webwhatsapp.lol Open in urlscan Pro
2606:4700:3031::ac43:96e4 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://webwhatsapp.lol/
Effective URL:
https://webwhatsapp.lol/
Submission: On May 04 via api (May 4th 2023, 3:24:21 pm UTC) from US — Scanned from US

Summary HTTP 17 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 17 HTTP transactions. The main IP is 2606:4700:3031::ac43:96e4, located in United States and belongs to CLOUDFLARENET, US. The main domain is webwhatsapp.lol.
TLS certificate: Issued by GTS CA 1P5 on May 3rd 2023. Valid for: 3 months.

This is the only time webwhatsapp.lol was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: WhatsApp (Instant Messenger)

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3031::6815:bfe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2606:4700:303... 2606:4700:3031::ac43:96e4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	2

1 2606:4700:3031::6815:bfe (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

webwhatsapp.lol	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:3031::ac43:96e4 (United States)

ASN13335 (CLOUDFLARENET, US)

webwhatsapp.lol	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	webwhatsapp.lol 1 redirects webwhatsapp.lol	1 MB
17	1

	Domain	Requested by
17	webwhatsapp.lol	1 redirects webwhatsapp.lol
17	1

This site contains links to these domains. Also see Links.

Domain
faq.whatsapp.com

Subject Issuer	Validity	Valid
webwhatsapp.lol GTS CA 1P5	`2023-05-03` - `2023-08-01`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://webwhatsapp.lol/
Frame ID: 7B61C6D744C6AAF671871A1C362D5184
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

WHATSAPP

Page URL History Show full URLs

http://webwhatsapp.lol/ HTTP 301
https://webwhatsapp.lol/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

94 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

1211 kB
Transfer

1773 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://faq.whatsapp.com/web/download-and-installation/how-to-log-in-or-out?lang=zh-CN
Title: 需要登入帮助吗？

