wwe.whotsapps.com Open in urlscan Pro
2a06:98c1:3120::3  Malicious Activity! Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response wwe.whotsapps.com/	24 KB 10 KB	412ms 368ms	Document text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://wwe.whotsapps.com/ Protocol HTTP/1.1 Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b644771c0f21cf4412081ddced5157716a952b5e0030d600a625f7576d4135ee Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers CF-Cache-Status DYNAMIC CF-RAY 819a35915a435c9e-FRA Connection keep-alive Content-Encoding gzip Content-Type text/html Date Sat, 21 Oct 2023 14:32:19 GMT Last-Modified Tue, 17 Oct 2023 13:09:52 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C46vZ3DS7nb37x8%2FkfYhQyq7%2F%2Fs4YGdEXpupmWXYvxjHH53wEGIOpoe%2BH7b%2F1G3KTI8JP8mC2i1Ps5r3TQOslT%2Ft7Wxnirk8zIXkUmyzutMhZXNp3MPOY%2FGAvvNcw2VPEO63KaH5gfKMofubLZnBhw%3D%3D"}],"group":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked Vary Accept-Encoding alt-svc h3=":443"; ma=86400
GET H/1.1	200 OK	stylex.css wwe.whotsapps.com/WhatsApp_files/	206 KB 58 KB	509ms 509ms	Stylesheet text/css	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://wwe.whotsapps.com/WhatsApp_files/stylex.css Requested by Host: wwe.whotsapps.com URL: http://wwe.whotsapps.com/ Protocol HTTP/1.1 Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f25582f98aa21ace8f2c46da6c0623629493de7a460d93b33ad311c0994a2d5f Request headers accept-language nl-NL,nl;q=0.9 Referer http://wwe.whotsapps.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers Date Sat, 21 Oct 2023 14:32:20 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400 Last-Modified Sat, 07 Oct 2023 06:00:48 GMT Server cloudflare ETag W/"6520f410-3392e" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4rqr5cO%2FWAsJKUcbFSQ3yCfnW8CDrsmEzjivEWS164X4W9b1MMfxHWcYzjHEmL5MW%2BGlndKyIjwEYG3BjetuElnwiv9cys7zmUlUx%2F51YKluW1KGTbFcTu6v9Q1Ex%2FVTxqdb%2F8JWpGDD6ux%2Fn%2B1n3A%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type text/css Cache-Control max-age=43200 CF-RAY 819a3593ac6d5c9e-FRA Expires Sun, 22 Oct 2023 02:32:20 GMT
GET H/1.1	200 OK	app.css wwe.whotsapps.com/WhatsApp_files/	188 KB 66 KB	512ms 493ms	Stylesheet text/css	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://wwe.whotsapps.com/WhatsApp_files/app.css Requested by Host: wwe.whotsapps.com URL: http://wwe.whotsapps.com/ Protocol HTTP/1.1 Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6508d54b56a914b04811707f2736c8813ac4763de9c9e3a387f479d15c59ef7f Request headers accept-language nl-NL,nl;q=0.9 Referer http://wwe.whotsapps.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers Date Sat, 21 Oct 2023 14:32:20 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400 Last-Modified Sat, 07 Oct 2023 06:00:48 GMT Server cloudflare ETag W/"6520f410-2ef7a" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uLr%2F29ojDtJZ9eAkpKwrIk3FnzoSAIiXBGcEpSfquCD3cjZ0ZNeATzaAm6AupqgI2BQb0LcM9vhgxI%2F%2B1z90xaNWVcO0yGcRSt8lFe0UAFmgWMrdWRvZrubefiNZWhJmGMoMI%2FGfkFZ%2Bay%2Bs7bAlQQ%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type text/css Cache-Control max-age=43200 CF-RAY 819a3593ca319ba6-FRA Expires Sun, 22 Oct 2023 02:32:20 GMT
GET H/1.1	200 OK	main~.css wwe.whotsapps.com/WhatsApp_files/	23 KB 6 KB	379ms 360ms	Stylesheet text/css	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://wwe.whotsapps.com/WhatsApp_files/main~.css Requested by Host: wwe.whotsapps.com URL: http://wwe.whotsapps.com/ Protocol HTTP/1.1 Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 01e3431fe3eef72a8116f5bf9b0c1c51e54a956f902b33eadb8d2193e21610f9 Request headers accept-language nl-NL,nl;q=0.9 Referer http://wwe.whotsapps.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers Date Sat, 21 Oct 2023 14:32:20 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400 Last-Modified Sat, 07 Oct 2023 06:00:48 GMT Server cloudflare ETag W/"6520f410-5ab4" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C31jXtov1PjS4YmfBbYjY9oOTu7yiUXMUBIJSh%2B6JCye1VyYzJeKIx22oo8KIJvnS67ruUKtgTpMmD1mfhO0wCO%2BIbbiQmSKOg8AwgyUbklLFkGHgoXdEgmB2QEnEWDEWV8VEZLJ7YkSIyub%2Btnc9w%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type text/css Cache-Control max-age=43200 CF-RAY 819a3593cdf6bbe9-FRA Expires Sun, 22 Oct 2023 02:32:20 GMT
GET H/1.1	200 OK	main.css wwe.whotsapps.com/WhatsApp_files/	134 KB 33 KB	525ms 506ms	Stylesheet text/css	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://wwe.whotsapps.com/WhatsApp_files/main.css Requested by Host: wwe.whotsapps.com URL: http://wwe.whotsapps.com/ Protocol HTTP/1.1 Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cfe20a08ba90c9ca60c4f6570c7947450d889ec3bd3e4a664637847d2a4e252b Request headers accept-language nl-NL,nl;q=0.9 Referer http://wwe.whotsapps.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers Date Sat, 21 Oct 2023 14:32:20 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400 Last-Modified Sat, 07 Oct 2023 06:00:48 GMT Server cloudflare ETag W/"6520f410-21938" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pUc1JhuSjo5oNp8lCM5PtPcVk8fechnQZT6bt%2Fvqe8zTbqZDaOLY5ThmpyaxyusNf6gJqbwyizBqGj4nR4RnF4hrfk4oMFRTJ6TGh1BdNeSybCCxALs%2F4SAxy7Cp6MCyPVTXUXjlB8AbQVX5fedZXg%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type text/css Cache-Control max-age=43200 CF-RAY 819a3593c9a73648-FRA Expires Sun, 22 Oct 2023 02:32:20 GMT
