master.sailmail.net
Open in
urlscan Pro
101.200.202.184
Public Scan
URL:
http://master.sailmail.net/campaign/10600
Submission Tags: phishing malicious Search All
Submission: On October 27 via api from US
Submission Tags: phishing malicious Search All
Submission: On October 27 via api from US
Summary
This website contacted 1 IPs
in 1 countries
across 1 domains to perform 11 HTTP transactions.
The main IP is 101.200.202.184, located in
Hangzhou, China and
belongs to CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN.
The main domain is master.sailmail.net.
This is the only time master.sailmail.net was scanned on urlscan.io!
This is the only time master.sailmail.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 11 | 101.200.202.184 101.200.202.184 | 37963 (CNNIC-ALI...) (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.) | |
| 11 | 1 |
11
101.200.202.184
(Hangzhou, China)
ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN)
PTR: master.sailmail.net
ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN)
PTR: master.sailmail.net
| master.sailmail.net |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 11 |
sailmail.net
master.sailmail.net |
2 MB |
| 11 | 1 |
| Domain | Requested by | |
|---|---|---|
| 11 | master.sailmail.net |
master.sailmail.net
|
| 11 | 1 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| fonfon.cn |
| www.fonfon.cn |
| Subject Issuer | Validity | Valid |
|---|
This page contains 1 frames:
Primary Page:
http://master.sailmail.net/campaign/10600
Frame ID: 2A03AAF7DDD6640537202F91FE9A6373
Requests: 11 HTTP requests in this frame
Screenshot
Detected technologies
Java
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /^Apache-Coyote(?:\/([\d.]+))?/i
Apache Tomcat
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /^Apache-Coyote(?:\/([\d.]+))?/i
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
URL: https://fonfon.cn/p/10032
Title: https://fonfon.cn/p/10032
Title: https://fonfon.cn/p/10032
Search URL Search Domain Scan URL
URL: https://fonfon.cn/p/10039
Title: https://fonfon.cn/p/10039
Title: https://fonfon.cn/p/10039
Search URL Search Domain Scan URL
URL: https://fonfon.cn/p/10067
Title: https://fonfon.cn/p/10067
Title: https://fonfon.cn/p/10067
Search URL Search Domain Scan URL
URL: https://www.fonfon.cn/
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
11 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
10600
master.sailmail.net/campaign/ |
51 KB 52 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
open
master.sailmail.net/ |
70 B 228 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ban.png
master.sailmail.net/images/595/ |
413 KB 413 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
s1.png
master.sailmail.net/images/595/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
s2.png
master.sailmail.net/images/595/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
s3.png
master.sailmail.net/images/595/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
s11.png
master.sailmail.net/images/595/ |
504 KB 504 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
s22.png
master.sailmail.net/images/595/ |
554 KB 555 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
btn.png
master.sailmail.net/images/595/ |
59 KB 59 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
fonfon.png
master.sailmail.net/images/595/ |
16 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
code.png
master.sailmail.net/images/595/ |
29 KB 29 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| trustedTypes0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
master.sailmail.net
101.200.202.184
02c1ff51a693fd62c21762d6e32ae8877c79e102e080ae0b9ece3e5d1d4afd97
287dbf4bcb1a9dd22d9585e68cc31f7389108c0b451b14859917e59103c3c920
44db01b824c873ccc14ca0f520d415f008e296ec49f1e56c5272296ed86257e6
451cf7011694fbbc24e1f7a3ea19572c1b4e2ea2f72d5e31869aff6cdb88304b
56c1ed149e005e03116c6bdafd9812bc6f2b5c971e10e51ae1fa4f14ef414429
6372b2f5e106f069f31bdab57c879f84cd4e5c4d6443bc52e100c26445eda438
8a98a986dd5f7740fbf824976afbdf584ed21cab6122cbd7bac90448b5d847d1
90a096ec102dd476c2499ffc5b8a0df1f8f45eb2f23773f212f3fc26bee2b0e7
97495a118307d61c0c05177fdec75f83c69525b0806e1104c33f128150fb657d
b9c383f3538c3cc153f02b7158643127dc5345838bfdf0f0c0a48ef95fe841be
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861