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://webwhatsapp.lol/ HTTP 301
https://webwhatsapp.lol/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response webwhatsapp.lol/ Redirect Chain http://webwhatsapp.lol/ https://webwhatsapp.lol/	16 KB 6 KB	649ms 561ms	Document text/html	2606:4700:3031::ac43:96e4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://webwhatsapp.lol/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:96e4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0e6a66f093896827bd83bbc5d2c9da1bbd7b5860b0f8887dba4359f0cf2307fa` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7c21bfcffe7c3355-MIA content-encoding br content-language en-US content-type text/html;charset=UTF-8 date Thu, 04 May 2023 15:24:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4H1aLmwzNG6kJ074rhV2aCQMNhJ%2BL8cXhRbGgSjQ8sQ%2BlhFbkeWf5FhyCUUA5s%2BmV6yriu8vVmLQZHPx1p%2BCgwHjd6%2FN36rPCpGsDszINYo4hyK%2BvgcjsRlJcuie26GAJ%2Fvgo4SonbQzbSkjjow%3D"}],"group":"cf-nel","max_age":604800} server cloudflare Redirect headers CF-RAY 7c21bfcf0ad5db0d-MIA Cache-Control max-age=3600 Connection keep-alive Date Thu, 04 May 2023 15:24:12 GMT Expires Thu, 04 May 2023 16:24:12 GMT Location https://webwhatsapp.lol/ NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H9U64Mlhbvaw2ltyu%2BoAReWE7eRHzN5olLDyI%2F%2FKoJD6zLSpPxYmDeMQIjwQHRCPIzvu7aYYt97ol9SIvulzQE1b3pRdlieL78MO13dKBLqA94QqdGHt7XOWZiGl32%2F1zUMe3YSw9j4wHM7iFQU%3D"}],"group":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked Vary Accept-Encoding alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	bootstrap_qr.css webwhatsapp.lol/	139 KB 28 KB	532ms 530ms	Stylesheet text/css	2606:4700:3031::ac43:96e4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://webwhatsapp.lol/bootstrap_qr.css Requested by Host: webwhatsapp.lol URL: https://webwhatsapp.lol/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:96e4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e6578f9ad490313c2bfb97e7a950d3de5ad55a1da441098ded04c75366d11edb` Request headers accept-language en-US,en;q=0.9 Referer https://webwhatsapp.lol/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers date Thu, 04 May 2023 15:24:13 GMT content-encoding br cf-cache-status REVALIDATED last-modified Thu, 20 Apr 2023 10:35:44 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2BKIKdwnQ%2B61pXHNEdXxaZwKNtHx5l31psW5gkYitsdIncUCSb0qtNUboh0Lw%2FT0IGzk9Xp2zMGgzFh%2FLeRfqq%2FKqxgupaMe5bb%2BgXu9R3IIg6UzlZ0hL7IihcjgntDC%2FymQ3SbboidmqTtFPBU%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7c21bfd37cb83355-MIA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	style.css webwhatsapp.lol/	5 KB 2 KB	576ms 575ms	Stylesheet text/css	2606:4700:3031::ac43:96e4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://webwhatsapp.lol/style.css Requested by Host: webwhatsapp.lol URL: https://webwhatsapp.lol/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:96e4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1544406c47a534c71dece483e02a2b0fc43ddab764cbbc1fe719ce45cc1b2959` Request headers accept-language en-US,en;q=0.9 Referer https://webwhatsapp.lol/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers date Thu, 04 May 2023 15:24:13 GMT content-encoding br cf-cache-status REVALIDATED last-modified Thu, 20 Apr 2023 10:35:44 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z97Xrc3Zp8UJLL6MEgUZ%2FtJOECTVge1DSuQRR%2BSgscS2EgJcUT2u13CVoleDY%2BsTyEwH7O4TvaYulXnITtlvVT2STpxITZ4dSx9zEeSY7b7UXyOV4plvV6pgtqUNZ%2BUbfyPJIq1kguhFz%2Fj9U7c%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7c21bfd37cb93355-MIA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	main.css webwhatsapp.lol/	337 KB 45 KB	540ms 539ms	Stylesheet text/css	2606:4700:3031::ac43:96e4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://webwhatsapp.lol/main.css Requested by Host: webwhatsapp.lol URL: https://webwhatsapp.lol/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:96e4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `cc0e27d27f1b251fa2a95020295cebfc61eb6bf9ecf7ce17c3692d11676cc568` Request headers accept-language en-US,en;q=0.9 Referer https://webwhatsapp.lol/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers date Thu, 04 May 2023 15:24:13 GMT content-encoding br cf-cache-status REVALIDATED last-modified Thu, 20 Apr 2023 10:35:44 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2FqsDMt6W0pJMz0EAs31Qf62BgUcWv3ncRqJ8JEW%2FNUfE%2FufnfmUOAASc0LNMz1kSjUhga1HwyeAoWUV5JrabA30QBCfRBYplMpNyw2vPTIYaCtcn66muCc9NdFUZ3ol3fGYHHlBoty0tTqutlw%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7c21bfd37cba3355-MIA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	others.css webwhatsapp.lol/	86 KB 15 KB	578ms 577ms	Stylesheet text/css	2606:4700:3031::ac43:96e4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://webwhatsapp.lol/others.css Requested by Host: webwhatsapp.lol URL: https://webwhatsapp.lol/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:96e4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `85baa7f385e5e2397ca8b8f53a014b3cc65c2352ec1eb3e1f3e6db59ca24323d` Request headers accept-language en-US,en;q=0.9 Referer https://webwhatsapp.lol/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers date Thu, 04 May 2023 15:24:13 GMT content-encoding br cf-cache-status REVALIDATED last-modified Thu, 20 Apr 2023 10:35:44 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2hJIiGMbriqAKO44RUZUgM4XbkhttI2rcp8i3GKD95eL6kdHXmEzs3zkenwIgsPY8JTtun%2Fqkunv8Qs%2FwFLDeEECbov2ZNHgxQHCNjJoIRVpb75EG03avVWvH7ouKJ%2F%2Fc7kjGniF6naJDu7hXB4%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7c21bfd37cbc3355-MIA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	jquery.min.js Show response webwhatsapp.lol/	91 KB 33 KB	1434ms 1433ms	Script application/javascript	2606:4700:3031::ac43:96e4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://webwhatsapp.lol/jquery.min.js