urlscan.io logo urlscan.io
SecurityTrails logo

whatspp.cc Open in urlscan Pro
46.149.194.201  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://whatspp.cc/
Submission: On June 29 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 13 HTTP transactions. The main IP is 46.149.194.201, located in Hong Kong and belongs to DNC-AS Dimension Network & Communication Limited, HK. The main domain is whatspp.cc.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on June 29th 2023. Valid for: 3 months.
This is the only time whatspp.cc was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: WhatsApp (Instant Messenger)

Downloads These files were downloaded by the website

Incomplete WhatAppPro.zip 112 MB
Size: 112 MB (117295679 bytes, 0% done)
Downloaded from: https://bbaoop.oss-cn-hongkong.aliyuncs.com/WhatAppPro.zip

Domain & IP information

IP Address AS Autonomous System
12 46.149.194.201 59371 (DNC-AS Di...)
1 47.75.19.43 45102 (ALIBABA-C...)
13 2
Apex Domain
Subdomains		 Transfer
12 whatspp.cc
whatspp.cc
318 KB
1 aliyuncs.com
bbaoop.oss-cn-hongkong.aliyuncs.com
13 2
Domain Requested by
12 whatspp.cc whatspp.cc
1 bbaoop.oss-cn-hongkong.aliyuncs.com whatspp.cc
13 2

This site contains no links.

Subject Issuer Validity Valid
whatspp.cc
ZeroSSL RSA Domain Secure Site CA		 2023-06-29 -
2023-09-27		 3 months crt.sh
oss-cn-hongkong.aliyuncs.com
GlobalSign Organization Validation CA - SHA256 - G3		 2023-04-23 -
2024-05-24		 a year crt.sh

This page contains 1 frames:

Frame: https://bbaoop.oss-cn-hongkong.aliyuncs.com/WhatAppPro.zip
Frame ID: 0F79D69401D9D9557E81BF90308F929F
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

WhatsApp

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

318 kB
Transfer

768 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
whatspp.cc/ 		115 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://whatspp.cc/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.149.194.201 , Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK),
Reverse DNS
Software
8080 /
Resource Hash
24d92e3d783c226e04494288eae93ae5c048d9405671957a8293e876b7d745e4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Thu, 29 Jun 2023 02:33:00 GMT
etag
W/"649a5b66-1cc36"
last-modified
Tue, 27 Jun 2023 03:45:42 GMT
server
8080
vary
Accept-Encoding
x-cache-status
MISS
92yU3_1E6qP.css
whatspp.cc/img/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://whatspp.cc/img/92yU3_1E6qP.css
Requested by
Host: whatspp.cc
URL: https://whatspp.cc/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.149.194.201 , Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK),
Reverse DNS
Software
8080 /
Resource Hash
b1dec9c543ba7d88bd189d02e6b4b783e20061171c49094a928fc819ec788bcc

Request headers

Referer
https://whatspp.cc/
Origin
https://whatspp.cc
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 02:33:00 GMT
content-encoding
gzip
last-modified
Mon, 20 Mar 2023 10:50:43 GMT
server
8080
etag
W/"64183a83-1a1b"
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Thu, 29 Jun 2023 14:10:10 GMT
xnxHL8zVBjo.css
whatspp.cc/img/ 		120 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://whatspp.cc/img/xnxHL8zVBjo.css
Requested by
Host: whatspp.cc
URL: https://whatspp.cc/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.149.194.201 , Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK),
Reverse DNS
Software
8080 /
Resource Hash
4d4a39c3f28fd36f30e096437c6698aad119539dfbd2fb95dd19470307fe212c

Request headers

Referer
https://whatspp.cc/
Origin
https://whatspp.cc
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 02:33:00 GMT
content-encoding
gzip
last-modified
Mon, 20 Mar 2023 10:50:43 GMT
server
8080
etag
W/"64183a83-1defc"
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Thu, 29 Jun 2023 14:10:10 GMT
EsyfAiyWshR.css
whatspp.cc/img/ 		13 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://whatspp.cc/img/EsyfAiyWshR.css
Requested by
Host: whatspp.cc
URL: https://whatspp.cc/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.149.194.201 , Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK),
Reverse DNS
Software
8080 /
Resource Hash
fee58b2c5d1dfec9419b07d030239a7621d674ee2215ab7cf6de5bf0e480bb68

