URL: http://thepatentshark.com/wp-content/plugins/html404/fivestar/login.alibaba.com/login.alibaba.com/login.html?dpfva=2hg@beab.bw%78&.lble=02ywfs0fx2bwa&eb=9777&if=96925&ntj=fk-qm&feeea=hed&jjff=5%9D
Submission: On March 02 via automatic , source openphish

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 16 HTTP transactions.
The main IP is 192.232.219.89, located in Houston, United States and belongs to UNIFIEDLAYER-AS-1 - Unified Layer, US. The main domain is thepatentshark.com.
This is the first time this domain was scanned on urlscan.io!

Verdict: Malicious (Score: 100/100) Show Details

  • urlscan - Score: 100
    phishing
    Phishing against Alibaba (Online)
  • openphish - Score: 10 (URL submitted from openphish) -
    phishing
  • googlesafebrowsing - Score: 100 (1 resources matched) -
    social_engineering

Domain & IP information

IP Address AS Autonomous System
7 192.232.219.89 46606 (UNIFIEDLA...)
4 205.204.101.16 45102 (CNNIC-ALI...)
1 104.108.54.239 16625 (AKAMAI-AS)
1 195.138.255.9 201011 (NETZBETRI...)
16 5
Domain
Subdomains
Transfer
7 thepatentshark.com
172 KB
5 aliunicorn.com
73 KB
1 alicdn.com
66 KB
0 alibaba.com Failed
acookie.alibaba.com Failed
stat.alibaba.com Failed
dmtracking2.alibaba.com Failed
0 B
16 4
Domain Requested by
7 thepatentshark.com thepatentshark.com
4 stylessl.aliunicorn.com thepatentshark.com
1 style.aliunicorn.com thepatentshark.com
1 img.alicdn.com thepatentshark.com
0 dmtracking2.alibaba.com Failed thepatentshark.com
0 stat.alibaba.com Failed thepatentshark.com
0 acookie.alibaba.com Failed thepatentshark.com
16 7
Subject / Issuer Validity Valid

Screenshot


Detected technologies

Web
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Web
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i


Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

16 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
login.html?dpfva=2hg@beab.bw%78&.lble=02ywfs0fx2bwa&eb=9777&if=96925&ntj=fk-qm&feeea=hed&jjff=5%9D
/wp-content/plugins/html404/fivestar/login.alibaba.com/login.alibaba.com
13 KB
5 KB
Document
General
Full URL
http://thepatentshark.com/wp-content/plugins/html404/fivestar/login.alibaba.com/login.alibaba.com/login.html?dpfva=2hg@beab.bw%78&.lble=02ywfs0fx2bwa&eb=9777&if=96925&ntj=fk-qm&feeea=hed&jjff=5%9D
Protocol
HTTP/1.1
Server
192.232.219.89 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
gator3092.hostgator.com
Software
nginx/1.12.2 /
Resource Hash
c4c32cab8ec6f1908286497781da0820723660c9f6394bbaa8f15b966cedacf4

Request headers

Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Connection
keep-alive
Accept-Encoding
gzip, deflate
Host
thepatentshark.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 02 Mar 2018 00:46:43 GMT
Content-Encoding
gzip
Last-Modified
Fri, 15 Apr 2016 15:19:38 GMT
Server
nginx/1.12.2
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html
saved_resource
/wp-content/plugins/html404/fivestar/login.alibaba.com/login.alibaba.com/login_files
78 KB
38 KB
Stylesheet
General
Full URL
http://thepatentshark.com/wp-content/plugins/html404/fivestar/login.alibaba.com/login.alibaba.com/login_files/saved_resource
Requested by
Host: thepatentshark.com
URL: http://thepatentshark.com/wp-content/plugins/html404/fivestar/login.alibaba.com/login.alibaba.com/login.html?dpfva=2hg@beab.bw%78&.lble=02ywfs0fx2bwa&eb=9777&if=96925&ntj=fk-qm&feeea=hed&jjff=5%9D
Protocol
HTTP/1.1
Server
192.232.219.89 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
gator3092.hostgator.com
Software
nginx/1.12.2 /
Resource Hash
7947dd3c9e3fb84216c893df5ad3ee3708a505007a9c306b79fe36f2f35d1fb1

