![](/screenshots/3683728a-b298-4a91-9559-f1bf90130d48.png)
whats-app.supportsassistance.com
Open in
urlscan Pro
95.217.28.78
Malicious Activity!
Public Scan
Submission: On November 27 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on November 27th 2020. Valid for: 3 months.
This is the only time whats-app.supportsassistance.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: WhatsApp (Instant Messenger)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 95.217.28.78 95.217.28.78 | 24940 (HETZNER-AS) (HETZNER-AS) | |
1 | 2001:4de0:ac1... 2001:4de0:ac19::1:b:2b | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
3 | 2 |
ASN24940 (HETZNER-AS, DE)
PTR: static.78.28.217.95.clients.your-server.de
whats-app.supportsassistance.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
2 |
supportsassistance.com
whats-app.supportsassistance.com |
961 KB |
1 |
jquery.com
code.jquery.com |
30 KB |
3 | 2 |
Domain | Requested by | |
---|---|---|
2 | whats-app.supportsassistance.com |
whats-app.supportsassistance.com
|
1 | code.jquery.com |
whats-app.supportsassistance.com
|
3 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.whatsapp.com |
scontent.whatsapp.net |
web.whatsapp.com |
www.whatsappbrand.com |
blog.whatsapp.com |
faq.whatsapp.com |
twitter.com |
www.facebook.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
whats-app.supportsassistance.com Let's Encrypt Authority X3 |
2020-11-27 - 2021-02-25 |
3 months | crt.sh |
jquery.org Sectigo RSA Domain Validation Secure Server CA |
2020-10-06 - 2021-10-16 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://whats-app.supportsassistance.com/
Frame ID: F8F3CF69E8B6A9E0121963031898077C
Requests: 3 HTTP requests in this frame
80 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: azərbaycan
Search URL Search Domain Scan URL
Title: Afrikaans
Search URL Search Domain Scan URL
Title: Bahasa Indonesia
Search URL Search Domain Scan URL
Title: Melayu
Search URL Search Domain Scan URL
Title: català
Search URL Search Domain Scan URL
Title: čeština
Search URL Search Domain Scan URL
Title: dansk
Search URL Search Domain Scan URL
Title: Deutsch
Search URL Search Domain Scan URL
Title: eesti
Search URL Search Domain Scan URL
Title: English
Search URL Search Domain Scan URL
Title: español
Search URL Search Domain Scan URL
Title: français
Search URL Search Domain Scan URL
Title: Gaeilge
Search URL Search Domain Scan URL
Title: hrvatski
Search URL Search Domain Scan URL
Title: italiano
Search URL Search Domain Scan URL
Title: Kiswahili
Search URL Search Domain Scan URL
Title: latviešu
Search URL Search Domain Scan URL
Title: lietuvių
Search URL Search Domain Scan URL
Title: magyar
Search URL Search Domain Scan URL
Title: Nederlands
Search URL Search Domain Scan URL
Title: norsk bokmål
Search URL Search Domain Scan URL
Title: o‘zbek
Search URL Search Domain Scan URL
Title: Filipino
Search URL Search Domain Scan URL
Title: polski
Search URL Search Domain Scan URL
Title: Português (Brasil)
Search URL Search Domain Scan URL
Title: Português (Portugal)
Search URL Search Domain Scan URL
Title: română
Search URL Search Domain Scan URL
Title: shqip
Search URL Search Domain Scan URL
Title: slovenčina
Search URL Search Domain Scan URL
Title: slovenščina
Search URL Search Domain Scan URL
Title: suomi
Search URL Search Domain Scan URL
Title: svenska
Search URL Search Domain Scan URL
Title: Tiếng Việt
Search URL Search Domain Scan URL
Title: Türkçe
Search URL Search Domain Scan URL
Title: Ελληνικά
Search URL Search Domain Scan URL
Title: български
Search URL Search Domain Scan URL
Title: қазақ тілі
Search URL Search Domain Scan URL
Title: македонски
Search URL Search Domain Scan URL
Title: русский
Search URL Search Domain Scan URL
Title: српски
Search URL Search Domain Scan URL
Title: українська
Search URL Search Domain Scan URL
Title: עברית
Search URL Search Domain Scan URL
Title: العربية
Search URL Search Domain Scan URL
Title: فارسی
Search URL Search Domain Scan URL
Title: اردو
Search URL Search Domain Scan URL
Title: বাংলা
Search URL Search Domain Scan URL
Title: हिन्दी
Search URL Search Domain Scan URL
Title: ગુજરાતી
Search URL Search Domain Scan URL
Title: ಕನ್ನಡ
Search URL Search Domain Scan URL
Title: मराठी
Search URL Search Domain Scan URL
Title: ਪੰਜਾਬੀ
Search URL Search Domain Scan URL
Title: தமிழ்
Search URL Search Domain Scan URL
Title: తెలుగు
Search URL Search Domain Scan URL
Title: മലയാളം
Search URL Search Domain Scan URL
Title: ไทย
Search URL Search Domain Scan URL
Title: 简体中文
Search URL Search Domain Scan URL
Title: 繁體中文
Search URL Search Domain Scan URL
Title: 日本語
Search URL Search Domain Scan URL
Title: 한국어
Search URL Search Domain Scan URL
Title: Modifiche di WhatsApp
Search URL Search Domain Scan URL
Title: Funzioni
Search URL Search Domain Scan URL
Title: Sicurezza
Search URL Search Domain Scan URL
Title: Scarica
Search URL Search Domain Scan URL
Title: WhatsApp Web
Search URL Search Domain Scan URL
Title: Business
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: Info
Search URL Search Domain Scan URL
Title: Opportunità di lavoro
Search URL Search Domain Scan URL
Title: Il nostro marchio
Search URL Search Domain Scan URL
Title: Contattaci
Search URL Search Domain Scan URL
Title: Blog
Search URL Search Domain Scan URL
Title: Storie di WhatsApp
Search URL Search Domain Scan URL
Title: Android
Search URL Search Domain Scan URL
Title: iPhone
Search URL Search Domain Scan URL
Title: FAQ
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: Coronavirus
Search URL Search Domain Scan URL
Title: Privacy e Termini
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
3 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
whats-app.supportsassistance.com/ |
954 KB 956 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.5.1.min.js
code.jquery.com/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
-r3j-x8ZnM7.svg
whats-app.supportsassistance.com/ |
5 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: WhatsApp (Instant Messenger)41 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated number| _cstart function| $ function| jQuery function| getApk function| envFlush object| Env function| __bpe function| now_inl number| __DEV__ function| emptyFunction function| __annotator function| __bodyWrapper function| __t function| __w function| FB_enumerate function| __m object| babelHelpers function| define function| require function| requireDynamic function| requireLazy function| __d function| $RefreshReg$ function| $RefreshSig$ object| ErrorSerializer function| getErrorSafe object| ErrorGuard object| ErrorUtils function| Arbiter object| JSCC function| ge object| Parent0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
code.jquery.com
whats-app.supportsassistance.com
2001:4de0:ac19::1:b:2b
95.217.28.78
4c38e1097b864a873243dee54c73acca2dbcfd48112e5afde26973b627b40835
d6d8be4f8098fc88c2dea29d883aa99535408aba3bfdd151fd6f6863a1c0039d
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d