ScanMalware.com

Security Scan Report: web.i-whatsapp.com.cn

Submitted: Jan 6, 2026, 3:49:39 PMCompleted: Jan 6, 2026, 3:51:03 PMpubliccompleted
Loading additional data...

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 26 HTTP transactions. The main domain is web.i-whatsapp.com.cn and was registered NaN years ago.

Submitted URL: https://web.i-whatsapp.com.cn/

AI Security Verdict

Confirmed Scam

Confidence: 96%

10
Risk Score

Phishing site impersonating WhatsApp; newly registered and flagged as malicious.

Risk Factors
Primary domain malicious Indicators of Compromise match (phishing)
Brand impersonation of WhatsApp on a newly registered, unranked domain
Critical domain age (<1 day) with high risk multiplier
Unranked/low reputation domain (not in Cisco Umbrella top 1M)
Domain age information unavailable

Details

Page Title

WhatsApp Web

Scan Type

public

Language

🇨🇳

Chinese

(60% confidence)

Category

social media network

(67%)

Domain Information

You're looking at domain 'web.i-whatsapp.com.cn' on the Chinese country-code top-level domain (.com.cn); it also runs on subdomain 'web'. Its registrable label 'i-whatsapp' stretches across 10 characters containing 3 vowels alongside 6 consonants; it also includes 1 hyphen. It segments into four words: i, what, s, app. Average segment length settles at 2 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://web.i-whatsapp.com.cn/

Page Load Overview

10.23s
Total Load Time
25
HTTP Requests
5
Domains
16 KB
Total Size

Language Analysis

Primary Language

🇨🇳Chinese
Code: zh
Confidence:60%
Script:Han
Direction:ltr

Detection Details

Language Code:zh
Detection Confidence:60%
Script Type:Han
HTML Lang Attribute:zh-CN
Text Length:342 chars
Detector Agreement:67%

Website Classification

Primary Category

social media network67% confidence
Type: dynamic
Method: ml+structural

All Detected Categories

social media network
67%
corporate
25%

Detected Features

OG: website

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
5104.26.2.143United States
AS13335CLOUDFLARENET
4104.17.25.14United States
AS13335CLOUDFLARENET
4172.67.68.11SeychellesUnknown
4154.221.8.129Seychelles
AS137951ASLINE LIMITED
4172.67.153.77United States
AS13335CLOUDFLARENET
4104.17.24.14SeychellesUnknown
256--

Detected Technologies9

Open-Graph-Protocolvwebsite
100%
JQueryv3.2.1
100%
Bootstrapv3.3.7
100%
Cloudflare
50%
HTTP/3
40%
HSTS
40%
Tailwind CSS
30%
cdnjs
20%
Lodash
20%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T107033CF66BB061F8DD03C7E5E961F118715B30FAFB25CA94E2C84964EBC259C8CC6894

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

768:JEPcmp/DoEhhobhnjGnoTqdYt4adHxT+Qi7/EpGvZKTdX7a3KC:JEPtDoEhwhjioTqWdHs7/EpWwJX7aD

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:37905:KENxhWOkSNonUmYxwCAQgkoANUgEAAeBG0FEQQdKNwtMGLwFBIOEIhZUYjASMQ0GLSKJmMPwUlCB4CtAQRG0GiTIYgBAYQSU

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:003c5a5a3e3c0000
Perceptual Hash:8c9833c7ce6d9998
Difference Hash:8250943661690200
Wavelet Hash:08bc9d99bdbdc0c0
Color Hash:#82bf40

Other Hashes

Crop Resistant:8250943661690200

Scan History

Scan history not available

Unable to load historical scan data