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
thepatentshark.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://thepatentshark.com/wp-content/plugins/html404/fivestar/login.alibaba.com/login.alibaba.com/login.html?dpfva=2hg@beab.bw%78&.lble=02ywfs0fx2bwa&eb=9777&if=96925&ntj=fk-qm&feeea=hed&jjff=5%9D
Connection
keep-alive
Cache-Control
no-cache
Referer
http://thepatentshark.com/wp-content/plugins/html404/fivestar/login.alibaba.com/login.alibaba.com/login.html?dpfva=2hg@beab.bw%78&.lble=02ywfs0fx2bwa&eb=9777&if=96925&ntj=fk-qm&feeea=hed&jjff=5%9D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 02 Mar 2018 00:46:43 GMT
Content-Encoding
gzip
Last-Modified
Fri, 23 Jan 2015 01:25:22 GMT
Server
nginx/1.12.2
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/plain
home-buyer%7CMODERN_BROWSER%7Cv_0_b030576d0.css
stylessl.aliunicorn.com/6v/apollo/core/core-sc%7C6v/apollo/mod/button/button-sc%7C6v/apollo/mod/form/form-sc%7C6v/apollo/mod/footer/footer-sc%7C6v/run/login/home
63 KB
33 KB
Stylesheet
General
Full URL
https://stylessl.aliunicorn.com/6v/apollo/core/core-sc%7C6v/apollo/mod/button/button-sc%7C6v/apollo/mod/form/form-sc%7C6v/apollo/mod/footer/footer-sc%7C6v/run/login/home/home-buyer%7CMODERN_BROWSER%7Cv_0_b030576d0.css
Requested by
Host: thepatentshark.com
URL: http://thepatentshark.com/wp-content/plugins/html404/fivestar/login.alibaba.com/login.alibaba.com/login.html?dpfva=2hg@beab.bw%78&.lble=02ywfs0fx2bwa&eb=9777&if=96925&ntj=fk-qm&feeea=hed&jjff=5%9D
Protocol
SPDY
Server
205.204.101.16 Santa Clara, United States, ASN45102 (CNNIC-ALIBABA-CN-NET-AP Alibaba (China) Technology Co., Ltd., CN),
Reverse DNS
Software
Tengine/2.1.13_20170802132414 /
Resource Hash
24415e59b05a115971ff81f4265ffc5553af2cdc8df09cee32bdb6a8ca817a5e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
http://thepatentshark.com/wp-content/plugins/html404/fivestar/login.alibaba.com/login.alibaba.com/login.html?dpfva=2hg@beab.bw%78&.lble=02ywfs0fx2bwa&eb=9777&if=96925&ntj=fk-qm&feeea=hed&jjff=5%9D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Fri, 02 Mar 2018 00:46:44 GMT
content-encoding
gzip
last-modified
Tue, 27 Feb 2018 05:10:09 GMT
server
Tengine/2.1.13_20170802132414
status
200
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=30
strict-transport-security
max-age=0
timing-allow-origin
*
expires
Fri, 02 Mar 2018 00:47:14 GMT
saved_resource(1)
/wp-content/plugins/html404/fivestar/login.alibaba.com/login.alibaba.com/login_files
361 KB
114 KB
Script
General
Full URL
http://thepatentshark.com/wp-content/plugins/html404/fivestar/login.alibaba.com/login.alibaba.com/login_files/saved_resource(1)
Requested by
Host: thepatentshark.com
URL: http://thepatentshark.com/wp-content/plugins/html404/fivestar/login.alibaba.com/login.alibaba.com/login.html?dpfva=2hg@beab.bw%78&.lble=02ywfs0fx2bwa&eb=9777&if=96925&ntj=fk-qm&feeea=hed&jjff=5%9D
Protocol
HTTP/1.1
Server
192.232.219.89 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
gator3092.hostgator.com
Software
nginx/1.12.2 /
Resource Hash
acc2fc70730f07d7e2de8d0af7ecbfc269f700a59fcbaca384cd3ee0f7283c65

