urlscan.io logo urlscan.io
SecurityTrails logo

r4jbz-uqaaa-aaaah-ab24q-cai.raw.ic0.app Open in urlscan Pro
2604:1380:4601:6204:5000:33ff:fede:ad31  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://r4jbz-uqaaa-aaaah-ab24q-cai.raw.ic0.app/
Submission: On January 17 via api from CH — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 5 countries across 4 domains to perform 10 HTTP transactions. The main IP is 2604:1380:4601:6204:5000:33ff:fede:ad31, located in Amsterdam, Netherlands and belongs to PACKET, US. The main domain is r4jbz-uqaaa-aaaah-ab24q-cai.raw.ic0.app.
TLS certificate: Issued by R3 on November 8th 2022. Valid for: 3 months.
This is the only time r4jbz-uqaaa-aaaah-ab24q-cai.raw.ic0.app was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Alibaba (Online)

Domain & IP information

IP Address AS Autonomous System
1 2604:1380:460... 54825 (PACKET)
3 104.87.131.236 16625 (AKAMAI-AS)
1 47.246.136.188 45102 (ALIBABA-C...)
1 152.199.19.160 15133 (EDGECAST)
2 79.133.177.252 24429 (TAOBAO Zh...)
1 104.87.131.254 16625 (AKAMAI-AS)
1 163.181.56.193 24429 (TAOBAO Zh...)
10 8
1    2604:1380:4601:6204:5000:33ff:fede:ad31 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
r4jbz-uqaaa-aaaah-ab24q-cai.raw.ic0.app
3    104.87.131.236 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-87-131-236.deploy.static.akamaitechnologies.com
i.alicdn.com
1    47.246.136.188 (United States)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
us.ynuf.alipay.com
1    152.199.19.160 (United States)

ASN15133 (EDGECAST, US)
ajax.aspnetcdn.com
2    79.133.177.252 (Russian Federation)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
img.alicdn.com
1    104.87.131.254 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-87-131-254.deploy.static.akamaitechnologies.com
s.alicdn.com
1    163.181.56.193 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
gw.alicdn.com
Apex Domain
Subdomains		 Transfer
7 alicdn.com
i.alicdn.com — Cisco Umbrella Rank: 20863
img.alicdn.com — Cisco Umbrella Rank: 10771
s.alicdn.com — Cisco Umbrella Rank: 16304
gw.alicdn.com — Cisco Umbrella Rank: 17501
107 KB
1 aspnetcdn.com
ajax.aspnetcdn.com — Cisco Umbrella Rank: 1096
38 KB
1 alipay.com
us.ynuf.alipay.com — Cisco Umbrella Rank: 136263
431 B
1 ic0.app
r4jbz-uqaaa-aaaah-ab24q-cai.raw.ic0.app
51 KB
10 4
Domain Requested by
3 i.alicdn.com r4jbz-uqaaa-aaaah-ab24q-cai.raw.ic0.app
i.alicdn.com
2 img.alicdn.com r4jbz-uqaaa-aaaah-ab24q-cai.raw.ic0.app
1 gw.alicdn.com i.alicdn.com
1 s.alicdn.com r4jbz-uqaaa-aaaah-ab24q-cai.raw.ic0.app
1 ajax.aspnetcdn.com r4jbz-uqaaa-aaaah-ab24q-cai.raw.ic0.app
1 us.ynuf.alipay.com r4jbz-uqaaa-aaaah-ab24q-cai.raw.ic0.app
1 r4jbz-uqaaa-aaaah-ab24q-cai.raw.ic0.app
10 7
Subject Issuer Validity Valid
boundary.dfinity.network
R3		 2022-11-08 -
2023-02-06		 3 months crt.sh
ru.aliexpress.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-19 -
2023-12-19		 a year crt.sh
ynuf.alipay.com
Secure Site CA G2		 2022-12-05 -
2024-01-05		 a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2022-07-11 -
2023-07-11		 a year crt.sh
*.tbcdn.cn
GlobalSign Organization Validation CA - SHA256 - G2		 2022-07-22 -
2023-08-06		 a year crt.sh
air.alibaba.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-07-19		 a year crt.sh

