bafybeifax5eqv7gdlyhyialpeq77xa6nv7v52wejm3gyquusyn534m2eze.ipfs.dweb.link
Open in
urlscan Pro
2602:fea2:2::1
Malicious Activity!
Public Scan
Submission: On April 14 via api from JP — Scanned from JP
Summary
TLS certificate: Issued by R3 on March 27th 2023. Valid for: 3 months.
This is the only time bafybeifax5eqv7gdlyhyialpeq77xa6nv7v52wejm3gyquusyn534m2eze.ipfs.dweb.link was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Alibaba (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 15 | 2602:fea2:2::1 2602:fea2:2::1 | 40680 (PROTOCOL) (PROTOCOL) | |
1 | 23.194.140.151 23.194.140.151 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
1 | 47.246.136.160 47.246.136.160 | 45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.) | |
1 | 169.150.225.34 169.150.225.34 | 60068 (CDN77 ^_^) (CDN77 ^_^) | |
4 | 2602:ffe4:c45... 2602:ffe4:c45:0:3::3fe | 21859 (ZEN-ECN) (ZEN-ECN) | |
1 | 47.246.136.140 47.246.136.140 | 45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.) | |
1 | 47.246.110.142 47.246.110.142 | 45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.) | |
1 | 47.246.137.65 47.246.137.65 | 45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.) | |
2 | 2401:b180:700... 2401:b180:7003::1ac | 37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.) | |
26 | 10 |
ASN40680 (PROTOCOL, US)
bafybeifax5eqv7gdlyhyialpeq77xa6nv7v52wejm3gyquusyn534m2eze.ipfs.dweb.link | |
ipfs.io |
ASN16625 (AKAMAI-AS, US)
PTR: a23-194-140-151.deploy.static.akamaitechnologies.com
u.alicdn.com |
ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
gj.mmstat.com |
ASN60068 (CDN77 ^_^, GB)
PTR: 169-150-225-34.bunnyinfra.net
ipfs.tech |
ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
stylessl.aliunicorn.com |
ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
us.ynuf.alipay.com |
ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
cfus.aliyun.com |
ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
gm.mmstat.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
ipfs.io
1 redirects
ipfs.io — Cisco Umbrella Rank: 43879 |
183 KB |
5 |
alicdn.com
u.alicdn.com — Cisco Umbrella Rank: 52472 g.alicdn.com — Cisco Umbrella Rank: 6126 gw.alicdn.com — Cisco Umbrella Rank: 13272 |
140 KB |
3 |
mmstat.com
gj.mmstat.com — Cisco Umbrella Rank: 27346 gm.mmstat.com — Cisco Umbrella Rank: 15510 |
798 B |
2 |
dweb.link
bafybeifax5eqv7gdlyhyialpeq77xa6nv7v52wejm3gyquusyn534m2eze.ipfs.dweb.link |
5 KB |
1 |
aliyun.com
cfus.aliyun.com — Cisco Umbrella Rank: 218095 |
277 B |
1 |
alipay.com
us.ynuf.alipay.com — Cisco Umbrella Rank: 147269 |
|
1 |
aliunicorn.com
stylessl.aliunicorn.com |
2 KB |
1 |
ipfs.tech
ipfs.tech — Cisco Umbrella Rank: 160575 |
|
26 | 8 |
Domain | Requested by | |
---|---|---|
13 | ipfs.io |
1 redirects
bafybeifax5eqv7gdlyhyialpeq77xa6nv7v52wejm3gyquusyn534m2eze.ipfs.dweb.link
ipfs.io |
3 | g.alicdn.com |
ipfs.io
|
2 | gm.mmstat.com |
ipfs.io
|
2 | bafybeifax5eqv7gdlyhyialpeq77xa6nv7v52wejm3gyquusyn534m2eze.ipfs.dweb.link |
bafybeifax5eqv7gdlyhyialpeq77xa6nv7v52wejm3gyquusyn534m2eze.ipfs.dweb.link
|
1 | gw.alicdn.com |
g.alicdn.com
|
1 | cfus.aliyun.com |
g.alicdn.com
|
1 | us.ynuf.alipay.com |
ipfs.io
|
1 | stylessl.aliunicorn.com |
ipfs.io
|
1 | ipfs.tech |
ipfs.io
|
1 | gj.mmstat.com |
bafybeifax5eqv7gdlyhyialpeq77xa6nv7v52wejm3gyquusyn534m2eze.ipfs.dweb.link
|
1 | u.alicdn.com |
bafybeifax5eqv7gdlyhyialpeq77xa6nv7v52wejm3gyquusyn534m2eze.ipfs.dweb.link
|
26 | 11 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.alibaba.com |
activity.alibaba.com |
gcx.alibaba.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.i.ipfs.io R3 |
2023-03-27 - 2023-06-25 |
