whatsapp-kl.top
Open in
urlscan Pro
47.243.189.172
Malicious Activity!
Public Scan
Submission: On April 05 via api from US — Scanned from US
Summary
TLS certificate: Issued by R3 on April 4th 2024. Valid for: 3 months.
This is the only time whatsapp-kl.top was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: WhatsApp (Instant Messenger)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
13 | 47.243.189.172 47.243.189.172 | 45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.) | |
13 | 2 |
ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
whatsapp-kl.top |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
whatsapp-kl.top
whatsapp-kl.top |
394 KB |
13 | 1 |
Domain | Requested by | |
---|---|---|
13 | whatsapp-kl.top |
whatsapp-kl.top
|
13 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
whatsapp-hk.cc R3 |
2024-04-04 - 2024-07-03 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://whatsapp-kl.top/index.html
Frame ID: 4EE4B374899462CD9330794EB98FFA35
Requests: 14 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
index.html
whatsapp-kl.top/ |
31 KB 17 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
stylex.css
whatsapp-kl.top/ |
208 KB 54 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.css
whatsapp-kl.top/ |
216 KB 69 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index-ac19029f.js
whatsapp-kl.top/assets/ |
138 KB 55 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index-be4b5325.css
whatsapp-kl.top/assets/ |
16 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index-632dff2c.js
whatsapp-kl.top/assets/ |
265 KB 76 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index-2ff15f7d.css
whatsapp-kl.top/assets/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
af.svg
whatsapp-kl.top/nation/ |
21 KB 21 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qr-video.png
whatsapp-kl.top/img/ |
16 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
8 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
whatsapp-webclient-login.mp4
whatsapp-kl.top/ |
160 KB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en-50ec4f03.js
whatsapp-kl.top/assets/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
whatsapp-webclient-login.mp4
whatsapp-kl.top/ |
80 KB 80 KB |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.png
whatsapp-kl.top/img/ |
787 B 992 B |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: WhatsApp (Instant Messenger)10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| systemThemeDark object| theme object| systemThemeMode object| systemTheme boolean| darkTheme object| __VUE_INSTANCE_SETTERS__ boolean| __INTLIFY_PROD_DEVTOOLS__ boolean| __VUE_I18N_FULL_INSTALL__ boolean| __VUE_I18N_LEGACY_API__ boolean| __VUE__0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
whatsapp-kl.top
47.243.189.172
0ab887cbc038205f00894e1c7857ececb10bd44fbda466b4244e1d8f44079173
210dcafa9ad9ebf85185530919e6d85e90dd81ee91f54128699eac4d02f4e641
2b1b60640082e571b45072387440ec19f050929d1bf921d33a02a0eabdcc7e4e
4fbf4caf9fff6d1f2b6348950a8f5cfd9fbb52c95a85bd3b8986dd5dc5aa2633
57970cabfa2e20bdc22543000e308b98b3749b63f2e517c16a54b80134cc3397
5dc80e777bfc39e7c71879017fbca0a02c3093a2f58715ea81326d06b4b30b2e
63e98afaa5b17a6c1a424d998daef979ceab63de749d73af254bfd20776886db
68678188a607581e508a9435c4b75f1f3869bfafb91413a3108a72dee1b8ee6a
6942b66835801075044785492d7f01e6ca4ad85215cd53f8726aa68f37f00647
70c62d5b9e11c8ca76eba4a9abf98a21c11c2280826d6c3593716a8378977e22
d0cadf240e89340b93df35240e7809039c1c574be05fbe2cf3243e2f487bc9ec
d980ab372658f4c7c8f07d730ef6dc67e3fb3471f37928274f915c0308850994