![](/screenshots/d8b5f4a8-c396-45ca-9464-fc0a440f7c75.png)
www.whatsapp-hk.kim
Open in
urlscan Pro
2606:4700:3034::ac43:db77
Malicious Activity!
Public Scan
Effective URL: https://www.whatsapp-hk.kim/
Submission: On June 05 via automatic, source openphish — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on June 4th 2024. Valid for: 3 months.
This is the only time www.whatsapp-hk.kim was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Cloudflare (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
6 | 2606:4700:303... 2606:4700:3034::ac43:db77 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
6 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
whatsapp-hk.kim
www.whatsapp-hk.kim |
11 KB |
6 | 1 |
Domain | Requested by | |
---|---|---|
6 | www.whatsapp-hk.kim |
www.whatsapp-hk.kim
|
6 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
whatsapp-hk.kim GTS CA 1P5 |
2024-06-04 - 2024-09-02 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.whatsapp-hk.kim/
Frame ID: 552A01F299F1B6E2D28195C1C9BD1953
Requests: 3 HTTP requests in this frame
Frame:
https://www.whatsapp-hk.kim/modal.php
Frame ID: 88687112CDB1F49FAA5672078C9B125F
Requests: 3 HTTP requests in this frame
Screenshot
![](/screenshots/d8b5f4a8-c396-45ca-9464-fc0a440f7c75.png)
Page Title
WhatsAppPage URL History Show full URLs
-
http://www.whatsapp-hk.kim/
HTTP 307
https://www.whatsapp-hk.kim/ Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.whatsapp-hk.kim/
HTTP 307
https://www.whatsapp-hk.kim/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
6 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
Primary Request
/
www.whatsapp-hk.kim/ Redirect Chain
|
1 KB 936 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
index.df5c69.css
www.whatsapp-hk.kim/assets/css/ |
278 B 630 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
modal.php
www.whatsapp-hk.kim/ Frame 8868 |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cf.errors.css
www.whatsapp-hk.kim/cdn-cgi/styles/ Frame 8868 |
23 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon-exclamation.png
www.whatsapp-hk.kim/cdn-cgi/images/ Frame 8868 |
452 B 635 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon.png
www.whatsapp-hk.kim/assets/images/ |
1 KB 2 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Cloudflare (Online)1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 00 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
www.whatsapp-hk.kim
2606:4700:3034::ac43:db77
33e6e24a3f2665fdb5f0d042c0eca785f635eeb7cf1b80aa9726c1c50d8dbb56
392cb942a72af318c19e7dd4a8244206c2a6003b50b8c52ab466d517a3c66790
4749b1b6520eb0f0bb038ffaa72908bca8c49338fe06b49d19349eed881e4fc9
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
ba527c316536f04b4495e712d3063c65172dccb1bdcd179f8fddf1d563a93f22
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016