www.litopia21.com Open in urlscan Pro
210.127.253.247 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.litopia21.com/morningform/file/update/16/index.htm?from=
Submission: On May 24 via automatic, source openphish (May 24th 2019, 11:03:54 am UTC)

Summary HTTP 23 Redirects Links 38 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 23 HTTP transactions. The main IP is 210.127.253.247, located in Korea, Republic Of and belongs to NCOM-AS-KR NCOM ltd., KR. The main domain is www.litopia21.com.

This is the only time www.litopia21.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Alibaba (Online)

Domain & IP information

	IP Address		AS Autonomous System
1	210.127.253.247 210.127.253.247		17833 (NCOM-AS-K...) (NCOM-AS-KR NCOM ltd.)
22	205.204.101.203 205.204.101.203		45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co.)
23	2

1 210.127.253.247 (Korea, Republic Of)

ASN17833 (NCOM-AS-KR NCOM ltd., KR)

www.litopia21.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 205.204.101.203 (San Mateo, United States)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN)

login.alibaba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	alibaba.com login.alibaba.com	57 KB
1	litopia21.com www.litopia21.com	12 KB
23	2

	Domain	Requested by
22	login.alibaba.com	www.litopia21.com
1	www.litopia21.com
23	2

This site contains links to these domains. Also see Links.

Domain
www.alibaba.com
login.alibaba.com
trademanager.alibaba.com
us.my.alibaba.com
www.facebook.com
www.aliexpress.com
chinasuppliers.alibaba.com
importer.alibaba.com
tradeshow.alibaba.com
exporter.alibaba.com
china.alibaba.com
www.alibaba.co.jp
www.taobao.com
www.alipay.com
www.yahoo.com.cn
www.koubei.com
www.alisoft.com
news.alibaba.com
resources.alibaba.com
legal.alibaba.com

Subject Issuer	Validity	Valid
*.alibaba.com GlobalSign Organization Validation CA - SHA256 - G2	`2018-09-20` - `2019-09-21`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://www.litopia21.com/morningform/file/update/16/index.htm?from=
Frame ID: 22016389EF0C9FD65251B8359AB21E4C
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /php\/?([\d.]+)?/i

UNIX (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Unix/i

OpenSSL (Web Server Extensions) Expand

Overall confidence: 100%
Detected patterns

headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i

mod_ssl (Web Server Extensions) Expand

Overall confidence: 100%
Detected patterns

headers server /mod_ssl(?:\/([\d.]+))?/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
headers server /mod_ssl(?:\/([\d.]+))?/i

Page Statistics

23
Requests

96 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

69 kB
Transfer

88 kB
Size

0
Cookies

38 Outgoing links

These are links going to different origins than the main page.

URL: http://www.alibaba.com/
Title: Alibaba.com

Search URL Search Domain Scan URL

URL: https://login.alibaba.com/signimage/sign_image.htm
Title:

Search URL Search Domain Scan URL

URL: http://www.alibaba.com/help/contact-us.html?tracelog=signin_contactUs_0222
Title: contact us

Search URL Search Domain Scan URL

URL: http://trademanager.alibaba.com/
Title: TradeManager

Search URL Search Domain Scan URL

URL: http://us.my.alibaba.com/user/join/join_step1.htm?return_url=http%3A%2F%2Fus.my.alibaba.com%2F
Title: Join free now!

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/oauth?client_id=124207444332529&scope=email,user_work_history&display=popup&redirect_uri=https%3A%2F%2Flogin.alibaba.com%2Ffacebook_sign.htm%3Ftab%3Db
Title: Facebook

Search URL Search Domain Scan URL

URL: http://www.alibaba.com/aboutalibaba/index.html
Title: Company Info

Search URL Search Domain Scan URL

URL: http://www.alibaba.com/aboutalibaba/partnership_with_alibaba.html
Title: Partnerships

