alphacarsharing.com.au
Open in
urlscan Pro
2606:4700:3034::681f:4004
Malicious Activity!
Public Scan
Submitted URL: http://go.sparkpostmail1.com/f/a/yBffrATaYRxwnUIVDWMzhA~~/AARz6wA~/RgRhOV2AP0QpaHR0cDovL3NldGFyYW0uY29tLmNuLy9yZXNvdXJjZXMvbG...
Effective URL: http://alphacarsharing.com.au//blog/wp-admin/images/BB/
Submission: On September 08 via manual from HK
Effective URL: http://alphacarsharing.com.au//blog/wp-admin/images/BB/
Submission: On September 08 via manual from HK
Summary
This website contacted 6 IPs
in 4 countries
across 5 domains to perform 18 HTTP transactions.
The main IP is 2606:4700:3034::681f:4004, located in
United States and
belongs to CLOUDFLARENET, US.
The main domain is alphacarsharing.com.au.
This is the only time alphacarsharing.com.au was scanned on urlscan.io!
This is the only time alphacarsharing.com.au was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Huawei (Online)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 52.42.81.195 52.42.81.195 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 | 60.205.28.215 60.205.28.215 | 37963 (CNNIC-ALI...) (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.) | |
| 7 9 | 2606:4700:303... 2606:4700:3034::681f:4004 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 6 | 185.176.76.112 185.176.76.112 | 206798 (UK-HUAWEI) (UK-HUAWEI) | |
| 1 | 2001:4de0:ac1... 2001:4de0:ac19::1:b:2b | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
| 7 | 2606:4700:303... 2606:4700:3036::ac43:deb8 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 18 | 6 |
1
52.42.81.195
(Boardman, United States)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-42-81-195.us-west-2.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-42-81-195.us-west-2.compute.amazonaws.com
| go.sparkpostmail1.com |
1
60.205.28.215
(Hangzhou, China)
ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN)
ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN)
| setaram.com.cn |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 16 |
alphacarsharing.com.au
7 redirects
alphacarsharing.com.au www.alphacarsharing.com.au |
8 KB |
| 6 |
huawei.com
uniportal.huawei.com |
42 KB |
| 1 |
jquery.com
code.jquery.com |
83 KB |
| 1 |
setaram.com.cn
setaram.com.cn |
409 B |
| 1 |
sparkpostmail1.com
1 redirects
go.sparkpostmail1.com |
235 B |
| 18 | 5 |
| Domain | Requested by | |
|---|---|---|
| 9 | alphacarsharing.com.au |
7 redirects
alphacarsharing.com.au
|
| 7 | www.alphacarsharing.com.au |
alphacarsharing.com.au
|
| 6 | uniportal.huawei.com |
alphacarsharing.com.au
uniportal.huawei.com |
| 1 | code.jquery.com |
alphacarsharing.com.au
|
| 1 | setaram.com.cn | |
| 1 | go.sparkpostmail1.com | 1 redirects |
| 18 | 6 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.huawei.com GlobalSign Organization Validation CA - SHA256 - G2 |
2019-04-12 - 2021-04-12 |
2 years | crt.sh |
| jquery.org COMODO RSA Domain Validation Secure Server CA |
2018-10-17 - 2020-10-16 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
http://alphacarsharing.com.au//blog/wp-admin/images/BB/
Frame ID: 6B096EE165EC1DF666CDFA1F55AAE645
Requests: 18 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://go.sparkpostmail1.com/f/a/yBffrATaYRxwnUIVDWMzhA~~/AARz6wA~/RgRhOV2AP0QpaHR0cDovL3NldGFyYW0uY29tLm...
HTTP 302
http://setaram.com.cn//resources/lang/BB/ Page URL
- http://alphacarsharing.com.au//blog/wp-admin/images/BB/ Page URL
Detected technologies
Apache
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://go.sparkpostmail1.com/f/a/yBffrATaYRxwnUIVDWMzhA~~/AARz6wA~/RgRhOV2AP0QpaHR0cDovL3NldGFyYW0uY29tLmNuLy9yZXNvdXJjZXMvbGFuZy9CQi9XA3NwY0IKACCB2FZffyBu5FIYc3VwcG9ydG1hc3RlckBodWF3ZWkuY29tWAQAAAAA
HTTP 302
http://setaram.com.cn//resources/lang/BB/ Page URL
- http://alphacarsharing.com.au//blog/wp-admin/images/BB/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://go.sparkpostmail1.com/f/a/yBffrATaYRxwnUIVDWMzhA~~/AARz6wA~/RgRhOV2AP0QpaHR0cDovL3NldGFyYW0uY29tLmNuLy9yZXNvdXJjZXMvbGFuZy9CQi9XA3NwY0IKACCB2FZffyBu5FIYc3VwcG9ydG1hc3RlckBodWF3ZWkuY29tWAQAAAAA HTTP 302
- http://setaram.com.cn//resources/lang/BB/
- http://alphacarsharing.com.au//blog/wp-admin/images/BB/%7Btatir%7D/js/sso-properties.js HTTP 301
- http://www.alphacarsharing.com.au/blog/wp-admin/images/BB/%7Btatir%7D/js/sso-properties.js
- http://alphacarsharing.com.au//blog/wp-admin/images/BB/%7Btatir%7D/js/jquery.js?ver=v3r40 HTTP 301
- http://www.alphacarsharing.com.au/blog/wp-admin/images/BB/%7Btatir%7D/js/jquery.js?ver=v3r40
- http://alphacarsharing.com.au//blog/wp-admin/images/BB/%7Btatir%7D/js/layer/layer.js HTTP 301
- http://www.alphacarsharing.com.au/blog/wp-admin/images/BB/%7Btatir%7D/js/layer/layer.js
