www.videsignz.com - urlscan.io

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 7 HTTP transactions. The main IP is 67.195.61.46, located in Sunnyvale, United States and belongs to YAHOO-GQ1 - Yahoo, US. The main domain is www.videsignz.com.

This is the only time www.videsignz.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Alibaba (Online)

Domain & IP information

	IP Address	AS Autonomous System
4	67.195.61.46 67.195.61.46	36647 (YAHOO-GQ1) (YAHOO-GQ1 - Yahoo)
3	54.84.9.162 54.84.9.162	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
7	2

4 67.195.61.46 (Sunnyvale, United States)

ASN36647 (YAHOO-GQ1 - Yahoo, US)
PTR: p10pn-i.geo.vip.gq1.yahoo.com

www.videsignz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.84.9.162 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-84-9-162.compute-1.amazonaws.com

np.lexity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	videsignz.com www.videsignz.com	390 KB
3	lexity.com np.lexity.com	26 KB
7	2

	Domain	Requested by
4	www.videsignz.com	www.videsignz.com
3	np.lexity.com	www.videsignz.com np.lexity.com
7	2

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://www.videsignz.com/sandbox/uploader/js/alibaba/alibaba/index.php
Frame ID: 10121.1
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

7
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

416 kB
Transfer

416 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request index.php Show response www.videsignz.com/sandbox/uploader/js/alibaba/alibaba/	7 KB 7 KB	1100ms 687ms	Document text/html	67.195.61.46 Yahoo
General Check archive.org Show headers Download Go to Full URL http://www.videsignz.com/sandbox/uploader/js/alibaba/alibaba/index.php Protocol HTTP/1.1 Server 67.195.61.46 Sunnyvale, United States, ASN36647 (YAHOO-GQ1 - Yahoo, US), Reverse DNS p10pn-i.geo.vip.gq1.yahoo.com Software ATS/5.3.0 / Resource Hash `87dff24620906a1129b2db9eff9f58d93bbc93767c1da9c6de34663782773a0c` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Thu, 10 Aug 2017 00:50:44 GMT Server ATS/5.3.0 Connection keep-alive Age 2 Content-Type text/html Transfer-Encoding chunked P3P policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
GET H/1.1	200 OK	img2.png www.videsignz.com/sandbox/uploader/js/alibaba/alibaba/images/	327 KB 327 KB	174ms 174ms	Image image/png	67.195.61.46 Yahoo
General Check archive.org Show headers Download Go to Show image Full URL http://www.videsignz.com/sandbox/uploader/js/alibaba/alibaba/images/img2.png Requested by Host: www.videsignz.com URL: http://www.videsignz.com/sandbox/uploader/js/alibaba/alibaba/index.php Protocol HTTP/1.1 Server 67.195.61.46 Sunnyvale, United States, ASN36647 (YAHOO-GQ1 - Yahoo, US), Reverse DNS p10pn-i.geo.vip.gq1.yahoo.com Software ATS/5.3.0 / Resource Hash `c3de8a20b257b3e3edadd946d59bbee31d90f6f84ed6e9619904669199c0461e` Request headers Referer http://www.videsignz.com/sandbox/uploader/js/alibaba/alibaba/index.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Thu, 10 Aug 2017 00:50:45 GMT Last-Modified Fri, 22 May 2015 06:27:56 GMT Server ATS/5.3.0 Age 0 P3P policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV" Cache-Control max-age=864000 Connection keep-alive Accept-Ranges bytes Content-Type image/png Content-Length 335152 Expires Sun, 20 Aug 2017 00:50:45 GMT
GET H/1.1	200 OK	img1.jpg www.videsignz.com/sandbox/uploader/js/alibaba/alibaba/images/	54 KB 54 KB	341ms 186ms	Image image/jpeg	67.195.61.46 Yahoo
General Check archive.org Show headers Download Go to Show image Full URL http://www.videsignz.com/sandbox/uploader/js/alibaba/alibaba/images/img1.jpg Requested by Host: www.videsignz.com URL: http://www.videsignz.com/sandbox/uploader/js/alibaba/alibaba/index.php Protocol HTTP/1.1 Server 67.195.61.46 Sunnyvale, United States, ASN36647 (YAHOO-GQ1 - Yahoo, US), Reverse DNS p10pn-i.geo.vip.gq1.yahoo.com Software ATS/5.3.0 / Resource Hash `c55290da88f9b88dcc6e593fa17a5281841b40f4324557c75cc5a2c5eb96f6ac` Request headers Referer http://www.videsignz.com/sandbox/uploader/js/alibaba/alibaba/index.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Thu, 10 Aug 2017 00:10:07 GMT Last-Modified Fri, 22 May 2015 06:27:44 GMT Server ATS/5.3.0 Age 2438 P3P policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV" Cache-Control max-age=864000 Connection keep-alive Accept-Ranges bytes Content-Type image/jpeg Content-Length 55712 Expires Sun, 20 Aug 2017 00:10:07 GMT
GET H/1.1	200 OK	img3.gif www.videsignz.com/sandbox/uploader/js/alibaba/alibaba/images/	1 KB 1 KB	336ms 180ms	Image image/gif	67.195.61.46 Yahoo
