danta.si Open in urlscan Pro
185.53.12.10  Malicious Activity! Public Scan

5 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request Login.html Show response danta.si/00021/	78 KB 30 KB	232ms 30ms	Document text/html	185.53.12.10 TELEMACH-HOSTING
General Check archive.org Show headers Download Go to Full URL https://danta.si/00021/Login.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.53.12.10 , Slovenia, ASN41828 (TELEMACH-HOSTING, SI), Reverse DNS s5.dnserv.com Software LiteSpeed / Resource Hash 9f02257d3723e084bc6edb0c83c8872063d49f25272de8f6e5b7083cb9732ab7 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-encoding br content-length 30774 content-type text/html date Sat, 17 Dec 2022 01:02:53 GMT last-modified Sun, 03 Jul 2022 06:20:04 GMT server LiteSpeed vary Accept-Encoding
GET H2	404	bl.js.download danta.si/00021/index_files/	0 0	31ms 30ms	Script text/html	185.53.12.10 TELEMACH-HOSTING
General Check archive.org Show headers Download Go to Full URL https://danta.si/00021/index_files/bl.js.download Requested by Host: danta.si URL: https://danta.si/00021/Login.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.53.12.10 , Slovenia, ASN41828 (TELEMACH-HOSTING, SI), Reverse DNS s5.dnserv.com Software LiteSpeed / Resource Hash Request headers Referer https://danta.si/00021/Login.html Origin https://danta.si accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Sat, 17 Dec 2022 01:02:53 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 server LiteSpeed content-length 708 content-type text/html
GET H2	404	aplus_v2.js.download danta.si/00021/index_files/	0 0	31ms 30ms	Script text/html	185.53.12.10 TELEMACH-HOSTING
General Check archive.org Show headers Download Go to Full URL https://danta.si/00021/index_files/aplus_v2.js.download Requested by Host: danta.si URL: https://danta.si/00021/Login.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.53.12.10 , Slovenia, ASN41828 (TELEMACH-HOSTING, SI), Reverse DNS s5.dnserv.com Software LiteSpeed / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://danta.si/00021/Login.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Sat, 17 Dec 2022 01:02:53 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 server LiteSpeed content-length 708 content-type text/html
GET H2	404	nc.js.download danta.si/00021/index_files/	0 0	31ms 30ms	Script text/html	185.53.12.10 TELEMACH-HOSTING
General Check archive.org Show headers Download Go to Full URL https://danta.si/00021/index_files/nc.js.download Requested by Host: danta.si URL: https://danta.si/00021/Login.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.53.12.10 , Slovenia, ASN41828 (TELEMACH-HOSTING, SI), Reverse DNS s5.dnserv.com Software LiteSpeed / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://danta.si/00021/Login.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Sat, 17 Dec 2022 01:02:53 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 server LiteSpeed content-length 708 content-type text/html
GET H2	200	TB1ROn8OpXXXXbZaXXXXXXXXXXX-32-31.png img.alicdn.com/tps/	2 KB 2 KB	845ms 7ms	Image image/png	163.181.56.192 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Show image Full URL https://img.alicdn.com/tps/TB1ROn8OpXXXXbZaXXXXXXXXXXX-32-31.png Requested by Host: danta.si URL: https://danta.si/00021/Login.