- http://alphacarsharing.com.au//blog/wp-admin/images/BB/%7Btatir%7D/css/lang-change.css HTTP 301
- http://www.alphacarsharing.com.au/blog/wp-admin/images/BB/%7Btatir%7D/css/lang-change.css
- http://alphacarsharing.com.au//blog/wp-admin/images/BB/%7Btatir%7D/js/jquery.js HTTP 301
- http://www.alphacarsharing.com.au/blog/wp-admin/images/BB/%7Btatir%7D/js/jquery.js
- http://alphacarsharing.com.au//blog/wp-admin/images/BB/%7Btatir%7D/js/lang-change.js HTTP 301
- http://www.alphacarsharing.com.au/blog/wp-admin/images/BB/%7Btatir%7D/js/lang-change.js
- http://alphacarsharing.com.au//blog/wp-admin/images/BB/%7Btatir%7D/js/sso-properties.js HTTP 301
- http://www.alphacarsharing.com.au/blog/wp-admin/images/BB/%7Btatir%7D/js/sso-properties.js
- http://alphacarsharing.com.au//blog/wp-admin/images/BB/%7Btatir%7D/js/jquery.js?ver=v3r40 HTTP 301
- http://www.alphacarsharing.com.au/blog/wp-admin/images/BB/%7Btatir%7D/js/jquery.js?ver=v3r40
18 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
/
setaram.com.cn//resources/lang/BB/ Redirect Chain
|
207 B 409 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Primary Request
 Cookie set
/
alphacarsharing.com.au//blog/wp-admin/images/BB/ |
10 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
layout.css
uniportal.huawei.com/uniportal/css/ |
400 B 947 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
public.css
uniportal.huawei.com/uniportal/css/ |
3 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
only.css
uniportal.huawei.com/uniportal/css/ |
16 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-3.5.1.js
code.jquery.com/ |
281 KB 83 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
header_logo.png
uniportal.huawei.com/uniportal/images/ |
31 KB 31 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sso-properties.js
www.alphacarsharing.com.au/blog/wp-admin/images/BB/%7Btatir%7D/js/ Redirect Chain
|
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.js
www.alphacarsharing.com.au/blog/wp-admin/images/BB/%7Btatir%7D/js/ Redirect Chain
|
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
layer.js
www.alphacarsharing.com.au/blog/wp-admin/images/BB/%7Btatir%7D/js/layer/ Redirect Chain
|
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
lang-change.css
www.alphacarsharing.com.au/blog/wp-admin/images/BB/%7Btatir%7D/css/ Redirect Chain
|
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.js
www.alphacarsharing.com.au/blog/wp-admin/images/BB/%7Btatir%7D/js/ Redirect Chain
|
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
lang-change.js
www.alphacarsharing.com.au/blog/wp-admin/images/BB/%7Btatir%7D/js/ Redirect Chain
|
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
info-medium.png
uniportal.huawei.com/uniportal/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
email-decode.min.js
alphacarsharing.com.au/cdn-cgi/scripts/5c5dd728/cloudflare-static/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sso-properties.js
www.alphacarsharing.com.au/blog/wp-admin/images/BB/%7Btatir%7D/js/ Redirect Chain
|
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
header_bg.gif
uniportal.huawei.com/uniportal/images/ |
431 B 979 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
jquery.js
www.alphacarsharing.com.au/blog/wp-admin/images/BB/%7Btatir%7D/js/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.alphacarsharing.com.au
- URL
- http://www.alphacarsharing.com.au/blog/wp-admin/images/BB/%7Btatir%7D/js/jquery.js?ver=v3r40
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Huawei (Online)5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| trustedTypes function| $ function| jQuery string| url function| submitCommand0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
alphacarsharing.com.au
code.jquery.com
go.sparkpostmail1.com
setaram.com.cn
uniportal.huawei.com
www.alphacarsharing.com.au
www.alphacarsharing.com.au
185.176.76.112
2001:4de0:ac19::1:b:2b
2606:4700:3034::681f:4004
2606:4700:3036::ac43:deb8
52.42.81.195
60.205.28.215
2027b9351342f4e96cdfc180a7962566903cc4bc135e68c4756413429112a2cc
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
3c8aa5c00ebced37b79f6f527851ed53133043af01d70f484dc6a4786a5ac4e6
416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37
5a1b1d4faabca5f8f2a50d9a931bacf153f7403f9e004d020f41bc0cb47a4a5a
613c0d5ab7dc2d5c219d475c0847af18d95538f74a5cf7e6db7a4f8315979b42
849136547eacacba83cea5ecc48a1fcb707d44ada635c93530409c9a9225fca3
a0f9914d20f8f08eecbd757c25da16afb7224b7e3e7c0b9d95bed7028b7a5851
ca0b2df787b729e1d5ebf2d6e1b80d4d313f7bc0c9203e054c4b8e774e1f0e19
fdfa5563deefcf521c85a71fc5c07b25fbd4f8410cc9949de20e31384cb02e44