whatsappwebdl.icu
Open in
urlscan Pro
172.67.141.116
Malicious Activity!
Public Scan
Submission: On March 27 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by E1 on March 27th 2024. Valid for: 3 months.
This is the only time whatsappwebdl.icu was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: WhatsApp (Instant Messenger)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
10 | 172.67.141.116 172.67.141.116 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
10 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
whatsappwebdl.icu
whatsappwebdl.icu |
254 KB |
10 | 1 |
Domain | Requested by | |
---|---|---|
10 | whatsappwebdl.icu |
whatsappwebdl.icu
|
10 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
whatsappwebdl.icu E1 |
2024-03-27 - 2024-06-25 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://whatsappwebdl.icu/
Frame ID: 566F5C44774D9A1FF63ECADFA192D18E
Requests: 13 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
Primary Request
/
whatsappwebdl.icu/ |
5 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
app.ed74c755.css
whatsappwebdl.icu/h5/static/css/ |
10 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
chunk-libs.b81f3f69.css
whatsappwebdl.icu/h5/static/css/ |
1 KB 833 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
chunk-vantUI.7ba7c773.css
whatsappwebdl.icu/h5/static/css/ |
87 KB 33 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
app.5311ca7a.js
whatsappwebdl.icu/h5/static/js/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
chunk-libs.90224681.js
whatsappwebdl.icu/h5/static/js/ |
556 KB 167 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
chunk-vantUI.9afc80ef.js
whatsappwebdl.icu/h5/static/js/ |
106 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
chunk-eb2fd8b8.d803bf16.js
whatsappwebdl.icu/h5/static/js/ |
20 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
chunk-2d0baaed.3d0f856d.js
whatsappwebdl.icu/h5/static/js/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
whatsappwebdl.icu/ |
787 B 1 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
85 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
9 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
9 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: WhatsApp (Instant Messenger)7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onpagereveal object| webpackJsonp object| regeneratorRuntime object| $cookies object| lib number| rem number| dpr0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
whatsappwebdl.icu
172.67.141.116
037694f09642ea8672ab1a6236b29ba3f7b70aac76eea81aaa963584f23b5790
0c4331639788455e24bed09ae2297c63c16cf42f5ccfa374c3d8537d9cc0bf1a
4a711f5cd03c09fd79ae2f19bb2f71168e71c18b7562626a1ae8d99ebc3212ff
6ad47184b37f307576748d5c619b3c760fc87ecb0f7916b5b427e1a30a0fd25c
759dc14a647618bcae5099437c89998c28a2828fd56784bf1ce88edea1c037fa
774320c493d758b652ffa0f2fcb6790892d3066312635da0081f68b1f760c351
851375811f4da263a28d6ec34d0cca25c38d7bb086170446ab277ab8a4d31941
a8143878b4cfa67d90b541cc2f3d743f7f0ab298da61204af4ff95cce4b8a96d
a97201769593dce74ff8a325538ddc4fb69549e556bbfa3b98d7a7660404c8bc
b06c9548b64523a00aaf0d5361375d274ac74fb96a5990d91026730edb2bceb5
c4a8b28b7eaefea120192859815258246b164281d6b2edb8448a1ef70b536e43
c6e9e08629145ba99c0de52cb34be3b9b2840da18008077b5aa498c51f29e2f9
d0cadf240e89340b93df35240e7809039c1c574be05fbe2cf3243e2f487bc9ec