webwhatsapp.lol
Open in
urlscan Pro
2606:4700:3031::ac43:96e4
Malicious Activity!
Public Scan
Effective URL: https://webwhatsapp.lol/
Submission: On May 04 via api from US — Scanned from US
Summary
TLS certificate: Issued by GTS CA 1P5 on May 3rd 2023. Valid for: 3 months.
This is the only time webwhatsapp.lol was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: WhatsApp (Instant Messenger)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2606:4700:303... 2606:4700:3031::6815:bfe | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
16 | 2606:4700:303... 2606:4700:3031::ac43:96e4 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
17 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
webwhatsapp.lol
1 redirects
webwhatsapp.lol |
1 MB |
17 | 1 |
Domain | Requested by | |
---|---|---|
17 | webwhatsapp.lol |
1 redirects
webwhatsapp.lol
|
17 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
faq.whatsapp.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
webwhatsapp.lol GTS CA 1P5 |
2023-05-03 - 2023-08-01 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://webwhatsapp.lol/
Frame ID: 7B61C6D744C6AAF671871A1C362D5184
Requests: 18 HTTP requests in this frame
Screenshot
Page Title
WHATSAPPPage URL History Show full URLs
-
http://webwhatsapp.lol/
HTTP 301
https://webwhatsapp.lol/ Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: 需要登入帮助吗?
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://webwhatsapp.lol/
HTTP 301
https://webwhatsapp.lol/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
webwhatsapp.lol/ Redirect Chain
|
16 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap_qr.css
webwhatsapp.lol/ |
139 KB 28 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
webwhatsapp.lol/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
webwhatsapp.lol/ |
337 KB 45 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
others.css
webwhatsapp.lol/ |
86 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
webwhatsapp.lol/ |
91 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.cookie.js
webwhatsapp.lol/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
video.png
webwhatsapp.lol/img/ |
16 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
css.css
webwhatsapp.lol/ |
0 0 |
Stylesheet
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
css-1.css
webwhatsapp.lol/ |
0 0 |
Stylesheet
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
whatsapp-webclient-login_c09223f0813e7c3adc16476cba2a5d0d.mp4
webwhatsapp.lol/ |
1022 KB 1023 KB |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
qrcode
webwhatsapp.lol/ |
10 KB 8 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
qrcode
webwhatsapp.lol/ |
10 KB 8 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
8 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
qrcode
webwhatsapp.lol/ |
10 KB 8 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
qrcode
webwhatsapp.lol/ |
10 KB 8 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
qrcode
webwhatsapp.lol/ |
10 KB 8 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
qrcode
webwhatsapp.lol/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- webwhatsapp.lol
- URL
- https://webwhatsapp.lol/qrcode?type=refresh&uuid=4a95f6f7-b253-43e1-b4a8-22cdd31ad91a×tamp=1683213860575
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: WhatsApp (Instant Messenger)8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless function| $ function| jQuery number| retryTimes function| guid function| refreshqrcode function| refresh function| qrcode0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
webwhatsapp.lol
webwhatsapp.lol
2606:4700:3031::6815:bfe
2606:4700:3031::ac43:96e4
0e6a66f093896827bd83bbc5d2c9da1bbd7b5860b0f8887dba4359f0cf2307fa
1544406c47a534c71dece483e02a2b0fc43ddab764cbbc1fe719ce45cc1b2959
3a8671acd181d0f1b433113832183affe7f0fc0b35b6316756e3e24c0faf4fd3
85baa7f385e5e2397ca8b8f53a014b3cc65c2352ec1eb3e1f3e6db59ca24323d
89afeba51801739c6ad599cfe9e6d57ad224de70507423fe79649bea2a13ee3b
afd6a5f6de40e9e67b55ff6afec66fff4827e775c996ab80c9e964a872a92523
b7f72886c7bec79e5d6e6d573fa67c00f6d6989539e90a03a3472a7f550f36c6
c1bcc5f2066e4476e6dbab0b5a9b9700b86f4d6ebeb2900d73ee97e53753d4f9
cc0e27d27f1b251fa2a95020295cebfc61eb6bf9ecf7ce17c3692d11676cc568
d980ab372658f4c7c8f07d730ef6dc67e3fb3471f37928274f915c0308850994
e6578f9ad490313c2bfb97e7a950d3de5ad55a1da441098ded04c75366d11edb