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 163.181.56.192 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash 139359e8cd675429cb1766058fd9067a54af94517145b3dd6e73df778a3bfb07 Request headers accept-language de-DE,de;q=0.9 Referer https://danta.si/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Wed, 08 Jun 2022 22:58:28 GMT via cache22.l2ot7-1[0,0,200-0,H], cache15.l2ot7-1[0,0], ens-cache1.de4[0,0,200-0,H], ens-cache9.de4[1,0] age 16509865 x-swift-cachetime 17094472 x-cache HIT TCP_MEM_HIT dirn:9:78410883 x-swift-savetime Wed, 23 Nov 2022 02:30:36 GMT s-rt 1 content-length 1699 last-modified Fri, 02 Jun 2017 09:52:02 GMT server Tengine ali-swift-global-savetime 1654729108 content-type image/png access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * eagleid 2ff62b2116712389739476340e expires Thu, 08 Jun 2023 22:58:28 GMT
GET H2	404	mini-login-form-min.css danta.si/00021/index_files/	0 0	32ms 31ms	Stylesheet text/html	185.53.12.10 TELEMACH-HOSTING
General Check archive.org Show headers Download Go to Full URL https://danta.si/00021/index_files/mini-login-form-min.css Requested by Host: danta.si URL: https://danta.si/00021/Login.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.53.12.10 , Slovenia, ASN41828 (TELEMACH-HOSTING, SI), Reverse DNS s5.dnserv.com Software LiteSpeed / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://danta.si/00021/Login.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Sat, 17 Dec 2022 01:02:53 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 server LiteSpeed content-length 708 content-type text/html
GET H2	404	index.css danta.si/00021/index_files/	0 0	32ms 31ms	Stylesheet text/html	185.53.12.10 TELEMACH-HOSTING
General Check archive.org Show headers Download Go to Full URL https://danta.si/00021/index_files/index.css Requested by Host: danta.si URL: https://danta.si/00021/Login.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.53.12.10 , Slovenia, ASN41828 (TELEMACH-HOSTING, SI), Reverse DNS s5.dnserv.com Software LiteSpeed / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://danta.si/00021/Login.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Sat, 17 Dec 2022 01:02:53 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 server LiteSpeed content-length 708 content-type text/html
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/2.2.4/	84 KB 30 KB	28ms 7ms	Script text/javascript	2a00:1450:4001:82a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js Requested by Host: danta.si URL: https://danta.si/00021/Login.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://danta.si/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 16 Dec 2022 14:14:19 GMT content-encoding gzip x-content-type-options nosniff age 38914 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 30028 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sat, 16 Dec 2023 14:14:19 GMT
GET H2	200	bootstrap.min.js Show response stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/	50 KB 15 KB	45ms 28ms	Script application/javascript	2606:4700::6812:bcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js Requested by Host: danta.si URL: https://danta.si/00021/Login.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://danta.si/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 17 Dec 2022 01:02:53 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br cdn-edgestorageid 723 age 15454795 cdn-cachedat 11/15/2021 23:30:00 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Mon, 25 Jan 2021 22:04:06 GMT cdn-proxyver 1.0 cdn-requestpullcode 200 server cloudflare vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid a35b0179a28ed953258d0fb41376a09c timing-allow-origin * cdn-requestcountrycode DE cdn-status 200 cf-ray 77abbc5e3e1092a7-FRA cdn-requestpullsuccess True