This page contains 1 frames:

Primary Page: https://r4jbz-uqaaa-aaaah-ab24q-cai.raw.ic0.app/
Frame ID: 8CF5C8168954D64614D83821E57BEFC5
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Alibaba Manufacturer Directory - Suppliers, Manufacturers, Exporters & Importers

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

10
Requests

100 %
HTTPS

14 %
IPv6

4
Domains

7
Subdomains

8
IPs

5
Countries

196 kB
Transfer

310 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
r4jbz-uqaaa-aaaah-ab24q-cai.raw.ic0.app/ 		101 KB
51 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://r4jbz-uqaaa-aaaah-ab24q-cai.raw.ic0.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2604:1380:4601:6204:5000:33ff:fede:ad31 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
nginx/1.21.3 /
Resource Hash
792efbfb00bc0d24c33392280b232652a415262224db068e8966e5a3587f36d3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-None-Match,If-Modified-Since,Cache-Control,Content-Type,Range,Cookie
access-control-allow-methods
HEAD, GET, POST, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges,Content-Length,Content-Range
access-control-max-age
600
content-encoding
gzip
content-type
text/html
date
Tue, 17 Jan 2023 10:39:10 GMT
etag
W/"792efbfb00bc0d24c33392280b232652a415262224db068e8966e5a3587f36d3"
ic-certificate
certificate=:2dn3o2R0cmVlgwGDAYMBgwJIY2FuaXN0ZXKDAYIEWCBwpPTnV5BxgaT3g12nTp6vCKiAxofuKfwezRHKe212poMBggRYIK30IPW1m62S08kAsIhW1tSo3Tocdn4b8teRVhj9bIU+gwGCBFggg8kKj+lPBsD/nODEtGjpCnuDoDDSFymZHWfObgtMwGaDAYIEWCBknml3rkRqZYBj3hXAbz390R2B/3WGYbVxggOQZr+cg4MBggRYII3kpKB+LPg2FDbmaTXyBZkinWl+/ocfzEAMGRSWlWiEgwGDAYIEWCACoIOKe1eV71X9RK51Z2jPNZB6G6p3DWTdfLN125OO+oMBgwJKAAAAAADgDrkBAYMBgwGDAYMCTmNlcnRpZmllZF9kYXRhggNYIKI9dU7n07a1BUitMTvW4k05RUjL8pvhAbsl/dU35hItggRYIIPFa/FN3j0o3mbGkrX8nZfp3ZhbatcrD+b4ToqN89yyggRYIGAFMQSXDqLQ7OefP/FOeKdLS2/IUMu3Pq1dlmqTp9aEggRYILnTUgj9SSHrS7imWtKAGArHV6u7vhNHxgrENVhVQgB0ggRYINOyD53RuX3I6nHYmf3Y/b9uxwDbKWhPY71eaLwybV3PggRYIM7NDJftAzUOQFxhZVuT+6WGCmceTfXO4pQIWK5OPjooggRYIEhMS3ysjhI0SNgMIJkVAR0cR891bYDLtIfQtNcK9CMYggRYICUS6fGKMMqb7IOx8wqvzHETii85eMZFyWmpYxZIXGtTgwGCBFggzFeBCfxdveWRz3nLP6YybNzN2fqI6idZLKiIgkNmr+ODAkR0aW1lggNJ2LDozNnNxJ0XaXNpZ25hdHVyZVgwrstVF8X4TBFIPdix1oTpr0RFpJjlNYsM8eWyajH0nncJ+NMab4KOCMldLsRGOXUUamRlbGVnYXRpb26iaXN1Ym5ldF9pZFgdLswpRHsO72wkHc/ffasHcJPM1qEma+D+nJsSdgJrY2VydGlmaWNhdGVZAlfZ2feiZHRyZWWDAYIEWCAAPThwn/++n5+ikA2cp3MbVReKCvSsdW25w1PJZOLTDIMBgwJGc3VibmV0gwGDAYMBggRYICZ/5VERtW48OXVTLqM3P3ty6fggcv6OYH7TRIZHils5gwGDAYMBgwJYHS7MKUR7Du9sJB3P332rB3CTzNahJmvg/pybEnYCgwGDAk9jYW5pc3Rlcl9yYW5nZXOCA1gb2dn3gYJKAAAAAADgAAABAUoAAAAAAO///wEBgwJKcHVibGljX2tleYIDWIUwgYIwHQYNKwYBBAGC3HwFAwECAQYMKwYBBAGC3HwFAwIBA2EAkVQc3HtlxIKChskRYC2UON5WSdaYtg/AauxzWJOV0LynF0ZSTtL/F7LI2p+8iX8PB6QLIEhxtv6W1F7xC1HR8dUw0GeaXbgt6WkpgF+hfHN5lOvMIxLSolvZR0fs+PNLggRYIDaXfS61eBow85KqSbaKmedS4/GA59bGXcEVW6wnIJYDggRYIHD/yLB07D8WxjxO9nv/+ghvgavXHJLKK/tYoPtfb5oYggRYICvq5wW+ETlcp6EFNpNLgA1KjxHgvzZtbh3YbvDf1kpNggRYIKfyUZUe7XJoEUYESTiCFHc8lBU8dYr+OqpU+bUXBCaGggRYIN8RJENd8cm64fE0TvP9pqYPj699BnIONfATSdimT8lkgwJEdGltZYIDSa/d84nYv+ScF2lzaWduYXR1cmVYMLOv7drYZH7Lp8/HeYFVjkI+R1PiHas9H6714lyACrtR7WKMKcgwUZeoghSQYoSnMg==:, tree=:2dn3gwJLaHR0cF9hc3NldHODAYMCSy9pbmRleC5odG1sggNYIHku+/sAvA0kwzOSKAsjJlKkFSYiJNsGjolm5aNYfzbTggRYIFQlvwU/FHicMAfVUtR6WP90ek9gcXHJ8uOlWXWyCjq9:
