47.74.96.158 Open in urlscan Pro
47.74.96.158 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://47.74.96.158/banks/Manulife/
Submission Tags: phishing
Submission: On May 03 via api (May 3rd 2022, 3:05:29 pm UTC) from US — Scanned from DE

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 0 domains to perform 10 HTTP transactions. The main IP is 47.74.96.158, located in Sydney, Australia and belongs to ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN. The main domain is 47.74.96.158.

This is the only time 47.74.96.158 was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Manulife Bank (Banking)

Domain & IP information

	IP Address		AS Autonomous System
10	47.74.96.158 47.74.96.158		45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
10	1

10 47.74.96.158 (Sydney, Australia)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

47.74.96.158	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	0

	Domain	Requested by
10	0

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://47.74.96.158/banks/Manulife/
Frame ID: 989C7984FBAD1901EAC12D5312C771AE
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign In

Page Statistics

10
Requests

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

1
IPs

1
Countries

171 kB
Transfer

195 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response 47.74.96.158/banks/Manulife/	13 KB 4 KB	610ms 305ms	Document text/html	47.74.96.158 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL http://47.74.96.158/banks/Manulife/ Protocol HTTP/1.1 Server 47.74.96.158 Sydney, Australia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software Apache/2.4.41 (Ubuntu) / Resource Hash `ce3401d54b3920d0db5fb4daec6efee0e2cfe2e571569b5e9ae9eae428b86f93` Request headers Upgrade-Insecure-Requests 1 User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Connection Keep-Alive Content-Encoding gzip Content-Length 3738 Content-Type text/html Date Tue, 03 May 2022 15:05:23 GMT ETag "3216-5de0c6e2ec9cd-gzip" Keep-Alive timeout=5, max=100 Last-Modified Mon, 02 May 2022 19:30:53 GMT Server Apache/2.4.41 (Ubuntu) Vary Accept-Encoding
GET H/1.1	200 OK	manulife_20170330.css 47.74.96.158/banks/Manulife/login_files/	6 KB 2 KB	305ms 304ms	Stylesheet text/css	47.74.96.158 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL http://47.74.96.158/banks/Manulife/login_files/manulife_20170330.css Requested by Host: 47.74.96.158 URL: http://47.74.96.158/banks/Manulife/ Protocol HTTP/1.1 Server 47.74.96.158 Sydney, Australia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software Apache/2.4.41 (Ubuntu) / Resource Hash `044239b8f5434ed72cc4d3c81217582a243ab284beb41fe8820b87303d5c99c3` Request headers accept-language de-DE,de;q=0.9 Referer http://47.74.96.158/banks/Manulife/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers Date Tue, 03 May 2022 15:05:23 GMT Content-Encoding gzip Last-Modified Mon, 02 May 2022 19:35:26 GMT Server Apache/2.4.41 (Ubuntu) ETag "1613-5de0c7e79c4d1-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 1584
GET H/1.1	200 OK	modal.js Show response 47.74.96.158/banks/Manulife/login_files/	14 KB 3 KB	307ms 307ms	Script application/javascript	47.74.96.158 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL http://47.74.96.158/banks/Manulife/login_files/modal.js Requested by Host: 47.74.96.158 URL: http://47.74.96.158/banks/Manulife/ Protocol HTTP/1.1 Server 47.74.96.158 Sydney, Australia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software Apache/2.4.41 (Ubuntu) / Resource Hash `3cac4b1254742ce96465863630f4eac5855ab8ae37d7a1b5f053ff9cb53a2ad0` Request headers accept-language de-DE,de;q=0.9 Referer http://47.74.96.158/banks/Manulife/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers Date Tue, 03 May 2022 15:05:23 GMT Content-Encoding gzip Last-Modified Mon, 02 May 2022 19:35:27 GMT Server Apache/2.4.41 (Ubuntu) ETag "374f-5de0c7e8945b4-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 2517
GET H/1.1	200 OK	Manulife_e_W_Bank.gif 47.74.96.158/banks/Manulife/login_files/	10 KB 10 KB	304ms 304ms	Image image/gif	47.74.96.158 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Show image Full URL http://47.74.96.158/banks/Manulife/login_files/Manulife_e_W_Bank.gif Requested by Host: 47.74.96.158 URL: http://47.74.96.158/banks/Manulife/ Protocol HTTP/1.1 Server 47.74.96.158 Sydney, Australia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software Apache/2.4.41 (Ubuntu) / Resource Hash `3f02ef79e19f751b40fe3c913e4c1670ac1ff9f6f0d1fc6bbced1afb4567ef4c` Request headers accept-language de-DE,de;q=0.9 Referer http://47.74.96.158/banks/Manulife/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers Date Tue, 03 May 2022 15:05:23 GMT Last-Modified Mon, 02 May 2022 19:35:26 GMT Server Apache/2.4.41 (Ubuntu) ETag "26fc-5de0c7e75fc09" Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 9980