GET H2	404	bl.js.download danta.si/00021/index_files/	0 0	32ms 30ms	Script text/html	185.53.12.10 TELEMACH-HOSTING
General Check archive.org Show headers Download Go to Full URL https://danta.si/00021/index_files/bl.js.download Requested by Host: danta.si URL: https://danta.si/00021/Login.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.53.12.10 , Slovenia, ASN41828 (TELEMACH-HOSTING, SI), Reverse DNS s5.dnserv.com Software LiteSpeed / Resource Hash Request headers Referer https://danta.si/00021/Login.html Origin https://danta.si accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Sat, 17 Dec 2022 01:02:53 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 server LiteSpeed content-length 708 content-type text/html
GET H2	200	aplus_v2.js Show response g.alicdn.com/alilog/mlog/	17 KB 7 KB	434ms 7ms	Script application/javascript	163.181.56.192 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Full URL https://g.alicdn.com/alilog/mlog/aplus_v2.js Requested by Host: danta.si URL: https://danta.si/00021/Login.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 163.181.56.192 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash 49bfbd157d6c447cc0c4c43d099d46af913ff096de3cd240cd7137d30933c0a1 Request headers accept-language de-DE,de;q=0.9 Referer https://danta.si/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 17 Dec 2022 00:34:48 GMT content-encoding gzip via cache2.l2de2[0,0,200-0,H], cache17.l2de2[0,0], cache17.l2de2[1,0], ens-cache3.de4[0,0,200-0,H], ens-cache9.de4[1,0] x-oss-request-id 639D0EA8601F623938F7EE1B content-md5 2TVfVRvUgkl3db+DlIohCg== age 1685 x-swift-cachetime 1800 x-cache HIT TCP_MEM_HIT dirn:10:283151311 x-swift-savetime Sat, 17 Dec 2022 00:34:48 GMT content-length 6470 x-bucket-code 3 x-oss-object-type Normal server Tengine vary Accept-Encoding ali-swift-global-savetime 1671237288 content-type application/javascript access-control-allow-origin * cache-control max-age=3600,s-maxage=1800 x-oss-storage-class Standard timing-allow-origin * x-oss-hash-crc64ecma 8760156235808160511 eagleid 2ff62b2116712389736006104e x-oss-server-time 2
GET H2	200	TB1pDDmmF67gK0jSZPfXXahhFXa-2814-380.png s.alicdn.com/@img/tfs/	16 KB 17 KB	331ms 9ms	Image image/png	104.93.26.59 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://s.alicdn.com/@img/tfs/TB1pDDmmF67gK0jSZPfXXahhFXa-2814-380.png Requested by Host: danta.si URL: https://danta.si/00021/Login.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.93.26.59 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-93-26-59.deploy.static.akamaitechnologies.com Software Tengine / Resource Hash e639fea6b09edde576c7e201e64996e7429017d54351e8cc7e163ca0773551a5 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://danta.si/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 17 Dec 2022 01:02:53 GMT real-source-url https://img.alicdn.com/tfs/TB1pDDmmF67gK0jSZPfXXahhFXa-2814-380.png_q80.jpg_.webp x-swift-cachetime 31398498 fw_ip 104.93.26.59 request-time 0.187 x-swift-savetime Fri, 26 Aug 2022 08:13:05 GMT server-timing rt;dur=0.105,eagleid;desc=21031bf116649201904981835ea0b7 s-rt 2 content-length 16527 last-modified Sun, 26 Jun 2022 18:04:39 GMT server Tengine ali-swift-global-savetime 1661364083 content-type image/png traceid 2101c89216613640831454156e8786 access-control-allow-origin * access-control-expose-headers FW_IP cache-control max-age=31536000 object-status ttl=31536000,age=2523056 picasso-ret-code SUCCESS served-from 2.16.106.14 timing-allow-origin *, *, * network_info DE_FRANKFURT_9009 eagleid 21031bf116649201904981835ea0b7, 21031bf116649201904981835ea0b7 expires Thu, 24 Aug 2023 18:01:23 GMT