server
nginx/1.21.3
x-ic-canister-id
0000000000e00eb90101
x-ic-node-id
saw4q-px4st-tqivd-luwao-njxl5-hjiuy-7j365-mvphm-a5g5x-zkooy-kae
x-ic-subnet-id
gmq5v-hbozq-uui6y-o55wc-ihop3-562wb-3qspg-nnijg-npqp5-he3cj-3ae
mini-login-form-min.css
i.alicdn.com/g/vip/havana-login/0.3.3/css/ 		22 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i.alicdn.com/g/vip/havana-login/0.3.3/css/mini-login-form-min.css
Requested by
Host: r4jbz-uqaaa-aaaah-ab24q-cai.raw.ic0.app
URL: https://r4jbz-uqaaa-aaaah-ab24q-cai.raw.ic0.app/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.87.131.236 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-87-131-236.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
4812cac16ccdad8b6225e610aee0dd7d10609d92c019c6208c3ebaa522e55c56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://r4jbz-uqaaa-aaaah-ab24q-cai.raw.ic0.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-oss-server-time
38
strict-transport-security
max-age=31536000
content-encoding
br
x-oss-request-id
63C5FFAD9B865C3533CC91EC
content-md5
29b56o6EDeAM18ymcHGJRA==
x-swift-cachetime
3600
fw_ip
104.87.131.236, 104.87.131.236
date
Tue, 17 Jan 2023 10:39:11 GMT
server-timing
rt;dur=0.998,eagleid;desc=4f85b19916739204286564943e
x-swift-savetime
Tue, 17 Jan 2023 01:53:49 GMT
content-length
5222
x-bucket-code
3
x-oss-object-type
Normal
last-modified
Tue, 17 Jan 2023 01:54:43 GMT
server
Akamai Resource Optimizer
ali-swift-global-savetime
1673920429
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
FW_IP
cache-control
max-age=2560435, s-maxage=3600
served-from
2.18.78.26
x-oss-storage-class
Standard
timing-allow-origin
*, *
network_info
US_CHICAGO_35994, NL_AMSTERDAM_49544
x-new-origin
1
eagleid
4f85b19916739204286564943e, 4f85b19916739204286564943e
x-oss-hash-crc64ecma
14569753524109700749
expires
Thu, 16 Feb 2023 01:53:06 GMT
index.css
i.alicdn.com/g/icbu-group/enlogin/0.0.28/pages/homelogin/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i.alicdn.com/g/icbu-group/enlogin/0.0.28/pages/homelogin/index.css
Requested by
Host: r4jbz-uqaaa-aaaah-ab24q-cai.raw.ic0.app
URL: https://r4jbz-uqaaa-aaaah-ab24q-cai.raw.ic0.app/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.87.131.236 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-87-131-236.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
dcfb83ad182de712e36297727ddd675567678d9ccd18ab13f22ad085d1011622
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://r4jbz-uqaaa-aaaah-ab24q-cai.raw.ic0.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

