www.litopia21.com
Open in
urlscan Pro
210.127.253.247
Malicious Activity!
Public Scan
Submission: On May 24 via automatic, source openphish
Summary
This is the only time www.litopia21.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Alibaba (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 210.127.253.247 210.127.253.247 | 17833 (NCOM-AS-K...) (NCOM-AS-KR NCOM ltd.) | |
22 | 205.204.101.203 205.204.101.203 | 45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co.) | |
23 | 2 |
ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN)
login.alibaba.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
22 |
alibaba.com
login.alibaba.com |
57 KB |
1 |
litopia21.com
www.litopia21.com |
12 KB |
23 | 2 |
Domain | Requested by | |
---|---|---|
22 | login.alibaba.com |
www.litopia21.com
|
1 | www.litopia21.com | |
23 | 2 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.alibaba.com GlobalSign Organization Validation CA - SHA256 - G2 |
2018-09-20 - 2019-09-21 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://www.litopia21.com/morningform/file/update/16/index.htm?from=
Frame ID: 22016389EF0C9FD65251B8359AB21E4C
Requests: 23 HTTP requests in this frame
Screenshot
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- headers server /php\/?([\d.]+)?/i
UNIX (Operating Systems) Expand
Detected patterns
- headers server /Unix/i
OpenSSL (Web Server Extensions) Expand
Detected patterns
- headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i
mod_ssl (Web Server Extensions) Expand
Detected patterns
- headers server /mod_ssl(?:\/([\d.]+))?/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
- headers server /mod_ssl(?:\/([\d.]+))?/i
Page Statistics
38 Outgoing links
These are links going to different origins than the main page.
Title: Alibaba.com
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: contact us
Search URL Search Domain Scan URL
Title: TradeManager
Search URL Search Domain Scan URL
Title: Join free now!
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: Company Info
Search URL Search Domain Scan URL
Title: Partnerships
Search URL Search Domain Scan URL
Title: Wholesalers
Search URL Search Domain Scan URL
Title: Gold Suppliers
Search URL Search Domain Scan URL
Title: Buy
Search URL Search Domain Scan URL
Title: Sell
Search URL Search Domain Scan URL
Title: Trade Shows
Search URL Search Domain Scan URL
Title: My Alibaba
Search URL Search Domain Scan URL
Title: China Export Services
Search URL Search Domain Scan URL
Title: Help
Search URL Search Domain Scan URL
Title: Site Map
Search URL Search Domain Scan URL
Title: Customer Service
Search URL Search Domain Scan URL
Title: All Products
Search URL Search Domain Scan URL
Title: Importers
Search URL Search Domain Scan URL
Title: China
Search URL Search Domain Scan URL
Title: Promotion
Search URL Search Domain Scan URL
Title: Archive
Search URL Search Domain Scan URL
Title: Alibaba Group
Search URL Search Domain Scan URL
Title: Alibaba China
Search URL Search Domain Scan URL
Title: Alibaba Japan
Search URL Search Domain Scan URL
Title: Taobao
Search URL Search Domain Scan URL
Title: Alipay
Search URL Search Domain Scan URL
Title: Yahoo! China
Search URL Search Domain Scan URL
Title: Koubei.com
Search URL Search Domain Scan URL
Title: Alisoft
Search URL Search Domain Scan URL
Title: Product Listing Policy
Search URL Search Domain Scan URL
Title: Intellectual Property Policy and Infringement Claims
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Terms of Use
Search URL Search Domain Scan URL
Title: Safety & Security Center
Search URL Search Domain Scan URL
Title: Report Intellectual Property Right Infringement
Search URL Search Domain Scan URL
Title: Copyright Notice
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
index.htm
www.litopia21.com/morningform/file/update/16/ |
12 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
layout.css
login.alibaba.com/css/4v/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
common.css
login.alibaba.com/css/4v/ |
13 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ae_login.js
login.alibaba.com/js/library/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
beacon_en.js
login.alibaba.com/js/library/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sorcing-signin-20110212.css
login.alibaba.com/css/4v/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
email_suggestion.js
login.alibaba.com/js/library/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
xman.css
login.alibaba.com/css/ |
10 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
blank.html
login.alibaba.com/js/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
beacon_en.js
login.alibaba.com/js/library/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
beacon_en.js
login.alibaba.com/js/library/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
headCap.gif
login.alibaba.com/images/eng/style/css_images/navigation/ |
149 B 364 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_alibaba_sprite.gif
login.alibaba.com/images/xman/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
email_suggestion.js
login.alibaba.com/js/library/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
signin_head_bg.png
login.alibaba.com/images/eng/style/css_images/ |
630 B 976 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
alibaba_logo.png
login.alibaba.com/images/eng/style/logo/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
change-language.gif
login.alibaba.com/images/xman/ |
358 B 704 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
signin_feild_bg.gif
login.alibaba.com/images/eng/style/css_images/ |
6 KB 6 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
xman_images.gif
login.alibaba.com/images/xman/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
facebook.png
login.alibaba.com/images/eng/style/icon/ |
485 B 701 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loading.gif
login.alibaba.com/images/xman/ |
701 B 917 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sorcing_signin_bg.gif
login.alibaba.com/images/signin/ |
21 KB 21 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
list_dot.gif
login.alibaba.com/images/eng/style/icon/ |
67 B 281 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Alibaba (Online)5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask string| dmtrack_c string| dmtrack_pageid0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
login.alibaba.com
www.litopia21.com
205.204.101.203
210.127.253.247
0219efe34cf993a3703ef8d47a913b8532b7015ea4ce1689c93712253a31af6a
0b3573d9ce76763b6dc34ebed4795bcbf030cf9d2cb77876443ef66e79cd6f9c
0fda015e717a86d9ac38d6f5e0972f7d05d2ed9f3c724951b17225cf7387bcbb
2bd29eb9f85f17a49d2a22e8d16629399a8d3456a45d46acb873be417d1a9633
4279f72abed7e2209625f76cedad468177a685ea177b90cec8907509bb1eacb0
460aa16a313bed50e4d26950b9051f0b0e57b37469737a75a8b88fa82c1453af
527a54c3db7176dc064eec1577cfd92bf68c7e94e5b7f11fb79f0a34d649e2bf
603a9a84f0e095585bd39b27cd4c4d194a4a45c664373d636e493c2841084957
836ce36c36031ba5c3ab2ffb52a7e36fcab8991d2ee06535f6b7745014c0b836
95f8b82edf7e078cf1d0245b4b999dfed0e7aeb67541fc2e408789b93eeec62d
a0ea565170f019a7d86ed01dae02c43deaed123e792bfd5fd3b4464070c569e3
bd9aa145bfc448f8be976b7405f86db2120907b584d5219609de519cf688f32c
c503a04975b22bed74b1fcca57e22de46147170280df9c321803ba4f2482dc58
d1e2d0302e4d4677245a9e4c34d5097005ca8d2c22f1ad9ff7e6491d1886026c
da053296855e4e4f95057f4da441debc7183c5134841f048483b40017d683b89
da41eb860bb8d22b581eb363e31ce0af588231c11af4b67e6da36f6083df0360
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855