Requested by Host: webwhatsapp.lol URL: https://webwhatsapp.lol/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:96e4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c1bcc5f2066e4476e6dbab0b5a9b9700b86f4d6ebeb2900d73ee97e53753d4f9` Request headers accept-language en-US,en;q=0.9 Referer https://webwhatsapp.lol/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers date Thu, 04 May 2023 15:24:14 GMT content-encoding br cf-cache-status MISS last-modified Thu, 20 Apr 2023 10:35:44 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yUAKWDlXZyjmbWJMtZC%2Bz4HTr0fQoog6PSDAyvR2Cz8oeJ%2Bos6TmqkTurv8JQ1YZbwfSCqX6jP8gc55DdRoHRHjNuZ1fLae5VhrO2M8ITt9BHpl%2BItdKaLTfGPcbx%2BYkxctC1aiEsR6IIkwBqWs%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7c21bfd37cbd3355-MIA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	jquery.cookie.js Show response webwhatsapp.lol/	3 KB 2 KB	490ms 489ms	Script application/javascript	2606:4700:3031::ac43:96e4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://webwhatsapp.lol/jquery.cookie.js Requested by Host: webwhatsapp.lol URL: https://webwhatsapp.lol/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:96e4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `afd6a5f6de40e9e67b55ff6afec66fff4827e775c996ab80c9e964a872a92523` Request headers accept-language en-US,en;q=0.9 Referer https://webwhatsapp.lol/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers date Thu, 04 May 2023 15:24:13 GMT content-encoding br cf-cache-status REVALIDATED last-modified Thu, 20 Apr 2023 10:35:44 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BUSTQ5jG%2FhWHcQtFJjm5Dt%2Bu0jFByCFCQvxffcrNrZEdT%2BxEchAnmsBkAO92z%2FudGLI3oEu2CgVIV9kR9afgMCvkk%2B6zNRTRaFEYt7NjE%2FWDs298nKMn17jUpZSfnw%2BprgXvvMLnLPSFa%2BEP300%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7c21bfd37cbe3355-MIA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	video.png webwhatsapp.lol/img/	16 KB 16 KB	800ms 796ms	Image image/png	2606:4700:3031::ac43:96e4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://webwhatsapp.lol/img/video.png Requested by Host: webwhatsapp.lol URL: https://webwhatsapp.lol/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:96e4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d980ab372658f4c7c8f07d730ef6dc67e3fb3471f37928274f915c0308850994` Request headers accept-language en-US,en;q=0.9 Referer https://webwhatsapp.lol/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers date Thu, 04 May 2023 15:24:14 GMT cf-cache-status MISS last-modified Thu, 20 Apr 2023 10:35:44 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8tZ2FHyDc7v27Zps36m0Laf8b51dD1Bfud2SAI%2F3GmOIC7h9zQ3nMRkrCQjOvwoKwc%2F1IGMnr2cXe4M%2BBT%2BUhaB93vvJxF9SBmtJFfLhu3cURkPPSq2jrGa2taOHvuvFI%2B3SZ5ZjC0JBSSe%2BHxw%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 7c21bfd76da6ef32-MIA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 16259
GET H3	404	css.css webwhatsapp.lol/	0 0	538ms 534ms	Stylesheet application/json	2606:4700:3031::ac43:96e4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://webwhatsapp.lol/css.css Requested by Host: webwhatsapp.lol URL: https://webwhatsapp.lol/main.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:96e4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language en-US,en;q=0.9 Referer https://webwhatsapp.lol/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers date Thu, 04 May 2023 15:24:13 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PSJarKMNQVRozcEOy8ITqyyl3JVOvODHc7QkYuWvP4oSHB4DVGeH5lpD0aLBg1TMOu8wmx35wSCYBM0Llo6TenEcNhei5YeYXi8a6KJCFsI7axTaYqTXiptKfftptQ6KCvEDSgsiracMnn0XlyU%3D"}],"group":"cf-nel","max_age":604800} content-type application/json cache-control max-age=14400 content-disposition inline;filename=f.txt cf-ray 7c21bfd76da7ef32-MIA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	404	css-1.css webwhatsapp.lol/	0 0	502ms 498ms	Stylesheet application/json	2606:4700:3031::ac43:96e4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://webwhatsapp.lol/css-1.css Requested by Host: webwhatsapp.lol URL: https://webwhatsapp.lol/main.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:96e4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language en-US,en;q=0.9 Referer https://webwhatsapp.lol/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers date Thu, 04 May 2023 15:24:13 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZhxP8JosqHvz4M58Eeh8T%2FrAbVlGo7cNmsJ0G%2BNwsU%2BlSY1izN21CDDUbjOG392S5ajktyy7aVke5krwLR50h175L6js%2FsoZU3feVwJBxWjikAxalsEEdAf8fD6nOZaON5Sij7p4XPBQoFE4xkQ%3D"}],"group":"cf-nel","max_age":604800} content-type application/json cache-control max-age=14400 content-disposition inline;filename=f.txt cf-ray 7c21bfd76da8ef32-MIA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	206	whatsapp-webclient-login_c09223f0813e7c3adc16476cba2a5d0d.mp4 webwhatsapp.lol/	1022 KB 1023 KB	1425ms 1424ms	Media video/mp4	2606:4700:3031::ac43:96e4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://webwhatsapp.lol/whatsapp-webclient-login_c09223f0813e7c3adc16476cba2a5d0d.mp4 Requested by Host: webwhatsapp.lol URL: https://webwhatsapp.lol/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:96e4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `89afeba51801739c6ad599cfe9e6d57ad224de70507423fe79649bea2a13ee3b` Request headers Referer https://webwhatsapp.lol/ Accept-Encoding identity;q=1, ;q=0 accept-language* en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Range bytes=0- Response headers date Thu, 04 May 2023 15:24:15 GMT cf-cache-status MISS last-modified Thu, 20 Apr 2023 10:35:44 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ph%2B%2FgDlYW20CtFuxc7fAzXHPQFdOkk8W69uJ5TqQZLJqO%2Bv2Ia21cZ9c2RZeNs1KImuw9LnM1cnh19KGjEy%2F5q1h6ASZyH5LQLSIZnvVi2sGhXifCA1hzpBvO0C1u3X0Y%2F4cRzvoq2ZZSxBqH2o%3D"}],"group":"cf-nel","max_age":604800} content-type video/mp4 Content-Range bytes 0-1046449/1046450 cache-control max-age=14400 cf-ray 7c21bfdd2b52ef32-MIA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 1046450
