www-what-worlrb.com Open in urlscan Pro
139.95.4.12 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www-what-worlrb.com/
Effective URL:
https://www-what-worlrb.com/zh-cn/index.html?20220830
Submission: On April 07 via api (April 7th 2023, 4:06:25 am UTC) from JP — Scanned from JP

Summary HTTP 18 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 18 HTTP transactions. The main IP is 139.95.4.12, located in United States and belongs to ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN. The main domain is www-what-worlrb.com.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on February 27th 2023. Valid for: 3 months.

This is the only time www-what-worlrb.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: WhatsApp (Instant Messenger)

Domain & IP information

	IP Address		AS Autonomous System
18	139.95.4.12 139.95.4.12		45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
18	1

18 139.95.4.12 (United States)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

www-what-worlrb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	www-what-worlrb.com www-what-worlrb.com	1 MB
18	1

	Domain	Requested by
18	www-what-worlrb.com	www-what-worlrb.com
18	1

This site contains links to these domains. Also see Links.

Domain
web.whatsapp.com
itunes.apple.com
business.whatsapp.com
www.facebook.com
apps.apple.com
twitter.com

Subject Issuer	Validity	Valid
www-what-worlts.com ZeroSSL RSA Domain Secure Site CA	`2023-02-27` - `2023-05-28`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www-what-worlrb.com/zh-cn/index.html?20220830
Frame ID: C08DDB43037F8C80169BFECBD147F5BE
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

WhatsApp

Page URL History Show full URLs

https://www-what-worlrb.com/ Page URL
https://www-what-worlrb.com/zh-cn/index.html?20220830 Page URL

Page Statistics

18
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1485 kB
Transfer

1842 kB
Size

0
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://web.whatsapp.com/
Title: WHATSAPP 网页版

Search URL Search Domain Scan URL

URL: http://itunes.apple.com/us/app/whatsapp-messenger/id310633997?mt=8
Title: iPhone

Search URL Search Domain Scan URL

URL: https://business.whatsapp.com/products/business-app
Title: WhatsApp Business

Search URL Search Domain Scan URL

URL: https://business.whatsapp.com/products/business-platform
Title: WhatsApp Business API。

Search URL Search Domain Scan URL

URL: https://business.whatsapp.com/
Title: 商业

Search URL Search Domain Scan URL

URL: https://www.facebook.com/brand/resources/whatsapp/whatsapp-brand
Title: 品牌中心

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/whatsapp-messenger/id310633997
Title: iPhone

Search URL Search Domain Scan URL

URL: https://twitter.com/whatsapp
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/WhatsApp
Title: Facebook