Search URL Search Domain Scan URL

URL: http://www.aliexpress.com/
Title: Wholesalers

Search URL Search Domain Scan URL

URL: http://chinasuppliers.alibaba.com/
Title: Gold Suppliers

Search URL Search Domain Scan URL

URL: http://www.alibaba.com/catalogs/0/product.html
Title: Buy

Search URL Search Domain Scan URL

URL: http://importer.alibaba.com/
Title: Sell

Search URL Search Domain Scan URL

URL: http://tradeshow.alibaba.com/
Title: Trade Shows

Search URL Search Domain Scan URL

URL: http://us.my.alibaba.com/
Title: My Alibaba

Search URL Search Domain Scan URL

URL: http://exporter.alibaba.com/
Title: China Export Services

Search URL Search Domain Scan URL

URL: http://www.alibaba.com/help
Title: Help

Search URL Search Domain Scan URL

URL: http://www.alibaba.com/sitemap/sitemap.html
Title: Site Map

Search URL Search Domain Scan URL

URL: http://www.alibaba.com/help/contact-us.html
Title: Customer Service

Search URL Search Domain Scan URL

URL: http://www.alibaba.com/showroom/category.html
Title: All Products

Search URL Search Domain Scan URL

URL: http://www.alibaba.com/buyeroffers/category.html
Title: Importers

Search URL Search Domain Scan URL

URL: http://www.alibaba.com/countrysearch/CN/China.html
Title: China

Search URL Search Domain Scan URL

URL: http://www.aliexpress.com/promotion.html
Title: Promotion

Search URL Search Domain Scan URL

URL: http://www.alibaba.com/sitemap/archives.html
Title: Archive

Search URL Search Domain Scan URL

URL: http://www.alibaba.com/aboutalibaba/aligroup/index.html
Title: Alibaba Group

Search URL Search Domain Scan URL

URL: http://china.alibaba.com/
Title: Alibaba China

Search URL Search Domain Scan URL

URL: http://www.alibaba.co.jp/
Title: Alibaba Japan

Search URL Search Domain Scan URL

URL: http://www.taobao.com/
Title: Taobao

Search URL Search Domain Scan URL

URL: http://www.alipay.com/
Title: Alipay

Search URL Search Domain Scan URL

URL: http://www.yahoo.com.cn/
Title: Yahoo! China

Search URL Search Domain Scan URL

URL: http://www.koubei.com/
Title: Koubei.com

Search URL Search Domain Scan URL

URL: http://www.alisoft.com/
Title: Alisoft

Search URL Search Domain Scan URL

URL: http://news.alibaba.com/article/detail/help/100454423-1-product-listing-policy.html
Title: Product Listing Policy

Search URL Search Domain Scan URL

URL: http://news.alibaba.com/article/detail/help/100453304-1-intellectual-property-rights-%2528ipr%2529-protection.html
Title: Intellectual Property Policy and Infringement Claims

Search URL Search Domain Scan URL

URL: http://news.alibaba.com/article/detail/help/100453303-1-privacy-policy.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://news.alibaba.com/article/detail/help/100453293-1-terms-use.html
Title: Terms of Use

Search URL Search Domain Scan URL

URL: http://resources.alibaba.com/trade_safe/home.htm
Title: Safety & Security Center

Search URL Search Domain Scan URL

URL: http://legal.alibaba.com/legal/site/login/login.htm?site_type=international&language_id=english
Title: Report Intellectual Property Right Infringement

Search URL Search Domain Scan URL

URL: http://www.alibaba.com/trade/servlet/page/static/copyright_policy
Title: Copyright Notice

