whatsapps-zh.com
Open in
urlscan Pro
2606:4700:3031::6815:2311
Malicious Activity!
Public Scan
Effective URL: https://whatsapps-zh.com/
Submission: On February 20 via automatic, source openphish — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on January 10th 2023. Valid for: 3 months.
This is the only time whatsapps-zh.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: WhatsApp (Instant Messenger)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2606:4700:303... 2606:4700:3033::ac43:a7b3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700:303... 2606:4700:3031::6815:2311 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
11 | 47.75.19.55 47.75.19.55 | 45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.) | |
12 | 2 |
ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
top100htmls.oss-cn-hongkong.aliyuncs.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
aliyuncs.com
top100htmls.oss-cn-hongkong.aliyuncs.com |
309 KB |
2 |
whatsapps-zh.com
1 redirects
whatsapps-zh.com |
8 KB |
12 | 2 |
Domain | Requested by | |
---|---|---|
11 | top100htmls.oss-cn-hongkong.aliyuncs.com |
whatsapps-zh.com
top100htmls.oss-cn-hongkong.aliyuncs.com |
2 | whatsapps-zh.com | 1 redirects |
12 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.whatsapp.com |
web.whatsapp.com |
www.facebook.com |
blog.whatsapp.com |
faq.whatsapp.com |
twitter.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.whatsapps-zh.com GTS CA 1P5 |
2023-01-10 - 2023-04-10 |
3 months | crt.sh |
*.oss-cn-hongkong.aliyuncs.com GlobalSign Organization Validation CA - SHA256 - G3 |
2023-01-30 - 2024-03-02 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://whatsapps-zh.com/
Frame ID: DFE7B02C9D863CF9FE82E25A16EA59D2
Requests: 12 HTTP requests in this frame
Screenshot
Page Title
WhatsAppPage URL History Show full URLs
-
http://whatsapps-zh.com/
HTTP 301
https://whatsapps-zh.com/ Page URL
Page Statistics
15 Outgoing links
These are links going to different origins than the main page.
Title: 条款和隐私政策
Search URL Search Domain Scan URL
Title: 功能
Search URL Search Domain Scan URL
Title: 下载
Search URL Search Domain Scan URL
Title: WhatsApp 网页版
Search URL Search Domain Scan URL
Title: 商业
Search URL Search Domain Scan URL
Title: 隐私
Search URL Search Domain Scan URL
Title: 关于
Search URL Search Domain Scan URL
Title: 招聘信息
Search URL Search Domain Scan URL
Title: 品牌中心
Search URL Search Domain Scan URL
Title: 联系我们
Search URL Search Domain Scan URL
Title: 博客
Search URL Search Domain Scan URL
Title: WhatsApp 案例
Search URL Search Domain Scan URL
Title: 帮助中心
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://whatsapps-zh.com/
HTTP 301
https://whatsapps-zh.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
whatsapps-zh.com/ Redirect Chain
|
61 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.css
top100htmls.oss-cn-hongkong.aliyuncs.com/0110s/ |
338 KB 43 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
C2fHuK6eV5E.css
top100htmls.oss-cn-hongkong.aliyuncs.com/0110s/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ltFhh1WeWrF.css
top100htmls.oss-cn-hongkong.aliyuncs.com/0110s/ |
132 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bN3-bDb4nrT.css
top100htmls.oss-cn-hongkong.aliyuncs.com/0110s/ |
10 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
36B424nhiL4.svg
top100htmls.oss-cn-hongkong.aliyuncs.com/0110s/ |
9 KB 9 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lOol7j-zq4u.svg
top100htmls.oss-cn-hongkong.aliyuncs.com/0110s/ |
3 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
199496234_481826579786653_2728461741738467210_n.png
top100htmls.oss-cn-hongkong.aliyuncs.com/0110s/ |
22 KB 22 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
199550118_324755862565614_5691081457398710133_n.png
top100htmls.oss-cn-hongkong.aliyuncs.com/0110s/ |
22 KB 22 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
web_download.png
top100htmls.oss-cn-hongkong.aliyuncs.com/0110s/ |
180 KB 181 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
css.css
top100htmls.oss-cn-hongkong.aliyuncs.com/0110s/ |
0 0 |
Stylesheet
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
css1.css
top100htmls.oss-cn-hongkong.aliyuncs.com/0110s/ |
0 0 |
Stylesheet
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: WhatsApp (Instant Messenger)2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| oncontentvisibilityautostatechange0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
top100htmls.oss-cn-hongkong.aliyuncs.com
whatsapps-zh.com
2606:4700:3031::6815:2311
2606:4700:3033::ac43:a7b3
47.75.19.55
099b573cb8300d84f3c8024edea5683e7a44cd12891d515ec2675da275f65677
11a571c7b69f2526034b228668c5417149ea804801cf1589de0b8636d286754c
5d25fc039de768564d39bedbd355926f6612dcf06d40ade793709502ea296d8a
5e6fe7b4e4981959699752f4dc6ba27d8994ffcb94fbaa32b3f575e89c635347
736ec0b63c70e29a0dad38ffb5a2f40c1b66062ac2e31ee4c21e43f2890b00e2
7a1bdfa52a52e3efd65feeff5f81b9e537f4b53ff32bbede1036da8e627acb00
b8e0af9b8c88ae7a0da234cb6e60bca744490ced6b2b29f5be0156949977356c
cd899e99d525898009bc4673d29cf38ebdc2ddc6d14bd7263f2c53e322ef2ef4
ef1b29898525cd6bff0e1a63d5d5876fe8340076154f400d94fde5104c5f0f1a
fc48ac4177bfe4027c7566c719281a294492273afba9dde53dd6bba2f45a88ee