wantlengtime.com - urlscan.io

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 6 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is wantlengtime.com.

This is the only time wantlengtime.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: WhatsApp (Instant Messenger)

Domain & IP information

	IP Address	AS Autonomous System
4	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3031::ac43:85dd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2

4 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

wantlengtime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3031::ac43:85dd (United States)

ASN13335 (CLOUDFLARENET, US)

www.wantniu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	wantlengtime.com wantlengtime.com	362 KB
2	wantniu.com www.wantniu.com	8 KB
6	2

	Domain	Requested by
4	wantlengtime.com	wantlengtime.com
2	www.wantniu.com	wantlengtime.com
6	2

This site contains no links.

Subject Issuer	Validity	Valid
wantniu.com E1	`2023-09-24` - `2023-12-23`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://wantlengtime.com/
Frame ID: 2C07C924180003B7B6ED0BDEE4E90BEE
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Whatsapp

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Page Statistics

6
Requests

33 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

371 kB
Transfer

1210 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
wantlengtime.com/ 757 B
1 KB 3938ms
3887ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://wantlengtime.com/

Protocol

HTTP/1.1

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b89e454103d851404595b6a318f8ba3972c1a68e84825158a8ea19498c469d26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 81f4b98a4883b7d0-AMS
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Wed, 01 Nov 2023 14:11:07 GMT
Last-Modified: Sun, 24 Sep 2023 11:29:20 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jprfkuDHAuDYdDVtlqGGNl8sApTOFFWS0Wxj%2FXwDHlzlLUOTaEOEnjJ7XH4MQMcLKA9frRQfeYf0A4Borr3nApy7U7MxoXDsM86W6g03yNCpdFWWJ1RvlZ13ebEy7ZdaTC8b65AuDeg2qREhojYP"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK chunk-vendors.d25f0563.css
wantlengtime.com/css/ 235 KB
46 KB 1396ms
1396ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://wantlengtime.com/css/chunk-vendors.d25f0563.css

Requested by

Host: wantlengtime.com
URL: http://wantlengtime.com/

Protocol

HTTP/1.1

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1bebba22cabbfd8e999e53d35ecb55b8cb82a9e928eed9ed10f9160ba1154e45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://wantlengtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 14:11:08 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Sun, 24 Sep 2023 11:29:20 GMT
Server: cloudflare
ETag: W/"65101d90-3adcc"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2Bf9PbTsyeUko7sysQPnTnagKlWWiW945%2BqR0iSJj8OEj%2BD4F25goLZQ8B141qIkhgOXqa7xBQL%2BqmDeWp5ow2DZFHS3Zdb2vCwl6acW14NCfKTMJWS%2Bk%2BktUEH7ibd%2BuEueQRMjt1fJYN3fFSLS"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=43200
CF-RAY: 81f4b9a29a2bb7d0-AMS
Expires: Thu, 02 Nov 2023 02:11:07 GMT

GET
H/1.1 200
OK chunk-vendors.ba4f7857.js Show response
wantlengtime.com/js/ 956 KB
309 KB 839ms
813ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://wantlengtime.com/js/chunk-vendors.ba4f7857.js

Requested by

Host: wantlengtime.com
URL: http://wantlengtime.com/

Protocol

HTTP/1.1

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8ec5d902cc9fe345b625fc404ec5fd775b2e16d3101d50239e684be7c9b7c25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://wantlengtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 14:11:08 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Sun, 24 Sep 2023 11:29:20 GMT
Server: cloudflare
ETag: W/"65101d90-eee3d"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2Bvd4C8RZQHpDAmDdq2Y2Jxy5nK6N2JeqPJBRs4b%2FNgtm93iFTH%2Fo66lqmKTZKw3nL%2FYFJffOwdZHnAVgcs%2FiT6jmxOUDl%2B%2Bl7UqrqsB%2BVDJjCEw43o3wPl1A%2BdGknRsayzPDJ377JXwK8Kk5Hhm"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=43200
CF-RAY: 81f4b9a2b9609073-FRA
Expires: Thu, 02 Nov 2023 02:11:07 GMT

GET
H/1.1 200
OK web.e0c0b2ed.js Show response
wantlengtime.com/js/ 11 KB
6 KB 854ms
823ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://wantlengtime.com/js/web.e0c0b2ed.js