GET H2	200	O1CN01iSZJBM1LUMRI4iHq1_!!6000000001302-0-tps-2200-600.jpg s.alicdn.com/@img/imgextra/i1/	31 KB 32 KB	356ms 35ms	Image image/webp	104.93.26.59 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://s.alicdn.com/@img/imgextra/i1/O1CN01iSZJBM1LUMRI4iHq1_!!6000000001302-0-tps-2200-600.jpg Requested by Host: danta.si URL: https://danta.si/00021/Login.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.93.26.59 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-93-26-59.deploy.static.akamaitechnologies.com Software Tengine / Resource Hash 685a08adb464a67252eddeb46510e4aa9c3da3f240624479f72af1bfb2baa339 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://danta.si/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 17 Dec 2022 01:02:53 GMT real-source-url https://img.alicdn.com/imgextra/i1/O1CN01iSZJBM1LUMRI4iHq1_!!6000000001302-0-tps-2200-600.jpg_q80.jpg_.webp x-swift-cachetime 23278026 fw_ip 104.93.26.59 request-time 0.140 x-swift-savetime Sat, 10 Dec 2022 19:41:16 GMT server-timing rt;dur=0.337,eagleid;desc=2103255216707012759588623e4344 s-rt 16 content-length 31980 last-modified Wed, 22 Jun 2022 02:07:00 GMT server Tengine ali-swift-global-savetime 1662443302 content-type image/webp traceid 2101d46f16624433023976221e0374 access-control-allow-origin * access-control-expose-headers FW_IP cache-control max-age=31536000 object-status ttl=31536000,age=537692 picasso-ret-code SUCCESS served-from 23.62.98.63 timing-allow-origin *, *, * network_info DE_FRANKFURT_9009 eagleid 2103255216707012759588623e4344, 2103255216707012759588623e4344 expires Wed, 06 Sep 2023 05:48:22 GMT
GET DATA	200 OK	truncated /	477 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 09fb2b6652a497d906cd4797874b0e5023cea06aed87f252a8aefe048fdf6c11 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 085f0322d477e3051843b4d0bf2969b83431c911e91fe161943b3a983b6e49b3 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	861 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1ac557d9a89de8dce7ac164eb222f40177b89886331f36cf2c952f1c12dea97c Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	/ Show response g.alicdn.com/alilog/	116 KB 43 KB	21ms 7ms	Fetch application/javascript	163.181.56.192 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Full URL https://g.alicdn.com/alilog/??s/8.15.21/plugin/aplus_client.js,aplus_cplugin/0.7.12/toolkit.js,aplus_cplugin/0.7.12/monitor.js,s/8.15.21/aplus_std.js,s/8.15.21/plugin/aplus_spmact.js?v=20221206171442 Requested by Host: g.alicdn.com URL: https://g.alicdn.com/alilog/mlog/aplus_v2.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 163.181.56.192 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash c296f01a7d03fcf6bc56ed2bffb27d4b8a421bff87f62ba5831f1b6c8354a83a Request headers accept-language de-DE,de;q=0.9 Referer https://danta.si/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 16 Dec 2022 10:41:26 GMT content-encoding gzip via cache14.l2de2[0,0,200-0,H], cache1.l2de2[0,0], cache1.l2de2[1,0], ens-cache2.de4[0,0,200-0,H], ens-cache4.de4[1,0] x-oss-request-id 639C4B56DD3C3B3539E45BBD content-md5 7UCU22izLmNjuwSn2FwdUA== age 51687 x-swift-cachetime 86400 x-cache HIT TCP_MEM_HIT dirn:9:292102367 x-swift-savetime Fri, 16 Dec 2022 10:41:26 GMT content-length 43777 x-bucket-code 3 x-oss-object-type Normal server Tengine vary Accept-Encoding ali-swift-global-savetime 1671187286 content-type application/javascript access-control-allow-origin * cache-control max-age=2592000,s-maxage=86400 x-oss-storage-class Standard timing-allow-origin * x-oss-hash-crc64ecma 2785021216015343907 eagleid 2ff62b1c16712389736246350e x-oss-server-time 0
