wws.whptapps.com
Open in
urlscan Pro
2606:4700:3035::ac43:c1a6
Malicious Activity!
Public Scan
Submission: On October 16 via api from CN — Scanned from DE
Summary
This is the only time wws.whptapps.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: WhatsApp (Instant Messenger)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
7 | 2606:4700:303... 2606:4700:3035::ac43:c1a6 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 163.181.92.187 163.181.92.187 | 24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.) | |
2 | 2606:4700:303... 2606:4700:3033::6815:318 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
10 | 3 |
ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
cdn.staticfile.org |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
whptapps.com
wws.whptapps.com |
185 KB |
2 |
wjalttas.vip
ssr.wjalttas.vip |
4 KB |
1 |
staticfile.org
cdn.staticfile.org — Cisco Umbrella Rank: 66016 |
33 KB |
10 | 3 |
Domain | Requested by | |
---|---|---|
7 | wws.whptapps.com |
wws.whptapps.com
|
2 | ssr.wjalttas.vip | |
1 | cdn.staticfile.org |
wws.whptapps.com
|
10 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
faq.whatsapp.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.staticfile.org GeoTrust RSA CN CA G2 |
2023-09-08 - 2024-10-04 |
a year | crt.sh |
wjalttas.vip E1 |
2023-09-30 - 2023-12-29 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://wws.whptapps.com/
Frame ID: 419F23930879C69546D01A2E62AE56A2
Requests: 10 HTTP requests in this frame
1 Outgoing links
These are links going to different origins than the main page.
Title: Need help to get started?
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
wws.whptapps.com/ |
18 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
cdn.staticfile.org/jquery/1.10.2/ |
91 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
stylex-ce269a9819ee8f292840728689a22cc5.css
wws.whptapps.com/WhatsApp_files/ |
175 KB 50 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app-6d34864fd47903428794.css
wws.whptapps.com/WhatsApp_files/ |
187 KB 66 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main~.b66100b3486cd1857cd3.css
wws.whptapps.com/WhatsApp_files/ |
21 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.fdf0caa2786c3269572d.css
wws.whptapps.com/WhatsApp_files/ |
150 KB 37 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
qr-video_0c6ec69b054fdeb31cf3e5e10290fd8e.png
wws.whptapps.com/WhatsApp_files/ |
16 KB 17 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
m.js
wws.whptapps.com/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
3d66ddd6-cac8-4ba5-a33a-808543e8611d.png
ssr.wjalttas.vip/qrcodes/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
3d66ddd6-cac8-4ba5-a33a-808543e8611d.png
ssr.wjalttas.vip/qrcodes/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: WhatsApp (Instant Messenger)20 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery boolean| systemThemeDark object| theme object| systemThemeMode object| systemTheme boolean| darkTheme string| srv number| i_referer number| isEnable function| guid function| getUUID string| uuid function| xorEncryptDecrypt object| ws function| status_callback function| refershQrCode object| json number| code string| qrcode_text0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.staticfile.org
ssr.wjalttas.vip
wws.whptapps.com
163.181.92.187
2606:4700:3033::6815:318
2606:4700:3035::ac43:c1a6
2d4fb46b689481e3a870227eed9f1e6c8d6890bc8cbb56d69b6ada2e31ab128d
69acbe3d7c92af1a509b7351cabfac35b356c18eef8c9299f5ac354acfdba079
775fafc214e32a36e2a39e694322fed097e37d964c9dce65663655b64492d068
79acde4aa0ad3feafd96271141640066d0c52c050724b13272b1ca3d6930f8d1
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
8a636dbd66666f13902713e7bc7d2e1cab497b299f533495759a2c68c459c5a4
a456b1dee284e827c4dc7fffe7495606cc92efcae3e3c217c01353a63ecc1f13
d980ab372658f4c7c8f07d730ef6dc67e3fb3471f37928274f915c0308850994
f6979ffca16ea5a6bd7f03ed20be942b9765e35cbb54ee30c902561188b7dbd6