aljop.com Open in urlscan Pro
198.20.95.42 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://aljop.com/admins/redirect.php
Submission: On October 11 via manual (October 11th 2017, 1:55:16 pm UTC) from CA

Summary HTTP 68 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 6 domains to perform 68 HTTP transactions. The main IP is 198.20.95.42, located in Chicago, United States and belongs to SINGLEHOP-LLC - SingleHop, Inc., US. The main domain is aljop.com.

This is the only time aljop.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DocuSign (Online)

Domain & IP information

	IP Address	AS Autonomous System
1	198.20.95.42 198.20.95.42	32475 (SINGLEHOP...) (SINGLEHOP-LLC - SingleHop)
50	67.225.196.158 67.225.196.158	32244 (LIQUID-WE...) (LIQUID-WEB-INC - Liquid Web)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE - Google Inc.)
2	2a00:1450:400... 2a00:1450:4001:818::2008	15169 (GOOGLE) (GOOGLE - Google Inc.)
68	5

1 198.20.95.42 (Chicago, United States)

ASN32475 (SINGLEHOP-LLC - SingleHop, Inc., US)
PTR: server.nsproxy.com

aljop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

50 67.225.196.158 (Lansing, United States)

ASN32244 (LIQUID-WEB-INC - Liquid Web, L.L.C, US)
PTR: host3.mentallyfriendly.com

manhattansuperbowl.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:818::2008 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	manhattansuperbowl.com.au manhattansuperbowl.com.au Failed	203 KB
4	google-analytics.com www.google-analytics.com ssl.google-analytics.com	30 KB
1	aljop.com aljop.com	297 B
0	googleapis.com Failed fonts.googleapis.com Failed maps.googleapis.com Failed
0	fonts.net Failed fast.fonts.net Failed
0	msocdn.com Failed prod.msocdn.com Failed
68	6

	Domain	Requested by
50	manhattansuperbowl.com.au	manhattansuperbowl.com.au
2	ssl.google-analytics.com	manhattansuperbowl.com.au
2	www.google-analytics.com	manhattansuperbowl.com.au
1	aljop.com
0	maps.googleapis.com Failed	manhattansuperbowl.com.au
0	fonts.googleapis.com Failed	manhattansuperbowl.com.au
0	fast.fonts.net Failed	manhattansuperbowl.com.au
0	prod.msocdn.com Failed	manhattansuperbowl.com.au
68	8

This site contains links to these domains. Also see Links.

Domain
portal.office.com
g.microsoftonline.com

Subject Issuer	Validity	Valid
manhattansuperbowl.com.au cPanel, Inc. Certification Authority	`2017-09-16` - `2017-12-15`	3 months	crt.sh
*.google-analytics.com Google Internet Authority G2	`2017-09-26` - `2017-12-19`	3 months	crt.sh

This page contains 3 frames:

Frame: https://manhattansuperbowl.com.au/wp/958cf4126b6da21ee1928ef0602c8f3a/informations/
Frame ID: 28579.1
Requests: 2 HTTP requests in this frame

Frame: https://manhattansuperbowl.com.au/wp/958cf4126b6da21ee1928ef0602c8f3a/informations/
Frame ID: 28603.1
Requests: 32 HTTP requests in this frame

Frame: https://manhattansuperbowl.com.au/wp/958cf4126b6da21ee1928ef0602c8f3a/informations/Office%20365_files/SuiteServiceProxy.htm
Frame ID: 28603.2
Requests: 34 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Page Statistics

68
Requests

79 %
HTTPS

50 %
IPv6

6
Domains

8
Subdomains

5
IPs

2
Countries

234 kB
Transfer

677 kB
Size

9
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://portal.office.com/SendSmile?wid=10
Title: Feedback

Search URL Search Domain Scan URL

URL: https://g.microsoftonline.com/0BX20en/142
Title: Community

Search URL Search Domain Scan URL

URL: https://g.microsoftonline.com/0BX20en/721
Title: Legal

Search URL Search Domain Scan URL

URL: https://g.microsoftonline.com/0BX20en/1305
Title: Privacy & cookies

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://manhattansuperbowl.com.au/wp/index.php HTTP 302
https://manhattansuperbowl.com.au/wp/958cf4126b6da21ee1928ef0602c8f3a HTTP 301
https://manhattansuperbowl.com.au/wp/958cf4126b6da21ee1928ef0602c8f3a/ HTTP 302
https://manhattansuperbowl.com.au/wp/958cf4126b6da21ee1928ef0602c8f3a/informations/

68 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request redirect.php Show response
aljop.com/admins/ 267 B
297 B 784ms
480ms Document
text/html 198.20.95.42
SingleHop

General

Domain/Path	Expires	Name / Value
.manhattansuperbowl.com.au/	2018-04-12 01:55:05	Name: __utmz Value: 111800472.1507730106.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.manhattansuperbowl.com.au/	1970-01-01 00:00:00	Name: __utmc Value: 111800472
.manhattansuperbowl.com.au/	2017-10-11 14:25:05	Name: __utmb Value: 111800472.1.10.1507730106
.manhattansuperbowl.com.au/	2019-10-11 13:55:05	Name: __utma Value: 111800472.1157929011.1507730105.1507730106.1507730106.1
.manhattansuperbowl.com.au/	2017-10-11 13:56:05	Name: _gat Value: 1
.manhattansuperbowl.com.au/	2017-10-12 13:55:05	Name: _gid Value: GA1.3.60738745.1507730105
.manhattansuperbowl.com.au/	2019-10-11 13:55:05	Name: _ga Value: GA1.3.1157929011.1507730105
.manhattansuperbowl.com.au/	2017-10-11 14:05:05	Name: __utmt Value: 1
manhattansuperbowl.com.au/	1970-01-01 00:00:00	Name: PHPSESSID Value: c6372fee97fd2c3168ee771a53a5263e

aljop.com Open in urlscan Pro 198.20.95.42 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

68 Requests

79 %HTTPS

50 %IPv6

6 Domains

8 Subdomains

5 IPs

2 Countries

234 kBTransfer

677 kBSize

9 Cookies

4 Outgoing links

Redirected requests

68 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

aljop.com Open in urlscan Pro
198.20.95.42 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

68
Requests

79 %
HTTPS

50 %
IPv6

6
Domains

8
Subdomains

5
IPs

2
Countries

234 kB
Transfer

677 kB
Size

9
Cookies

68 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!