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request index.htm Show response www.litopia21.com/morningform/file/update/16/	12 KB 12 KB	567ms 276ms	Document text/html	210.127.253.247 NCOM-AS-KR NCOM ltd.
General Check archive.org Show headers Download Go to Full URL http://www.litopia21.com/morningform/file/update/16/index.htm?from= Protocol HTTP/1.1 Server 210.127.253.247 , Korea, Republic Of, ASN17833 (NCOM-AS-KR NCOM ltd., KR), Reverse DNS Software Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8e-fips-rhel5 PHP/5.2.14 / PHP/5.2.14 Resource Hash `da41eb860bb8d22b581eb363e31ce0af588231c11af4b67e6da36f6083df0360` Request headers Host www.litopia21.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 24 May 2019 11:03:38 GMT Server Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8e-fips-rhel5 PHP/5.2.14 X-Powered-By PHP/5.2.14 Keep-Alive timeout=5, max=100 Connection Keep-Alive Transfer-Encoding chunked Content-Type text/html
GET H/1.1	200 OK	layout.css login.alibaba.com/css/4v/	3 KB 1 KB	161ms 160ms	Stylesheet text/css	205.204.101.203 CNNIC-ALIBABA-US-...
General Check archive.org Show headers Download Go to Full URL https://login.alibaba.com/css/4v/layout.css Requested by Host: www.litopia21.com URL: http://www.litopia21.com/morningform/file/update/16/index.htm?from= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 205.204.101.203 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN), Reverse DNS Software / Resource Hash `0fda015e717a86d9ac38d6f5e0972f7d05d2ed9f3c724951b17225cf7387bcbb` Request headers Referer http://www.litopia21.com/morningform/file/update/16/index.htm?from= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 24 May 2019 11:03:37 GMT Content-Encoding gzip Vary Accept-Encoding Last-Modified Tue, 21 May 2019 09:42:51 GMT Connection keep-alive Transfer-Encoding chunked Content-Type text/css
GET H/1.1	200 OK	common.css login.alibaba.com/css/4v/	13 KB 4 KB	163ms 160ms	Stylesheet text/css	205.204.101.203 CNNIC-ALIBABA-US-...
General Check archive.org Show headers Download Go to Full URL https://login.alibaba.com/css/4v/common.css Requested by Host: www.litopia21.com URL: http://www.litopia21.com/morningform/file/update/16/index.htm?from= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 205.204.101.203 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN), Reverse DNS Software / Resource Hash `4279f72abed7e2209625f76cedad468177a685ea177b90cec8907509bb1eacb0` Request headers Referer http://www.litopia21.com/morningform/file/update/16/index.htm?from= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 24 May 2019 11:03:37 GMT Content-Encoding gzip Vary Accept-Encoding Last-Modified Tue, 21 May 2019 09:42:51 GMT Connection keep-alive Transfer-Encoding chunked Content-Type text/css
GET H/1.1	404 Not Found	ae_login.js login.alibaba.com/js/library/	0 0	165ms 162ms	Script text/html	205.204.101.203 CNNIC-ALIBABA-US-...
General Check archive.org Show headers Download Go to Full URL https://login.alibaba.com/js/library/ae_login.js Requested by Host: www.litopia21.com URL: http://www.litopia21.com/morningform/file/update/16/index.htm?from= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 205.204.101.203 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash Request headers Referer http://www.litopia21.com/morningform/file/update/16/index.htm?from= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 24 May 2019 11:03:37 GMT Content-Encoding gzip Vary Accept-Encoding Server Apache-Coyote/1.1 Connection keep-alive Transfer-Encoding chunked Content-Type text/html
GET H/1.1	404 Not Found	beacon_en.js login.alibaba.com/js/library/	0 0	164ms 162ms	Script text/html	205.204.101.203 CNNIC-ALIBABA-US-...
General Check archive.org Show headers Download Go to Full URL https://login.alibaba.com/js/library/beacon_en.js Requested by Host: www.litopia21.com URL: http://www.litopia21.com/morningform/file/update/16/index.htm?from= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 205.204.101.203 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash Request headers Referer http://www.litopia21.com/morningform/file/update/16/index.htm?from= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 24 May 2019 11:03:37 GMT Content-Encoding gzip Vary Accept-Encoding Server Apache-Coyote/1.1 Connection keep-alive Transfer-Encoding chunked Content-Type text/html
GET H/1.1	200 OK	sorcing-signin-20110212.css login.alibaba.com/css/4v/	5 KB 2 KB	172ms 169ms	Stylesheet text/css	205.204.101.203 CNNIC-ALIBABA-US-...
General Check archive.org Show headers Download Go to Full URL https://login.alibaba.com/css/4v/sorcing-signin-20110212.css Requested by Host: www.litopia21.com URL: http://www.litopia21.com/morningform/file/update/16/index.htm?from= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 205.204.101.203 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN), Reverse DNS Software / Resource Hash `da053296855e4e4f95057f4da441debc7183c5134841f048483b40017d683b89` Request headers Referer http://www.litopia21.com/morningform/file/update/16/index.htm?from= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 24 May 2019 11:03:37 GMT Content-Encoding gzip Vary Accept-Encoding Last-Modified Tue, 21 May 2019 09:42:51 GMT Connection keep-alive Transfer-Encoding chunked Content-Type text/css