expires
Tue, 17 Jan 2023 10:48:57 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
x-oss-request-id
63C25ADFC60405B3306A241E
content-md5
iIFiKq2woar6eju6Xp5QiA==
x-swift-cachetime
3600
fw_ip
127.0.0.1, 104.87.131.236
date
Tue, 17 Jan 2023 10:39:11 GMT
server-timing
rt;dur=0.558,eagleid;desc=2ff6189c16736816307233276e
x-swift-savetime
Sat, 14 Jan 2023 07:33:51 GMT
content-length
1221
x-bucket-code
4
x-oss-object-type
Normal
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1673681631
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
FW_IP
cache-control
max-age=586, s-maxage=3600
served-from
23.47.58.154
x-oss-storage-class
Standard
timing-allow-origin
*, *
network_info
RU_KHABAROVSK_20485, NL_AMSTERDAM_49544
x-oss-hash-crc64ecma
13872367896974639497
eagleid
2ff6189c16736816307233276e
x-new-origin
1
x-oss-server-time
86
clear.png
us.ynuf.alipay.com/service/ 		81 B
431 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us.ynuf.alipay.com/service/clear.png?xt=a86bc55b7fba0256a4259099a4611386dc83fa1e&xa=090D1F110F1878242A2602
Requested by
Host: r4jbz-uqaaa-aaaah-ab24q-cai.raw.ic0.app
URL: https://r4jbz-uqaaa-aaaah-ab24q-cai.raw.ic0.app/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.246.136.188 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
Tengine /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains, max-age=0
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://r4jbz-uqaaa-aaaah-ab24q-cai.raw.ic0.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

expires
0
pragma
no-cache
date
Tue, 17 Jan 2023 10:39:11 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains, max-age=0
x-content-type-options
nosniff
server
Tengine
content-type
image/png
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
content-length
81
eagleeye-traceid
2101d8f916739519516556273ee0fa
x-xss-protection
1; mode=block
x-application-context
umid-web:us-east-prod:7001
jquery-3.3.1.min.js
ajax.aspnetcdn.com/ajax/jQuery/ 		85 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js
Requested by
Host: r4jbz-uqaaa-aaaah-ab24q-cai.raw.ic0.app
URL: https://r4jbz-uqaaa-aaaah-ab24q-cai.raw.ic0.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48A3) /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://r4jbz-uqaaa-aaaah-ab24q-cai.raw.ic0.app/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Tue, 17 Jan 2023 10:39:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3403224
x-cache
HIT
content-length
38892
x-xss-protection
1; mode=block
last-modified
Mon, 22 Jan 2018 19:27:49 GMT
server
ECAcc (ama/48A3)
etag
"af301a17b793d31:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
TB1ROn8OpXXXXbZaXXXXXXXXXXX-32-31.png
img.alicdn.com/tps/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.alicdn.com/tps/TB1ROn8OpXXXXbZaXXXXXXXXXXX-32-31.png
Requested by
Host: r4jbz-uqaaa-aaaah-ab24q-cai.raw.ic0.app
URL: https://r4jbz-uqaaa-aaaah-ab24q-cai.raw.ic0.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.133.177.252 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
139359e8cd675429cb1766058fd9067a54af94517145b3dd6e73df778a3bfb07