GET H2	200	eg.js Show response gj.mmstat.com/	91 B 336 B	838ms 96ms	Script application/javascript	47.246.136.160 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL https://gj.mmstat.com/eg.js?t=1671238973688 Requested by Host: danta.si URL: https://danta.si/00021/Login.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 47.246.136.160 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software nginx / Resource Hash 3540397bc15061c0cf948c29a730c8d99990318bb0a78c4b3e16e3fe4553b1d1 Request headers accept-language de-DE,de;q=0.9 Referer https://danta.si/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Sat, 17 Dec 2022 01:02:54 GMT stag 2 server nginx etag "PgMkHFY98UQCAZJGdViLluOR" content-type application/javascript cache-control no-cache content-length 91 expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	200	index.js Show response g.alicdn.com/sd/baxia-entry/	2 KB 1 KB	8ms 7ms	Script application/javascript	163.181.56.192 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Full URL https://g.alicdn.com/sd/baxia-entry/index.js?t=232116 Requested by Host: danta.si URL: https://danta.si/00021/Login.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 163.181.56.192 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash 20469a99be0e8bb562e83cdf95a0ae327b3a4be5726a39cca517649c9b65a210 Request headers accept-language de-DE,de;q=0.9 Referer https://danta.si/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 17 Dec 2022 00:49:01 GMT content-encoding gzip via cache4.l2de2[7,4,200-0,C], cache26.l2de2[6,0], cache26.l2de2[7,0], ens-cache9.de4[0,0,200-0,H], ens-cache9.de4[1,0] x-oss-request-id 639D11FD01FB5531300A75C0 content-md5 /Y1M6+pMXvT/65KQlKKuIA== age 833 x-swift-cachetime 900 x-cache HIT TCP_MEM_HIT dirn:10:90132535 x-swift-savetime Sat, 17 Dec 2022 00:49:01 GMT content-length 1121 x-bucket-code 3 x-oss-object-type Normal server Tengine vary Accept-Encoding ali-swift-global-savetime 1671238141 content-type application/javascript access-control-allow-origin * cache-control max-age=900,s-maxage=900 x-oss-storage-class Standard timing-allow-origin * x-oss-hash-crc64ecma 2144159383647731838 eagleid 2ff62b2116712389745346785e x-oss-server-time 1
GET H2	200	7.gif gj.mmstat.com/	43 B 291 B	97ms 96ms	Image image/gif	47.246.136.160 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Show image Full URL https://gj.mmstat.com/7.gif?logtype=1&title=Alibaba%C2%A0Manufacturer%C2%A0Directory%C2%A0-%C2%A0Suppliers%2C%C2%A0Manufacturers%2C%C2%A0Exporters%C2%A0%26%C2%A0Importers&pre=&scr=1600x1200&_p_url=https%3A%2F%2Fdanta.si%2F00021%2FLogin.html&cna=PgMkHFY98UQCAZJGdViLluOR&spm-cnt=a2700.icbu-homelogin.0.0.25841afaCEXXaI&category=&uidaplus=&aplus&yunid=&3433e963e37ed&trid=21033a2516424135493697589e20ef&asid=AQAAAADtPeVhddQBfQAAAAB249Dlx5pBJA==&p=1&o=win10&b=chrome108&s=1600x1200&w=webkit&ism=pc&cache=75dc6fb&lver=8.15.21&jsver=aplus_std&pver=0.7.12&tag=0&stag=2&lstag=0&_slog=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 47.246.136.160 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software nginx / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language de-DE,de;q=0.9 Referer https://danta.si/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Sat, 17 Dec 2022 01:02:54 GMT server nginx p3p CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV" content-type image/gif cache-control no-cache