GET H/1.1	404 Not Found	email_suggestion.js login.alibaba.com/js/library/	0 0	332ms 169ms	Script text/html	205.204.101.203 CNNIC-ALIBABA-US-...
General Check archive.org Show headers Download Go to Full URL https://login.alibaba.com/js/library/email_suggestion.js Requested by Host: www.litopia21.com URL: http://www.litopia21.com/morningform/file/update/16/index.htm?from= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 205.204.101.203 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash Request headers Referer http://www.litopia21.com/morningform/file/update/16/index.htm?from= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 24 May 2019 11:03:37 GMT Content-Encoding gzip Vary Accept-Encoding Server Apache-Coyote/1.1 Connection keep-alive Transfer-Encoding chunked Content-Type text/html
GET H/1.1	200 OK	xman.css login.alibaba.com/css/	10 KB 3 KB	321ms 160ms	Stylesheet text/css	205.204.101.203 CNNIC-ALIBABA-US-...
General Check archive.org Show headers Download Go to Full URL https://login.alibaba.com/css/xman.css?version=20110104 Requested by Host: www.litopia21.com URL: http://www.litopia21.com/morningform/file/update/16/index.htm?from= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 205.204.101.203 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN), Reverse DNS Software / Resource Hash `836ce36c36031ba5c3ab2ffb52a7e36fcab8991d2ee06535f6b7745014c0b836` Request headers Referer http://www.litopia21.com/morningform/file/update/16/index.htm?from= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 24 May 2019 11:03:37 GMT Content-Encoding gzip Vary Accept-Encoding Last-Modified Tue, 21 May 2019 09:42:51 GMT Connection keep-alive Transfer-Encoding chunked Content-Type text/css
GET H/1.1	200 OK	blank.html login.alibaba.com/js/	0 0	169ms 167ms	Image text/html	205.204.101.203 CNNIC-ALIBABA-US-...
General Check archive.org Show headers Download Go to Show image Full URL https://login.alibaba.com/js/blank.html Requested by Host: www.litopia21.com URL: http://www.litopia21.com/morningform/file/update/16/index.htm?from= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 205.204.101.203 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer http://www.litopia21.com/morningform/file/update/16/index.htm?from= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers
GET H/1.1	404 Not Found	beacon_en.js login.alibaba.com/js/library/	0 0	168ms 167ms	Script text/html	205.204.101.203 CNNIC-ALIBABA-US-...
General Check archive.org Show headers Download Go to Full URL https://login.alibaba.com/js/library/beacon_en.js Requested by Host: www.litopia21.com URL: http://www.litopia21.com/morningform/file/update/16/index.htm?from= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 205.204.101.203 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash Request headers Referer http://www.litopia21.com/morningform/file/update/16/index.htm?from= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 24 May 2019 11:03:37 GMT Content-Encoding gzip Vary Accept-Encoding Server Apache-Coyote/1.1 Connection keep-alive Transfer-Encoding chunked Content-Type text/html
GET H/1.1	404 Not Found	beacon_en.js login.alibaba.com/js/library/	0 0	162ms 161ms	Script text/html	205.204.101.203 CNNIC-ALIBABA-US-...
General Check archive.org Show headers Download Go to Full URL https://login.alibaba.com/js/library/beacon_en.js Requested by Host: www.litopia21.com URL: http://www.litopia21.com/morningform/file/update/16/index.htm?from= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 205.204.101.203 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash Request headers Referer http://www.litopia21.com/morningform/file/update/16/index.htm?from= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 24 May 2019 11:03:37 GMT Content-Encoding gzip Vary Accept-Encoding Server Apache-Coyote/1.1 Connection keep-alive Transfer-Encoding chunked Content-Type text/html
GET H/1.1	200 OK	headCap.gif login.alibaba.com/images/eng/style/css_images/navigation/	149 B 364 B	167ms 167ms	Image image/gif	205.204.101.203 CNNIC-ALIBABA-US-...
General Check archive.org Show headers Download Go to Show image Full URL https://login.alibaba.com/images/eng/style/css_images/navigation/headCap.gif Requested by Host: www.litopia21.com URL: http://www.litopia21.com/morningform/file/update/16/index.htm?from= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 205.204.101.203 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN), Reverse DNS Software / Resource Hash `a0ea565170f019a7d86ed01dae02c43deaed123e792bfd5fd3b4464070c569e3` Request headers Referer https://login.alibaba.com/css/4v/common.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 24 May 2019 11:03:37 GMT Last-Modified Tue, 21 May 2019 09:42:51 GMT Connection keep-alive Accept-Ranges bytes ETag "5ce3c81b-95" Content-Length 149 Content-Type image/gif