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www-what-worlrb.com/ Page URL
https://www-what-worlrb.com/zh-cn/index.html?20220830 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ Show response www-what-worlrb.com/	450 B 728 B	299ms 144ms	Document text/html	139.95.4.12 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL https://www-what-worlrb.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.95.4.12 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software cdn / ASP.NET Resource Hash `0463081232da1053c228ebf7c12a11c7c5eadc36683f4c05e004db24162fc6ef` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers Accept-Ranges bytes Connection keep-alive Content-Length 450 Content-Type text/html Date Fri, 07 Apr 2023 04:06:20 GMT ETag "99399f96ed6d91:0" Last-Modified Sat, 03 Dec 2022 08:02:28 GMT Server cdn X-Cache-Status MISS X-Powered-By ASP.NET
GET H/1.1	200 OK	redirect.js www-what-worlrb.com/js/	654 B 944 B	72ms 71ms	Script application/javascript	139.95.4.12 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL https://www-what-worlrb.com/js/redirect.js Requested by Host: www-what-worlrb.com URL: https://www-what-worlrb.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.95.4.12 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software cdn / ASP.NET Resource Hash Request headers accept-language jp-JP,jp;q=0.9 Referer https://www-what-worlrb.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Fri, 07 Apr 2023 04:06:20 GMT Last-Modified Sat, 03 Dec 2022 08:02:28 GMT Server cdn ETag "63eaaf96ed6d91:0" X-Powered-By ASP.NET X-Cache-Status HIT Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 654
GET H/1.1	200 OK	config.js www-what-worlrb.com/js/	363 B 653 B	143ms 71ms	Script application/javascript	139.95.4.12 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL https://www-what-worlrb.com/js/config.js Requested by Host: www-what-worlrb.com URL: https://www-what-worlrb.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.95.4.12 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software cdn / ASP.NET Resource Hash Request headers accept-language jp-JP,jp;q=0.9 Referer https://www-what-worlrb.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Fri, 07 Apr 2023 04:06:20 GMT Last-Modified Sat, 03 Dec 2022 08:02:28 GMT Server cdn ETag "b787ad96ed6d91:0" X-Powered-By ASP.NET X-Cache-Status HIT Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 363
GET H/1.1	200 OK	Primary Request index.html Show response www-what-worlrb.com/zh-cn/	53 KB 11 KB	324ms 257ms	Document text/html	139.95.4.12 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL https://www-what-worlrb.com/zh-cn/index.html?20220830 Requested by Host: www-what-worlrb.com URL: https://www-what-worlrb.com/js/redirect.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.95.4.12 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software cdn / ASP.NET Resource Hash `37c959f8ddb4a8f6b00eee06a485635f6bd8f01184bc3f25c918f9531f4e6375` Request headers Referer https://www-what-worlrb.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html Date Fri, 07 Apr 2023 04:06:20 GMT ETag W/"43867517e3ad91:0" Last-Modified Thu, 08 Dec 2022 08:57:25 GMT Server cdn Transfer-Encoding chunked Vary Accept-Encoding X-Cache-Status MISS X-Powered-By ASP.NET
GET H/1.1	200 OK	C2fHuK6eV5E.css www-what-worlrb.com/zh-cn/index_files/	7 KB 2 KB	72ms 71ms	Stylesheet text/css	139.95.4.12 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL https://www-what-worlrb.com/zh-cn/index_files/C2fHuK6eV5E.css Requested by Host: www-what-worlrb.com URL: https://www-what-worlrb.com/zh-cn/index.html?20220830 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.95.4.12 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software cdn / ASP.NET Resource Hash `5d25fc039de768564d39bedbd355926f6612dcf06d40ade793709502ea296d8a` Request headers accept-language jp-JP,jp;q=0.9 Referer https://www-what-worlrb.com/zh-cn/index.html?20220830 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Fri, 07 Apr 2023 04:06:20 GMT Content-Encoding gzip Last-Modified Sat, 03 Dec 2022 08:02:30 GMT Server cdn ETag W/"dda48d97ed6d91:0" X-Powered-By ASP.NET Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/css X-Cache-Status HIT Connection keep-alive
GET H/1.1	200 OK	J7ci6KkN4Io.css www-what-worlrb.com/zh-cn/index_files/	133 KB 32 KB	144ms 143ms	Stylesheet text/css	139.95.4.12 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL https://www-what-worlrb.com/zh-cn/index_files/J7ci6KkN4Io.css Requested by Host: www-what-worlrb.com URL: https://www-what-worlrb.com/zh-cn/index.html?20220830 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.95.4.12 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software cdn / ASP.NET Resource Hash `788013631618154cb4b4967878c1a4ff38beac58d1ebda074a516f79bd2cb05f` Request headers accept-language jp-JP,jp;q=0.9 Referer https://www-what-worlrb.com/zh-cn/index.html?20220830 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Fri, 07 Apr 2023 04:06:20 GMT Content-Encoding gzip Last-Modified Sat, 03 Dec 2022 08:02:30 GMT Server cdn ETag W/"dda48d97ed6d91:0" X-Powered-By ASP.NET Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/css X-Cache-Status HIT Connection keep-alive
