ScanMalware.com

Security Scan Report: whats-xtf.vip

Submitted: Oct 22, 2025, 2:34:13 PMCompleted: Oct 22, 2025, 2:35:11 PMpubliccompleted
Loading additional data...

Summary

This website contacted 13 IPs in 2 countries across 2 domains to perform 15 HTTP transactions. The main domain is whats-xtf.vip and was registered NaN years ago.

Submitted URL: https://whats-xtf.vip/

AI Security Verdict

Confirmed Scam

Confidence: 95%

10
Risk Score

Confirmed phishing scam impersonating WhatsApp on a brand‑new unranked domain.

Risk Factors
Brand impersonation on a newly registered, unranked domain
Critical domain age (<7 days) with brand claims
Unranked domain lacking any reputation
Use of official brand name (WhatsApp) without official domain
Domain age information unavailable

Details

Page Title

N/A

Scan Type

public

Language

🇺🇸

English

(50% confidence)

Category

unknown

(0%)

Domain Information

The domain name 'whats-xtf.vip' uses the .vip top-level domain. The second-level label 'whats-xtf' is 9 characters long split between 1 vowel and seven consonants, along with 1 hyphen. Breaking it apart gives 4 words: what, s, xt, f. Average segment length settles at 1.5 characters. The linguistic tilt is Chinese (Pinyin) for 'what'. Secondary signals appear in English and Czech. Overall, 'whats-xtf.vip' reads as Chinese (Pinyin) with character flair.

Screenshot

Security scan screenshot of https://whats-xtf.vip/

Page Load Overview

24.30s
Total Load Time
15
HTTP Requests
2
Domains
1 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:50%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:50%
Script Type:Latin
Text Length:1,954 chars
Detector Agreement:100%

Website Classification

Primary Category

unknown0% confidence
Type: static
Method: structural

All Detected Categories

No categories detected

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
320.2.67.40Hong Kong, Hong Kong
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
1111.231.169.247Shanghai, Shanghai, China
AS45090Shenzhen Tencent Computer Systems Company Limited
1124.220.205.65Shanghai, Shanghai, China
AS45090Shenzhen Tencent Computer Systems Company Limited
1124.220.203.60Shanghai, Shanghai, China
AS45090Shenzhen Tencent Computer Systems Company Limited
12408:4005:30a:4302:6218:d8d9:db29:5dd6Hangzhou, Zhejiang, China
AS37963Hangzhou Alibaba Advertising Co.,Ltd.
12408:4005:30a:4302:6218:d8d9:db29:5dd2Hangzhou, Zhejiang, China
AS37963Hangzhou Alibaba Advertising Co.,Ltd.
1106.54.228.253Shanghai, Shanghai, China
AS45090Shenzhen Tencent Computer Systems Company Limited
1118.25.42.241Shanghai, Shanghai, China
AS45090Shenzhen Tencent Computer Systems Company Limited
12408:4005:30a:4302:6218:d8d9:db29:5de0Hangzhou, Zhejiang, China
AS37963Hangzhou Alibaba Advertising Co.,Ltd.
1124.222.174.117Shanghai, Shanghai, China
AS45090Shenzhen Tencent Computer Systems Company Limited
1513--

Detected Technologies2

HSTS
40%
Vue.js
30%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T19692403063A0626B2167C3C5EE616F99219BE33DC34E88442FE912585FCBEB9F536074

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

384:YwAojOXRQxln2CNzeT0jzzXkAyz+huh9pNP0rzqPuqqmZyTzhBeC3D:OojOX6xln2CNz803Fyio7pNgqqQyTzhj

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:20576:mBWqkoA8gFQToUKpGMqAFDEDYCDWgo8YCC0TG4FWQlAwUEmTgNHaIAC8gkBAAgCQfARIEIKIJXgjFCUEOQDhI0aFUhmWES1C

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:N/A
Perceptual Hash:N/A
Difference Hash:N/A
Wavelet Hash:N/A
Color Hash:N/A

Other Hashes

Crop Resistant:N/A

Scan History

Scan history not available

Unable to load historical scan data