![](/screenshots/0d400fa0-9955-4dab-9534-46d8742ea71c.png)
wentbc.com
Open in
urlscan Pro
143.92.60.46
Malicious Activity!
Public Scan
Submission: On April 26 via api from DE — Scanned from DE
Summary
This is the only time wentbc.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: WhatsApp (Instant Messenger)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
12 | 143.92.60.46 143.92.60.46 | 64050 (BCPL-SG B...) (BCPL-SG BGPNET Global ASN) | |
1 | 103.143.19.103 103.143.19.103 | 134760 (CHINANET-...) (CHINANET-HEBEI-SHIJIAZHUANG-IDC Shijiazhuang IDC network) | |
14 | 3 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
wentbc.com
wentbc.com |
644 KB |
1 |
51.la
js.users.51.la — Cisco Umbrella Rank: 52820 |
|
0 |
whatsapp.com
Failed
web.whatsapp.com Failed |
|
14 | 3 |
Domain | Requested by | |
---|---|---|
12 | wentbc.com |
wentbc.com
|
1 | js.users.51.la |
wentbc.com
|
0 | web.whatsapp.com Failed |
wentbc.com
|
14 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
faq.whatsapp.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.users.51.la GlobalSign GCC R3 DV TLS CA 2020 |
2023-04-14 - 2024-05-15 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://wentbc.com/
Frame ID: 1B199C82401D80381946FBD3ADC22A07
Requests: 14 HTTP requests in this frame
Screenshot
![](/screenshots/0d400fa0-9955-4dab-9534-46d8742ea71c.png)
Page Title
WhatsAppDetected technologies
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: 需要登入帮助吗?
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
wentbc.com/ |
12 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
stylex-2d46744708947781f1f33a0069cbc308.css
wentbc.com/WhatsApp_files/ |
114 KB 114 KB |
Stylesheet
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap_qr-e2b403f65ed52d327e90.css
wentbc.com/WhatsApp_files/ |
173 KB 173 KB |
Stylesheet
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap_main.9d6050e3d2fff5b782d3.css
wentbc.com/WhatsApp_files/ |
226 KB 226 KB |
Stylesheet
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
wentbc.com/WhatsApp_files/ |
91 KB 91 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.cookie.js
wentbc.com/WhatsApp_files/ |
3 KB 3 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
whatsapp.js
wentbc.com/ |
1 KB 2 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
video.png
wentbc.com/img/ |
16 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
binary-transparency-manifest-2.2232.8.json
web.whatsapp.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
libsignal-protocol-ee5b8ba.min.js.%E4%B8%8B%E8%BD%BD
wentbc.com/WhatsApp_files/ |
110 B 252 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
runtime.88c356058afe3d58a508.js.%E4%B8%8B%E8%BD%BD
wentbc.com/WhatsApp_files/ |
108 B 250 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
21494945.js
js.users.51.la/ |
0 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
walid
wentbc.com/whatsapp/ |
46 B 188 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
qrcode
wentbc.com/whatsapp/ |
7 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- web.whatsapp.com
- URL
- https://web.whatsapp.com/binary-transparency-manifest-2.2232.8.json
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: WhatsApp (Instant Messenger)10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless function| $ function| jQuery function| Whatsapp function| guid boolean| systemThemeDark object| theme object| systemThemeMode object| systemTheme boolean| darkTheme0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
js.users.51.la
web.whatsapp.com
wentbc.com
web.whatsapp.com
103.143.19.103
143.92.60.46
0493d6015e39574e3fcbcaae7f0b99ffc91878ea89f53c143a0d84e45d2d49fe
522a33e4b6e74764b79b8e503ac44b12a7c502acc50b5178effbcc822b2a3240
59d4eb8a3be2027e81bba7da480f0e087a5b97003767549737d40d5196d551cf
6827083a0cdd1129782382536512db5155a906ee651dc24e926d2fdd90334f5b
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
99f8e9c5039ae23eec062f4e1f570acf708ac0c9f0398a9b835ac8e12976a244
ae9fdf03babdb5d050f36a651732a29128377217d38d08a17d7157d056a1960b
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8
d3889a9a244c69018e4848bffa27b76845ca2c34813976342d4b122e6533bbca
d980ab372658f4c7c8f07d730ef6dc67e3fb3471f37928274f915c0308850994
dc5f95f3dbf905083281f7ed43cc985bbf7731ef6cb5fd90392a06c2299d68e5
f70c749601d122c19444119f3a0a1dd3169d2a91ad3f68e496ff6d2d8988c80e