General Check archive.org Show headers Download Go to Show image Full URL http://www.videsignz.com/sandbox/uploader/js/alibaba/alibaba/images/img3.gif Requested by Host: www.videsignz.com URL: http://www.videsignz.com/sandbox/uploader/js/alibaba/alibaba/index.php Protocol HTTP/1.1 Server 67.195.61.46 Sunnyvale, United States, ASN36647 (YAHOO-GQ1 - Yahoo, US), Reverse DNS p10pn-i.geo.vip.gq1.yahoo.com Software ATS/5.3.0 / Resource Hash `f789f6aa5304d63550e35f144eb65f131104ecb1e38cfacd51f7f63792579503` Request headers Referer http://www.videsignz.com/sandbox/uploader/js/alibaba/alibaba/index.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Thu, 10 Aug 2017 00:10:07 GMT Last-Modified Fri, 22 May 2015 06:28:04 GMT Server ATS/5.3.0 Age 2438 P3P policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV" Cache-Control max-age=864000 Connection keep-alive Accept-Ranges bytes Content-Type image/gif Content-Length 1380 Expires Sun, 20 Aug 2017 00:10:07 GMT
GET H/1.1	200 OK	d1b8f31ef3a187b46ca5f5e0bd65e43a Show response np.lexity.com/embed/YW/	26 KB 26 KB	362ms 104ms	Script text/javascript	54.84.9.162 Amazon.com
General Check archive.org Show headers Download Go to Full URL http://np.lexity.com/embed/YW/d1b8f31ef3a187b46ca5f5e0bd65e43a?id=da44ede39abc Requested by Host: www.videsignz.com URL: http://www.videsignz.com/sandbox/uploader/js/alibaba/alibaba/index.php Protocol HTTP/1.1 Server 54.84.9.162 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-54-84-9-162.compute-1.amazonaws.com Software / Resource Hash `0665e42acb9fc6b508930dd940a6a93c03ab15aef2c213045148b839ea99bc12` Request headers Referer http://www.videsignz.com/sandbox/uploader/js/alibaba/alibaba/index.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Thu, 10 Aug 2017 00:50:47 GMT Cache-Control no-store, no-cache Connection keep-alive p3p policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA PVD OTP OUR OTR IND OTC" transfer-encoding chunked Content-Type text/javascript
GET H/1.1	200 OK	efelbetf.f.kk[0] Show response np.lexity.com/embed/YW/d1b8f31ef3a187b46ca5f5e0bd65e43a/v/YZfyXdq87epf/k/LcVaRsPJXRMN/u/http%3A%2F%2Fwww.videsignz.com%2Fsandbox%2Fuploader%2Fjs%2Falibaba%2Falibaba%2Findex.php/n/1502326247132/t/Al...	20 B 26 B	105ms 105ms	Script text/javascript	54.84.9.162 Amazon.com
General Check archive.org Show headers Download Go to Full URL http://np.lexity.com/embed/YW/d1b8f31ef3a187b46ca5f5e0bd65e43a/v/YZfyXdq87epf/k/LcVaRsPJXRMN/u/http%3A%2F%2Fwww.videsignz.com%2Fsandbox%2Fuploader%2Fjs%2Falibaba%2Falibaba%2Findex.php/n/1502326247132/t/Alibaba%C2%A0Manufacturer%C2%A0Directory%C2%A0-%C2%A0Suppliers%2C%C2%A0Manufacturers%2C%C2%A0Exporters%C2%A0%26amp%3B%C2%A0Importers%C2%A0/vn/1/c/efelbetf.f.kk[0]?id=da44ede39abc&ts=1502326247487 Requested by Host: np.lexity.com URL: http://np.lexity.com/embed/YW/d1b8f31ef3a187b46ca5f5e0bd65e43a?id=da44ede39abc Protocol HTTP/1.1 Server 54.84.9.162 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-54-84-9-162.compute-1.amazonaws.com Software / Resource Hash `4542b868bfa6c46617fc0dc7551d0711c634ed000b00aec4fe704d334af67f6b` Request headers Referer http://www.videsignz.com/sandbox/uploader/js/alibaba/alibaba/index.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Thu, 10 Aug 2017 00:50:47 GMT Cache-Control no-store, no-cache Connection keep-alive p3p policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA PVD OTP OUR OTR IND OTC" transfer-encoding chunked Content-Type text/javascript
GET H/1.1	200 OK	efelbetf.f.kk[1] Show response np.lexity.com/embed/YW/d1b8f31ef3a187b46ca5f5e0bd65e43a/h/1/v/YZfyXdq87epf/k/LcVaRsPJXRMN/u/http%3A%2F%2Fwww.videsignz.com%2Fsandbox%2Fuploader%2Fjs%2Falibaba%2Falibaba%2Findex.php/n/1502326247132/...	20 B 26 B	101ms 101ms	Script text/javascript	54.84.9.162 Amazon.com
General Check archive.org Show headers Download Go to Full URL http://np.lexity.com/embed/YW/d1b8f31ef3a187b46ca5f5e0bd65e43a/h/1/v/YZfyXdq87epf/k/LcVaRsPJXRMN/u/http%3A%2F%2Fwww.videsignz.com%2Fsandbox%2Fuploader%2Fjs%2Falibaba%2Falibaba%2Findex.php/n/1502326247132/t/Alibaba%C2%A0Manufacturer%C2%A0Directory%C2%A0-%C2%A0Suppliers%2C%C2%A0Manufacturers%2C%C2%A0Exporters%C2%A0%26amp%3B%C2%A0Importers%C2%A0/vn/1/c/efelbetf.f.kk[1]?id=da44ede39abc&ts=1502326251487 Requested by Host: np.lexity.com URL: http://np.lexity.com/embed/YW/d1b8f31ef3a187b46ca5f5e0bd65e43a?id=da44ede39abc Protocol HTTP/1.1 Server 54.84.9.162 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-54-84-9-162.compute-1.amazonaws.com Software / Resource Hash `3b42d83873104b681251de9018992feadef8c6ed6bb3777ba5a1f37d2dd534aa` Request headers Referer http://www.videsignz.com/sandbox/uploader/js/alibaba/alibaba/index.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Thu, 10 Aug 2017 00:50:51 GMT Cache-Control no-store, no-cache Connection keep-alive p3p policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA PVD OTP OUR OTR IND OTC" transfer-encoding chunked Content-Type text/javascript

