ScanMalware.com

Security Scan Report: app-hrr-whatshktw.com

Submitted: Oct 12, 2025, 11:34:45 AMCompleted: Oct 12, 2025, 11:35:32 AMpubliccompleted
Loading additional data...

Summary

This website contacted 6 IPs in 3 countries across 3 domains to perform 30 HTTP transactions. The main domain is app-hrr-whatshktw.com and was registered NaN years ago.

Submitted URL: https://app-hrr-whatshktw.com/_layouts/16/spinstall0.aspx/

AI Security Verdict

Unknown

Confidence: 95%

9
Risk Score

Confirmed phishing site impersonating WhatsApp; do not trust.

Risk Factors
Brand impersonation on a brand‑new, unranked domain
Critical domain age (3 days) amplifies suspicion
Lack of any legitimate brand verification (final URL does not match WhatsApp domain)
Use of official‑sounding language to lure users into scanning QR codes
Domain age information unavailable

Details

Page Title

幫助中心 - whatsapp電腦登錄

Scan Type

public

Language

🇨🇳

Chinese

(80% confidence)

Category

social media network

(87%)

Domain Information

The domain 'app-hrr-whatshktw.com' uses the commercial generic top-level domain (.com). The registrable portion 'app-hrr-whatshktw' spans 17 characters containing two vowels alongside 13 consonants, plus two hyphens. Breaking it apart gives 7 words: app, hr, r, what, s, hk, tw. Expect 2 characters per word on average. Most frequently, 'app' shows up in Chinese (Pinyin). You will also see it in English and Chinese (Simplified) contexts. Taken together, it feels Chinese (Pinyin) with character flair.

Screenshot

Security scan screenshot of https://app-hrr-whatshktw.com/_layouts/16/spinstall0.aspx/

Page Load Overview

21.46s
Total Load Time
30
HTTP Requests
3
Domains
2.0 MB
Total Size

Language Analysis

Primary Language

🇨🇳Chinese
Code: zh
Confidence:80%
Script:Han
Direction:ltr

Detection Details

Language Code:zh
Detection Confidence:80%
Script Type:Han
HTML Lang Attribute:zh-CN
Text Length:2,118 chars
Detector Agreement:100%

Website Classification

Primary Category

social media network87% confidence
Type: static
Method: ml+structural

All Detected Categories

social media network
87%
technology software
72%
documentation technical
65%
corporate business
60%
government public service
36%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
549.71.39.36China
AS137697CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China.
591.204.227.137Los Angeles, California, United States
AS205960Hdtidc Limited
543.174.227.42Singapore
AS139341ACE
5119.188.220.225China
AS4837CHINA UNICOM China169 Backbone
543.174.229.41Singapore
AS139341ACE
5240d:c010:74:3::b9Singapore
AS139341ACE
306--

Detected Technologies2

HTTP/3
40%
HSTS
40%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1F4A25231499127331323E2CAE017AF2AF1E74B19B89E1C16ABF856DE5FA1F11F8055C6

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

384:/kXNW6avO49YhrgPk53SPpNo5WABLeXegTkLVzHnzNeKymYvKcAfqhmHGEr21dL4:sXA6avhet4e3SP85WAFsETNeKyjtAfq4

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:22340:k6ICYLUAFACBOojQUIeUlsEDBY3SBFtIM2OimKAECSqlHIGgw4QICBBlsCAIAgAkAQJBUAVY2yxR04AiAy0AQnQQqKEOYWGB

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:dfffffdf8181ffc9
Perceptual Hash:b996923939966927
Difference Hash:3332c02b3b1b403b
Wavelet Hash:9df0ffc38181cb81
Color Hash:#87abc5

Other Hashes

Crop Resistant:3332c02b3b1b403b,6663595dd4e2ea5c,63852d6539396d59,b3f3437343e76763,5e5b62d2c9888cd8,c6c6c6cecececece

Scan History

Scan history not available

Unable to load historical scan data