GET H/1.1	200 OK	logo_alibaba_sprite.gif login.alibaba.com/images/xman/	4 KB 4 KB	162ms 162ms	Image image/gif	205.204.101.203 CNNIC-ALIBABA-US-...
General Check archive.org Show headers Download Go to Show image Full URL https://login.alibaba.com/images/xman/logo_alibaba_sprite.gif Requested by Host: www.litopia21.com URL: http://www.litopia21.com/morningform/file/update/16/index.htm?from= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 205.204.101.203 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN), Reverse DNS Software / Resource Hash `2bd29eb9f85f17a49d2a22e8d16629399a8d3456a45d46acb873be417d1a9633` Request headers Referer https://login.alibaba.com/css/4v/common.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 24 May 2019 11:03:37 GMT Last-Modified Tue, 21 May 2019 09:42:51 GMT Connection keep-alive Accept-Ranges bytes ETag "5ce3c81b-f2d" Content-Length 3885 Content-Type image/gif
GET H/1.1	404 Not Found	email_suggestion.js login.alibaba.com/js/library/	0 0	173ms 160ms	Script text/html	205.204.101.203 CNNIC-ALIBABA-US-...
General Check archive.org Show headers Download Go to Full URL https://login.alibaba.com/js/library/email_suggestion.js Requested by Host: www.litopia21.com URL: http://www.litopia21.com/morningform/file/update/16/index.htm?from= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 205.204.101.203 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash Request headers Referer http://www.litopia21.com/morningform/file/update/16/index.htm?from= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 24 May 2019 11:03:37 GMT Content-Encoding gzip Vary Accept-Encoding Server Apache-Coyote/1.1 Connection keep-alive Transfer-Encoding chunked Content-Type text/html
GET H/1.1	200 OK	signin_head_bg.png login.alibaba.com/images/eng/style/css_images/	630 B 976 B	174ms 161ms	Image image/png	205.204.101.203 CNNIC-ALIBABA-US-...
General Check archive.org Show headers Download Go to Show image Full URL https://login.alibaba.com/images/eng/style/css_images/signin_head_bg.png Requested by Host: www.litopia21.com URL: http://www.litopia21.com/morningform/file/update/16/index.htm?from= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 205.204.101.203 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN), Reverse DNS Software / Resource Hash `c503a04975b22bed74b1fcca57e22de46147170280df9c321803ba4f2482dc58` Request headers Referer https://login.alibaba.com/css/4v/sorcing-signin-20110212.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 24 May 2019 11:03:37 GMT Last-Modified Tue, 21 May 2019 09:42:51 GMT Connection keep-alive Accept-Ranges bytes ETag "5ce3c81b-276" Content-Length 630 Content-Type image/png
GET H/1.1	200 OK	alibaba_logo.png login.alibaba.com/images/eng/style/logo/	8 KB 8 KB	173ms 161ms	Image image/png	205.204.101.203 CNNIC-ALIBABA-US-...
General Check archive.org Show headers Download Go to Show image Full URL https://login.alibaba.com/images/eng/style/logo/alibaba_logo.png Requested by Host: www.litopia21.com URL: http://www.litopia21.com/morningform/file/update/16/index.htm?from= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 205.204.101.203 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN), Reverse DNS Software / Resource Hash `0219efe34cf993a3703ef8d47a913b8532b7015ea4ce1689c93712253a31af6a` Request headers Referer https://login.alibaba.com/css/4v/sorcing-signin-20110212.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 24 May 2019 11:03:37 GMT Last-Modified Tue, 21 May 2019 09:42:51 GMT Connection keep-alive Accept-Ranges bytes ETag "5ce3c81b-2055" Content-Length 8277 Content-Type image/png
GET H/1.1	200 OK	change-language.gif login.alibaba.com/images/xman/	358 B 704 B	172ms 159ms	Image image/gif	205.204.101.203 CNNIC-ALIBABA-US-...
General Check archive.org Show headers Download Go to Show image Full URL https://login.alibaba.com/images/xman/change-language.gif Requested by Host: www.litopia21.com URL: http://www.litopia21.com/morningform/file/update/16/index.htm?from= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 205.204.101.203 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN), Reverse DNS Software / Resource Hash `460aa16a313bed50e4d26950b9051f0b0e57b37469737a75a8b88fa82c1453af` Request headers Referer https://login.alibaba.com/css/4v/sorcing-signin-20110212.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 24 May 2019 11:03:37 GMT Last-Modified Tue, 21 May 2019 09:42:51 GMT Connection keep-alive Accept-Ranges bytes ETag "5ce3c81b-166" Content-Length 358 Content-Type image/gif
GET H/1.1	200 OK	signin_feild_bg.gif login.alibaba.com/images/eng/style/css_images/	6 KB 6 KB	161ms 161ms	Image image/gif	205.204.101.203 CNNIC-ALIBABA-US-...
