ScanMalware.com

Security Scan Report: whats-xth.vip

Submitted: Oct 24, 2025, 3:40:53 AMCompleted: Oct 24, 2025, 3:43:31 AMpubliccompleted
Loading additional data...

Summary

This website contacted 13 IPs in 2 countries across 2 domains to perform 15 HTTP transactions. The main domain is whats-xth.vip and was registered NaN years ago.

Submitted URL: https://whats-xth.vip/

AI Security Verdict

High Risk

Confidence: 92%

10
Risk Score

High‑risk phishing site impersonating WhatsApp; do not trust.

Risk Factors
Impersonation of a well‑known brand (WhatsApp) on a newly registered domain
Critical domain age (<7 days) combined with brand claims
UNRANKED domain lacking reputable ranking
Suspicious OCR text used to lure users
Domain age information unavailable

Details

Page Title

N/A

Scan Type

public

Language

🇺🇸

English

(50% confidence)

Category

unknown

(0%)

Domain Information

You're looking at domain 'whats-xth.vip' on the .vip top-level domain without a subdomain. The core label 'whats-xth' covers 9 characters holding 1 vowel versus seven consonants, plus one hyphen. It segments into 3 words: what, s, xth. Median word length comes out to 3 characters. 'what' most often appears in Chinese (Pinyin). You may catch it in English and Czech as well.

Screenshot

Security scan screenshot of https://whats-xth.vip/

Page Load Overview

3.08s
Total Load Time
15
HTTP Requests
2
Domains
1 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:50%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:50%
Script Type:Latin
Text Length:1,954 chars
Detector Agreement:100%

Website Classification

Primary Category

unknown0% confidence
Type: static
Method: structural

All Detected Categories

No categories detected

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
1420.2.67.40Hong Kong, Hong Kong
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
1124.222.174.117Shanghai, Shanghai, China
AS45090Shenzhen Tencent Computer Systems Company Limited
1111.231.169.247Shanghai, Shanghai, China
AS45090Shenzhen Tencent Computer Systems Company Limited
1124.220.203.60Shanghai, Shanghai, China
AS45090Shenzhen Tencent Computer Systems Company Limited
12408:4005:30a:4302:6218:d8d9:db29:5de0Hangzhou, Zhejiang, China
AS37963Hangzhou Alibaba Advertising Co.,Ltd.
1106.54.228.253Shanghai, Shanghai, China
AS45090Shenzhen Tencent Computer Systems Company Limited
12408:4005:30a:4302:6218:d8d9:db29:65c1Hangzhou, Zhejiang, China
AS37963Hangzhou Alibaba Advertising Co.,Ltd.
12408:4005:30a:4302:6218:d8d9:db29:5dd6Hangzhou, Zhejiang, China
AS37963Hangzhou Alibaba Advertising Co.,Ltd.
1118.25.42.241Shanghai, Shanghai, China
AS45090Shenzhen Tencent Computer Systems Company Limited
12408:4005:30a:4302:6218:d8d9:db29:5dd8Hangzhou, Zhejiang, China
AS37963Hangzhou Alibaba Advertising Co.,Ltd.
1513--

Detected Technologies2

HSTS
40%
Vue.js
30%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T19692403063A0626B2167C3C5EE616F99219BE33DC34E88442FE912585FCBEB9F536074

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

384:YwAojOXRQxln2CNzeT0jzzXkAyz+huh9pNP0rzqPuqqmZyTzhBeC3D:OojOX6xln2CNz803Fyio7pNgqqQyTzhj

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:20576:mBWqkoA8gFQToUKpGMqAFDEDYCDWgo8YCC0TG4FWQlAwUEmTgNHaIAC8gkBAAgCQfARIEIKIJXgjFCUEOQDhI0aFUhmWES1C

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:007fff7f7fff3f3f
Perceptual Hash:87787e700360787f
Difference Hash:404040d0d0c0d0d0
Wavelet Hash:003032320e0e0e0e
Color Hash:#722dd2

Other Hashes

Crop Resistant:4040c0d0c0c0d0d0,0000204048484020

Scan History

Scan history not available

Unable to load historical scan data