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
thepatentshark.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://thepatentshark.com/wp-content/plugins/html404/fivestar/login.alibaba.com/login.alibaba.com/login.html?dpfva=2hg@beab.bw%78&.lble=02ywfs0fx2bwa&eb=9777&if=96925&ntj=fk-qm&feeea=hed&jjff=5%9D
Connection
keep-alive
Cache-Control
no-cache
Referer
http://thepatentshark.com/wp-content/plugins/html404/fivestar/login.alibaba.com/login.alibaba.com/login.html?dpfva=2hg@beab.bw%78&.lble=02ywfs0fx2bwa&eb=9777&if=96925&ntj=fk-qm&feeea=hed&jjff=5%9D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 02 Mar 2018 00:46:43 GMT
Content-Encoding
gzip
Last-Modified
Fri, 23 Jan 2015 01:25:22 GMT
Server
nginx/1.12.2
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/plain
beacon_en.js
/wp-content/plugins/html404/fivestar/login.alibaba.com/login.alibaba.com/login_files
35 KB
14 KB
Script
General
Full URL
http://thepatentshark.com/wp-content/plugins/html404/fivestar/login.alibaba.com/login.alibaba.com/login_files/beacon_en.js
Requested by
Host: thepatentshark.com
URL: http://thepatentshark.com/wp-content/plugins/html404/fivestar/login.alibaba.com/login.alibaba.com/login.html?dpfva=2hg@beab.bw%78&.lble=02ywfs0fx2bwa&eb=9777&if=96925&ntj=fk-qm&feeea=hed&jjff=5%9D
Protocol
HTTP/1.1
Server
192.232.219.89 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
gator3092.hostgator.com
Software
nginx/1.12.2 /
Resource Hash
f028d7430ea3a9bb9f289213730fd4686c6aa4a7fe61bb38c4b11ca7450a483c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
thepatentshark.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://thepatentshark.com/wp-content/plugins/html404/fivestar/login.alibaba.com/login.alibaba.com/login.html?dpfva=2hg@beab.bw%78&.lble=02ywfs0fx2bwa&eb=9777&if=96925&ntj=fk-qm&feeea=hed&jjff=5%9D
Connection
keep-alive
Cache-Control
no-cache
Referer
http://thepatentshark.com/wp-content/plugins/html404/fivestar/login.alibaba.com/login.alibaba.com/login.html?dpfva=2hg@beab.bw%78&.lble=02ywfs0fx2bwa&eb=9777&if=96925&ntj=fk-qm&feeea=hed&jjff=5%9D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 02 Mar 2018 00:46:43 GMT
Content-Encoding
gzip
Last-Modified
Fri, 23 Jan 2015 01:25:22 GMT
Server
nginx/1.12.2
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/javascript
check.js
/wp-content/plugins/html404/fivestar/login.alibaba.com/login.alibaba.com
569 B
585 B
Script
General
Full URL
http://thepatentshark.com/wp-content/plugins/html404/fivestar/login.alibaba.com/login.alibaba.com/check.js
Requested by
Host: thepatentshark.com
URL: http://thepatentshark.com/wp-content/plugins/html404/fivestar/login.alibaba.com/login.alibaba.com/login.html?dpfva=2hg@beab.bw%78&.lble=02ywfs0fx2bwa&eb=9777&if=96925&ntj=fk-qm&feeea=hed&jjff=5%9D
Protocol
HTTP/1.1
Server
192.232.219.89 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
gator3092.hostgator.com
Software
nginx/1.12.2 /
Resource Hash
70d65607a9e0ff686176051557155bbe8277e9d24f3a67be4f87bedbc55988ef

