danta.si
Open in
urlscan Pro
185.53.12.10
Malicious Activity!
Public Scan
Submission: On December 17 via automatic, source openphish — Scanned from DE
Summary
TLS certificate: Issued by R3 on November 7th 2022. Valid for: 3 months.
This is the only time danta.si was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Alibaba (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
7 | 185.53.12.10 185.53.12.10 | 41828 (TELEMACH-...) (TELEMACH-HOSTING) | |
8 | 163.181.56.192 163.181.56.192 | 24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.) | |
1 | 2a00:1450:400... 2a00:1450:4001:82a::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700::68... 2606:4700::6812:bcf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 104.93.26.59 104.93.26.59 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
2 | 47.246.136.160 47.246.136.160 | 45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.) | |
2 | 2408:4001:f10... 2408:4001:f10::cf | 37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.) | |
23 | 8 |
ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
img.alicdn.com | |
g.alicdn.com |
ASN16625 (AKAMAI-AS, US)
PTR: a104-93-26-59.deploy.static.akamaitechnologies.com
s.alicdn.com |
ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
gj.mmstat.com |
ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
fourier.taobao.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
alicdn.com
img.alicdn.com — Cisco Umbrella Rank: 9371 g.alicdn.com — Cisco Umbrella Rank: 7463 s.alicdn.com — Cisco Umbrella Rank: 16296 |
123 KB |
7 |
danta.si
danta.si |
30 KB |
2 |
taobao.com
fourier.taobao.com — Cisco Umbrella Rank: 13302 |
2 KB |
2 |
mmstat.com
gj.mmstat.com — Cisco Umbrella Rank: 25117 |
627 B |
1 |
bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2384 |
15 KB |
1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 304 |
30 KB |
23 | 6 |
Domain | Requested by | |
---|---|---|
7 | g.alicdn.com |
danta.si
g.alicdn.com |
7 | danta.si |
danta.si
|
2 | fourier.taobao.com |
g.alicdn.com
|
2 | gj.mmstat.com |
danta.si
|
2 | s.alicdn.com |
danta.si
|
1 | stackpath.bootstrapcdn.com |
danta.si
|
1 | ajax.googleapis.com |
danta.si
|
1 | img.alicdn.com |
danta.si
|
23 | 8 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.alibaba.com |
sale.alibaba.com |
accounts.alibaba.com |
passport.alibaba.com |
gcx.alibaba.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
danta.si R3 |
2022-11-07 - 2023-02-05 |
3 months | crt.sh |
*.tbcdn.cn GlobalSign Organization Validation CA - SHA256 - G2 |
2022-07-22 - 2023-08-06 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-11-28 - 2023-02-20 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-01-29 - 2023-01-29 |
a year | crt.sh |
air.alibaba.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-08-09 - 2023-07-19 |
a year | crt.sh |
*.mmstat.com GlobalSign Organization Validation CA - SHA256 - G2 |
2022-07-18 - 2023-08-19 |
a year | crt.sh |
*.taobao.com GlobalSign Organization Validation CA - SHA256 - G2 |
2022-08-17 - 2023-06-18 |
10 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://danta.si/00021/Login.html
Frame ID: 43B6AC2CCFF86E6654D0BF9BAFFFACC9
Requests: 26 HTTP requests in this frame
Screenshot
Page Title
Alibaba Manufacturer Directory - Suppliers, Manufacturers, Exporters & ImportersDetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
Title: Alibaba.com
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Forgot Password?
