100.42.48.198
Open in
urlscan Pro
100.42.48.198
Malicious Activity!
Public Scan
Submission: On March 05 via api from CA
Summary
This is the only time 100.42.48.198 was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Alibaba (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
9 | 100.42.48.198 100.42.48.198 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1) | |
4 | 205.204.101.16 205.204.101.16 | 45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co.) | |
3 | 47.246.43.251 47.246.43.251 | 24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.) | |
1 | 92.122.213.240 92.122.213.240 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
21 | 5 |
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: kepler.com.mx
100.42.48.198 |
ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN)
stylessl.aliunicorn.com |
ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
img.alicdn.com | |
gsctst2.alicdn.com | |
gsctst1.alicdn.com |
ASN20940 (AKAMAI-ASN1, US)
PTR: a92-122-213-240.deploy.static.akamaitechnologies.com
style.aliunicorn.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
aliunicorn.com
stylessl.aliunicorn.com style.aliunicorn.com |
75 KB |
3 |
alicdn.com
img.alicdn.com gsctst2.alicdn.com gsctst1.alicdn.com |
64 KB |
0 |
alibaba.com
Failed
acookie.alibaba.com Failed stat.alibaba.com Failed dmtracking2.alibaba.com Failed |
|
0 |
fruitimaruti.com
Failed
www.fruitimaruti.com Failed |
|
21 | 4 |
Domain | Requested by | |
---|---|---|
4 | stylessl.aliunicorn.com |
100.42.48.198
|
1 | gsctst1.alicdn.com |
100.42.48.198
|
1 | gsctst2.alicdn.com |
100.42.48.198
|
1 | style.aliunicorn.com |
100.42.48.198
|
1 | img.alicdn.com |
100.42.48.198
|
0 | dmtracking2.alibaba.com Failed |
100.42.48.198
|
0 | stat.alibaba.com Failed |
100.42.48.198
|
0 | acookie.alibaba.com Failed |
100.42.48.198
|
0 | www.fruitimaruti.com Failed |
100.42.48.198
|
21 | 9 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.alibabacorp.com GlobalSign Organization Validation CA - SHA256 - G2 |
2019-06-18 - 2020-06-18 |
a year | crt.sh |
*.alicdn.com GlobalSign Organization Validation CA - SHA256 - G2 |
2019-09-03 - 2020-09-03 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
http://100.42.48.198/~fruiti/js/prototype/windows/themes/default/feedbackk/express.html
Frame ID: 0C6C967A16826F66B1B34FFFC51DE6AE
Requests: 21 HTTP requests in this frame
Frame:
http://gsctst2.alicdn.com/js/cdntest.html?test2=akamai
Frame ID: AD792B06273563664B3F0DE6B0221B67
Requests: 1 HTTP requests in this frame
Frame:
http://gsctst1.alicdn.com/js/cdntest.html?test2=alicdn
Frame ID: 709FA10CC3DB0BD0E07AF2B9615CFA08
Requests: 1 HTTP requests in this frame
38 Outgoing links
These are links going to different origins than the main page.