General Check archive.org Show headers Download Go to Show image Full URL https://login.alibaba.com/images/eng/style/css_images/signin_feild_bg.gif Requested by Host: www.litopia21.com URL: http://www.litopia21.com/morningform/file/update/16/index.htm?from= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 205.204.101.203 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN), Reverse DNS Software / Resource Hash `95f8b82edf7e078cf1d0245b4b999dfed0e7aeb67541fc2e408789b93eeec62d` Request headers Referer https://login.alibaba.com/css/4v/sorcing-signin-20110212.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 24 May 2019 11:03:37 GMT Last-Modified Tue, 21 May 2019 09:42:51 GMT Connection keep-alive Accept-Ranges bytes ETag "5ce3c81b-17e4" Content-Length 6116 Content-Type image/gif
GET H/1.1	200 OK	xman_images.gif login.alibaba.com/images/xman/	3 KB 3 KB	160ms 160ms	Image image/gif	205.204.101.203 CNNIC-ALIBABA-US-...
General Check archive.org Show headers Download Go to Show image Full URL https://login.alibaba.com/images/xman/xman_images.gif Requested by Host: www.litopia21.com URL: http://www.litopia21.com/morningform/file/update/16/index.htm?from= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 205.204.101.203 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN), Reverse DNS Software / Resource Hash `bd9aa145bfc448f8be976b7405f86db2120907b584d5219609de519cf688f32c` Request headers Referer https://login.alibaba.com/css/xman.css?version=20110104 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 24 May 2019 11:03:37 GMT Last-Modified Tue, 21 May 2019 09:42:51 GMT Connection keep-alive Accept-Ranges bytes ETag "5ce3c81b-d21" Content-Length 3361 Content-Type image/gif
GET H/1.1	200 OK	facebook.png login.alibaba.com/images/eng/style/icon/	485 B 701 B	160ms 159ms	Image image/png	205.204.101.203 CNNIC-ALIBABA-US-...
General Check archive.org Show headers Download Go to Show image Full URL https://login.alibaba.com/images/eng/style/icon/facebook.png Requested by Host: www.litopia21.com URL: http://www.litopia21.com/morningform/file/update/16/index.htm?from= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 205.204.101.203 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN), Reverse DNS Software / Resource Hash `603a9a84f0e095585bd39b27cd4c4d194a4a45c664373d636e493c2841084957` Request headers Referer https://login.alibaba.com/css/xman.css?version=20110104 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 24 May 2019 11:03:37 GMT Last-Modified Tue, 21 May 2019 09:42:51 GMT Connection keep-alive Accept-Ranges bytes ETag "5ce3c81b-1e5" Content-Length 485 Content-Type image/png
GET H/1.1	200 OK	loading.gif login.alibaba.com/images/xman/	701 B 917 B	161ms 161ms	Image image/gif	205.204.101.203 CNNIC-ALIBABA-US-...
General Check archive.org Show headers Download Go to Show image Full URL https://login.alibaba.com/images/xman/loading.gif Requested by Host: www.litopia21.com URL: http://www.litopia21.com/morningform/file/update/16/index.htm?from= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 205.204.101.203 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN), Reverse DNS Software / Resource Hash `0b3573d9ce76763b6dc34ebed4795bcbf030cf9d2cb77876443ef66e79cd6f9c` Request headers Referer https://login.alibaba.com/css/xman.css?version=20110104 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 24 May 2019 11:03:37 GMT Last-Modified Tue, 21 May 2019 09:42:51 GMT Connection keep-alive Accept-Ranges bytes ETag "5ce3c81b-2bd" Content-Length 701 Content-Type image/gif
GET H/1.1	200 OK	sorcing_signin_bg.gif login.alibaba.com/images/signin/	21 KB 21 KB	321ms 162ms	Image image/gif	205.204.101.203 CNNIC-ALIBABA-US-...
General Check archive.org Show headers Download Go to Show image Full URL https://login.alibaba.com/images/signin/sorcing_signin_bg.gif Requested by Host: www.litopia21.com URL: http://www.litopia21.com/morningform/file/update/16/index.htm?from= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 205.204.101.203 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN), Reverse DNS Software / Resource Hash `d1e2d0302e4d4677245a9e4c34d5097005ca8d2c22f1ad9ff7e6491d1886026c` Request headers Referer https://login.alibaba.com/css/4v/sorcing-signin-20110212.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 24 May 2019 11:03:38 GMT Last-Modified Tue, 21 May 2019 09:42:51 GMT Connection keep-alive Accept-Ranges bytes ETag "5ce3c81b-5327" Content-Length 21287 Content-Type image/gif
GET H/1.1	200 OK	list_dot.gif login.alibaba.com/images/eng/style/icon/	67 B 281 B	305ms 160ms	Image image/gif	205.204.101.203 CNNIC-ALIBABA-US-...
General Check archive.org Show headers Download Go to Show image Full URL https://login.alibaba.com/images/eng/style/icon/list_dot.gif Requested by Host: www.litopia21.com URL: http://www.litopia21.com/morningform/file/update/16/index.htm?from= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 205.204.101.203 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN), Reverse DNS Software / Resource Hash `527a54c3db7176dc064eec1577cfd92bf68c7e94e5b7f11fb79f0a34d649e2bf` Request headers Referer https://login.alibaba.com/css/4v/sorcing-signin-20110212.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 24 May 2019 11:03:38 GMT Last-Modified Tue, 21 May 2019 09:42:51 GMT Connection keep-alive Accept-Ranges bytes ETag "5ce3c81b-43" Content-Length 67 Content-Type image/gif

