	Stylesheet text/css	2a06:98c1:3121::9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://wss.whasm.top/static/stylex-2d46744708947781f1f33a0069cbc308.css Requested by Host: wss.whasm.top URL: http://wss.whasm.top/ Protocol HTTP/1.1 Server 2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d3889a9a244c69018e4848bffa27b76845ca2c34813976342d4b122e6533bbca Request headers accept-language nl-NL,nl;q=0.9 Referer http://wss.whasm.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers Date Fri, 25 Aug 2023 00:33:20 GMT Content-Encoding gzip CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 1627 Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400 Last-Modified Sat, 19 Aug 2023 06:50:22 GMT Server cloudflare ETag W/"64e0662e-1c673" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qcn3P6TQ8lU3Ec%2B4Vrt4yGv1F2dIJKbl2ZUQwF1a4%2B6FMkr%2Bvy7QLx3SnqbAR8t9jSL0Dt6UoJLmeTaFB5zvu1lvIuqwS4qTETq%2B%2B4njPpk04CHHeV3rZAgsgNmQ0MXyV6fPXIygeZw9o2%2F8"}],"group":"cf-nel","max_age":604800} Content-Type text/css Cache-Control max-age=43200 CF-RAY 7fbfbe33ff730e44-AMS Expires Fri, 25 Aug 2023 12:07:06 GMT
GET H/1.1	200 OK	bootstrap_qr-e2b403f65ed52d327e90.css wss.whasm.top/static/	173 KB 61 KB	713ms 675ms	Stylesheet text/css	2a06:98c1:3121::9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://wss.whasm.top/static/bootstrap_qr-e2b403f65ed52d327e90.css Requested by Host: wss.whasm.top URL: http://wss.whasm.top/ Protocol HTTP/1.1 Server 2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 40de96c95d1458d29df75c48f966dae08456d012450aa2a32d63d822997d8dd4 Request headers accept-language nl-NL,nl;q=0.9 Referer http://wss.whasm.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers Date Fri, 25 Aug 2023 00:33:20 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400 Last-Modified Sat, 19 Aug 2023 06:50:20 GMT Server cloudflare ETag W/"64e0662c-2b2c0" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ySeogZvRazvt78n139LRq%2F2h6w3cR0JFEChypgoLJfcsmGy%2FbLhdsOZncNOODbVWa6XDn0in13XvSgPKx4j08BP8O5dSNUeM7t8tl9BKSZP%2Bo8sMvgmX5dIWa7qz0ysPc4AJOOjtS%2Fv56IVf"}],"group":"cf-nel","max_age":604800} Content-Type text/css Cache-Control max-age=43200 CF-RAY 7fbfbe343c12b75b-AMS Expires Fri, 25 Aug 2023 12:34:13 GMT
GET H/1.1	200 OK	bootstrap_main.9d6050e3d2fff5b782d3.css wss.whasm.top/static/	226 KB 54 KB	708ms 669ms	Stylesheet text/css	2a06:98c1:3121::9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://wss.whasm.top/static/bootstrap_main.9d6050e3d2fff5b782d3.css Requested by Host: wss.whasm.top URL: http://wss.whasm.top/ Protocol HTTP/1.1 Server 2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9cbfd4f00c4210688faaecdace3d2877e5c789a7c8d06f1d0c49507b55de6a2b Request headers accept-language nl-NL,nl;q=0.9 Referer http://wss.whasm.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers Date Fri, 25 Aug 2023 00:33:20 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400 Last-Modified Sat, 19 Aug 2023 06:50:20 GMT Server cloudflare ETag W/"64e0662c-38629" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EGAcdsfOAbb4AYxxoIs43qr%2ByzNKkWRq%2BJzj7h8I3KMTLETveQh%2FGRkajY1m4QOdsroRG6gk%2FnQPPnV9VyjA4bp8qmbik3%2BgNmRWoYVLFWFrkLoDBToaGNeJ%2B8cDCkM7EdPVWuBAA16ZgtuQ"}],"group":"cf-nel","max_age":604800} Content-Type text/css Cache-Control max-age=43200 CF-RAY 7fbfbe343ed4b987-AMS Expires Fri, 25 Aug 2023 12:34:13 GMT
GET H/1.1	200 OK	jquery.min.js Show response wss.whasm.top/jQuery/	91 KB 37 KB	77ms 39ms	Script application/javascript	2a06:98c1:3121::9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://wss.whasm.top/jQuery/jquery.min.js Requested by Host: wss.whasm.top URL: http://wss.whasm.top/ Protocol HTTP/1.1 Server 2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e0108076470765be9ef1e9b242b8a52ef78c8f4532c7263426abc05ea4b60240 Request headers accept-language nl-NL,nl;q=0.9 Referer http://wss.whasm.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers Date Fri, 25 Aug 2023 00:33:20 GMT Content-Encoding gzip CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 40193 Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400 Last-Modified Sat, 19 Aug 2023 06:50:19 GMT Server cloudflare ETag W/"64e0662b-16bab" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HaRo%2F1ateX5KJVcphLkIxgEETpdnzmaTZygZGdowyUmM%2FePNS8gDLEIUw%2FiBYdEbcmpJGuwYMp3tdPvMjwe0fE1dJGx5W0IBL9i4zj3felNcAA4gENG5RRpzKe1G84iSaSzRSWlm%2BGqfQxBs"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript Cache-Control max-age=43200 CF-RAY 7fbfbe3438091b0c-AMS Expires Fri, 25 Aug 2023 01:24:19 GMT
GET H/1.1	200 OK	jquery.cookie.js Show response wss.whasm.top/jQuery/	3 KB 2 KB	76ms 38ms	Script application/javascript	2a06:98c1:3121::9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://wss.whasm.top/jQuery/jquery.cookie.js Requested by Host: wss.whasm.top URL: http://wss.whasm.top/ Protocol HTTP/1.1 Server 2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 55c173330e36aaceaf268be4fe4421376a4e9eab4ce0de8e32aeb1c75f1181af Request headers accept-language nl-NL,nl;q=0.9 Referer http://wss.whasm.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers Date Fri, 25 Aug 2023 00:33:20 GMT Content-Encoding gzip CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 41447 Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400 Last-Modified Sat, 19 Aug 2023 06:50:19 GMT Server cloudflare ETag W/"64e0662b-c30" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e38LW8PdzusTXswqM78VUQ7dUOy33%2FOW3urHk%2BBmpHy32sDCByEam9OybNv3%2FU%2B11lihAfAQtVxc6cDlkkcL4A9RrvZAv7%2F3jbS1yCXMOOeU2Xq%2F0H2d8bvpAWl0hQUXqTtOVTVe3TeKhkve"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript Cache-Control max-age=43200 CF-RAY 7fbfbe343d451c94-AMS Expires Fri, 25 Aug 2023 01:03:25 GMT
GET H/1.1	200 OK	qrcode.min.js Show response wss.whasm.top/jQuery/	19 KB 8 KB	75ms 37ms	Script application/javascript	2a06:98c1:3121::9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://wss.whasm.top/jQuery/qrcode.min.js Requested by Host: wss.whasm.top URL: http://wss.whasm.top/ Protocol HTTP/1.1 Server 2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36 Request headers accept-language nl-NL,nl;q=0.9 Referer http://wss.whasm.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers Date Fri, 25 Aug 2023 00:33:20 GMT Content-Encoding gzip CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 1626 Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400 Last-Modified Sat, 19 Aug 2023 06:50:19 GMT Server cloudflare ETag W/"64e0662b-4dd7" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s99yEb0gh8%2F2GtoGY2JiRS7XBseDQ9GoFU5EcSBVLOdg6V2CbvKD5HfZTviy8TNs52lx9juMC3Jq56B5dleDupkPppW1yCGFgISwxkZR6u4z6LtWW0FNB%2FuEhXJtSZhs44M8aUxlaW0K8WO3"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript Cache-Control max-age=43200 CF-RAY 7fbfbe343cc31cb0-AMS Expires Fri, 25 Aug 2023 12:07:07 GMT
GET H2	200	serviceworker.js Show response at.sapyuyh.top/GG170/	28 KB 9 KB	316ms 36ms	Script application/javascript	2606:4700:3033::6815:2997 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://at.sapyuyh.top/GG170/serviceworker.js Requested by Host: wss.whasm.top URL: http://wss.whasm.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:2997 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0c8dac9a08bd373523cd9b70736cbf194169f4a73a80b4235a7ad25e4269c443 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer http://wss.whasm.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers date Fri, 25 Aug 2023 00:33:20 GMT strict-transport-security max-age=31536000 content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 41538 alt-svc h3=":443"; ma=86400 last-modified Wed, 16 Aug 2023 05:01:52 GMT server cloudflare etag W/"64dc5840-6fc8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cUrEZcz824YCTnuAJBd5v980oLxLZyov3wfEpfHHGKwI%2FP9YPOyLN%2FQ47gmnQQYFpX0ElVP9u1H5KYqHKbmVwejX%2F7mBoP98Ba2cJRO8nG5LXAJctG83A%2BItQXlwjJYe31iMbUFxm1mgDMTfJQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=43200 cf-ray 7fbfbe35bf570b70-AMS expires Fri, 25 Aug 2023 01:00:56 GMT
GET DATA	200 OK	truncated /	85 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 4a711f5cd03c09fd79ae2f19bb2f71168e71c18b7562626a1ae8d99ebc3212ff Request headers accept-language nl-NL,nl;q=0.9 Referer http://wss.whasm.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers Content-Type image/gif
GET DATA	200 OK	truncated /	9 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 216a418adcd8cdc9232a5361f86a819fcf31e19f3ab3373662e5cc8eeb8de0df Request headers accept-language nl-NL,nl;q=0.9 Referer http://wss.whasm.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers Content-Type image/png