GET H/1.1	200 OK	bvgAvxUnJO-.css www-what-worlrb.com/zh-cn/index_files/	6 KB 2 KB	74ms 73ms	Stylesheet text/css	139.95.4.12 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL https://www-what-worlrb.com/zh-cn/index_files/bvgAvxUnJO-.css Requested by Host: www-what-worlrb.com URL: https://www-what-worlrb.com/zh-cn/index.html?20220830 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.95.4.12 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software cdn / ASP.NET Resource Hash `fc0821fb923a586e97a0581c6490cd08b1784b98f77b026fbefe93c32960684e` Request headers accept-language jp-JP,jp;q=0.9 Referer https://www-what-worlrb.com/zh-cn/index.html?20220830 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Fri, 07 Apr 2023 04:06:20 GMT Content-Encoding gzip Last-Modified Sat, 03 Dec 2022 08:02:30 GMT Server cdn ETag W/"2d79097ed6d91:0" X-Powered-By ASP.NET Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/css X-Cache-Status HIT Connection keep-alive
GET H/1.1	200 OK	28bZN702Ikw.css www-what-worlrb.com/zh-cn/index_files/	761 B 1 KB	142ms 70ms	Stylesheet text/css	139.95.4.12 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL https://www-what-worlrb.com/zh-cn/index_files/28bZN702Ikw.css Requested by Host: www-what-worlrb.com URL: https://www-what-worlrb.com/zh-cn/index.html?20220830 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.95.4.12 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software cdn / ASP.NET Resource Hash `0c6db3f25cef9d302542b41e0ed51aa8a7df470c38568a44606ee5ddfb0f9079` Request headers accept-language jp-JP,jp;q=0.9 Referer https://www-what-worlrb.com/zh-cn/index.html?20220830 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Fri, 07 Apr 2023 04:06:21 GMT Last-Modified Sat, 03 Dec 2022 08:02:30 GMT Server cdn ETag "dda48d97ed6d91:0" X-Powered-By ASP.NET X-Cache-Status HIT Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 761
GET H/1.1	200 OK	carousel.css www-what-worlrb.com/css/	743 B 1018 B	144ms 70ms	Stylesheet text/css	139.95.4.12 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL https://www-what-worlrb.com/css/carousel.css Requested by Host: www-what-worlrb.com URL: https://www-what-worlrb.com/zh-cn/index.html?20220830 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.95.4.12 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software cdn / ASP.NET Resource Hash `dcbb5e60604ce9ce493def64d27406ba7cbf86336296de50b36b1ee1b3d8e458` Request headers accept-language jp-JP,jp;q=0.9 Referer https://www-what-worlrb.com/zh-cn/index.html?20220830 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Fri, 07 Apr 2023 04:06:21 GMT Last-Modified Thu, 08 Dec 2022 08:57:25 GMT Server cdn ETag "1687017e3ad91:0" X-Powered-By ASP.NET X-Cache-Status HIT Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 743
GET H/1.1	200 OK	36B424nhiL4.svg www-what-worlrb.com/zh-cn/index_files/	9 KB 9 KB	72ms 71ms	Image image/svg+xml	139.95.4.12 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Show image Full URL https://www-what-worlrb.com/zh-cn/index_files/36B424nhiL4.svg Requested by Host: www-what-worlrb.com URL: https://www-what-worlrb.com/zh-cn/index.html?20220830 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.95.4.12 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software cdn / ASP.NET Resource Hash `708f4f787db19dcb4cca817e1c38fba2baf0216b092c90d59648464791d57abb` Request headers accept-language jp-JP,jp;q=0.9 Referer https://www-what-worlrb.com/zh-cn/index.html?20220830 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Fri, 07 Apr 2023 04:06:21 GMT Last-Modified Sat, 03 Dec 2022 08:02:30 GMT Server cdn ETag "dda48d97ed6d91:0" X-Powered-By ASP.NET X-Cache-Status HIT Content-Type image/svg+xml Connection keep-alive Accept-Ranges bytes Content-Length 8731
GET H/1.1	200 OK	lOol7j-zq4u.svg www-what-worlrb.com/zh-cn/index_files/	3 KB 3 KB	71ms 70ms	Image image/svg+xml	139.95.4.12 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Show image Full URL https://www-what-worlrb.com/zh-cn/index_files/lOol7j-zq4u.svg Requested by Host: www-what-worlrb.com URL: https://www-what-worlrb.com/zh-cn/index.html?20220830 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.95.4.12 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software cdn / ASP.NET Resource Hash `533ef6670e3d9c0e44718d0afa43f2edda11b58586e9da4e8f621145cf84d4d2` Request headers accept-language jp-JP,jp;q=0.9 Referer https://www-what-worlrb.com/zh-cn/index.html?20220830 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Fri, 07 Apr 2023 04:06:21 GMT Last-Modified Sat, 03 Dec 2022 08:02:30 GMT Server cdn ETag "2d79097ed6d91:0" X-Powered-By ASP.NET X-Cache-Status HIT Content-Type image/svg+xml Connection keep-alive Accept-Ranges bytes Content-Length 2648
GET H/1.1	200 OK	download.png www-what-worlrb.com/zh-cn/index_files/	5 KB 5 KB	83ms 72ms	Image image/png	139.95.4.12 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Show image Full URL https://www-what-worlrb.com/zh-cn/index_files/download.png Requested by Host: www-what-worlrb.com URL: https://www-what-worlrb.com/zh-cn/index.html?20220830 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.95.4.12 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software cdn / ASP.NET Resource Hash `824c47ca4dd32eeeb601528769a0094ea16ba6395572a16f3735634174588485` Request headers accept-language jp-JP,jp;q=0.9 Referer https://www-what-worlrb.com/zh-cn/index.html?20220830 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Fri, 07 Apr 2023 04:06:21 GMT Last-Modified Thu, 08 Dec 2022 07:27:25 GMT Server cdn ETag "e688da84d6ad91:0" X-Powered-By ASP.NET X-Cache-Status HIT Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 5184