Search URL Search Domain Scan URL
Title: Join Free
Search URL Search Domain Scan URL
Title: Get help here
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
Login.html
danta.si/00021/ |
78 KB 30 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bl.js.download
danta.si/00021/index_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aplus_v2.js.download
danta.si/00021/index_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nc.js.download
danta.si/00021/index_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TB1ROn8OpXXXXbZaXXXXXXXXXXX-32-31.png
img.alicdn.com/tps/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mini-login-form-min.css
danta.si/00021/index_files/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.css
danta.si/00021/index_files/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ |
84 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/ |
50 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bl.js.download
danta.si/00021/index_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aplus_v2.js
g.alicdn.com/alilog/mlog/ |
17 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TB1pDDmmF67gK0jSZPfXXahhFXa-2814-380.png
s.alicdn.com/@img/tfs/ |
16 KB 17 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
O1CN01iSZJBM1LUMRI4iHq1_!!6000000001302-0-tps-2200-600.jpg
s.alicdn.com/@img/imgextra/i1/ |
31 KB 32 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
477 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
861 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
g.alicdn.com/alilog/ |
116 KB 43 KB |
Fetch
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
eg.js
gj.mmstat.com/ |
91 B 336 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.js
g.alicdn.com/sd/baxia-entry/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7.gif
gj.mmstat.com/ |
43 B 291 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
baxiaCommon.js
g.alicdn.com/sd/baxia/2.2.3/ |
25 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.js
g.alicdn.com/secdev/entry/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.js
g.alicdn.com/secdev/sufei_data/3.9.11/ |
17 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rp.js
g.alicdn.com/xlly/spl/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rp
fourier.taobao.com/ |
1023 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ts
fourier.taobao.com/ |
0 140 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Alibaba (Online)18 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange number| __startDomRender object| compatLog function| $ function| jQuery object| bootstrap number| g_aplus_grey_launched object| goldlog object| ali_analytics object| goldlog_queue number| g_tb_aplus_loaded number| aplus_spmact object| g_SPM boolean| __sec_entry_loaded number| nsrprtrt number| etrprtrt function| baxiaCommon object| __baxia__7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.mmstat.com/ | Name: cna Value: PgMkHFY98UQCAZJGdViLluOR |
|
.danta.si/ | Name: cna Value: PgMkHFY98UQCAZJGdViLluOR |
|
.danta.si/ | Name: isg Value: BEVFsFBGilmmWK6FomTS3PRzVIF_AvmU_BaJMUeqAXyL3mVQD1IJZNOs7hoohRFM |
|
.mmstat.com/ | Name: sca Value: 19498f62 |
|
.mmstat.com/ | Name: atpsida Value: 1eaaa8251e877c468c54b789_1671238974_1 |
|
.taobao.com/ | Name: x5secdata Value: xb3cbde38f84248dbd2b258ffb0dcddb271671238975a-717315356a1993109894abazc2caa__bx__fourier.taobao.com%3A443%2Frp |
|
.danta.si/ | Name: xlly_s Value: 1 |
6 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
danta.si
fourier.taobao.com
g.alicdn.com
gj.mmstat.com
img.alicdn.com
s.alicdn.com
stackpath.bootstrapcdn.com
104.93.26.59
163.181.56.192
185.53.12.10
2408:4001:f10::cf
2606:4700::6812:bcf
2a00:1450:4001:82a::200a
47.246.136.160
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
085f0322d477e3051843b4d0bf2969b83431c911e91fe161943b3a983b6e49b3
09fb2b6652a497d906cd4797874b0e5023cea06aed87f252a8aefe048fdf6c11
139092686b10caf08c8cd5dd903d9827911e4b77b6bde62706705a2731fcb67d
139359e8cd675429cb1766058fd9067a54af94517145b3dd6e73df778a3bfb07
1ac557d9a89de8dce7ac164eb222f40177b89886331f36cf2c952f1c12dea97c
20469a99be0e8bb562e83cdf95a0ae327b3a4be5726a39cca517649c9b65a210
3540397bc15061c0cf948c29a730c8d99990318bb0a78c4b3e16e3fe4553b1d1
486ba168351c19d6297fdb944a8c532ddb1c2be56b9f6b4404e60ddd044dc758
49bfbd157d6c447cc0c4c43d099d46af913ff096de3cd240cd7137d30933c0a1
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
685a08adb464a67252eddeb46510e4aa9c3da3f240624479f72af1bfb2baa339
7ce6b93c26b5611e079a88c10103fef4f867c13d1e880e761dde4258845c24ac
9f02257d3723e084bc6edb0c83c8872063d49f25272de8f6e5b7083cb9732ab7
a23ac114b772a4bae1498d203e5dd2beac4292777bc5689091a30d6083c151d3
c296f01a7d03fcf6bc56ed2bffb27d4b8a421bff87f62ba5831f1b6c8354a83a
ceee3033a5ccf02fc21156c9fd1615582472daad8b1a55ccf3335c1efa4683a7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e639fea6b09edde576c7e201e64996e7429017d54351e8cc7e163ca0773551a5