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Alibaba (Online)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.videsignz.com/	2037-06-02 20:00:01	Name: BX Value: ai3os91conbf4&b=3&s=dm

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

np.lexity.com
www.videsignz.com
54.84.9.162
67.195.61.46
0665e42acb9fc6b508930dd940a6a93c03ab15aef2c213045148b839ea99bc12
3b42d83873104b681251de9018992feadef8c6ed6bb3777ba5a1f37d2dd534aa
4542b868bfa6c46617fc0dc7551d0711c634ed000b00aec4fe704d334af67f6b
87dff24620906a1129b2db9eff9f58d93bbc93767c1da9c6de34663782773a0c
c3de8a20b257b3e3edadd946d59bbee31d90f6f84ed6e9619904669199c0461e
c55290da88f9b88dcc6e593fa17a5281841b40f4324557c75cc5a2c5eb96f6ac
f789f6aa5304d63550e35f144eb65f131104ecb1e38cfacd51f7f63792579503

www.videsignz.com Open in urlscan Pro 67.195.61.46 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

7 Requests

0 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

416 kBTransfer

416 kBSize

1 Cookies

0 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

1 Cookies

Indicators

www.videsignz.com Open in urlscan Pro
67.195.61.46 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

416 kB
Transfer

416 kB
Size

1
Cookies

7 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!