Title: Alibaba.com
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: Get help here
Search URL Search Domain Scan URL
Title: Español
Search URL Search Domain Scan URL
Title: Português
Search URL Search Domain Scan URL
Title: Deutsch
Search URL Search Domain Scan URL
Title: Français
Search URL Search Domain Scan URL
Title: Italiano
Search URL Search Domain Scan URL
Title: Pусский
Search URL Search Domain Scan URL
Title: 한국어
Search URL Search Domain Scan URL
Title: 日本語
Search URL Search Domain Scan URL
Title: اللغة العربية
Search URL Search Domain Scan URL
Title: ภาษาไทย
Search URL Search Domain Scan URL
Title: tiếng Việt
Search URL Search Domain Scan URL
Title: Türk
Search URL Search Domain Scan URL
Title: Nederlands
Search URL Search Domain Scan URL
Title: Alibaba Group
Search URL Search Domain Scan URL
Title: Taobao Marketplace
Search URL Search Domain Scan URL
Title: Tmall.com
Search URL Search Domain Scan URL
Title: Juhuasuan
Search URL Search Domain Scan URL
Title: AliExpress
Search URL Search Domain Scan URL
Title: 1688.com
Search URL Search Domain Scan URL
Title: Alimama
Search URL Search Domain Scan URL
Title: Alibaba Cloud Computing
Search URL Search Domain Scan URL
Title: YunOS
Search URL Search Domain Scan URL
Title: AliTelecom
Search URL Search Domain Scan URL
Title: HiChina
Search URL Search Domain Scan URL
Title: Taobao Trip
Search URL Search Domain Scan URL
Title: Xiami
Search URL Search Domain Scan URL
Title: Laiwang
Search URL Search Domain Scan URL
Title: DingTalk
Search URL Search Domain Scan URL
Title: 11 Main
Search URL Search Domain Scan URL
Title: Alipay
Search URL Search Domain Scan URL
Title: Product Listing Policy
Search URL Search Domain Scan URL
Title: Intellectual Property Policy and Infringement Claims
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Terms of Use
Search URL Search Domain Scan URL
Title: ©
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 5- http://100.42.48.198/~fruiti/js/prototype/windows/themes/default/feedbackk/freshfood/blank.html HTTP 302
- http://www.fruitimaruti.com/
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
express.html
100.42.48.198/~fruiti/js/prototype/windows/themes/default/feedbackk/ |
13 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
saved_resource
100.42.48.198/~fruiti/js/prototype/windows/themes/default/feedbackk/login_files/ |
78 KB 78 KB |
Stylesheet
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
home-buyer%7CMODERN_BROWSER%7Cv_0_b030576d0.css
stylessl.aliunicorn.com/6v/apollo/core/core-sc%7C6v/apollo/mod/button/button-sc%7C6v/apollo/mod/form/form-sc%7C6v/apollo/mod/footer/footer-sc%7C6v/run/login/home/ |
63 KB 34 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
saved_resource(1)
100.42.48.198/~fruiti/js/prototype/windows/themes/default/feedbackk/login_files/ |
361 KB 362 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
beacon_en.js
100.42.48.198/~fruiti/js/prototype/windows/themes/default/feedbackk/login_files/ |
35 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
check.js
100.42.48.198/~fruiti/js/prototype/windows/themes/default/feedbackk/ |
569 B 825 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
www.fruitimaruti.com/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TB1zQDlMVXXXXbFaXXXXXXXXXXX-585-350.jpg
img.alicdn.com/tps/ |
63 KB 64 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ask.gif
100.42.48.198/~fruiti/js/prototype/windows/themes/default/feedbackk/login_files/ |
1 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clear.png
100.42.48.198/~fruiti/js/prototype/windows/themes/default/feedbackk/login_files/ |
81 B 323 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.js
style.aliunicorn.com/js/6v/lib/gallery/jquery/ |
92 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
1.gif
acookie.alibaba.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
