www.chat-whatsapp-com-kkzda8jmbhcagvtf107vef.nl
Open in
urlscan Pro
2606:4700:3032::6818:6983
Malicious Activity!
Public Scan
Submission: On January 07 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 7th 2021. Valid for: a year.
This is the only time www.chat-whatsapp-com-kkzda8jmbhcagvtf107vef.nl was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: WhatsApp (Instant Messenger)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 | 2606:4700:303... 2606:4700:3032::6818:6983 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
14 | 2a03:2880:f22... 2a03:2880:f22d:c2:face:b00c:0:1cc9 | 32934 (FACEBOOK) (FACEBOOK) | |
18 | 2 |
ASN13335 (CLOUDFLARENET, US)
www.chat-whatsapp-com-kkzda8jmbhcagvtf107vef.nl |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
fbcdn.net
z-p3-static.xx.fbcdn.net |
187 KB |
4 |
chat-whatsapp-com-kkzda8jmbhcagvtf107vef.nl
www.chat-whatsapp-com-kkzda8jmbhcagvtf107vef.nl |
62 KB |
18 | 2 |
Domain | Requested by | |
---|---|---|
14 | z-p3-static.xx.fbcdn.net |
www.chat-whatsapp-com-kkzda8jmbhcagvtf107vef.nl
z-p3-static.xx.fbcdn.net |
4 | www.chat-whatsapp-com-kkzda8jmbhcagvtf107vef.nl |
www.chat-whatsapp-com-kkzda8jmbhcagvtf107vef.nl
z-p3-static.xx.fbcdn.net |
18 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-01-07 - 2022-01-06 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-12-22 - 2021-03-21 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.chat-whatsapp-com-kkzda8jmbhcagvtf107vef.nl/
Frame ID: C42D139A56CA46989C6985FF688C8F93
Requests: 18 HTTP requests in this frame
Screenshot
Detected technologies
CloudFlare (CDN) ExpandDetected patterns
- headers server /^cloudflare$/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
18 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.chat-whatsapp-com-kkzda8jmbhcagvtf107vef.nl/ |
321 KB 33 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
li1FVv8ji_p.css
z-p3-static.xx.fbcdn.net/rsrc.php/v3/y7/l/0,cross/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
-FqGavqvSZ6.css
z-p3-static.xx.fbcdn.net/rsrc.php/v3/yE/l/0,cross/ |
227 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Sc982v7GTGi.css
z-p3-static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,cross/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Lv5aJk9unC2.js
z-p3-static.xx.fbcdn.net/rsrc.php/v3/yr/r/ |
267 KB 71 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
-r3j-x8ZnM7.svg
z-p3-static.xx.fbcdn.net/rsrc.php/yv/r/ |
5 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
grup.jpeg
www.chat-whatsapp-com-kkzda8jmbhcagvtf107vef.nl/img/ |
27 KB 28 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
eEsWn1Jy2SD.js
z-p3-static.xx.fbcdn.net/rsrc.php/v3/yZ/r/ |
6 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hvHSiHpk88i.js
z-p3-static.xx.fbcdn.net/rsrc.php/v3/yQ/r/ |
53 KB 16 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gimtHmJGnao.js
z-p3-static.xx.fbcdn.net/rsrc.php/v3i7M54/yO/l/en_US/ |
137 KB 35 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
-Nusi-NCXO_.js
z-p3-static.xx.fbcdn.net/rsrc.php/v3/ye/r/ |
32 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
neRd8sBApii.js
z-p3-static.xx.fbcdn.net/rsrc.php/v3/yA/r/ |
2 KB 974 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hZ69DXl-3k7.js
z-p3-static.xx.fbcdn.net/rsrc.php/v3/yc/r/ |
