![](/screenshots/9ce7990f-5a84-4dd6-ae0d-407065a6804d.png)
www.chat.whatsapp.com.creamy.com.br
Open in
urlscan Pro
162.214.113.191
Malicious Activity!
Public Scan
Submission: On February 16 via automatic, source openphish
Summary
This is the only time www.chat.whatsapp.com.creamy.com.br was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: WhatsApp (Instant Messenger)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 162.214.113.191 162.214.113.191 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1) | |
5 | 2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK) | |
1 | 145.239.131.55 145.239.131.55 | 16276 (OVH) (OVH) | |
7 | 3 |
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: vps-4765642.skelt.com.br
www.chat.whatsapp.com.creamy.com.br |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
fbcdn.net
static.xx.fbcdn.net |
100 KB |
1 |
ibb.co
i.ibb.co |
59 KB |
1 |
creamy.com.br
www.chat.whatsapp.com.creamy.com.br |
37 KB |
7 | 3 |
Domain | Requested by | |
---|---|---|
5 | static.xx.fbcdn.net |
www.chat.whatsapp.com.creamy.com.br
static.xx.fbcdn.net |
1 | i.ibb.co |
www.chat.whatsapp.com.creamy.com.br
|
1 | www.chat.whatsapp.com.creamy.com.br | |
7 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.whatsapp.com |
chat.whatsapp.com |
web.whatsapp.com |
faq.whatsapp.com |
www.whatsappbrand.com |
blog.whatsapp.com |
twitter.com |
www.facebook.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-12-22 - 2021-03-21 |
3 months | crt.sh |
ibb.co R3 |
2021-02-02 - 2021-05-03 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://www.chat.whatsapp.com.creamy.com.br/
Frame ID: 1E5026A12AB4D1EFDE0CDBCBADB4F49F
Requests: 7 HTTP requests in this frame
81 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: azərbaycan
Search URL Search Domain Scan URL
Title: Afrikaans
Search URL Search Domain Scan URL
Title: Bahasa Indonesia
Search URL Search Domain Scan URL
Title: Melayu
Search URL Search Domain Scan URL
Title: català
Search URL Search Domain Scan URL
Title: čeština
Search URL Search Domain Scan URL
Title: dansk
Search URL Search Domain Scan URL
Title: Deutsch
Search URL Search Domain Scan URL
Title: eesti
Search URL Search Domain Scan URL
Title: English
Search URL Search Domain Scan URL
Title: español
Search URL Search Domain Scan URL
Title: français
Search URL Search Domain Scan URL
Title: Gaeilge
Search URL Search Domain Scan URL
Title: hrvatski
Search URL Search Domain Scan URL
Title: italiano
Search URL Search Domain Scan URL
Title: Kiswahili
Search URL Search Domain Scan URL
Title: latviešu
Search URL Search Domain Scan URL
Title: lietuvių
Search URL Search Domain Scan URL
Title: magyar
Search URL Search Domain Scan URL
Title: Nederlands
Search URL Search Domain Scan URL
Title: norsk bokmål
Search URL Search Domain Scan URL
Title: o‘zbek
Search URL Search Domain Scan URL
Title: Filipino
Search URL Search Domain Scan URL
Title: polski
Search URL Search Domain Scan URL
Title: Português (Brasil)
Search URL Search Domain Scan URL
Title: Português (Portugal)
Search URL Search Domain Scan URL
Title: română
Search URL Search Domain Scan URL
Title: shqip
Search URL Search Domain Scan URL
Title: slovenčina
Search URL Search Domain Scan URL
Title: slovenščina
Search URL Search Domain Scan URL
Title: suomi
Search URL Search Domain Scan URL
Title: svenska
Search URL Search Domain Scan URL
Title: Tiếng Việt
Search URL Search Domain Scan URL
Title: Türkçe
Search URL Search Domain Scan URL
Title: Ελληνικά
Search URL Search Domain Scan URL
Title: български
Search URL Search Domain Scan URL
Title: қазақ тілі
Search URL Search Domain Scan URL
Title: македонски
Search URL Search Domain Scan URL
Title: русский
Search URL Search Domain Scan URL
Title: српски
Search URL Search Domain Scan URL
Title: українська
Search URL Search Domain Scan URL
Title: עברית
Search URL Search Domain Scan URL
Title: العربية