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://r4jbz-uqaaa-aaaah-ab24q-cai.raw.ic0.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 22:58:28 GMT
via
cache22.l2ot7-1[0,0,200-0,H], cache7.l2ot7-1[1,0], cache9.de3[0,0,200-0,H], cache10.de3[2,0]
age
19222843
x-swift-cachetime
13550259
x-cache
HIT TCP_MEM_HIT dirn:13:917858344
x-swift-savetime
Tue, 03 Jan 2023 03:00:49 GMT
s-rt
2
content-length
1699
last-modified
Fri, 02 Jun 2017 09:52:02 GMT
server
Tengine
ali-swift-global-savetime
1654729108
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
eagleid
4f85b19e16739519518578977e
expires
Thu, 08 Jun 2023 22:58:28 GMT
TB1vPCyAXzqK1RjSZFoXXbfcXXa-600-400.png
img.alicdn.com/tfs/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.alicdn.com/tfs/TB1vPCyAXzqK1RjSZFoXXbfcXXa-600-400.png
Requested by
Host: r4jbz-uqaaa-aaaah-ab24q-cai.raw.ic0.app
URL: https://r4jbz-uqaaa-aaaah-ab24q-cai.raw.ic0.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.133.177.252 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
9b86b7cc7f71dc9716331f552cb5bc395db4af2073090875664ddd3ee0a11a1f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://r4jbz-uqaaa-aaaah-ab24q-cai.raw.ic0.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 16 Jan 2023 11:08:51 GMT
via
cache38.l2ot7-1[251,251,200-0,M], cache9.l2ot7-1[253,0], cache8.de3[0,0,200-0,H], cache10.de3[2,0]
age
84620
x-swift-cachetime
31536000
request-time
0.057
x-cache
HIT TCP_HIT dirn:13:399239797
x-swift-savetime
Mon, 16 Jan 2023 11:08:51 GMT
s-rt
2
content-length
8998
last-modified
Fri, 11 Nov 2022 00:36:15 GMT
server
Tengine
ali-swift-global-savetime
1673867331
content-type
image/png
traceid
4f85b19716738673307014106e
access-control-allow-origin
*
cache-control
max-age=31536000
picasso-ret-code
SUCCESS
timing-allow-origin
*
eagleid
4f85b19e16739519518588979e
expires
Tue, 16 Jan 2024 11:08:51 GMT
TB1kkInjuL2gK0jSZFmXXc7iXXa-2200-600.jpg
s.alicdn.com/@img/tfs/ 		68 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.alicdn.com/@img/tfs/TB1kkInjuL2gK0jSZFmXXc7iXXa-2200-600.jpg
Requested by
Host: r4jbz-uqaaa-aaaah-ab24q-cai.raw.ic0.app
URL: https://r4jbz-uqaaa-aaaah-ab24q-cai.raw.ic0.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.87.131.254 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-87-131-254.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
6bd8e96cdf777e4f9c511073f0a51c59534ca496be6b9521e1bb2157cd3d5d98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://r4jbz-uqaaa-aaaah-ab24q-cai.raw.ic0.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 17 Jan 2023 10:39:11 GMT
real-source-url
https://img.alicdn.com/tfs/TB1kkInjuL2gK0jSZFmXXc7iXXa-2200-600.jpg_q80.jpg_.webp
x-swift-cachetime
31536000
fw_ip
104.87.131.254
request-time
0.094
x-swift-savetime
Mon, 16 Jan 2023 11:08:50 GMT
server-timing
rt;dur=0.746,eagleid;desc=2103258616738673301258417e5ec0
s-rt
473
content-length
69514
last-modified
Mon, 27 Jun 2022 15:09:30 GMT
server
Tengine
ali-swift-global-savetime
1673867330
content-type
image/webp
traceid
2103258616738673301258417e5ec0
access-control-allow-origin
*
access-control-expose-headers
FW_IP
cache-control
max-age=31536000
object-status
ttl=31536000,age=84620
picasso-ret-code
SUCCESS
served-from
2.18.78.8
timing-allow-origin
*, *, *
network_info
NL_AMSTERDAM_49544
eagleid
2103258616738673301258417e5ec0, 2103258616738673301258417e5ec0
expires
Tue, 16 Jan 2024 11:08:50 GMT
truncated
/ 		477 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
09fb2b6652a497d906cd4797874b0e5023cea06aed87f252a8aefe048fdf6c11