GET H3	200	qrcode Show response webwhatsapp.lol/	10 KB 8 KB	622ms 622ms	XHR application/json	2606:4700:3031::ac43:96e4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://webwhatsapp.lol/qrcode?type=init&timestamp=1683213854399 Requested by Host: webwhatsapp.lol URL: https://webwhatsapp.lol/jquery.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:96e4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b7f72886c7bec79e5d6e6d573fa67c00f6d6989539e90a03a3472a7f550f36c6` Request headers Accept / Referer https://webwhatsapp.lol/ X-Requested-With XMLHttpRequest accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers date Thu, 04 May 2023 15:24:15 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iEUktSC6L8oZTqGhUhxaPT09SobvxrXdOEeDkElt5B%2BUOT2oyJTZitNCeUwah5FLEQk08H0J6yNDn0uAbtugIsdDpxhpwrp9lD2W7wqP8O7YUXJnp4ktNO12Uh%2Bhboa8Rdns%2FhRBqbYbQ%2Fg4ERY%3D"}],"group":"cf-nel","max_age":604800} content-type application/json cf-ray 7c21bfde2c7aef32-MIA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	qrcode Show response webwhatsapp.lol/	10 KB 8 KB	322ms 322ms	XHR application/json	2606:4700:3031::ac43:96e4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://webwhatsapp.lol/qrcode?type=refresh&uuid=4a95f6f7-b253-43e1-b4a8-22cdd31ad91a&timestamp=1683213855281 Requested by Host: webwhatsapp.lol URL: https://webwhatsapp.lol/jquery.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:96e4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b7f72886c7bec79e5d6e6d573fa67c00f6d6989539e90a03a3472a7f550f36c6` Request headers Accept / Referer https://webwhatsapp.lol/ X-Requested-With XMLHttpRequest accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers date Thu, 04 May 2023 15:24:15 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D54rciN2a8f8wf1QVnj6hAXOzcKyGNixtZPbUriTeVFjOKSMni4OAGaP3pV5hDK%2FcBmd73KT9xgLg7BRytsuT%2B3TLOSewjj%2FkseCx3IosyaweXgoGgk3Fk0TDcr00hCncJFYgiCJCCO4cQWopnI%3D"}],"group":"cf-nel","max_age":604800} content-type application/json cf-ray 7c21bfe3ba69ef32-MIA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET DATA	200 OK	truncated /	8 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `3a8671acd181d0f1b433113832183affe7f0fc0b35b6316756e3e24c0faf4fd3` Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers Content-Type image/png
GET H3	200	qrcode Show response webwhatsapp.lol/	10 KB 8 KB	310ms 310ms	XHR application/json	2606:4700:3031::ac43:96e4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://webwhatsapp.lol/qrcode?type=refresh&uuid=4a95f6f7-b253-43e1-b4a8-22cdd31ad91a&timestamp=1683213856619 Requested by Host: webwhatsapp.lol URL: https://webwhatsapp.lol/jquery.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:96e4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b7f72886c7bec79e5d6e6d573fa67c00f6d6989539e90a03a3472a7f550f36c6` Request headers Accept / Referer https://webwhatsapp.lol/ X-Requested-With XMLHttpRequest accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers date Thu, 04 May 2023 15:24:16 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NvVWD1ma6KEMTq8pUt%2F1JAG76125P579Hq1A8wP3GX5zqsz6rbKtCVQYaflN5fJru%2B6P04IHoQuOEFGlfXf5RurkaPEAMfdZmSCNho8WyCTpoK8Q257%2F2DAkVwWflIiPa9BAWJK1TASwmUrIFr8%3D"}],"group":"cf-nel","max_age":604800} content-type application/json cf-ray 7c21bfec0ad4ef32-MIA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	qrcode Show response webwhatsapp.lol/	10 KB 8 KB	310ms 309ms	XHR application/json	2606:4700:3031::ac43:96e4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://webwhatsapp.lol/qrcode?type=refresh&uuid=4a95f6f7-b253-43e1-b4a8-22cdd31ad91a&timestamp=1683213857942 Requested by Host: webwhatsapp.lol URL: https://webwhatsapp.lol/jquery.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:96e4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b7f72886c7bec79e5d6e6d573fa67c00f6d6989539e90a03a3472a7f550f36c6` Request headers Accept / Referer https://webwhatsapp.lol/ X-Requested-With XMLHttpRequest accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers date Thu, 04 May 2023 15:24:18 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lHXya9p%2Bixq1rYzVtStJK%2F%2FseZrfybYtNzzkLt1aM%2BdaLdciWMn1Ub%2BilOhi39E6s35Zf52i71XlDtOXnuo5BInCJZ8N2VICe%2Btp8vZ8VnCbvZ0i%2F3uATpiv4ood49YmW8IsLBCNrWCy6JnkyT4%3D"}],"group":"cf-nel","max_age":604800} content-type application/json cf-ray 7c21bff44b25ef32-MIA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	qrcode Show response webwhatsapp.lol/	10 KB 8 KB	312ms 312ms	XHR application/json	2606:4700:3031::ac43:96e4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://webwhatsapp.lol/qrcode?type=refresh&uuid=4a95f6f7-b253-43e1-b4a8-22cdd31ad91a&timestamp=1683213859259 Requested by Host: webwhatsapp.lol URL: https://webwhatsapp.lol/jquery.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:96e4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b7f72886c7bec79e5d6e6d573fa67c00f6d6989539e90a03a3472a7f550f36c6` Request headers Accept / Referer https://webwhatsapp.lol/ X-Requested-With XMLHttpRequest accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers date Thu, 04 May 2023 15:24:19 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EncerMQ2lrxTGZmlUhya8aNhN6kWsp%2BP8B%2BWimBgFPWusdasKsQJgJBj5lSoHePBm1splWQKHz568qTcgw2Bpr7DAxg5%2Frzjt3PMy7U0y%2Fg%2FA7%2BqJP%2FFlJI%2B3PwEU4p5z2HmL2G%2FBE3nkwYex3c%3D"}],"group":"cf-nel","max_age":604800} content-type application/json cf-ray 7c21bffc7bccef32-MIA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET		qrcode webwhatsapp.lol/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: webwhatsapp.lol
URL: https://webwhatsapp.lol/qrcode?type=refresh&uuid=4a95f6f7-b253-43e1-b4a8-22cdd31ad91a&timestamp=1683213860575