GET H/1.1	200 OK	jquery.min.js Show response cdn.staticfile.org/jquery/1.10.2/	91 KB 33 KB	1503ms 41ms	Script application/javascript	163.181.56.225 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Full URL https://cdn.staticfile.org/jquery/1.10.2/jquery.min.js Requested by Host: wwe.whotsapps.com URL: http://wwe.whotsapps.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 163.181.56.225 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash 89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e Request headers accept-language nl-NL,nl;q=0.9 Referer http://wwe.whotsapps.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers X-Log X-Log Date Sat, 21 Oct 2023 13:24:48 GMT Via cache23.l2de2[0,0,304-0,H], cache9.l2de2[1,0], ens-cache4.de4[0,0,200-0,H], ens-cache4.de4[2,0] Content-Encoding gzip X-Svr IO X-Reqid KsEAAAByOCc5IpAX Age 4053 X-Swift-CacheTime 86372 X-Cache HIT TCP_MEM_HIT dirn:10:16034795 Content-Transfer-Encoding binary Content-Disposition inline; filename="jquery.min.js"; filename*=utf-8''jquery.min.js Connection keep-alive X-Swift-SaveTime Sat, 21 Oct 2023 13:25:16 GMT Content-Length 32989 Last-Modified Tue, 16 Feb 2016 04:22:54 GMT Server Tengine Etag "FuLzYD4jcR9kRvJ4pBHZBWI9ZSAe.gz" Access-Control-Max-Age 2592000 Ali-Swift-Global-Savetime 1697894688 Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Expose-Headers X-Log, X-Reqid Cache-Control public, max-age=31536000 Vary Accept-Encoding Accept-Ranges bytes X-Qiniu-Zone 0 Timing-Allow-Origin * EagleId 2ff62b1c16978987412222524e
GET H/1.1	200 OK	qr-video.png wwe.whotsapps.com/WhatsApp_files/	16 KB 17 KB	514ms 495ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://wwe.whotsapps.com/WhatsApp_files/qr-video.png Requested by Host: wwe.whotsapps.com URL: http://wwe.whotsapps.com/ Protocol HTTP/1.1 Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d980ab372658f4c7c8f07d730ef6dc67e3fb3471f37928274f915c0308850994 Request headers Referer http://wwe.whotsapps.com/ Origin http://wwe.whotsapps.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers Date Sat, 21 Oct 2023 14:32:20 GMT CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive alt-svc h3=":443"; ma=86400 Content-Length 16259 Last-Modified Sat, 07 Oct 2023 06:00:48 GMT Server cloudflare ETag "6520f410-3f83" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BmLyAa2e0LyYXAgqrA1lcyqLmQ%2BljwZ7m1Ag2UlNKue2G0kwXwGgHcvgJfAE2a2G19ba%2Fc1ZIvwpvqIDSQm4tOveUrVTFHjilh%2FMdsvwMomy2unKP%2Btg2siOB4ocrEp%2FFGRVGoEi%2BM6vwGeBorX%2FVA%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/png Cache-Control max-age=2592000 Accept-Ranges bytes CF-RAY 819a3593c80c3834-FRA Expires Mon, 20 Nov 2023 14:32:20 GMT
GET H/1.1	200 OK	wmw.js Show response wwe.whotsapps.com/	3 KB 2 KB	379ms 361ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://wwe.whotsapps.com/wmw.js?ver=1.5 Requested by Host: wwe.whotsapps.com URL: http://wwe.whotsapps.com/ Protocol HTTP/1.1 Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash de3d8c4de0cbe24eaf6557ddd72b9b93939e2245df905edd02ff6b6012a0bac1 Request headers accept-language nl-NL,nl;q=0.9 Referer http://wwe.whotsapps.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers Date Sat, 21 Oct 2023 14:32:20 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400 Last-Modified Tue, 17 Oct 2023 12:53:40 GMT Server cloudflare ETag W/"652e83d4-ab9" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=URPfliqvKd3owSC5VoXZFjiqHfNOSVwFHY0BsKBYbA5LI3Mb7F%2BDhBlZSe30YM55GHT69FyLNpCHf%2ByS2xSMkyc46%2BB1Xexa4SAP1miy7yygVT%2Bz3xpcYB0Taddt3dsW1Zf7jJYPa3OHm2F%2BpdMuBg%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript Cache-Control max-age=43200 CF-RAY 819a3593c91903a0-FRA Expires Sun, 22 Oct 2023 02:32:20 GMT
GET H2	200	e511b5ab-7683-4625-b997-60c224a02839.png ssc.nkaili.top/qrcodes/	2 KB 2 KB	411ms 369ms	Image image/png	2606:4700:3033::6815:3e44 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ssc.nkaili.top/qrcodes/e511b5ab-7683-4625-b997-60c224a02839.png?1697898742540 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:3e44 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash ac8135641be64c602b698d81acd4c37d05a9e5fe3673aa1a0629362fdf87ff48 Request headers accept-language nl-NL,nl;q=0.9 Referer http://wwe.whotsapps.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Sat, 21 Oct 2023 14:32:22 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by Express alt-svc h3=":443"; ma=86400 content-length 1723 last-modified Sat, 21 Oct 2023 14:32:16 GMT server cloudflare etag W/"6bb-18b52a6aa3d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mIKCmvxspcezYlwkSyszhFVTfDawmlXzaTNNPkgSPGzHp8YKbhUO3AXQkspKpc7XQFYN3oHwE0My8Q4gxlUsKE4hCfluRHUCYjTxT3SiNATUtH%2BWAPwmPW5hKeVCnTJnNpwiuqvBEzLSUjP9dw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control public, max-age=14400 accept-ranges bytes cf-ray 819a35a53aca2c62-FRA
GET		e511b5ab-7683-4625-b997-60c224a02839.png ssc.nkaili.top/qrcodes/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