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Alibaba (Online)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask string| dmtrack_c string| dmtrack_pageid

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

login.alibaba.com
www.litopia21.com
205.204.101.203
210.127.253.247
0219efe34cf993a3703ef8d47a913b8532b7015ea4ce1689c93712253a31af6a
0b3573d9ce76763b6dc34ebed4795bcbf030cf9d2cb77876443ef66e79cd6f9c
0fda015e717a86d9ac38d6f5e0972f7d05d2ed9f3c724951b17225cf7387bcbb
2bd29eb9f85f17a49d2a22e8d16629399a8d3456a45d46acb873be417d1a9633
4279f72abed7e2209625f76cedad468177a685ea177b90cec8907509bb1eacb0
460aa16a313bed50e4d26950b9051f0b0e57b37469737a75a8b88fa82c1453af
527a54c3db7176dc064eec1577cfd92bf68c7e94e5b7f11fb79f0a34d649e2bf
603a9a84f0e095585bd39b27cd4c4d194a4a45c664373d636e493c2841084957
836ce36c36031ba5c3ab2ffb52a7e36fcab8991d2ee06535f6b7745014c0b836
95f8b82edf7e078cf1d0245b4b999dfed0e7aeb67541fc2e408789b93eeec62d
a0ea565170f019a7d86ed01dae02c43deaed123e792bfd5fd3b4464070c569e3
bd9aa145bfc448f8be976b7405f86db2120907b584d5219609de519cf688f32c
c503a04975b22bed74b1fcca57e22de46147170280df9c321803ba4f2482dc58
d1e2d0302e4d4677245a9e4c34d5097005ca8d2c22f1ad9ff7e6491d1886026c
da053296855e4e4f95057f4da441debc7183c5134841f048483b40017d683b89
da41eb860bb8d22b581eb363e31ce0af588231c11af4b67e6da36f6083df0360
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855