Request headers

Referer
https://whatspp.cc/
Origin
https://whatspp.cc
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 02:33:00 GMT
content-encoding
gzip
last-modified
Mon, 20 Mar 2023 10:50:43 GMT
server
8080
etag
W/"64183a83-33e2"
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Thu, 29 Jun 2023 14:10:10 GMT
28bZN702Ikw.css
whatspp.cc/img/ 		755 B
958 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://whatspp.cc/img/28bZN702Ikw.css
Requested by
Host: whatspp.cc
URL: https://whatspp.cc/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.149.194.201 , Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK),
Reverse DNS
Software
8080 /
Resource Hash
601a3dc320fad0ec8167a25ef03e8aabd6a686061cd416ad1fa84482fac364c7

Request headers

Referer
https://whatspp.cc/
Origin
https://whatspp.cc
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 02:33:00 GMT
last-modified
Mon, 20 Mar 2023 10:50:43 GMT
server
8080
etag
"64183a83-2f3"
x-cache-status
HIT
content-type
text/css
cache-control
max-age=43200
accept-ranges
bytes
content-length
755
expires
Thu, 29 Jun 2023 14:10:10 GMT
2VSZD9_JH43.js
whatspp.cc/img/ 		309 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://whatspp.cc/img/2VSZD9_JH43.js
Requested by
Host: whatspp.cc
URL: https://whatspp.cc/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.149.194.201 , Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK),
Reverse DNS
Software
8080 /
Resource Hash
17a99746b0a4baf21319ba7fd1b1e2906ff320db5ae12e39c3b8cccb00223809

Request headers

Referer
https://whatspp.cc/
Origin
https://whatspp.cc
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 02:33:00 GMT
content-encoding
gzip
last-modified
Mon, 20 Mar 2023 10:50:43 GMT
server
8080
etag
W/"64183a83-4d29b"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Thu, 29 Jun 2023 14:10:10 GMT
36B424nhiL4.svg
whatspp.cc/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://whatspp.cc/36B424nhiL4.svg
Requested by
Host: whatspp.cc
URL: https://whatspp.cc/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.149.194.201 , Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK),
Reverse DNS
Software
8080 /
Resource Hash
708f4f787db19dcb4cca817e1c38fba2baf0216b092c90d59648464791d57abb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://whatspp.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 02:33:01 GMT
last-modified
Mon, 20 Mar 2023 10:50:42 GMT
server
8080
etag
"64183a82-221b"
x-cache-status
MISS
content-type
image/svg+xml
accept-ranges
bytes
content-length
8731
lOol7j-zq4u.svg
whatspp.cc/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://whatspp.cc/lOol7j-zq4u.svg
Requested by
Host: whatspp.cc
URL: https://whatspp.cc/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.149.194.201 , Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK),
Reverse DNS
Software
8080 /
Resource Hash
533ef6670e3d9c0e44718d0afa43f2edda11b58586e9da4e8f621145cf84d4d2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://whatspp.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 02:33:01 GMT
last-modified
Mon, 20 Mar 2023 10:50:42 GMT
server
8080
etag
"64183a82-a58"
x-cache-status
MISS
content-type
image/svg+xml
accept-ranges
bytes
content-length
2648
199496234.png
whatspp.cc/img/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://whatspp.cc/img/199496234.png
Requested by
Host: whatspp.cc
URL: https://whatspp.cc/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.149.194.201 , Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK),
Reverse DNS
Software
8080 /
Resource Hash
736ec0b63c70e29a0dad38ffb5a2f40c1b66062ac2e31ee4c21e43f2890b00e2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://whatspp.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 02:33:00 GMT
content-encoding
gzip
last-modified
Mon, 20 Mar 2023 10:50:43 GMT
server
8080
etag
W/"64183a83-5643"
x-cache-status
HIT
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=2592000
expires
Sat, 29 Jul 2023 02:10:10 GMT
199550118.png
whatspp.cc/img/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://whatspp.cc/img/199550118.png
Requested by
Host: whatspp.cc
URL: https://whatspp.cc/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.149.194.201 , Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK),
Reverse DNS
Software
8080 /
Resource Hash
cd899e99d525898009bc4673d29cf38ebdc2ddc6d14bd7263f2c53e322ef2ef4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://whatspp.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 02:33:00 GMT
content-encoding
gzip
last-modified
Mon, 20 Mar 2023 10:50:43 GMT
server
8080
etag
W/"64183a83-5607"
x-cache-status
HIT
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=2592000
expires
Sat, 29 Jul 2023 02:10:21 GMT
200489840.png
whatspp.cc/img/ 		55 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://whatspp.cc/img/200489840.png
Requested by
Host: whatspp.cc
URL: https://whatspp.cc/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.149.194.201 , Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK),
Reverse DNS
Software
8080 /
Resource Hash
c230016694c1b4234b5b3330a1bb720efcc3152727ccde28ae63d9a89418cd24