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
thepatentshark.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://thepatentshark.com/wp-content/plugins/html404/fivestar/login.alibaba.com/login.alibaba.com/login.html?dpfva=2hg@beab.bw%78&.lble=02ywfs0fx2bwa&eb=9777&if=96925&ntj=fk-qm&feeea=hed&jjff=5%9D
Connection
keep-alive
Cache-Control
no-cache
Referer
http://thepatentshark.com/wp-content/plugins/html404/fivestar/login.alibaba.com/login.alibaba.com/login.html?dpfva=2hg@beab.bw%78&.lble=02ywfs0fx2bwa&eb=9777&if=96925&ntj=fk-qm&feeea=hed&jjff=5%9D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 02 Mar 2018 00:46:43 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Oct 2012 10:53:22 GMT
Server
nginx/1.12.2
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/javascript
TB1Dsh6LpXXXXaoXFXXO6iSQXXX-585-350.jpg
img.alicdn.com/tps/i1
65 KB
66 KB
Image
General
Full URL
https://img.alicdn.com/tps/i1/TB1Dsh6LpXXXXaoXFXXO6iSQXXX-585-350.jpg
Requested by
Host: thepatentshark.com
URL: http://thepatentshark.com/wp-content/plugins/html404/fivestar/login.alibaba.com/login.alibaba.com/login.html?dpfva=2hg@beab.bw%78&.lble=02ywfs0fx2bwa&eb=9777&if=96925&ntj=fk-qm&feeea=hed&jjff=5%9D
Protocol
SPDY
Server
104.108.54.239 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-54-239.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
65d813ef61bb5050eebf374e930002f80e99a53a4fd5b4c5d42541b920047ab8

Request headers

Referer
http://thepatentshark.com/wp-content/plugins/html404/fivestar/login.alibaba.com/login.alibaba.com/login.html?dpfva=2hg@beab.bw%78&.lble=02ywfs0fx2bwa&eb=9777&if=96925&ntj=fk-qm&feeea=hed&jjff=5%9D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Fri, 02 Mar 2018 00:46:44 GMT
last-modified
Sat, 13 May 2017 05:36:51 GMT
server
Tengine
status
200
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=27803509
served-from
72.247.178.223
timing-allow-origin
*
network_info
DE_FRANKFURT_24940
content-length
67030
expires
Thu, 17 Jan 2019 19:58:33 GMT
ask.gif
/wp-content/plugins/html404/fivestar/login.alibaba.com/login.alibaba.com/login_files
1 KB
2 KB
Image
General
Full URL
http://thepatentshark.com/wp-content/plugins/html404/fivestar/login.alibaba.com/login.alibaba.com/login_files/ask.gif
Requested by
Host: thepatentshark.com
URL: http://thepatentshark.com/wp-content/plugins/html404/fivestar/login.alibaba.com/login.alibaba.com/login.html?dpfva=2hg@beab.bw%78&.lble=02ywfs0fx2bwa&eb=9777&if=96925&ntj=fk-qm&feeea=hed&jjff=5%9D
Protocol
HTTP/1.1
Server
192.232.219.89 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
gator3092.hostgator.com
Software
nginx/1.12.2 /
Resource Hash
f789f6aa5304d63550e35f144eb65f131104ecb1e38cfacd51f7f63792579503