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
085f0322d477e3051843b4d0bf2969b83431c911e91fe161943b3a983b6e49b3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		861 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1ac557d9a89de8dce7ac164eb222f40177b89886331f36cf2c952f1c12dea97c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		962 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
053b6a4f7e42c14a3dc4255d9269c4d27d3e467f101a8efbcde99242ff99b203

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
TB1VHK4KFXXXXbPXFXXwxCdHXXX-47-47.png
gw.alicdn.com/tps/i1/ 		922 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gw.alicdn.com/tps/i1/TB1VHK4KFXXXXbPXFXXwxCdHXXX-47-47.png
Requested by
Host: i.alicdn.com
URL: https://i.alicdn.com/g/vip/havana-login/0.3.3/css/mini-login-form-min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.56.193 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
54c119b4c344d9282f9e872da1bf144f306923eacf760179dace606870a77d8f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://i.alicdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 14 Jul 2022 05:46:57 GMT
via
cache38.l2ot7-1[0,0,200-0,H], cache19.l2ot7-1[1,0], ens-cache8.de4[0,0,200-0,H], ens-cache7.de4[2,0]
age
16174335
x-swift-cachetime
15837021
x-cache
HIT TCP_MEM_HIT dirn:8:377056767
x-swift-savetime
Wed, 11 Jan 2023 22:36:36 GMT
s-rt
2
content-length
922
last-modified
Mon, 02 Jan 2017 11:09:52 GMT
server
Tengine
ali-swift-global-savetime
1657777617
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
eagleid
2ff62b1f16739519526506852e
expires
Fri, 14 Jul 2023 05:46:57 GMT
vers0.5x.png
i.alicdn.com/sc-footer/20181226200630/src/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.alicdn.com/sc-footer/20181226200630/src/vers0.5x.png
Requested by
Host: i.alicdn.com
URL: https://i.alicdn.com/g/icbu-group/enlogin/0.0.28/pages/homelogin/index.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.87.131.236 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-87-131-236.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
975b35cd2d1623ac56b9d89154cb15dfa0ced081d18ae0999c13058f9c24788b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://i.alicdn.com/g/icbu-group/enlogin/0.0.28/pages/homelogin/index.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
date
Tue, 17 Jan 2023 10:39:11 GMT
x-content-type-options
nosniff
x-swift-cachetime
30759573
fw_ip
104.87.131.236
x-readtime
276
server-timing
rt;dur=0.278,eagleid;desc=2ff6149716616793307665671e
x-swift-savetime
Tue, 06 Sep 2022 09:15:58 GMT
content-length
17432
x-xss-protection
1; mode=block
server
Tengine
x-download-options
noopen
ali-swift-global-savetime
1661679331
content-type
image/png
access-control-allow-origin
*
x-server-id
b0381a5e42020db0072a77127f27bf156eb5838a70050010c77c3c5c6c0953203328d48de7b301be72f877a8d9336e5e
cache-control
max-age=22494365
served-from
23.199.73.100
access-control-expose-headers
FW_IP
timing-allow-origin
*, *, *
x-new-origin
1
network_info
NL_AMSTERDAM_49544
eagleid
2ff6149716616793307665671e, 2ff62e9516629723222801330e
expires
Wed, 04 Oct 2023 19:05:16 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Alibaba (Online)

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| _0x19ae function| _0x434e object| Zlib function| $ function| jQuery function| randomInteger function| randomString function| getdomainpartofemail function| get_email_hash function| validateEmail function| geturlparameter function| get_rand_url_pars

0 Cookies

2 Console Messages

Source Level URL
Text
javascript warning
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.