GET H/1.1	200 OK	help_icon.gif 47.74.96.158/banks/Manulife/login_files/	643 B 927 B	307ms 307ms	Image image/gif	47.74.96.158 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Show image Full URL http://47.74.96.158/banks/Manulife/login_files/help_icon.gif Requested by Host: 47.74.96.158 URL: http://47.74.96.158/banks/Manulife/ Protocol HTTP/1.1 Server 47.74.96.158 Sydney, Australia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software Apache/2.4.41 (Ubuntu) / Resource Hash `408f07113d8d08430067b70f17a6b248ce774dbe7fbf5fefd9037ff517889fd5` Request headers accept-language de-DE,de;q=0.9 Referer http://47.74.96.158/banks/Manulife/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers Date Tue, 03 May 2022 15:05:23 GMT Last-Modified Mon, 02 May 2022 19:35:27 GMT Server Apache/2.4.41 (Ubuntu) ETag "283-5de0c7e893614" Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 643
GET H/1.1	200 OK	CS3010EMobileAppBankloginbanner.jpg 47.74.96.158/banks/Manulife/login_files/	71 KB 71 KB	612ms 305ms	Image image/jpeg	47.74.96.158 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Show image Full URL http://47.74.96.158/banks/Manulife/login_files/CS3010EMobileAppBankloginbanner.jpg Requested by Host: 47.74.96.158 URL: http://47.74.96.158/banks/Manulife/ Protocol HTTP/1.1 Server 47.74.96.158 Sydney, Australia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software Apache/2.4.41 (Ubuntu) / Resource Hash `b249d3f391595a20a88ea035d876fe52f0be4d17a928cd9db84fae79cacc049d` Request headers accept-language de-DE,de;q=0.9 Referer http://47.74.96.158/banks/Manulife/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers Date Tue, 03 May 2022 15:05:24 GMT Last-Modified Mon, 02 May 2022 19:35:27 GMT Server Apache/2.4.41 (Ubuntu) ETag "11c48-5de0c7e83b7c8" Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 72776
GET H/1.1	200 OK	CS2302E_Find+an+ABM+_resized_FINAL.jpg 47.74.96.158/banks/Manulife/login_files/	27 KB 28 KB	614ms 307ms	Image image/jpeg	47.74.96.158 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Show image Full URL http://47.74.96.158/banks/Manulife/login_files/CS2302E_Find+an+ABM+_resized_FINAL.jpg Requested by Host: 47.74.96.158 URL: http://47.74.96.158/banks/Manulife/ Protocol HTTP/1.1 Server 47.74.96.158 Sydney, Australia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software Apache/2.4.41 (Ubuntu) / Resource Hash `efd15ecf85a584d7c0c2fc0cf7d96220f9a6ae01fe7e006198395924bf316654` Request headers accept-language de-DE,de;q=0.9 Referer http://47.74.96.158/banks/Manulife/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers Date Tue, 03 May 2022 15:05:24 GMT Last-Modified Mon, 02 May 2022 19:35:26 GMT Server Apache/2.4.41 (Ubuntu) ETag "6cfa-5de0c7e7a8053" Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 27898
GET H/1.1	200 OK	manulife-print_20141222.css 47.74.96.158/banks/Manulife/login_files/	3 KB 1 KB	617ms 309ms	Stylesheet text/css	47.74.96.158 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL http://47.74.96.158/banks/Manulife/login_files/manulife-print_20141222.css Requested by Host: 47.74.96.158 URL: http://47.74.96.158/banks/Manulife/ Protocol HTTP/1.1 Server 47.74.96.158 Sydney, Australia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software Apache/2.4.41 (Ubuntu) / Resource Hash `68e12ef0c5cd8d23a1031565eeac1926be7d82c4fe3dca51945e8abcb288821b` Request headers accept-language de-DE,de;q=0.9 Referer http://47.74.96.158/banks/Manulife/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers Date Tue, 03 May 2022 15:05:24 GMT Content-Encoding gzip Last-Modified Mon, 02 May 2022 19:35:26 GMT Server Apache/2.4.41 (Ubuntu) ETag "d3f-5de0c7e79d471-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 1017
GET H/1.1	200 OK	bg_grad.png 47.74.96.158/banks/Manulife/login_files/	51 KB 51 KB	613ms 307ms	Image image/png	47.74.96.158 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Show image Full URL http://47.74.96.158/banks/Manulife/login_files/bg_grad.png Requested by Host: 47.74.96.158 URL: http://47.74.96.158/banks/Manulife/ Protocol HTTP/1.1 Server 47.74.96.158 Sydney, Australia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software Apache/2.4.41 (Ubuntu) / Resource Hash `99c059a50ba23f3874a58b779a7f232c54526be8e3059add4e89e5fab283d943` Request headers accept-language de-DE,de;q=0.9 Referer http://47.74.96.158/banks/Manulife/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers Date Tue, 03 May 2022 15:05:24 GMT Last-Modified Mon, 02 May 2022 19:35:26 GMT Server Apache/2.4.41 (Ubuntu) ETag "cb0c-5de0c7e73aa43" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 51980
GET H/1.1	200 OK	whitehomeongreen.png 47.74.96.158/banks/Manulife/login_files/	319 B 603 B	597ms 304ms	Image image/png	47.74.96.158 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Show image Full URL http://47.74.96.158/banks/Manulife/login_files/whitehomeongreen.png Requested by Host: 47.74.96.158 URL: http://47.74.96.158/banks/Manulife/login_files/manulife_20170330.css Protocol HTTP/1.1 Server 47.74.96.158 Sydney, Australia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software Apache/2.4.41 (Ubuntu) / Resource Hash `f106bd31010b3ad9609ee43fbae4f45927b02d05f57235c51eb433a7f7ca2ef0` Request headers accept-language de-DE,de;q=0.9 Referer http://47.74.96.158/banks/Manulife/login_files/manulife_20170330.css User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers Date Tue, 03 May 2022 15:05:24 GMT Last-Modified Mon, 02 May 2022 19:35:27 GMT Server Apache/2.4.41 (Ubuntu) ETag "13f-5de0c7e8676ee" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 319