GET H/1.1	200 OK	img.png www-what-worlrb.com/img/	509 KB 510 KB	141ms 141ms	Image image/png	139.95.4.12 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Show image Full URL https://www-what-worlrb.com/img/img.png Requested by Host: www-what-worlrb.com URL: https://www-what-worlrb.com/zh-cn/index.html?20220830 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.95.4.12 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software cdn / ASP.NET Resource Hash `e5ce70fbe7afd976be075ea099be1780b912e7b53f0fbea43f13d1b83edc4f97` Request headers accept-language jp-JP,jp;q=0.9 Referer https://www-what-worlrb.com/zh-cn/index.html?20220830 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Fri, 07 Apr 2023 04:06:21 GMT Last-Modified Mon, 05 Dec 2022 05:17:24 GMT Server cdn ETag "3f9bcbdb688d91:0" X-Powered-By ASP.NET X-Cache-Status HIT Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 521656
GET H/1.1	200 OK	gif.gif www-what-worlrb.com/img/	440 KB 440 KB	71ms 71ms	Image image/gif	139.95.4.12 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Show image Full URL https://www-what-worlrb.com/img/gif.gif Requested by Host: www-what-worlrb.com URL: https://www-what-worlrb.com/zh-cn/index.html?20220830 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.95.4.12 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software cdn / ASP.NET Resource Hash `d7ed9000efd853583ae2fabda84b83142126ccd13bbb535b49fe4f81de84cdcb` Request headers accept-language jp-JP,jp;q=0.9 Referer https://www-what-worlrb.com/zh-cn/index.html?20220830 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Fri, 07 Apr 2023 04:06:21 GMT Last-Modified Sat, 03 Dec 2022 08:02:28 GMT Server cdn ETag "6c129896ed6d91:0" X-Powered-By ASP.NET X-Cache-Status HIT Content-Type image/gif Connection keep-alive Accept-Ranges bytes Content-Length 450645
GET H/1.1	200 OK	img2.png www-what-worlrb.com/img/	349 KB 349 KB	181ms 141ms	Image image/png	139.95.4.12 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Show image Full URL https://www-what-worlrb.com/img/img2.png Requested by Host: www-what-worlrb.com URL: https://www-what-worlrb.com/zh-cn/index.html?20220830 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.95.4.12 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software cdn / ASP.NET Resource Hash `379cfe51888015c64460c1e18316e7ba4a3e49f0d78ebeaf39c6ec943f5dc0e8` Request headers accept-language jp-JP,jp;q=0.9 Referer https://www-what-worlrb.com/zh-cn/index.html?20220830 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Fri, 07 Apr 2023 04:06:21 GMT Last-Modified Mon, 05 Dec 2022 05:17:24 GMT Server cdn ETag "3f9bcbdb688d91:0" X-Powered-By ASP.NET X-Cache-Status HIT Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 357483
GET H/1.1	200 OK	language.js Show response www-what-worlrb.com/js/	394 B 684 B	198ms 71ms	Script application/javascript	139.95.4.12 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL https://www-what-worlrb.com/js/language.js Requested by Host: www-what-worlrb.com URL: https://www-what-worlrb.com/zh-cn/index.html?20220830 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.95.4.12 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software cdn / ASP.NET Resource Hash `9ccf705a32e9019074a5f77a3ec1084c287a2a21d85077ac00593196fcd65b58` Request headers accept-language jp-JP,jp;q=0.9 Referer https://www-what-worlrb.com/zh-cn/index.html?20220830 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Fri, 07 Apr 2023 04:06:21 GMT Last-Modified Sat, 03 Dec 2022 08:02:28 GMT Server cdn ETag "63eaaf96ed6d91:0" X-Powered-By ASP.NET X-Cache-Status HIT Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 394
GET H/1.1	200 OK	anim.js Show response www-what-worlrb.com/zh-cn/index_files/	323 KB 114 KB	212ms 142ms	Script application/javascript	139.95.4.12 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL https://www-what-worlrb.com/zh-cn/index_files/anim.js Requested by Host: www-what-worlrb.com URL: https://www-what-worlrb.com/zh-cn/index.html?20220830 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.95.4.12 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software cdn / ASP.NET Resource Hash `72b416da8bb4c0a631280e7f0dd6f17634f03cbfb3975915d8159a18e2a2db41` Request headers accept-language jp-JP,jp;q=0.9 Referer https://www-what-worlrb.com/zh-cn/index.html?20220830 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Fri, 07 Apr 2023 04:06:21 GMT Content-Encoding gzip Last-Modified Sat, 03 Dec 2022 08:02:30 GMT Server cdn ETag W/"2d79097ed6d91:0" X-Powered-By ASP.NET Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript X-Cache-Status HIT Connection keep-alive
GET H/1.1	200 OK	carousel.js Show response www-what-worlrb.com/js/	3 KB 1 KB	144ms 75ms	Script application/javascript	139.95.4.12 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL https://www-what-worlrb.com/js/carousel.js Requested by Host: www-what-worlrb.com URL: https://www-what-worlrb.com/zh-cn/index.html?20220830 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.95.4.12 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software cdn / ASP.NET Resource Hash `4a8573ad67fb5058852db2b7fbca37250d67af2d2ae63adacb99406596be3c2e` Request headers accept-language jp-JP,jp;q=0.9 Referer https://www-what-worlrb.com/zh-cn/index.html?20220830 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Fri, 07 Apr 2023 04:06:21 GMT Content-Encoding gzip Last-Modified Thu, 08 Dec 2022 08:57:25 GMT Server cdn ETag W/"61637317e3ad91:0" X-Powered-By ASP.NET Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript X-Cache-Status HIT Connection keep-alive

