![](/screenshots/dd5138fe-aabc-4614-b8f1-870974a28422.png)
kmlgroup.co.in
Open in
urlscan Pro
162.214.11.182
Malicious Activity!
Public Scan
Effective URL: https://kmlgroup.co.in/wp-admin/index/link/message.alibaba.com/message/external/sign%20in/Alibaba.com/Login.htm
Submission: On November 01 via api from US — Scanned from US
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on August 29th 2023. Valid for: 3 months.
This is the only time kmlgroup.co.in was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Alibaba (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 5 | 162.214.11.182 162.214.11.182 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1) | |
2 | 47.246.137.186 47.246.137.186 | 45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.) | |
1 | 104.70.65.224 104.70.65.224 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
1 | 2404:2280:1b2... 2404:2280:1b2:0:715::3fe | 24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.) | |
9 | 5 |
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 162-214-11-182.unifiedlayer.com
kmlgroup.co.in |
ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
stylessl.aliunicorn.com |
ASN16625 (AKAMAI-AS, US)
PTR: a104-70-65-224.deploy.static.akamaitechnologies.com
u.alicdn.com |
ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
img.alicdn.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
kmlgroup.co.in
1 redirects
kmlgroup.co.in |
11 KB |
2 |
alicdn.com
u.alicdn.com — Cisco Umbrella Rank: 62495 img.alicdn.com — Cisco Umbrella Rank: 12563 |
38 KB |
2 |
aliunicorn.com
stylessl.aliunicorn.com |
132 KB |
0 |
alibaba.com
Failed
cmap.alibaba.com Failed |
|
9 | 4 |
Domain | Requested by | |
---|---|---|
5 | kmlgroup.co.in |
1 redirects
kmlgroup.co.in
|
2 | stylessl.aliunicorn.com |
kmlgroup.co.in
|
1 | img.alicdn.com |
kmlgroup.co.in
|
1 | u.alicdn.com |
kmlgroup.co.in
|
0 | cmap.alibaba.com Failed |
kmlgroup.co.in
|
9 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
kmlgroup.co.in cPanel, Inc. Certification Authority |
2023-08-29 - 2023-11-27 |
3 months | crt.sh |
*.alibabacorp.com GlobalSign Organization Validation CA - SHA256 - G3 |
2023-04-12 - 2024-05-13 |
a year | crt.sh |
ru.aliexpress.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-10-21 - 2024-10-23 |
a year | crt.sh |
*.tbcdn.cn GlobalSign Organization Validation CA - SHA256 - G3 |
2023-06-29 - 2024-07-30 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://kmlgroup.co.in/wp-admin/index/link/message.alibaba.com/message/external/sign%20in/Alibaba.com/Login.htm
Frame ID: 6937DD94B4DAB8F749240439FFC864DA
Requests: 9 HTTP requests in this frame
Screenshot
![](/screenshots/dd5138fe-aabc-4614-b8f1-870974a28422.png)
Page URL History Show full URLs
-
http://kmlgroup.co.in/wp-admin/index/link/message.alibaba.com/message/external/sign%20in/Alibaba.c...
HTTP 301
https://kmlgroup.co.in/wp-admin/index/link/message.alibaba.com/message/external/sign%20in/Alibaba.c... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://kmlgroup.co.in/wp-admin/index/link/message.alibaba.com/message/external/sign%20in/Alibaba.com/Login.htm
HTTP 301
https://kmlgroup.co.in/wp-admin/index/link/message.alibaba.com/message/external/sign%20in/Alibaba.com/Login.htm Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
9 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Login.htm
kmlgroup.co.in/wp-admin/index/link/message.alibaba.com/message/external/sign%20in/Alibaba.com/ Redirect Chain
|
15 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ml.html
cmap.alibaba.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
stylessl.aliunicorn.com/css/6v/ |
129 KB 41 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
stylessl.aliunicorn.com/js/6v/biz/login/home/ |
346 KB 91 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aplus_en.js
u.alicdn.com/js/ |
79 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TB1awf5PXXXXXXLXFXXXXXXXXXX-585-350.jpg
img.alicdn.com/tps/ |
10 KB 11 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
TB1ROn8OpXXXXbZaXXXXXXXXXXX-32-31.png
kmlgroup.co.in/wp-admin/index/link/message.alibaba.com/message/external/sign%20in/Alibaba.com/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
footer.css
kmlgroup.co.in/wp-admin/index/link/message.alibaba.com/message/external/sign%20in/Alibaba.com/images/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clear.png
kmlgroup.co.in/wp-admin/index/link/message.alibaba.com/message/external/sign%20in/Alibaba.com/images/ |
81 B 578 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- cmap.alibaba.com
- URL
- https://cmap.alibaba.com/ml.html?callback=landing8978252&cna=3bw9EfTyjFECASRKAo4n2aNT
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Alibaba (Online)1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cmap.alibaba.com
img.alicdn.com
kmlgroup.co.in
stylessl.aliunicorn.com
u.alicdn.com
cmap.alibaba.com
104.70.65.224
162.214.11.182
2404:2280:1b2:0:715::3fe
47.246.137.186
139359e8cd675429cb1766058fd9067a54af94517145b3dd6e73df778a3bfb07
1961d16246e3ae3e99b17c3d1f0377eddf72cc176bd0c3072f8f67c9aebfaef5
29eb7513e61dcee377d813db7679fdb7f2aa4c9a3a806cdf0fffd11c7facfbd4
5f20facd62dbd67a30498acf92c1809b4400248b0cdedba3d13d1b0d99af20db
71e9caa7c17b20aac3baa32a9a4fbba2bb95634a6bdcc886af7e876c70b1f9a8
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
e36cf71220515a64704d787bcf4813f82975e96b976829cec1034a538480dcec
fc269f3ac4cf032e83a8b4d82716cf1f8ad13e811a5ab58b7f78345f8ffbf97b