alibabagroup.icu Threat Intelligence and Information

Host Location

Dig Results

• Got answer:
• -»HEADER«- opcode: QUERY, status: NOERROR, id: 41293
• flags: qr rd ra QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
• OPT PSEUDOSECTION:
• EDNS: version: 0, flags: udp: 1432
• QUESTION SECTION:
• alibabagroup.icu. IN A
• ANSWER SECTION:
• alibabagroup.icu. 296 IN A 157.90.33.74
• alibabagroup.icu. 296 IN A 157.90.33.73
• Query time: 0 msec
• SERVER: 192.168.1.153(192.168.1.1) (UDP)
• WHEN: Sun Mar 15 00:07:43 UTC 2026
• MSG SIZE rcvd: 77

Whois Data

• Domain Name: ALIBABAGROUP.ICU
• Registry Domain ID: D624278135-CNIC
• Registrar URL: http://www.dynadot.com
• Updated Date: 2026-02-26T18:09:42.0Z
• Creation Date: 2025-12-20T11:24:06.0Z
• Registry Expiry Date: 2026-12-20T23:59:59.0Z
• Registrar: Dynadot LLC
• Registrar IANA ID: 472
• Name Server: NS1.PARK-MY-DOMAIN.NET
• Name Server: NS2.PARK-MY-DOMAIN.NET
• DNSSEC: unsigned
• Registrar Abuse Contact Email: abuse@dynadot.com
• Registrar Abuse Contact Phone: +1.6502620100
• https://www.centralnicregistry.com/support/information/rdap «<
• blacklisted. All data is (c) CentralNic Ltd (https://www.centralnicregistry.com)