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: WhatsApp (Instant Messenger)

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

www-what-worlrb.com
139.95.4.12
0463081232da1053c228ebf7c12a11c7c5eadc36683f4c05e004db24162fc6ef
0c6db3f25cef9d302542b41e0ed51aa8a7df470c38568a44606ee5ddfb0f9079
379cfe51888015c64460c1e18316e7ba4a3e49f0d78ebeaf39c6ec943f5dc0e8
37c959f8ddb4a8f6b00eee06a485635f6bd8f01184bc3f25c918f9531f4e6375
4a8573ad67fb5058852db2b7fbca37250d67af2d2ae63adacb99406596be3c2e
533ef6670e3d9c0e44718d0afa43f2edda11b58586e9da4e8f621145cf84d4d2
5d25fc039de768564d39bedbd355926f6612dcf06d40ade793709502ea296d8a
708f4f787db19dcb4cca817e1c38fba2baf0216b092c90d59648464791d57abb
72b416da8bb4c0a631280e7f0dd6f17634f03cbfb3975915d8159a18e2a2db41
788013631618154cb4b4967878c1a4ff38beac58d1ebda074a516f79bd2cb05f
824c47ca4dd32eeeb601528769a0094ea16ba6395572a16f3735634174588485
9ccf705a32e9019074a5f77a3ec1084c287a2a21d85077ac00593196fcd65b58
d7ed9000efd853583ae2fabda84b83142126ccd13bbb535b49fe4f81de84cdcb
dcbb5e60604ce9ce493def64d27406ba7cbf86336296de50b36b1ee1b3d8e458
e5ce70fbe7afd976be075ea099be1780b912e7b53f0fbea43f13d1b83edc4f97
fc0821fb923a586e97a0581c6490cd08b1784b98f77b026fbefe93c32960684e

www-what-worlrb.com Open in urlscan Pro 139.95.4.12 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

18 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

1485 kBTransfer

1842 kBSize

0 Cookies

9 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

41 JavaScript Global Variables

0 Cookies

Indicators

www-what-worlrb.com Open in urlscan Pro
139.95.4.12 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1485 kB
Transfer

1842 kB
Size

0
Cookies

18 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!