Request headers

accept-language
en-US,en;q=0.9
Referer
https://whatspp.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 02:33:00 GMT
content-encoding
gzip
last-modified
Mon, 20 Mar 2023 10:50:43 GMT
server
8080
etag
W/"64183a83-dd7e"
x-cache-status
HIT
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=2592000
expires
Sat, 29 Jul 2023 02:10:21 GMT
jquery.min.js
whatspp.cc/jquery/1.12.4/ 		95 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://whatspp.cc/jquery/1.12.4/jquery.min.js
Requested by
Host: whatspp.cc
URL: https://whatspp.cc/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.149.194.201 , Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK),
Reverse DNS
Software
8080 /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

accept-language
en-US,en;q=0.9
Referer
https://whatspp.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 02:33:00 GMT
content-encoding
gzip
last-modified
Mon, 20 Mar 2023 10:50:44 GMT
server
8080
etag
W/"64183a84-17b8b"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Thu, 29 Jun 2023 14:10:10 GMT
WhatAppPro.zip
bbaoop.oss-cn-hongkong.aliyuncs.com/ 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://bbaoop.oss-cn-hongkong.aliyuncs.com/WhatAppPro.zip
Requested by
Host: whatspp.cc
URL: https://whatspp.cc/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.75.19.43 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash

Request headers

Referer
https://whatspp.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Disposition
attachment
Content-Length
117295679
Content-MD5
Q37iYPHhF3GxnayYnuFDAw==
Content-Type
application/zip
Date
Thu, 29 Jun 2023 02:33:02 GMT
ETag
"437EE260F1E11771B19DAC989EE14303"
Last-Modified
Tue, 27 Jun 2023 03:43:05 GMT
Server
AliyunOSS
x-oss-ec
0048-00000113
x-oss-force-download
true
x-oss-hash-crc64ecma
1111576865979220583
x-oss-object-type
Normal
x-oss-request-id
649CED5E23C0543030C2819A
x-oss-server-time
27
x-oss-storage-class
Standard

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: WhatsApp (Instant Messenger)

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend number| _cstart function| envFlush object| Env number| __DEV__ function| CavalryLogger function| __annotator function| __bodyWrapper function| __t function| __w function| emptyFunction function| FB_enumerate function| __m object| babelHelpers function| define function| require function| importDefault function| importNamespace function| requireDynamic function| requireLazy function| __d function| $RefreshReg$ function| $RefreshSig$ function| getErrorSafe object| ErrorGuard object| ErrorSerializer object| ErrorUtils function| Arbiter object| JSCC function| $ function| ge object| Parent object| TimeSlice function| now_inl number| __bigPipeFR number| __bigPipeCtor function| jQuery

0 Cookies