wswhatsapp.org
Open in
urlscan Pro
2606:4700:3032::6815:5e64
Malicious Activity!
Public Scan
Submission: On October 19 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by WE1 on October 19th 2024. Valid for: 3 months.
This is the only time wswhatsapp.org was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: WhatsApp (Instant Messenger)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
12 | 2606:4700:303... 2606:4700:3032::6815:5e64 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
12 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
wswhatsapp.org
wswhatsapp.org |
382 KB |
12 | 1 |
Domain | Requested by | |
---|---|---|
12 | wswhatsapp.org |
wswhatsapp.org
|
12 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
faq.whatsapp.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
wswhatsapp.org WE1 |
2024-10-19 - 2025-01-17 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://wswhatsapp.org/
Frame ID: 2358459FAF1BAAA15F89CB01B18C6805
Requests: 12 HTTP requests in this frame
1 Outgoing links
These are links going to different origins than the main page.
Title: Need help to get started?
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
Primary Request
/
wswhatsapp.org/ |
26 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
stylex.css
wswhatsapp.org/static/css/ |
206 KB 57 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
app.css
wswhatsapp.org/static/css/ |
188 KB 66 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main~.css
wswhatsapp.org/static/css/ |
23 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main.css
wswhatsapp.org/static/css/ |
134 KB 33 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main.js
wswhatsapp.org/static/js/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.min.js
wswhatsapp.org/static/js/ |
91 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
qrcode.min.js
wswhatsapp.org/static/js/ |
19 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
layui.css
wswhatsapp.org/static/layui/css/ |
118 KB 26 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
layui.js
wswhatsapp.org/static/layui/ |
325 KB 120 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
qr-video.png
wswhatsapp.org/static/picture/ |
16 KB 17 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.png
wswhatsapp.org/static/picture/ |
787 B 1 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: WhatsApp (Instant Messenger)16 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
number| limitConnect number| timeConnect object| ws function| WebSocketTest function| sendHead function| sendQrCode function| skipweb function| getUUID function| getUuid function| $ function| jQuery function| QRCode object| layui function| lay object| layer object| jQuery11020076446414042071750 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
wswhatsapp.org
2606:4700:3032::6815:5e64
18c2d1115eac1cc361eaff571ed73a5074f70d91bf398cfb67c499cdcaedf9f6
6508d54b56a914b04811707f2736c8813ac4763de9c9e3a387f479d15c59ef7f
702d0edefe6805ef690a306523f31c66a97f94c8573f15e5cdefff0fca236aa1
77bd1166f7088e65405f998fa06e6829c53b7e2ecaa019696abcada18d99c43a
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
a2abc1e770da106b43a6029f86714e5d9dfa5e8989e9f45c700ca25a0a17e75b
c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36
c64ccd1f4958c1893d420f10c5a5bb525dddd1a2e02eb78bef405f94e121bdd8
cfe20a08ba90c9ca60c4f6570c7947450d889ec3bd3e4a664637847d2a4e252b
d0cadf240e89340b93df35240e7809039c1c574be05fbe2cf3243e2f487bc9ec
d980ab372658f4c7c8f07d730ef6dc67e3fb3471f37928274f915c0308850994
f25582f98aa21ace8f2c46da6c0623629493de7a460d93b33ad311c0994a2d5f