3 months | crt.sh |
ru.aliexpress.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-12-19 - 2023-12-19 |
a year | crt.sh |
*.mmstat.com GlobalSign Organization Validation CA - SHA256 - G2 |
2022-07-18 - 2023-08-19 |
a year | crt.sh |
*.tbcdn.cn GlobalSign Organization Validation CA - SHA256 - G2 |
2022-07-22 - 2023-08-06 |
a year | crt.sh |
*.alibabacorp.com GlobalSign Organization Validation CA - SHA256 - G2 |
2022-04-07 - 2023-05-09 |
a year | crt.sh |
ynuf.alipay.com Secure Site CA G2 |
2022-12-05 - 2024-01-05 |
a year | crt.sh |
*.aliyun.com GlobalSign Organization Validation CA - SHA256 - G2 |
2022-11-17 - 2023-12-19 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://bafybeifax5eqv7gdlyhyialpeq77xa6nv7v52wejm3gyquusyn534m2eze.ipfs.dweb.link/
Frame ID: 88009C2E9D0E736E8A46D7B546F338BA
Requests: 15 HTTP requests in this frame
Frame:
https://ipfs.io/ipfs/QmVX6B8C3KMzMw6fhZY6fX7nTEw1tzub5zEBZSFXBDyZh6/?filename=mini_login.html&email=null
Frame ID: AFF175B7C92D95FFC62A666B28A0CC99
Requests: 13 HTTP requests in this frame
3 Outgoing links
These are links going to different origins than the main page.
Title: Alibaba.com
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Get help here
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 14- https://ipfs.io/sc-footer/20160321161740/src/1x.png HTTP 301
- https://ipfs.tech/sc-footer/20160321161740/src/1x.png
26 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
bafybeifax5eqv7gdlyhyialpeq77xa6nv7v52wejm3gyquusyn534m2eze.ipfs.dweb.link/ |
11 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
QmXtnFHsgR83MugCZaJjFs59DSzBChAMr571cKMPBAEhXJ
ipfs.io/ipfs/ |
129 KB 41 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
preload.js
bafybeifax5eqv7gdlyhyialpeq77xa6nv7v52wejm3gyquusyn534m2eze.ipfs.dweb.link/ |
0 0 |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
QmYSoY817pbEsCjAGjtJWKnnmdCWuuyUAbfX8dXYUfDEKG
ipfs.io/ipfs/ |
84 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
QmbTG6hwosBixJZoUhHQskukVvN5ZSE5vzJhVzUJzULtnS
ipfs.io/ipfs/ |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aplus_en.js
u.alicdn.com/js/ |
79 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
QmeE6RJcpaES9RuHQYcqgpeJDpaRA3QmgrJyCVvQ4m1XE7
ipfs.io/ipfs/ |
28 KB 29 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
QmeEqKjj9UQcbB2Nr6q5bqyfo9NJuPWuLB7vZeENbunVax
ipfs.io/ipfs/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
QmTzrfqjxbUH8gLXxotJwUA3BX6tBQvUc1Z2i5K3xFAva6
ipfs.io/ipfs/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7.gif
gj.mmstat.com/ |
43 B 456 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
QmU2MCXBKYZTGfZx248sQZLzXLafWKf1niPga7cYEDcVAx
ipfs.io/ipfs/ |
12 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
13 KB 13 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
QmQ5za3zmHgeSgV2C52uQHDbQufEiHn8Jr8JUK1dnuugxj
ipfs.io/ipfs/ |
25 KB 26 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
social-share-tools.png
ipfs.io/ipfs/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
ipfs.io/ipfs/QmVX6B8C3KMzMw6fhZY6fX7nTEw1tzub5zEBZSFXBDyZh6/ Frame AFF1 |
14 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1x.png
ipfs.tech/sc-footer/20160321161740/src/ Redirect Chain
|
0 0 |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
QmYSoY817pbEsCjAGjtJWKnnmdCWuuyUAbfX8dXYUfDEKG
ipfs.io/ipfs/ Frame AFF1 |
84 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
QmbTG6hwosBixJZoUhHQskukVvN5ZSE5vzJhVzUJzULtnS
ipfs.io/ipfs/ Frame AFF1 |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mini-login-form-min.css
g.alicdn.com/vip/login/0.5.44/havanalogin/css/ Frame AFF1 |