ssc.nkaili.top

URL

https://ssc.nkaili.top/qrcodes/e511b5ab-7683-4625-b997-60c224a02839.png?1697898745541

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: WhatsApp (Instant Messenger)

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery string| srv number| i_referer number| isEnable function| guid function| getUUID string| uuid function| xorEncryptDecrypt object| ws function| status_callback function| refershQrCode object| json number| code string| qrcode_text

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.staticfile.org
ssc.nkaili.top
wwe.whotsapps.com
ssc.nkaili.top
163.181.56.225
2606:4700:3033::6815:3e44
2a06:98c1:3120::3
01e3431fe3eef72a8116f5bf9b0c1c51e54a956f902b33eadb8d2193e21610f9
6508d54b56a914b04811707f2736c8813ac4763de9c9e3a387f479d15c59ef7f
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
ac8135641be64c602b698d81acd4c37d05a9e5fe3673aa1a0629362fdf87ff48
b644771c0f21cf4412081ddced5157716a952b5e0030d600a625f7576d4135ee
cfe20a08ba90c9ca60c4f6570c7947450d889ec3bd3e4a664637847d2a4e252b
d980ab372658f4c7c8f07d730ef6dc67e3fb3471f37928274f915c0308850994
de3d8c4de0cbe24eaf6557ddd72b9b93939e2245df905edd02ff6b6012a0bac1
f25582f98aa21ace8f2c46da6c0623629493de7a460d93b33ad311c0994a2d5f