whatgoogle.top Open in urlscan Pro
206.119.81.58 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://whatgoogle.top/
Submission: On November 08 via automatic, source certstream-suspicious (November 8th 2023, 8:21:37 am UTC) — Scanned from DE

Summary HTTP 10 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 10 HTTP transactions. The main IP is 206.119.81.58, located in United States and belongs to HKCICL-AS-AP Hong Kong Communications International Co., Limited, HK. The main domain is whatgoogle.top.
TLS certificate: Issued by R3 on November 8th 2023. Valid for: 3 months.

This is the only time whatgoogle.top was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: WhatsApp (Instant Messenger)

Domain & IP information

	IP Address		AS Autonomous System
10	206.119.81.58 206.119.81.58		140227 (HKCICL-AS...) (HKCICL-AS-AP Hong Kong Communications International Co.)
10	2

10 206.119.81.58 (United States)

ASN140227 (HKCICL-AS-AP Hong Kong Communications International Co., Limited, HK)

whatgoogle.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	whatgoogle.top whatgoogle.top	309 KB
10	1

	Domain	Requested by
10	whatgoogle.top	whatgoogle.top
10	1

This site contains links to these domains. Also see Links.

Domain
faq.whatsapp.com

Subject Issuer	Validity	Valid
whatgoogle.top R3	`2023-11-08` - `2024-02-06`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://whatgoogle.top/
Frame ID: 03F6D4618A6290362DF19D46C51D4534
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

whatsapp

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

309 kB
Transfer

836 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://faq.whatsapp.com/1317564962315842?lang=en
Title: Need help to get started?

