www.wyuldogp.cyou Open in urlscan Pro
154.82.100.131  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response www.wyuldogp.cyou/	12 KB 6 KB	2827ms 1656ms	Document text/html	154.82.100.131 TERAEXCH
General Check archive.org Show headers Download Go to Full URL http://www.wyuldogp.cyou/ Protocol HTTP/1.1 Server 154.82.100.131 , Singapore, ASN399077 (TERAEXCH, US), Reverse DNS Software NgxFence / Resource Hash f07e91ddd509f8041ce6e6540e57907ff2191a4707465c936a70dede9564ddbb Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html Date Wed, 13 Dec 2023 09:49:05 GMT ETag W/"655cca1a-3061" Last-Modified Tue, 21 Nov 2023 15:17:46 GMT Server NgxFence Transfer-Encoding chunked Vary Accept-Encoding X-Cache DYNAMIC
GET H/1.1	200 OK	qrcanvas.js Show response www.wyuldogp.cyou/WhatsApp_files/	27 KB 11 KB	271ms 269ms	Script application/javascript	154.82.100.131 TERAEXCH
General Check archive.org Show headers Download Go to Full URL http://www.wyuldogp.cyou/WhatsApp_files/qrcanvas.js Requested by Host: www.wyuldogp.cyou URL: http://www.wyuldogp.cyou/ Protocol HTTP/1.1 Server 154.82.100.131 , Singapore, ASN399077 (TERAEXCH, US), Reverse DNS Software NgxFence / Resource Hash 54cac6d3891780bda453d22e23feb7ec365659a9edd860f347aaec7bb8559fb8 Request headers accept-language en-US,en;q=0.9 Referer http://www.wyuldogp.cyou/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Wed, 13 Dec 2023 09:49:05 GMT Content-Encoding gzip Last-Modified Wed, 18 Oct 2023 02:42:10 GMT Server NgxFence ETag W/"652f4602-6d8e" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript X-Cache HIT Connection keep-alive
GET H2	200	jquery.min.js Show response apps.bdimg.com/libs/jquery/2.1.4/	82 KB 29 KB	2818ms 682ms	Script application/x-javascript	113.219.142.49 CT-HUNAN-HENGYANG...
General Check archive.org Show headers Download Go to Full URL https://apps.bdimg.com/libs/jquery/2.1.4/jquery.min.js Requested by Host: www.wyuldogp.cyou URL: http://www.wyuldogp.cyou/ Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 113.219.142.49 , China, ASN63838 (CT-HUNAN-HENGYANG-IDC Hengyang, CN), Reverse DNS Software JSP3/2.0.14 / Resource Hash de4b3c3d1dc2506b6693f0f98884e1dc074cda9d66cab39b7b48a115fdfc4c0f Request headers accept-language en-US,en;q=0.9 Referer http://www.wyuldogp.cyou/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Wed, 13 Dec 2023 09:49:08 GMT content-encoding gzip ohc-cache-hit chenzct66 [2], xiangyctcache82 [2] ohc-response-time 1 0 0 0 0 0 last-modified Wed, 03 Jun 2015 05:58:22 GMT server JSP3/2.0.14 age 1406545 vary Accept-Encoding content-type application/x-javascript cache-control max-age=2592000 accept-ranges bytes ohc-global-saved-time Sun, 19 Nov 2023 13:49:42 GMT expires Tue, 19 Dec 2023 13:49:42 GMT
GET H/1.1	200 OK	stylex-8caac98133ee6a23e652b43a755ba651.css www.wyuldogp.cyou/WhatsApp_files/	206 KB 57 KB	1674ms 1673ms	Stylesheet text/css	154.82.100.131 TERAEXCH