Search URL Search Domain Scan URL
Title: فارسی
Search URL Search Domain Scan URL
Title: اردو
Search URL Search Domain Scan URL
Title: বাংলা
Search URL Search Domain Scan URL
Title: हिन्दी
Search URL Search Domain Scan URL
Title: ગુજરાતી
Search URL Search Domain Scan URL
Title: ಕನ್ನಡ
Search URL Search Domain Scan URL
Title: मराठी
Search URL Search Domain Scan URL
Title: ਪੰਜਾਬੀ
Search URL Search Domain Scan URL
Title: தமிழ்
Search URL Search Domain Scan URL
Title: తెలుగు
Search URL Search Domain Scan URL
Title: മലയാളം
Search URL Search Domain Scan URL
Title: ไทย
Search URL Search Domain Scan URL
Title: 简体中文
Search URL Search Domain Scan URL
Title: 繁體中文
Search URL Search Domain Scan URL
Title: 日本語
Search URL Search Domain Scan URL
Title: 한국어
Search URL Search Domain Scan URL
Title: WhatsApp Web
Search URL Search Domain Scan URL
Title: Features
Search URL Search Domain Scan URL
Title: Download
Search URL Search Domain Scan URL
Title: Security
Search URL Search Domain Scan URL
Title: FAQ
Search URL Search Domain Scan URL
Title: Get in touch
Search URL Search Domain Scan URL
Title: Download
Search URL Search Domain Scan URL
Title: use WhatsApp Web
Search URL Search Domain Scan URL
Title: Business
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: About
Search URL Search Domain Scan URL
Title: Careers
Search URL Search Domain Scan URL
Title: Brand Center
Search URL Search Domain Scan URL
Title: Blog
Search URL Search Domain Scan URL
Title: WhatsApp Stories
Search URL Search Domain Scan URL
Title: Android
Search URL Search Domain Scan URL
Title: iPhone
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: Coronavirus
Search URL Search Domain Scan URL
Title: Privacy & Terms
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
7 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
www.chat.whatsapp.com.creamy.com.br/ |
37 KB 37 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
li1FVv8ji_p.css
static.xx.fbcdn.net/rsrc.php/v3/y7/l/0,cross/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
-FqGavqvSZ6.css
static.xx.fbcdn.net/rsrc.php/v3/yE/l/0,cross/ |
227 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Sc982v7GTGi.css
static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,cross/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Lv5aJk9unC2.js
static.xx.fbcdn.net/rsrc.php/v3/yr/r/ |
267 KB 71 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
-r3j-x8ZnM7.svg
static.xx.fbcdn.net/rsrc.php/yv/r/ |
5 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
home-fmediakuasfa-public-html-img-lonte.jpg
i.ibb.co/CJRby2S/ |
58 KB 59 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: WhatsApp (Instant Messenger)32 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated number| _cstart number| __DEV__ function| emptyFunction function| __annotator function| __bodyWrapper function| __t function| __w function| FB_enumerate function| __m object| babelHelpers function| define function| require function| requireDynamic function| requireLazy function| __d function| $RefreshReg$ function| $RefreshSig$ object| ErrorSerializer function| getErrorSafe object| ErrorGuard object| Env object| ErrorUtils function| Arbiter object| JSCC function| $ function| ge object| Parent0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
i.ibb.co
static.xx.fbcdn.net
www.chat.whatsapp.com.creamy.com.br
145.239.131.55
162.214.113.191
2a03:2880:f02d:12:face:b00c:0:3
016c62006b69ac6868428f1c92e5bb0134f67b67f2456eac49a4654efa2389c6
2a46b7b1639b1f426166dfbe62906974259e3103ac71a41703d27ca85c8be069
3408c12b00a8f8f1b32eae70fcfef2889419540d2a3c7684818152c39d1ee8e7
4763ab05b3a23785f3ecd276d40d2c1209e77a516c9361f6533747cc8759d95d
4c38e1097b864a873243dee54c73acca2dbcfd48112e5afde26973b627b40835
96781f4c333b7f724462190868ebb6a1127c9675257a5e51287c0294024f43da
a570728392ffa25080543d1495467eb6d61f5f7aa7ad554da485baa609884ea1