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
thepatentshark.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://thepatentshark.com/wp-content/plugins/html404/fivestar/login.alibaba.com/login.alibaba.com/login.html?dpfva=2hg@beab.bw%78&.lble=02ywfs0fx2bwa&eb=9777&if=96925&ntj=fk-qm&feeea=hed&jjff=5%9D
Connection
keep-alive
Cache-Control
no-cache
Referer
http://thepatentshark.com/wp-content/plugins/html404/fivestar/login.alibaba.com/login.alibaba.com/login.html?dpfva=2hg@beab.bw%78&.lble=02ywfs0fx2bwa&eb=9777&if=96925&ntj=fk-qm&feeea=hed&jjff=5%9D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 02 Mar 2018 00:46:44 GMT
Last-Modified
Fri, 23 Jan 2015 01:25:24 GMT
Server
nginx/1.12.2
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1380
Content-Type
image/gif
clear.png
/wp-content/plugins/html404/fivestar/login.alibaba.com/login.alibaba.com/login_files
81 B
296 B
Image
General
Full URL
http://thepatentshark.com/wp-content/plugins/html404/fivestar/login.alibaba.com/login.alibaba.com/login_files/clear.png
Requested by
Host: thepatentshark.com
URL: http://thepatentshark.com/wp-content/plugins/html404/fivestar/login.alibaba.com/login.alibaba.com/login.html?dpfva=2hg@beab.bw%78&.lble=02ywfs0fx2bwa&eb=9777&if=96925&ntj=fk-qm&feeea=hed&jjff=5%9D
Protocol
HTTP/1.1
Server
192.232.219.89 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
gator3092.hostgator.com
Software
nginx/1.12.2 /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
thepatentshark.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://thepatentshark.com/wp-content/plugins/html404/fivestar/login.alibaba.com/login.alibaba.com/login.html?dpfva=2hg@beab.bw%78&.lble=02ywfs0fx2bwa&eb=9777&if=96925&ntj=fk-qm&feeea=hed&jjff=5%9D
Connection
keep-alive
Cache-Control
no-cache
Referer
http://thepatentshark.com/wp-content/plugins/html404/fivestar/login.alibaba.com/login.alibaba.com/login.html?dpfva=2hg@beab.bw%78&.lble=02ywfs0fx2bwa&eb=9777&if=96925&ntj=fk-qm&feeea=hed&jjff=5%9D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 02 Mar 2018 00:46:44 GMT
Last-Modified
Fri, 23 Jan 2015 01:25:36 GMT
Server
nginx/1.12.2
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
81
Content-Type
image/png
jquery.js?t=4b3d51b3_0
style.aliunicorn.com/js/6v/lib/gallery/jquery
92 KB
33 KB
Script
General
Full URL
http://style.aliunicorn.com/js/6v/lib/gallery/jquery/jquery.js?t=4b3d51b3_0
Requested by
Host: thepatentshark.com
URL: http://thepatentshark.com/wp-content/plugins/html404/fivestar/login.alibaba.com/login.alibaba.com/login_files/saved_resource(1)
Protocol
HTTP/1.1
Server
195.138.255.9 , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software
Tengine /
Resource Hash
f9ee76107677a7dec3f02cfe8c473fc379e519219dd84b8f7aaa0f1ef1799791

Request headers

Referer
http://thepatentshark.com/wp-content/plugins/html404/fivestar/login.alibaba.com/login.alibaba.com/login.html?dpfva=2hg@beab.bw%78&.lble=02ywfs0fx2bwa&eb=9777&if=96925&ntj=fk-qm&feeea=hed&jjff=5%9D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 02 Mar 2018 00:46:44 GMT
Content-Encoding
gzip
Last-Modified
Wed, 30 Aug 2017 04:57:25 GMT
Server
Tengine
FW_IP
195.138.255.9
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
FW_IP
Cache-Control
max-age=15783430
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
33502
Expires
Fri, 31 Aug 2018 17:03:54 GMT
1.gif?cache=3605&pre=&ver=40&time=1519951604821
acookie.alibaba.com
0
0

common.html?id=17776&st_page_id=70d740afac14983c54c24adf161e42cec543ca6392&ver=40&time=1519951604822
stat.alibaba.com/event
0
0