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response whatgoogle.top/	5 KB 2 KB	678ms 215ms	Document text/html	206.119.81.58 HKCICL-AS-AP Hong...
General Check archive.org Show headers Download Go to Full URL https://whatgoogle.top/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 206.119.81.58 , United States, ASN140227 (HKCICL-AS-AP Hong Kong Communications International Co., Limited, HK), Reverse DNS Software nginx / Resource Hash `0306b1c27ef08b2358fb8b92a25769b267d57de18c2d3d5676ab024ba8c66809` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html Date Wed, 08 Nov 2023 08:21:32 GMT ETag W/"654a65c1-131d" Last-Modified Tue, 07 Nov 2023 16:28:49 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding
GET H/1.1	200 OK	app.b0fa9e2a.css whatgoogle.top/h5/static/css/	14 KB 4 KB	235ms 234ms	Stylesheet text/css	206.119.81.58 HKCICL-AS-AP Hong...
General Check archive.org Show headers Download Go to Full URL https://whatgoogle.top/h5/static/css/app.b0fa9e2a.css Requested by Host: whatgoogle.top URL: https://whatgoogle.top/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 206.119.81.58 , United States, ASN140227 (HKCICL-AS-AP Hong Kong Communications International Co., Limited, HK), Reverse DNS Software nginx / Resource Hash `10c2397bf52adabc3fcc66e532112a95c42e2b9865ba3be4f9f83cce9ddddf87` Request headers accept-language de-DE,de;q=0.9 Referer https://whatgoogle.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers Date Wed, 08 Nov 2023 08:21:32 GMT Content-Encoding gzip Last-Modified Tue, 07 Nov 2023 16:28:49 GMT Server nginx ETag W/"654a65c1-3782" Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/css Connection keep-alive
GET H/1.1	200 OK	chunk-libs.b81f3f69.css whatgoogle.top/h5/static/css/	1 KB 717 B	445ms 209ms	Stylesheet text/css	206.119.81.58 HKCICL-AS-AP Hong...
General Check archive.org Show headers Download Go to Full URL https://whatgoogle.top/h5/static/css/chunk-libs.b81f3f69.css Requested by Host: whatgoogle.top URL: https://whatgoogle.top/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 206.119.81.58 , United States, ASN140227 (HKCICL-AS-AP Hong Kong Communications International Co., Limited, HK), Reverse DNS Software nginx / Resource Hash `759dc14a647618bcae5099437c89998c28a2828fd56784bf1ce88edea1c037fa` Request headers accept-language de-DE,de;q=0.9 Referer https://whatgoogle.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers Date Wed, 08 Nov 2023 08:21:32 GMT Content-Encoding gzip Last-Modified Tue, 07 Nov 2023 16:28:49 GMT Server nginx ETag W/"654a65c1-47e" Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/css Connection keep-alive
GET H/1.1	200 OK	chunk-vantUI.7ba7c773.css whatgoogle.top/h5/static/css/	87 KB 36 KB	812ms 409ms	Stylesheet text/css	206.119.81.58 HKCICL-AS-AP Hong...
General Check archive.org Show headers Download Go to Full URL https://whatgoogle.top/h5/static/css/chunk-vantUI.7ba7c773.css Requested by Host: whatgoogle.top URL: https://whatgoogle.top/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 206.119.81.58 , United States, ASN140227 (HKCICL-AS-AP Hong Kong Communications International Co., Limited, HK), Reverse DNS Software nginx / Resource Hash `0c4331639788455e24bed09ae2297c63c16cf42f5ccfa374c3d8537d9cc0bf1a` Request headers accept-language de-DE,de;q=0.9 Referer https://whatgoogle.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers Date Wed, 08 Nov 2023 08:21:32 GMT Content-Encoding gzip Last-Modified Tue, 07 Nov 2023 16:28:49 GMT Server nginx ETag W/"654a65c1-15b88" Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/css Connection keep-alive
GET H/1.1	200 OK	app.182aec0a.js Show response whatgoogle.top/h5/static/js/	11 KB 5 KB	617ms 214ms	Script application/javascript	206.119.81.58 HKCICL-AS-AP Hong...
General Check archive.org Show headers Download Go to Full URL https://whatgoogle.top/h5/static/js/app.182aec0a.js Requested by Host: whatgoogle.top URL: https://whatgoogle.top/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 206.119.81.58 , United States, ASN140227 (HKCICL-AS-AP Hong Kong Communications International Co., Limited, HK), Reverse DNS Software nginx / Resource Hash `208103973f6e40c61c4162df7317b23098e863332e3d4b279cd66227b981a5fb` Request headers accept-language de-DE,de;q=0.9 Referer https://whatgoogle.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers Date Wed, 08 Nov 2023 08:21:32 GMT Content-Encoding gzip Last-Modified Tue, 07 Nov 2023 16:28:49 GMT Server nginx ETag W/"654a65c1-2c6e" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Connection keep-alive
GET H/1.1	200 OK	chunk-libs.90224681.js Show response whatgoogle.top/h5/static/js/	556 KB 197 KB	829ms 424ms	Script application/javascript	206.119.81.58 HKCICL-AS-AP Hong...
General Check archive.org Show headers Download Go to Full URL https://whatgoogle.top/h5/static/js/chunk-libs.90224681.js Requested by Host: whatgoogle.top URL: https://whatgoogle.top/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 206.119.81.58 , United States, ASN140227 (HKCICL-AS-AP Hong Kong Communications International Co., Limited, HK), Reverse DNS Software nginx / Resource Hash `037694f09642ea8672ab1a6236b29ba3f7b70aac76eea81aaa963584f23b5790` Request headers accept-language de-DE,de;q=0.9 Referer https://whatgoogle.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers Date Wed, 08 Nov 2023 08:21:32 GMT Content-Encoding gzip Last-Modified Tue, 07 Nov 2023 16:28:49 GMT Server nginx ETag W/"654a65c1-8b05a" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Connection keep-alive
GET H/1.1	200 OK	chunk-vantUI.9afc80ef.js Show response whatgoogle.top/h5/static/js/	106 KB 35 KB	860ms 444ms	Script application/javascript	206.119.81.58 HKCICL-AS-AP Hong...
General Check archive.org Show headers Download Go to Full URL https://whatgoogle.top/h5/static/js/chunk-vantUI.9afc80ef.js Requested by Host: whatgoogle.top URL: https://whatgoogle.top/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 206.119.81.58 , United States, ASN140227 (HKCICL-AS-AP Hong Kong Communications International Co., Limited, HK), Reverse DNS Software nginx / Resource Hash `a8143878b4cfa67d90b541cc2f3d743f7f0ab298da61204af4ff95cce4b8a96d` Request headers accept-language de-DE,de;q=0.9 Referer https://whatgoogle.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers Date Wed, 08 Nov 2023 08:21:32 GMT Content-Encoding gzip Last-Modified Tue, 07 Nov 2023 16:28:49 GMT Server nginx ETag W/"654a65c1-1a625" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Connection keep-alive
GET H/1.1	200 OK	chunk-a4e0e3e6.b1f28049.js Show response whatgoogle.top/h5/static/js/	21 KB 8 KB	207ms 206ms	Script application/javascript	206.119.81.58 HKCICL-AS-AP Hong...
General Check archive.org Show headers Download Go to Full URL https://whatgoogle.top/h5/static/js/chunk-a4e0e3e6.b1f28049.js Requested by Host: whatgoogle.top URL: https://whatgoogle.top/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 206.119.81.58 , United States, ASN140227 (HKCICL-AS-AP Hong Kong Communications International Co., Limited, HK), Reverse DNS Software nginx / Resource Hash `e3e106f890a75832cd10e3ce4ec729085350e2b60fce0f970239865916f61304` Request headers accept-language de-DE,de;q=0.9 Referer https://whatgoogle.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers Date Wed, 08 Nov 2023 08:21:33 GMT Content-Encoding gzip Last-Modified Tue, 07 Nov 2023 16:28:49 GMT Server nginx ETag W/"654a65c1-52e6" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Connection keep-alive
GET H/1.1	200 OK	chunk-53707a0e.d94ea447.js Show response whatgoogle.top/h5/static/js/	11 KB 6 KB	214ms 213ms	Script application/javascript	206.119.81.58 HKCICL-AS-AP Hong...
General Check archive.org Show headers Download Go to Full URL https://whatgoogle.top/h5/static/js/chunk-53707a0e.d94ea447.js Requested by Host: whatgoogle.top URL: https://whatgoogle.top/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 206.119.81.58 , United States, ASN140227 (HKCICL-AS-AP Hong Kong Communications International Co., Limited, HK), Reverse DNS Software nginx / Resource Hash `8250f3589fa12913e500aa91dc7cb1237496057e3c6d779f8f61d2fcd386dd36` Request headers accept-language de-DE,de;q=0.9 Referer https://whatgoogle.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers Date Wed, 08 Nov 2023 08:21:33 GMT Content-Encoding gzip Last-Modified Tue, 07 Nov 2023 16:28:49 GMT Server nginx ETag W/"654a65c1-2c51" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Connection keep-alive
GET H/1.1	200 OK	qr-video.0c6ec69b.png whatgoogle.top/h5/static/img/	16 KB 16 KB	211ms 211ms	Image image/png	206.119.81.58 HKCICL-AS-AP Hong...
General Check archive.org Show headers Download Go to Show image Full URL https://whatgoogle.top/h5/static/img/qr-video.0c6ec69b.png Requested by Host: whatgoogle.top URL: https://whatgoogle.top/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 206.119.81.58 , United States, ASN140227 (HKCICL-AS-AP Hong Kong Communications International Co., Limited, HK), Reverse DNS Software nginx / Resource Hash `d980ab372658f4c7c8f07d730ef6dc67e3fb3471f37928274f915c0308850994` Request headers Referer https://whatgoogle.top/ Origin https://whatgoogle.top accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers Date Wed, 08 Nov 2023 08:21:34 GMT Last-Modified Tue, 07 Nov 2023 16:28:49 GMT Server nginx ETag "654a65c1-3f83" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 16259
GET DATA	200 OK	truncated /	85 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `4a711f5cd03c09fd79ae2f19bb2f71168e71c18b7562626a1ae8d99ebc3212ff` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers Content-Type image/gif
GET DATA	200 OK	truncated /	9 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `b1a2d9502384dca358a6461c208d80b1e59f97f3fb0ae99399a056523b9a90e7` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers Content-Type image/png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: WhatsApp (Instant Messenger)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