Requested by

Host: wantlengtime.com
URL: http://wantlengtime.com/

Protocol

HTTP/1.1

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8ef5e61be24291a70acb35794dab562a7fd32508217b73292fa12e76fda7a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://wantlengtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 14:11:08 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Sun, 24 Sep 2023 11:29:20 GMT
Server: cloudflare
ETag: W/"65101d90-2b78"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=12n9yrG85OM0E172%2FKmgk9%2F9zoIh2a3vrSNvhM7En%2FcKuAnZ4vN%2B116ZBw5QOcxHCw9Ku5E7qOYSGTtVi%2B32Acmnah36cuxhpm5KoXta1DkKX90Znemu2tjff4cyt5stDcykBrg2vTV4usLoGaNa"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=43200
CF-RAY: 81f4b9a2cdc188b6-LHR
Expires: Thu, 02 Nov 2023 02:11:07 GMT

GET
H2 200 walid Show response
www.wantniu.com/whatsapp/ 46 B
528 B 492ms
405ms XHR
text/plain 2606:4700:3031::ac43:85dd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wantniu.com/whatsapp/walid?sesskey=47aa7b9d-3d5f-49fd-8e54-e78b704ccd3f&t=1698847869743
Requested by: Host: wantlengtime.com
URL: http://wantlengtime.com/js/chunk-vendors.ba4f7857.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:85dd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae9fdf03babdb5d050f36a651732a29128377217d38d08a17d7157d056a1960b

Request headers

Accept: application/json, text/plain, */*
Referer: http://wantlengtime.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 14:11:10 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ssw%2FlD5%2BEGhdvPf70uLVhSJ1%2BXhKeydlr8AVjc3mbyTRgFeOkzl8k2lNiF%2BFx8yZNvIbQRbmjinEuk5igL2uSUIsn9THPaBjsJmI2%2Bfk%2B34VQ%2BjXkOC7YMjFOwXHK0EM3vXKN9MdEKVtOIfrN9o%3D"}],"group":"cf-nel","max_age":604800}
x-cache: MISS
access-control-allow-origin: *
cache-control: max-age=43200, no-cache
cf-ray: 81f4b9b28ba830d8-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 02 Nov 2023 02:11:10 GMT

GET
H3 200 qrcode
www.wantniu.com/whatsapp/ 7 KB
8 KB 441ms
407ms Image
image/png 2606:4700:3031::ac43:85dd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wantniu.com/whatsapp/qrcode?sesskey=47aa7b9d-3d5f-49fd-8e54-e78b704ccd3f&t=1698847870239
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:85dd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f844147f0be3736226990504dc0e58fa974e217386bf4d23c87a605294d28c8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://wantlengtime.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 14:11:10 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FboK0YBG4O4wNzExLM1QVznchs7u54A3fBEKIw7KwILKYEQlSB5HwWpPQ1w1SRUKaiJDygvSMs%2FBfUnFeHo5PuLd0O4PDr8zrk0JEFy354t4XjQtATRReu%2FNh85gBKLndNxlhhRqZKSK6bnmPJU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
x-cache: MISS
cache-control: max-age=43200, no-cache
cf-ray: 81f4b9b55efa9c0d-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 02 Nov 2023 02:11:10 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: WhatsApp (Instant Messenger)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackJsonp function| _

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

wantlengtime.com
www.wantniu.com
2606:4700:3031::ac43:85dd
2a06:98c1:3121::3
1bebba22cabbfd8e999e53d35ecb55b8cb82a9e928eed9ed10f9160ba1154e45
2f844147f0be3736226990504dc0e58fa974e217386bf4d23c87a605294d28c8
ae9fdf03babdb5d050f36a651732a29128377217d38d08a17d7157d056a1960b
b89e454103d851404595b6a318f8ba3972c1a68e84825158a8ea19498c469d26
b8ec5d902cc9fe345b625fc404ec5fd775b2e16d3101d50239e684be7c9b7c25
f8ef5e61be24291a70acb35794dab562a7fd32508217b73292fa12e76fda7a38

wantlengtime.com Open in urlscan Pro 2a06:98c1:3121::3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

6 Requests

33 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

371 kBTransfer

1210 kBSize

0 Cookies

0 Outgoing links

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

2 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

wantlengtime.com Open in urlscan Pro
2a06:98c1:3121::3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

33 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

371 kB
Transfer

1210 kB
Size

0
Cookies

6 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!