b.jpg?cD17MX0mdT17L3RoZXBhdGVudHNoYXJrLmNvbS93cC1jb250ZW50L3BsdWdpbnMvaHRtbDQwNC9maXZlc3Rhci9sb2dpbi5hbGliYWJhLmNvbS9sb2dpbi5hbGliYWJhLmNvbS9sb2dpbi5odG1sP2RwZnZhPTJoZ0BiZWFiLmJ3JTI1NzgmLmxibGU9MDJ...
dmtracking2.alibaba.com
0
0

header.png?t=ba01a9cf_0
stylessl.aliunicorn.com/simg/sprites/app
3 KB
3 KB
Image
General
Full URL
https://stylessl.aliunicorn.com/simg/sprites/app/header.png?t=ba01a9cf_0
Requested by
Host: thepatentshark.com
URL: http://thepatentshark.com/wp-content/plugins/html404/fivestar/login.alibaba.com/login.alibaba.com/login.html?dpfva=2hg@beab.bw%78&.lble=02ywfs0fx2bwa&eb=9777&if=96925&ntj=fk-qm&feeea=hed&jjff=5%9D
Protocol
SPDY
Server
205.204.101.16 Santa Clara, United States, ASN45102 (CNNIC-ALIBABA-CN-NET-AP Alibaba (China) Technology Co., Ltd., CN),
Reverse DNS
Software
Tengine/2.1.13_20170802132414 /
Resource Hash
033caf44d19462a997937c5583c2cc90090d7c24ab11d84fe4fb26fef7a03a65
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://stylessl.aliunicorn.com/6v/apollo/core/core-sc%7C6v/apollo/mod/button/button-sc%7C6v/apollo/mod/form/form-sc%7C6v/apollo/mod/footer/footer-sc%7C6v/run/login/home/home-buyer%7CMODERN_BROWSER%7Cv_0_b030576d0.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Fri, 02 Mar 2018 00:46:44 GMT
last-modified
Mon, 26 Jun 2017 07:15:15 GMT
server
Tengine/2.1.13_20170802132414
status
200
etag
ba01a9cf_0
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=0
timing-allow-origin
*
content-length
3240
expires
Sat, 02 Mar 2019 00:46:44 GMT
data:truncated
data:truncated
13 KB
0
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
70b1f47975c93e09401685d032d0940a82b9bb47c4acfe700eaa3985f0b0dac0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Origin
http://thepatentshark.com

Response headers

Access-Control-Allow-Origin
*
Content-Type
application/x-font-woff;charset=utf-8
data:truncated
data:truncated
13 KB
0
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2d303e5e7d94da2b21df48b7b62b6d10b2e5b434da6848c15f35c6e517b9d7bd

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Origin
http://thepatentshark.com