General Check archive.org Show headers Download Go to Full URL http://www.wyuldogp.cyou/WhatsApp_files/stylex-8caac98133ee6a23e652b43a755ba651.css Requested by Host: www.wyuldogp.cyou URL: http://www.wyuldogp.cyou/ Protocol HTTP/1.1 Server 154.82.100.131 , Singapore, ASN399077 (TERAEXCH, US), Reverse DNS Software NgxFence / Resource Hash f25582f98aa21ace8f2c46da6c0623629493de7a460d93b33ad311c0994a2d5f Request headers accept-language en-US,en;q=0.9 Referer http://www.wyuldogp.cyou/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Wed, 13 Dec 2023 09:49:07 GMT Content-Encoding gzip Last-Modified Sun, 08 Oct 2023 13:59:29 GMT Server NgxFence ETag W/"6522b5c1-3392e" Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/css X-Cache HIT Connection keep-alive
GET H/1.1	200 OK	app-fa65d92408e2774c8730.css www.wyuldogp.cyou/WhatsApp_files/	188 KB 65 KB	1969ms 1691ms	Stylesheet text/css	154.82.100.131 TERAEXCH
General Check archive.org Show headers Download Go to Full URL http://www.wyuldogp.cyou/WhatsApp_files/app-fa65d92408e2774c8730.css Requested by Host: www.wyuldogp.cyou URL: http://www.wyuldogp.cyou/ Protocol HTTP/1.1 Server 154.82.100.131 , Singapore, ASN399077 (TERAEXCH, US), Reverse DNS Software NgxFence / Resource Hash 6508d54b56a914b04811707f2736c8813ac4763de9c9e3a387f479d15c59ef7f Request headers accept-language en-US,en;q=0.9 Referer http://www.wyuldogp.cyou/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Wed, 13 Dec 2023 09:49:07 GMT Content-Encoding gzip Last-Modified Sun, 08 Oct 2023 13:59:29 GMT Server NgxFence ETag W/"6522b5c1-2ef7a" Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/css X-Cache HIT Connection keep-alive
GET H/1.1	200 OK	0O5tn6VSR8TeB2PsjTQph8nH52kiS6g Show response www.wyuldogp.cyou/getQrcode/	237 B 447 B	318ms 318ms	XHR application/json	154.82.100.131 TERAEXCH
General Check archive.org Show headers Download Go to Full URL http://www.wyuldogp.cyou/getQrcode/0O5tn6VSR8TeB2PsjTQph8nH52kiS6g Requested by Host: apps.bdimg.com URL: https://apps.bdimg.com/libs/jquery/2.1.4/jquery.min.js Protocol HTTP/1.1 Server 154.82.100.131 , Singapore, ASN399077 (TERAEXCH, US), Reverse DNS Software NgxFence / Resource Hash 4acf19e77b24101f6fb9f52ade477c4f8c8ecd8919b03edc5e4e24ca1ecc52da Request headers Accept */* Referer http://www.wyuldogp.cyou/ X-Requested-With XMLHttpRequest accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Wed, 13 Dec 2023 09:49:10 GMT Content-Encoding gzip Server NgxFence Connection keep-alive Transfer-Encoding chunked X-Cache DYNAMIC Content-Type application/json
GET		0O5tn6VSR8TeB2PsjTQph8nH52kiS6g www.wyuldogp.cyou/getQrcode/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.wyuldogp.cyou

URL

http://www.wyuldogp.cyou/getQrcode/0O5tn6VSR8TeB2PsjTQph8nH52kiS6g

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: WhatsApp (Instant Messenger)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| qrcanvas function| $ function| jQuery function| getUserKey string| UserKey number| askTask function| req

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apps.bdimg.com
www.wyuldogp.cyou
www.wyuldogp.cyou
113.219.142.49
154.82.100.131
4acf19e77b24101f6fb9f52ade477c4f8c8ecd8919b03edc5e4e24ca1ecc52da
54cac6d3891780bda453d22e23feb7ec365659a9edd860f347aaec7bb8559fb8
6508d54b56a914b04811707f2736c8813ac4763de9c9e3a387f479d15c59ef7f
de4b3c3d1dc2506b6693f0f98884e1dc074cda9d66cab39b7b48a115fdfc4c0f
f07e91ddd509f8041ce6e6540e57907ff2191a4707465c936a70dede9564ddbb
f25582f98aa21ace8f2c46da6c0623629493de7a460d93b33ad311c0994a2d5f