20 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
havana.css
stylessl.aliunicorn.com/css/6v/run/common/xman/ Frame AFF1 |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nc.js
g.alicdn.com/sd/ncpc/ Frame AFF1 |
216 KB 57 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mini-login-min.js
g.alicdn.com/vip/login/0.5.44/havanalogin/js/ Frame AFF1 |
143 KB 50 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clear.png
us.ynuf.alipay.com//service/ Frame AFF1 |
0 0 |
Image
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame AFF1 |
34 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
initialize.jsonp
cfus.aliyun.com/nocaptcha/ Frame AFF1 |
94 B 277 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fsp.1.1
gm.mmstat.com/ Frame AFF1 |
43 B 244 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TB1VHK4KFXXXXbPXFXXwxCdHXXX-47-47.png
gw.alicdn.com/tps/i1/ Frame AFF1 |
922 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fsp.1.1
gm.mmstat.com/ Frame AFF1 |
43 B 98 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Alibaba (Online)23 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless function| $ function| jQuery string| globalImgServer function| sk_dmtracking_core function| sk_dmtracking object| dmtrack number| g_aplus_loaded object| ali_analytics string| g_aplus_pv_id object| goldlog object| g_SPM number| beaconStartTime object| aplusExParams string| dmtrack_pageid string| dmtrack_hostname string| dmtrack_c object| nameStorage boolean| _domdotInited object| _ap_agp_heat object| _img_0.32609264619561484 string| g_aplus_pv_req4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
bafybeifax5eqv7gdlyhyialpeq77xa6nv7v52wejm3gyquusyn534m2eze.ipfs.dweb.link/ | Name: __session:0.6465769244081585: Value: https: |
|
.mmstat.com/ | Name: cna Value: bpS/HNIO1xoCAdmK/LWzOqZR |
|
.mmstat.com/ | Name: sca Value: 6dc0bd26 |
|
.mmstat.com/ | Name: atpsida Value: b300732289a6e01377d4d853_1681434222_1 |
5 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bafybeifax5eqv7gdlyhyialpeq77xa6nv7v52wejm3gyquusyn534m2eze.ipfs.dweb.link
cfus.aliyun.com
g.alicdn.com
gj.mmstat.com
gm.mmstat.com
gw.alicdn.com
ipfs.io
ipfs.tech
stylessl.aliunicorn.com
u.alicdn.com
us.ynuf.alipay.com
169.150.225.34
23.194.140.151
2401:b180:7003::1ac
2602:fea2:2::1
2602:ffe4:c45:0:3::3fe
47.246.110.142
47.246.136.140
47.246.136.160
47.246.137.65
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
123b1f31cb431231b22d2638c8df7c98e710982171c07a1f6b0c63c7abba2dd4
139359e8cd675429cb1766058fd9067a54af94517145b3dd6e73df778a3bfb07
1961d16246e3ae3e99b17c3d1f0377eddf72cc176bd0c3072f8f67c9aebfaef5
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
37a32d622cfff961aef7af8e23be557223a2676d3e192fdf23ab350112fb4540
38173db64b3cbe03d5cfbc9198cdb34dd9eef59378f96cb31d92b4641ef00493
5218165354442a362d5f77384d6f2795e2855fde4090cab45c0f3f882fcdd432
53fb1b9041f512addba6a58ded8e289a2b6e2e21997de4c73803705c97ad2a4f
54c119b4c344d9282f9e872da1bf144f306923eacf760179dace606870a77d8f
5690dd327227897442dcc16e2c02add1bf47d2d805aea66baff0a69dace96093
6e2d14e1c60171e8dfd695ab3b57e70b6d314942d472ca4c21ee3208ba863501
71e9caa7c17b20aac3baa32a9a4fbba2bb95634a6bdcc886af7e876c70b1f9a8
76ad6584ac5bdd459939dc7532fae7c2bdd8e22d773ff16d2306f42a1ffc569c
98852742c420fd1ad64574171d721d0c00d70579c84f2e138d994637d7731e16
adb78fe13b28c74dc1ab5d49c7a2611c087e5a645b33d37823f4b790ad08ec2d
b0a7e2bc969eeb823c048a355884c2e056ccc7e2e8e930c6b489ad42841c9a20
cec49b1571e0c35f77887787e3eb9cff70ba816d5e461f98d3e55f1058ce5f21
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ace0dbe1c3ede01566df2ff395343b515a4cc473ed8273ac6f7ad8ec93decc