common.html
stat.alibaba.com/event/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
b.jpg
dmtracking2.alibaba.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
header.png
stylessl.aliunicorn.com/simg/sprites/app/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
13 KB 13 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
facebook.gif
stylessl.aliunicorn.com/simg/sprites/env/home/signin/ |
1 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loading-middle.gif
100.42.48.198/images/eng/wholesale/icon/ |
2 KB 2 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
new-footer-v4-2@1x.png
100.42.48.198/simg/sprites/app/ |
2 KB 2 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
13 KB 13 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.js
stylessl.aliunicorn.com/js/6v/biz/login/home/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cdntest.html
gsctst2.alicdn.com/js/ Frame AD79 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cdntest.html
gsctst1.alicdn.com/js/ Frame 709F |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.fruitimaruti.com
- URL
- http://www.fruitimaruti.com/
- Domain
- acookie.alibaba.com
- URL
- http://acookie.alibaba.com/1.gif?cache=8505&pre=&ver=40&time=1583449520431
- Domain
- stat.alibaba.com
- URL
- http://stat.alibaba.com/event/common.html?id=17776&st_page_id=70d740afac14983c54c24adf170acf2392f23a8312&ver=40&time=1583449520432
- Domain
- dmtracking2.alibaba.com
- URL
- http://dmtracking2.alibaba.com/b.jpg?cD17MX0mdT17LzEwMC40Mi40OC4xOTgvfmZydWl0aS9qcy9wcm90b3R5cGUvd2luZG93cy90aGVtZXMvZGVmYXVsdC9mZWVkYmFja2svZXhwcmVzcy5odG1sfSZtPXtHRVR9JnM9ezIwMH0mcj17LX0mYT17LX0mYj17LX0mYz17YWVwX3VzdWNfZj0tfQ==&pageid=70d740afac14983c54c24adf170acf2392f23a8312&sys=chrome74.0|x11|1600*1200|en-US&ver=40&time=1583449520435
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Alibaba (Online)22 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate string| globalImgServer undefined| __define object| seajs function| define object| __private_jsmonitor__ object| AE object| dmtrack function| sk_dmtracking_core function| sk_dmtracking number| beaconStartTime object| nameStorage number| g_aplus_loaded object| goldlog object| g_SPM string| dmtrack_c string| dmtrack_pageid function| validate undefined| $ undefined| jQuery object| jQuery1830305044435337822330 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
acookie.alibaba.com
dmtracking2.alibaba.com
gsctst1.alicdn.com
gsctst2.alicdn.com
img.alicdn.com
stat.alibaba.com
style.aliunicorn.com
stylessl.aliunicorn.com
www.fruitimaruti.com
acookie.alibaba.com
dmtracking2.alibaba.com
stat.alibaba.com
www.fruitimaruti.com
100.42.48.198
205.204.101.16
47.246.43.251
92.122.213.240
033caf44d19462a997937c5583c2cc90090d7c24ab11d84fe4fb26fef7a03a65
1abecd9ecbb246fc3e6985fe25e5e3009fd14e5712ba7d7b5f959d8413ac5bd8
24415e59b05a115971ff81f4265ffc5553af2cdc8df09cee32bdb6a8ca817a5e
2d303e5e7d94da2b21df48b7b62b6d10b2e5b434da6848c15f35c6e517b9d7bd
5c61b67712e05efb479d4c660719b2b6762e71f1d0c30f7e8e0654e548c0a603
70b1f47975c93e09401685d032d0940a82b9bb47c4acfe700eaa3985f0b0dac0
70d65607a9e0ff686176051557155bbe8277e9d24f3a67be4f87bedbc55988ef
7947dd3c9e3fb84216c893df5ad3ee3708a505007a9c306b79fe36f2f35d1fb1
8151d75b649f9278239e7cf17500b102e083b17c7f7cb10b8243c7a4b5e86236
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
9639f7a7922240da47bd38daf34cb457bbda49a35b16fa3106dea51b7abb9de9
9a66cbae37db0c147a4cae063cb7f3b20c8a753fce875b0cc3cfda2e786a0006
acc2fc70730f07d7e2de8d0af7ecbfc269f700a59fcbaca384cd3ee0f7283c65
e194e6ec21a69b2f197bc824eec84f21dda7f857e1d2d7ffc1098c4f542bb15f
f028d7430ea3a9bb9f289213730fd4686c6aa4a7fe61bb38c4b11ca7450a483c
f789f6aa5304d63550e35f144eb65f131104ecb1e38cfacd51f7f63792579503
f9ee76107677a7dec3f02cfe8c473fc379e519219dd84b8f7aaa0f1ef1799791