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Manulife Bank (Banking)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

47.74.96.158
044239b8f5434ed72cc4d3c81217582a243ab284beb41fe8820b87303d5c99c3
3cac4b1254742ce96465863630f4eac5855ab8ae37d7a1b5f053ff9cb53a2ad0
3f02ef79e19f751b40fe3c913e4c1670ac1ff9f6f0d1fc6bbced1afb4567ef4c
408f07113d8d08430067b70f17a6b248ce774dbe7fbf5fefd9037ff517889fd5
68e12ef0c5cd8d23a1031565eeac1926be7d82c4fe3dca51945e8abcb288821b
99c059a50ba23f3874a58b779a7f232c54526be8e3059add4e89e5fab283d943
b249d3f391595a20a88ea035d876fe52f0be4d17a928cd9db84fae79cacc049d
ce3401d54b3920d0db5fb4daec6efee0e2cfe2e571569b5e9ae9eae428b86f93
efd15ecf85a584d7c0c2fc0cf7d96220f9a6ae01fe7e006198395924bf316654
f106bd31010b3ad9609ee43fbae4f45927b02d05f57235c51eb433a7f7ca2ef0

47.74.96.158 Open in urlscan Pro 47.74.96.158 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

10 Requests

0 %HTTPS

0 %IPv6

0 Domains

0 Subdomains

1 IPs

1 Countries

171 kBTransfer

195 kBSize

0 Cookies

0 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

9 JavaScript Global Variables

0 Cookies

Indicators

47.74.96.158 Open in urlscan Pro
47.74.96.158 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

1
IPs

1
Countries

171 kB
Transfer

195 kB
Size

0
Cookies

10 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!