whatgoogle.top
206.119.81.58
0306b1c27ef08b2358fb8b92a25769b267d57de18c2d3d5676ab024ba8c66809
037694f09642ea8672ab1a6236b29ba3f7b70aac76eea81aaa963584f23b5790
0c4331639788455e24bed09ae2297c63c16cf42f5ccfa374c3d8537d9cc0bf1a
10c2397bf52adabc3fcc66e532112a95c42e2b9865ba3be4f9f83cce9ddddf87
208103973f6e40c61c4162df7317b23098e863332e3d4b279cd66227b981a5fb
4a711f5cd03c09fd79ae2f19bb2f71168e71c18b7562626a1ae8d99ebc3212ff
759dc14a647618bcae5099437c89998c28a2828fd56784bf1ce88edea1c037fa
8250f3589fa12913e500aa91dc7cb1237496057e3c6d779f8f61d2fcd386dd36
a8143878b4cfa67d90b541cc2f3d743f7f0ab298da61204af4ff95cce4b8a96d
b1a2d9502384dca358a6461c208d80b1e59f97f3fb0ae99399a056523b9a90e7
d980ab372658f4c7c8f07d730ef6dc67e3fb3471f37928274f915c0308850994
e3e106f890a75832cd10e3ce4ec729085350e2b60fce0f970239865916f61304

whatgoogle.top Open in urlscan Pro 206.119.81.58 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

10 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

309 kBTransfer

836 kBSize

0 Cookies

1 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

7 JavaScript Global Variables

0 Cookies

Indicators

whatgoogle.top Open in urlscan Pro
206.119.81.58 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

309 kB
Transfer

836 kB
Size

0
Cookies

10 HTTP transactions
2 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!