cross-origin-resource-policy cross-origin content-length 43 expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	200	baxiaCommon.js Show response g.alicdn.com/sd/baxia/2.2.3/	25 KB 9 KB	8ms 8ms	Script application/javascript	163.181.56.192 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Full URL https://g.alicdn.com/sd/baxia/2.2.3/baxiaCommon.js Requested by Host: g.alicdn.com URL: https://g.alicdn.com/sd/baxia-entry/index.js?t=232116 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 163.181.56.192 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash 7ce6b93c26b5611e079a88c10103fef4f867c13d1e880e761dde4258845c24ac Request headers Referer https://danta.si/ Origin https://danta.si accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 16 Dec 2022 04:36:33 GMT content-encoding gzip via cache5.l2de2[0,0,200-0,H], cache10.l2de2[3,0], cache10.l2de2[4,0], ens-cache2.de4[0,0,200-0,H], ens-cache4.de4[2,0] x-oss-request-id 639BF5D176D4203733C7F559 content-md5 iwpLgcashLfcmTi96PNrZQ== age 73581 x-swift-cachetime 86400 x-cache HIT TCP_MEM_HIT dirn:8:271876958 x-swift-savetime Fri, 16 Dec 2022 04:36:33 GMT content-length 8887 x-bucket-code 3 x-oss-object-type Normal server Tengine vary Accept-Encoding ali-swift-global-savetime 1671165393 content-type application/javascript access-control-allow-origin * cache-control max-age=2592000,s-maxage=86400 x-oss-storage-class Standard timing-allow-origin * x-oss-hash-crc64ecma 13633365615324358276 eagleid 2ff62b1c16712389745437057e x-oss-server-time 29
GET H2	200	index.js Show response g.alicdn.com/secdev/entry/	4 KB 2 KB	9ms 8ms	Script application/javascript	163.181.56.192 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Full URL https://g.alicdn.com/secdev/entry/index.js?t=232116 Requested by Host: danta.si URL: https://danta.si/00021/Login.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 163.181.56.192 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash a23ac114b772a4bae1498d203e5dd2beac4292777bc5689091a30d6083c151d3 Request headers accept-language de-DE,de;q=0.9 Referer https://danta.si/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 17 Dec 2022 00:35:09 GMT content-encoding gzip via cache21.l2de2[10,9,200-0,M], cache21.l2de2[10,0], cache21.l2de2[11,0], ens-cache8.de4[0,0,200-0,H], ens-cache9.de4[1,0] x-oss-request-id 639D0EBD1621A43330400BE9 content-md5 9hDv2l6tv2gE74ewjPYZFA== age 1665 x-swift-cachetime 3600 x-cache HIT TCP_MEM_HIT dirn:9:177875857 x-swift-savetime Sat, 17 Dec 2022 00:35:09 GMT content-length 2125 x-bucket-code 3 x-oss-object-type Normal server Tengine vary Accept-Encoding ali-swift-global-savetime 1671237309 content-type application/javascript access-control-allow-origin * cache-control max-age=7200,s-maxage=3600 x-oss-storage-class Standard timing-allow-origin * x-oss-hash-crc64ecma 9403457710961289238 eagleid 2ff62b2116712389745466797e x-oss-server-time 3
GET H2	200	index.js Show response g.alicdn.com/secdev/sufei_data/3.9.11/	17 KB 8 KB	8ms 8ms	Script application/javascript	163.181.56.192 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Full URL https://g.alicdn.com/secdev/sufei_data/3.9.11/index.js Requested by Host: g.alicdn.com URL: https://g.alicdn.com/secdev/entry/index.js?t=232116 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 163.181.56.192 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash ceee3033a5ccf02fc21156c9fd1615582472daad8b1a55ccf3335c1efa4683a7 Request headers Referer https://danta.si/00021/Login.html Origin https://danta.si accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 