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: WhatsApp (Instant Messenger)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://webwhatsapp.lol/css-1.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://webwhatsapp.lol/css.css Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

webwhatsapp.lol
webwhatsapp.lol
2606:4700:3031::6815:bfe
2606:4700:3031::ac43:96e4
0e6a66f093896827bd83bbc5d2c9da1bbd7b5860b0f8887dba4359f0cf2307fa
1544406c47a534c71dece483e02a2b0fc43ddab764cbbc1fe719ce45cc1b2959
3a8671acd181d0f1b433113832183affe7f0fc0b35b6316756e3e24c0faf4fd3
85baa7f385e5e2397ca8b8f53a014b3cc65c2352ec1eb3e1f3e6db59ca24323d
89afeba51801739c6ad599cfe9e6d57ad224de70507423fe79649bea2a13ee3b
afd6a5f6de40e9e67b55ff6afec66fff4827e775c996ab80c9e964a872a92523
b7f72886c7bec79e5d6e6d573fa67c00f6d6989539e90a03a3472a7f550f36c6
c1bcc5f2066e4476e6dbab0b5a9b9700b86f4d6ebeb2900d73ee97e53753d4f9
cc0e27d27f1b251fa2a95020295cebfc61eb6bf9ecf7ce17c3692d11676cc568
d980ab372658f4c7c8f07d730ef6dc67e3fb3471f37928274f915c0308850994
e6578f9ad490313c2bfb97e7a950d3de5ad55a1da441098ded04c75366d11edb

webwhatsapp.lol Open in urlscan Pro 2606:4700:3031::ac43:96e4 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

17 Requests

94 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

1211 kBTransfer

1773 kBSize

0 Cookies

1 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

8 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

webwhatsapp.lol Open in urlscan Pro
2606:4700:3031::ac43:96e4 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

94 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

1211 kB
Transfer

1773 kB
Size

0
Cookies

17 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!