EN ES PT

Phishing Analysis

Detailed analysis of captured phishing page

Back to Stats

Visual Capture

Screenshot of app.zh-cn-hk-whatsapp.com.cn

Detection Info

http://app.zh-cn-hk-whatsapp.com.cn/
Detected Brand
WhatsApp
Country
Unknown
Confidence
95%
HTTP Status
200
Report ID
a765e9e7-eb9…
Analyzed
2026-05-21 22:20
Final URL (after redirects)
https://app.zh-cn-hk-whatsapp.com.cn/

Content Hashes (HTML Similarity)

Used to detect similar phishing pages based on HTML content

Algorithm Hash Value
CONTENT TLSH
T10A51C72C6059ED770A4BE3C61A98C76F70C9CB38CE071F35A5E1861E0DC8D1AED4114D
CONTENT ssdeep
96:l9asQo2gwTTH9CFrG7VC1CH7MVGYMhMbhN:l9HQJTH9Cc01CHAVGDGbhN

Visual Hashes (Screenshot Similarity)

Used to detect visually similar phishing pages based on screenshots

Algorithm Hash Value
VISUAL pHash
8f433cc33cc3c33c
VISUAL aHash
1f1f3f3f3f3f1f1f
VISUAL dHash
f1f1f1f9fdc2f4bc
VISUAL wHash
18181d1f1f2b1f1f
VISUAL colorHash
17003200080
VISUAL cropResistant
c3c3d1d3fda4d0d8,1f0f1d5c5d5d1c1a

Code Analysis

Threat Level ALTO
⚠️ Phishing Confirmed

📊 Risk Score Breakdown

Total Risk Score
40/100

🔬 Comprehensive Threat Analysis

Threat Type
WhatsApp Phishing Landing Page
Target
WhatsApp users
Attack Method
Phishing webpage
Exfiltration Channel
Form submission (backend endpoint not detected - likely JavaScript-based)
Risk Assessment
LOW - Automated credential harvesting with Form submission (backend endpoint not detected - likely JavaScript-based)

🏢 Brand Impersonation Analysis

Impersonated Brand
WhatsApp
Official Website
https://www.whatsapp.com
Fake Service
Credential harvesting service

⚔️ Attack Methodology

Primary Method: Malicious Landing Page

Uses WhatsApp branding to appear legitimate in search results, social media, or advertising networks. Designed to redirect victims to phishing pages or distribute malware while maintaining appearance of authenticity.

Secondary Method: Standard Phishing Techniques

Uses typical phishing tactics including brand impersonation, urgency tactics, and social engineering to trick victims into providing sensitive information.

🌐 Infrastructure Indicators of Compromise

Domain Information

Domain
app.zh-cn-hk-whatsapp.com.cn
Registered
2026-04-09 01:12:06+00:00
Registrar
PDR Ltd. d/b/a PublicDomainRegistry.com
Status
Active (42 days old)

Hosting Information

Provider
PDR Ltd. d/b/a PublicDomainRegistry.com
ASN

🤖 AI-Extracted Threat Intelligence

😰
"I Never Thought It Would Happen to Me"
That's what 2.3 million victims say every year. Don't wait to become a statistic.