16 Dec 2022 04:40:24 GMT content-encoding gzip via cache23.l2de2[0,0,200-0,H], cache14.l2de2[0,0], cache14.l2de2[1,0], ens-cache3.de4[0,0,200-0,H], ens-cache4.de4[1,0] x-oss-request-id 639BF6B844E4D03533755457 content-md5 ve/ADPirH1MqzNCrnK4gZA== age 73350 x-swift-cachetime 86400 x-cache HIT TCP_MEM_HIT dirn:10:130274018 x-swift-savetime Fri, 16 Dec 2022 04:40:24 GMT content-length 7588 x-bucket-code 3 x-oss-object-type Normal server Tengine vary Accept-Encoding ali-swift-global-savetime 1671165624 content-type application/javascript access-control-allow-origin * cache-control max-age=2592000,s-maxage=86400 x-oss-storage-class Standard timing-allow-origin * x-oss-hash-crc64ecma 9049208490210758542 eagleid 2ff62b1c16712389745567093e x-oss-server-time 20
GET H2	200	rp.js Show response g.alicdn.com/xlly/spl/	1 KB 1 KB	8ms 8ms	Script application/javascript	163.181.56.192 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Full URL https://g.alicdn.com/xlly/spl/rp.js Requested by Host: g.alicdn.com URL: https://g.alicdn.com/secdev/entry/index.js?t=232116 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 163.181.56.192 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash 139092686b10caf08c8cd5dd903d9827911e4b77b6bde62706705a2731fcb67d Request headers Referer https://danta.si/00021/Login.html Origin https://danta.si accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 16 Dec 2022 06:43:36 GMT content-encoding gzip via cache25.l2de2[0,0,200-0,H], cache10.l2de2[1,0], cache10.l2de2[1,0], ens-cache10.de4[0,0,200-0,H], ens-cache4.de4[0,0] x-oss-request-id 639C1398CA02BA32359959A9 content-md5 tdHs2vb8MWxdmyWdkGWDug== age 65958 x-swift-cachetime 86372 x-cache HIT TCP_MEM_HIT dirn:9:271894618 x-swift-savetime Fri, 16 Dec 2022 06:44:04 GMT content-length 753 x-bucket-code 3 x-oss-object-type Normal server Tengine vary Accept-Encoding ali-swift-global-savetime 1671173016 content-type application/javascript access-control-allow-origin * cache-control max-age=86400,s-maxage=86400 x-oss-storage-class Standard timing-allow-origin * x-oss-hash-crc64ecma 12800617583171053160 eagleid 2ff62b1c16712389745577095e x-oss-server-time 4
GET H2	200	rp Show response fourier.taobao.com/	1023 B 1 KB	1357ms 173ms	Script application/javascript	2408:4001:f10::cf ALIBABA-CN-NET Ha...
General Check archive.org Show headers Download Go to Full URL https://fourier.taobao.com/rp?ext=51&data=jm_PgMkHFY98UQCAZJGdViLluOR&random=7965394837473261&href=https%3A%2F%2Fdanta.si%2F00021%2FLogin.html&protocol=https: Requested by Host: g.alicdn.com URL: https://g.alicdn.com/xlly/spl/rp.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2408:4001:f10::cf Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software Tengine/Aserver / Resource Hash 486ba168351c19d6297fdb944a8c532ddb1c2be56b9f6b4404e60ddd044dc758 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://danta.si/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 17 Dec 2022 01:02:55 GMT bxpunish 1 strict-transport-security max-age=31536000 server Tengine/Aserver content-type application/javascript;charset=UTF-8 cache-control no-store access-control-allow-credentials true bxuuid 3cbde38f84248dbd2b258ffb0dcddb27, {"login-token":"3cbde38f84248dbd2b258ffb0dcddb27___null___df751cbc01ffab7ada45dea80cf6ebcc"} x5-punish-cache miss timing-allow-origin * content-length 1023 eagleeye-traceid 212c687916712389758586764e6614 use-raw true
GET H2	200	ts fourier.taobao.com/	0 140 B	1339ms 170ms	Image image/gif	2408:4001:f10::cf ALIBABA-CN-NET Ha...