Response headers

Access-Control-Allow-Origin
*
Content-Type
application/x-font-woff;charset=utf-8
facebook.gif?t=63d80463_0
stylessl.aliunicorn.com/simg/sprites/env/home/signin
1 KB
1 KB
Image
General
Full URL
https://stylessl.aliunicorn.com/simg/sprites/env/home/signin/facebook.gif?t=63d80463_0
Requested by
Host: thepatentshark.com
URL: http://thepatentshark.com/wp-content/plugins/html404/fivestar/login.alibaba.com/login.alibaba.com/login.html?dpfva=2hg@beab.bw%78&.lble=02ywfs0fx2bwa&eb=9777&if=96925&ntj=fk-qm&feeea=hed&jjff=5%9D
Protocol
SPDY
Server
205.204.101.16 Santa Clara, United States, ASN45102 (CNNIC-ALIBABA-CN-NET-AP Alibaba (China) Technology Co., Ltd., CN),
Reverse DNS
Software
Tengine/2.1.13_20170802132414 /
Resource Hash
9639f7a7922240da47bd38daf34cb457bbda49a35b16fa3106dea51b7abb9de9
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://stylessl.aliunicorn.com/6v/apollo/core/core-sc%7C6v/apollo/mod/button/button-sc%7C6v/apollo/mod/form/form-sc%7C6v/apollo/mod/footer/footer-sc%7C6v/run/login/home/home-buyer%7CMODERN_BROWSER%7Cv_0_b030576d0.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Fri, 02 Mar 2018 00:46:44 GMT
last-modified
Mon, 26 Jun 2017 07:15:21 GMT
server
Tengine/2.1.13_20170802132414
status
200
etag
63d80463_0
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=0
timing-allow-origin
*
content-length
1214
expires
Sat, 02 Mar 2019 00:46:44 GMT
index.js?t=c164323c_4f50a8da42
stylessl.aliunicorn.com/js/6v/biz/login/home
4 KB
2 KB
Script
General
Full URL
https://stylessl.aliunicorn.com/js/6v/biz/login/home/index.js?t=c164323c_4f50a8da42
Requested by
Host: thepatentshark.com
URL: http://thepatentshark.com/wp-content/plugins/html404/fivestar/login.alibaba.com/login.alibaba.com/login_files/saved_resource(1)
Protocol
SPDY
Server
205.204.101.16 Santa Clara, United States, ASN45102 (CNNIC-ALIBABA-CN-NET-AP Alibaba (China) Technology Co., Ltd., CN),
Reverse DNS
Software
Tengine/2.1.13_20170802132414 /
Resource Hash
e3a4c29689505cc1e196046f7b5b46635f0911cc6e67b46e3cac65bd7a36505e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
http://thepatentshark.com/wp-content/plugins/html404/fivestar/login.alibaba.com/login.alibaba.com/login.html?dpfva=2hg@beab.bw%78&.lble=02ywfs0fx2bwa&eb=9777&if=96925&ntj=fk-qm&feeea=hed&jjff=5%9D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Fri, 02 Mar 2018 00:46:44 GMT
content-encoding
gzip
last-modified
Mon, 28 Aug 2017 01:47:58 GMT
server
Tengine/2.1.13_20170802132414
status
200
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=30
strict-transport-security
max-age=0
timing-allow-origin
*
expires
Fri, 02 Mar 2018 00:47:14 GMT

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
acookie.alibaba.com
URL
http://acookie.alibaba.com/1.gif?cache=3605&pre=&ver=40&time=1519951604821
Domain
stat.alibaba.com
URL
http://stat.alibaba.com/event/common.html?id=17776&st_page_id=70d740afac14983c54c24adf161e42cec543ca6392&ver=40&time=1519951604822
Domain
dmtracking2.alibaba.com
URL
http://dmtracking2.alibaba.com/b.jpg?cD17MX0mdT17L3RoZXBhdGVudHNoYXJrLmNvbS93cC1jb250ZW50L3BsdWdpbnMvaHRtbDQwNC9maXZlc3Rhci9sb2dpbi5hbGliYWJhLmNvbS9sb2dpbi5hbGliYWJhLmNvbS9sb2dpbi5odG1sP2RwZnZhPTJoZ0BiZWFiLmJ3JTI1NzgmLmxibGU9MDJ5d2ZzMGZ4MmJ3YSZlYj05Nzc3JmlmPTk2OTI1Jm50aj1may1xbSZmZWVlYT1oZWQmampmZj01JTI1OUR9Jm09e0dFVH0mcz17MjAwfSZyPXstfSZhPXstfSZiPXstfSZjPXthZXBfdXN1Y19mPS19&pageid=70d740afac14983c54c24adf161e42cec543ca6392&sys=chrome63.0|x11|1600*1200|en-US&ver=40&time=1519951604824

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan - Score: 100

Categories:
phishing

Tags:
phishing

Phishing against: Alibaba (Online)

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| globalImgServer undefined| __define object| seajs function| define object| __private_jsmonitor__ object| AE object| dmtrack function| sk_dmtracking_core function| sk_dmtracking number| beaconStartTime object| nameStorage number| g_aplus_loaded object| goldlog object| g_SPM string| dmtrack_c string| dmtrack_pageid function| validate undefined| $ undefined| jQuery object| jQuery183034880247833531386

0 Cookies