41 KB 13 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uyDXATJj33w.js
z-p3-static.xx.fbcdn.net/rsrc.php/v3iqES4/yA/l/en_US/ |
18 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7oVtGLsr9D2.js
z-p3-static.xx.fbcdn.net/rsrc.php/v3/yH/r/ |
7 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
-PAXP-deijE.gif
z-p3-static.xx.fbcdn.net/rsrc.php/v3/y4/r/ |
43 B 240 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
bz
www.chat-whatsapp-com-kkzda8jmbhcagvtf107vef.nl/ajax/ |
1 KB 882 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
bz
www.chat-whatsapp-com-kkzda8jmbhcagvtf107vef.nl/ajax/ |
1 KB 961 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: WhatsApp (Instant Messenger)64 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated number| _cstart function| envFlush object| Env number| __DEV__ function| CavalryLogger function| emptyFunction function| __annotator function| __bodyWrapper function| __t function| __w function| FB_enumerate function| __m object| babelHelpers function| define function| require function| requireDynamic function| requireLazy function| __d function| $RefreshReg$ function| $RefreshSig$ object| ErrorSerializer function| getErrorSafe object| ErrorGuard object| ErrorUtils function| Arbiter object| JSCC function| $ function| ge object| Parent object| TimeSlice function| goURI object| Bootloader object| PageEvents function| _domcontentready function| onloadRegister_DEPRECATED function| onloadRegister function| onafterloadRegister_DEPRECATED function| onafterloadRegister function| onleaveRegister function| onbeforeunloadRegister function| onunloadRegister function| $E object| onloadhooks function| now_inl object| bigPipe object| PageHooks function| _domreadyHook function| _onloadHook function| runHook function| runHooks function| keep_window_set_as_loaded object| onafterunloadhooks function| AsyncRequest boolean| domready boolean| loaded1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.chat-whatsapp-com-kkzda8jmbhcagvtf107vef.nl/ | Name: __cfduid Value: dfdc7cf273cf664f7e48c44f8730d9bd11610004874 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
www.chat-whatsapp-com-kkzda8jmbhcagvtf107vef.nl
z-p3-static.xx.fbcdn.net
2606:4700:3032::6818:6983
2a03:2880:f22d:c2:face:b00c:0:1cc9
0a21b0a5f665f1e1dcfc3e3b6c966e67b1a55826719036d051f2873d7abd330a
2a46b7b1639b1f426166dfbe62906974259e3103ac71a41703d27ca85c8be069
3408c12b00a8f8f1b32eae70fcfef2889419540d2a3c7684818152c39d1ee8e7
46e7d7455f292ed282cfd1c545b3cac97182e5e7ce0c563ffd9ecd1635acf48a
4c38e1097b864a873243dee54c73acca2dbcfd48112e5afde26973b627b40835
565e8f89ea9414cb55ba735d8316a72fb180542172e0b9b4e0483d1a20ee4727
590858e9d862bf32855ad9be5a223d3d731261ecede7a16479a75f44737745b3
5a52dbaf980be015c37ea658dc83e753f345ecb7c48a7dafd71bf1ed67e8b4bd
79ce4e2bbf25c4a4d91458d191d6ef268b4592169ae6586ba52242f412670b5d
7b8a0b8bee2bd3970a3c6a510b79e18af573752ab08570f5a24c73d6f0467598
96781f4c333b7f724462190868ebb6a1127c9675257a5e51287c0294024f43da
a570728392ffa25080543d1495467eb6d61f5f7aa7ad554da485baa609884ea1
a7c8d899afe1a6abeeae1060e9d5f67e5399e80fb7fb952ba514e68442ae9839
adcaccf132864ab14cf4ddd7bda40a8f4e8d0471ed98be0d6183e5db35f24e0d
c6ba6f2740a5cae239de4c2b289c872e222dded00cef3ee636eb435b3be22a95
cfdf2ab53c21e586a4bc0c04c7f07f3e5ed88d999e165c63af1194fb471c0c17
da9c42a4ff8fc8652b02e2be36b67f446d30dd5e21904b65d0f198d2d30a860e