General Check archive.org Show headers Download Go to Show image Full URL https://fourier.taobao.com/ts?url=&token=BMrKoCPfnZhlkRE0kU0F_deKG7Bsu04V_5-WYFQDdp2oB2rBPEueJRBhEWvb7Mat&cna=PgMkHFY98UQCAZJGdViLluOR&ext=1 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2408:4001:f10::cf Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software Tengine/Aserver / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://danta.si/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 17 Dec 2022 01:02:55 GMT strict-transport-security max-age=31536000 server Tengine/Aserver timing-allow-origin * content-length 0 eagleeye-traceid 212c687916712389758596765e6614 content-type image/gif

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Alibaba (Online)

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange number| __startDomRender object| compatLog function| $ function| jQuery object| bootstrap number| g_aplus_grey_launched object| goldlog object| ali_analytics object| goldlog_queue number| g_tb_aplus_loaded number| aplus_spmact object| g_SPM boolean| __sec_entry_loaded number| nsrprtrt number| etrprtrt function| baxiaCommon object| __baxia__

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.mmstat.com/	1970-01-20 17:49:58	Name: cna Value: PgMkHFY98UQCAZJGdViLluOR
			.danta.si/	1970-01-20 17:49:58	Name: cna Value: PgMkHFY98UQCAZJGdViLluOR
			.danta.si/	1970-01-20 12:33:10	Name: isg Value: BEVFsFBGilmmWK6FomTS3PRzVIF_AvmU_BaJMUeqAXyL3mVQD1IJZNOs7hoohRFM
			.mmstat.com/	1969-12-31 23:59:59	Name: sca Value: 19498f62
			.mmstat.com/	1969-12-31 23:59:59	Name: atpsida Value: 1eaaa8251e877c468c54b789_1671238974_1
			.taobao.com/	1970-01-20 08:13:58	Name: x5secdata Value: xb3cbde38f84248dbd2b258ffb0dcddb271671238975a-717315356a1993109894abazc2caa__bx__fourier.taobao.com%3A443%2Frp
			.danta.si/	1970-01-20 08:15:25	Name: xlly_s Value: 1

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://danta.si/00021/index_files/bl.js.download Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://danta.si/00021/index_files/aplus_v2.js.download Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://danta.si/00021/index_files/nc.js.download Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://danta.si/00021/index_files/mini-login-form-min.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://danta.si/00021/index_files/index.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://danta.si/00021/index_files/bl.js.download Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
danta.si
fourier.taobao.com
g.alicdn.com
gj.mmstat.com
img.alicdn.com
s.alicdn.com
stackpath.bootstrapcdn.com
104.93.26.59
163.181.56.192
185.53.12.10
2408:4001:f10::cf
2606:4700::6812:bcf
2a00:1450:4001:82a::200a
47.246.136.160
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
085f0322d477e3051843b4d0bf2969b83431c911e91fe161943b3a983b6e49b3
09fb2b6652a497d906cd4797874b0e5023cea06aed87f252a8aefe048fdf6c11
139092686b10caf08c8cd5dd903d9827911e4b77b6bde62706705a2731fcb67d
139359e8cd675429cb1766058fd9067a54af94517145b3dd6e73df778a3bfb07
1ac557d9a89de8dce7ac164eb222f40177b89886331f36cf2c952f1c12dea97c
20469a99be0e8bb562e83cdf95a0ae327b3a4be5726a39cca517649c9b65a210
3540397bc15061c0cf948c29a730c8d99990318bb0a78c4b3e16e3fe4553b1d1
486ba168351c19d6297fdb944a8c532ddb1c2be56b9f6b4404e60ddd044dc758
49bfbd157d6c447cc0c4c43d099d46af913ff096de3cd240cd7137d30933c0a1
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
685a08adb464a67252eddeb46510e4aa9c3da3f240624479f72af1bfb2baa339
7ce6b93c26b5611e079a88c10103fef4f867c13d1e880e761dde4258845c24ac
9f02257d3723e084bc6edb0c83c8872063d49f25272de8f6e5b7083cb9732ab7
a23ac114b772a4bae1498d203e5dd2beac4292777bc5689091a30d6083c151d3
c296f01a7d03fcf6bc56ed2bffb27d4b8a421bff87f62ba5831f1b6c8354a83a
ceee3033a5ccf02fc21156c9fd1615582472daad8b1a55ccf3335c1efa4683a7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e639fea6b09edde576c7e201e64996e7429017d54351e8cc7e163ca0773551a5