alf.adsunadvertising.com
Open in
urlscan Pro
199.189.248.11
Malicious Activity!
Public Scan
Submission: On May 07 via automatic, source openphish
Summary
This is the only time alf.adsunadvertising.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic China (Online) 163.cn (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
7 | 199.189.248.11 199.189.248.11 | 53889 (MICFO) (MICFO) | |
1 | 220.194.24.216 220.194.24.216 | 4808 (CHINA169-...) (CHINA169-BJ China Unicom Beijing Province Network) | |
8 | 3 |
ASN53889 (MICFO, US)
PTR: brilliant.hostnac.com
alf.adsunadvertising.com |
ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN)
PTR: mail-m24216.qiye.163.com
mimg.qiye.163.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
adsunadvertising.com
alf.adsunadvertising.com |
53 KB |
1 |
163.com
mimg.qiye.163.com |
134 KB |
8 | 2 |
Domain | Requested by | |
---|---|---|
7 | alf.adsunadvertising.com |
alf.adsunadvertising.com
|
1 | mimg.qiye.163.com |
alf.adsunadvertising.com
|
8 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
qiye.163.com |
hw.qiye.163.com |
mail.163.com |
mail.qiye.163.com |
gb.corp.163.com |
weibo.com |
reg.163.com |
ss.knet.cn |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.qiye.163.com GeoTrust CN RSA CA G1 |
2020-01-20 - 2022-02-19 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
http://alf.adsunadvertising.com/alf/error.php?email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Frame ID: 0D0007E7CD365446BDD589B65CEE5052
Requests: 16 HTTP requests in this frame
Screenshot
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
Windows Server (Operating Systems) Expand
Detected patterns
- url /\.aspx?(?:$|\?)/i
Microsoft ASP.NET (Web Frameworks) Expand
Detected patterns
- url /\.aspx?(?:$|\?)/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
IIS (Web Servers) Expand
Detected patterns
- url /\.aspx?(?:$|\?)/i
Page Statistics
14 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: 新用户开通
Search URL Search Domain Scan URL
Title: 简体版
Search URL Search Domain Scan URL
Title: English
Search URL Search Domain Scan URL
Title: 国外用户登录
Search URL Search Domain Scan URL
Title: 邮箱大师
Search URL Search Domain Scan URL
Title: 帮助中心
Search URL Search Domain Scan URL
Title: 忘记密码
Search URL Search Domain Scan URL
Title: 网易邮箱大师
Search URL Search Domain Scan URL
Title: 关于网易
Search URL Search Domain Scan URL
Title: 官方微博
Search URL Search Domain Scan URL
Title: 相关法律
Search URL Search Domain Scan URL
Title: 隐私政策
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
8 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
error.php
alf.adsunadvertising.com/alf/ |
16 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
alf.adsunadvertising.com/alf/files/ |
51 KB 33 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
getqrcode.jpg
alf.adsunadvertising.com/alf/files/ |
8 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
year.js
alf.adsunadvertising.com/alf/files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
knet.png
alf.adsunadvertising.com/alf/files/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
httpsEnable.gif
alf.adsunadvertising.com/alf/files/ |
43 B 330 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
raven-3.js
alf.adsunadvertising.com/alf/files/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
4 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
748.png
mimg.qiye.163.com/p/official_site/2019/img/12/ |
134 KB 134 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
588 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
378 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
461 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
341 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
163 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
5 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
4 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic China (Online) 163.cn (Online)2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
alf.adsunadvertising.com
mimg.qiye.163.com
199.189.248.11
220.194.24.216
17add961a686edb5b25996bcc4e08a14e5e36b6a1796ffbbb9cc751e7ca97ac8
44ee5ef20c61263c6ed6144e0a8abce265979ea802d47a78510a41c72b156e91
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
60475ffd41d476cab4bbe6c9b06358f2419e43ca09f51061df33f0dba9f66462
62ffd6d19dd46a8c3260d322c39ef4bf8d6219a6adfb6f0f3a049cfb7a68c554
6dc89bf0a893d2b0cbe97ad18f7023ff7cbb1ed76145104ca1335cba465294be
78f95deba1d88e2fd1d8b43399c447f6eb336943374983cb83f4de4a97453c72
80089ae647f586811a97b726d1a96d4bc8655792ee2c7c735c42755e3d89822a
8f7a7554a70a86cb2ab9310991d40d6d5979bc641e836552117392cd7be5c0e6
92bded93a6be187282a3acbb72a66b616d395d9d4f164b87c179f0482c2fa00f
a3c947f7fb9fe61ef5891883b997f2289d7b8281f889fc5da6271c37e1bbfd01
be0125ab3d7fdc093ea0e9175e1d89c046d7a517c5b03b7c294c14992eeb8d7f
cecc473d7971beff119b356795425354d66bd2b2012a880cd2e4567db5fb7462
d8c0dda55d7946522ccff373c25e35fee86944c24e67cfeea32d06bee12f327e