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: WhatsApp (Instant Messenger)

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| QRCode function| _0x59eee8 function| _0x509bc0 function| _0x3244bb function| _0x4df5 function| _0x498b31 function| _0x4b7564 function| _0x4e16de function| _0x17d3 function| _0x281778 function| _0x112770 function| _0x543f62 function| _0x5f0934 string| version_ boolean| systemThemeDark object| theme object| systemThemeMode object| systemTheme boolean| darkTheme

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

at.sapyuyh.top
wss.whasm.top
2606:4700:3033::6815:2997
2a06:98c1:3121::9
0c8dac9a08bd373523cd9b70736cbf194169f4a73a80b4235a7ad25e4269c443
216a418adcd8cdc9232a5361f86a819fcf31e19f3ab3373662e5cc8eeb8de0df
40de96c95d1458d29df75c48f966dae08456d012450aa2a32d63d822997d8dd4
4a711f5cd03c09fd79ae2f19bb2f71168e71c18b7562626a1ae8d99ebc3212ff
55c173330e36aaceaf268be4fe4421376a4e9eab4ce0de8e32aeb1c75f1181af
63c8877915b8cd02f7a013cdcf305a0ea54353920552a84805847ec2d54ddc26
9cbfd4f00c4210688faaecdace3d2877e5c789a7c8d06f1d0c49507b55de6a2b
c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36
d3889a9a244c69018e4848bffa27b76845ca2c34813976342d4b122e6533bbca
e0108076470765be9ef1e9b242b8a52ef78c8f4532c7263426abc05ea4b60240