SSL Certificate Information

• Certificate:
• Data:
• Version: 3 (0x2)
• Serial Number:
• 05:b8:16:6a:76:d0:dd:17:67:86:53:1c:e3:82:c0:d1:6d:22
• Signature Algorithm: sha256WithRSAEncryption
• Issuer: C = US, O = Let’s Encrypt, CN = R12
• Validity
• Not Before: Feb 1 22:27:59 2026 GMT
• Not After : May 2 22:27:58 2026 GMT
• Subject: CN = alibabagroup.icu
• Subject Public Key Info:
• Public Key Algorithm: rsaEncryption
• Public-Key: (2048 bit)
• Modulus:
• 00:f5:79:d3:35:9e:2c:8a:4d:16:e7:d7:fc:da:1b:
• 53:83:b4:a0:06:32:a3:98:06:96:62:ed:4b:ca:6c:
• 32:b2:d4:85:aa:c4:05:4f:63:b9:42:7c:0e:f4:3c:
• 0c:b3:8f:de:36:07:89:c9:c0:32:a1:49:4c:8d:83:
• 66:b9:1d:fe:6b:83:b0:1a:2a:7a:a0:bc:c5:99:c7:
• 58:43:2e:fb:8e:8b:6f:9e:c6:e0:48:0a:3e:a6:03:
• 6c:de:ea:0a:a4:76:75:1b:2d:19:57:3a:7e:fd:5c:
• 54:9f:7f:86:d3:91:78:4e:08:7a:66:75:b5:a4:c7:
• 7d:77:53:44:83:6a:57:c7:e9:a1:9d:28:4d:c7:6a:
• 88:2c:b1:60:fe:ad:74:6f:bd:ab:ea:2a:49:bd:c2:
• 61:19:5f:c8:03:15:9c:01:eb:1b:14:89:a0:6b:67:
• e4:1e:d0:c2:48:db:0f:ef:07:96:f8:c0:2d:60:1d:
• 04:5d:09:8d:dc:64:57:ea:8e:5a:d4:ce:47:53:b7:
• 71:1b:15:b7:2a:fb:7a:a4:5d:aa:80:38:ad:ca:b8:
• 99:24:92:ee:f7:90:19:6c:80:7d:d1:4c:0b:f4:09:
• 33:87:cb:a7:bf:6c:3c:db:92:6a:b9:39:b8:f0:fc:
• 46:78:12:a0:26:b1:ff:1f:6f:a1:62:47:a7:75:0b:
• 8f:55
• Exponent: 65537 (0x10001)
• X509v3 extensions:
• X509v3 Key Usage: critical
• Digital Signature, Key Encipherment
• X509v3 Extended Key Usage:
• TLS Web Server Authentication, TLS Web Client Authentication
• X509v3 Basic Constraints: critical
• CA:FALSE
• X509v3 Subject Key Identifier:
• E7:26:91:68:B7:D4:7E:29:1C:B7:DC:56:CC:07:A9:CF:C8:20:5A:50
• X509v3 Authority Key Identifier:
• 00:B5:29:F2:2D:8E:6F:31:E8:9B:4C:AD:78:3E:FA:DC:E9:0C:D1:D2
• Authority Information Access:
• CA Issuers - URI:http://r12.i.lencr.org/
• X509v3 Subject Alternative Name:
• DNS:*.alibabagroup.icu, DNS:alibabagroup.icu
• X509v3 Certificate Policies:
• Policy: 2.23.140.1.2.1
• X509v3 CRL Distribution Points:
• Full Name:
• URI:http://r12.c.lencr.org/35.crl
• CT Precertificate SCTs:
• Signed Certificate Timestamp:
• Version : v1 (0x0)
• Log ID : 64:11:C4:6C:A4:12:EC:A7:89:1C:A2:02:2E:00:BC:AB:
• 4F:28:07:D4:1E:35:27:AB:EA:FE:D5:03:C9:7D:CD:F0
• Timestamp : Feb 1 23:26:29.169 2026 GMT
• Extensions: none
• Signature : ecdsa-with-SHA256
• 30:44:02:20:40:EC:3A:EA:42:4C:FF:C4:55:7B:7E:F1:
• 21:8F:5D:B4:76:0D:7B:F0:5A:39:49:18:87:9E:74:C5:
• 72:D8:45:2B:02:20:14:4A:D6:01:5B:F0:10:62:38:73:
• 84:6A:22:E0:97:3A:5A:33:69:C7:96:10:7E:B5:C3:D3:
• 5B:7F:A7:7E:74:03
• Signed Certificate Timestamp:
• Version : v1 (0x0)
• Log ID : 71:7E:95:F3:C2:38:8A:6D:B1:E3:84:49:3D:31:E1:5A:
• A9:62:08:76:2D:42:00:E0:05:0C:D0:67:B5:A6:61:E2
• Timestamp : Feb 1 23:26:29.409 2026 GMT
• Extensions: 00:00:05:00:08:62:63:C3
• Signature : ecdsa-with-SHA256
• 30:46:02:21:00:98:96:16:8C:78:E3:17:F2:A6:3C:54:
• 91:7C:A9:72:DD:3D:B0:29:09:62:A6:A5:D4:C6:BB:6E:
• 90:87:6C:DC:1B:02:21:00:E5:20:ED:48:9C:3D:1A:5C:
• DF:6D:AE:05:64:A1:60:9E:4F:3E:AB:CA:04:85:98:63:
• 1E:13:07:C4:03:78:78:F8
• Signature Algorithm: sha256WithRSAEncryption
• Signature Value:
• bd:eb:fa:93:07:db:8d:17:71:c7:40:63:7e:bb:b8:32:0c:75:
• e3:97:ec:c5:08:7a:e8:2b:41:55:7d:e5:0a:52:e9:20:37:a0:
• 22:bc:d4:25:79:ce:1c:47:a5:4a:e2:6a:fd:1b:4d:1f:ca:f5:
• 07:a4:89:f3:57:6c:dc:46:d7:69:7f:55:da:c7:73:a4:ba:37:
• 68:d1:8b:19:7f:d6:ba:1d:3d:05:b4:43:0f:c5:67:5b:79:94:
• 38:43:91:08:8c:0f:73:f4:46:f0:c6:95:83:21:0f:00:c1:61:
• 4b:f5:95:b0:10:bc:6f:86:c2:01:5f:7e:36:ce:6c:fb:d4:48:
• 12:15:e1:77:e7:05:fd:33:9f:a4:e2:88:cf:bb:81:77:26:6c:
• d2:24:91:b1:a1:3c:d3:3e:d4:7b:20:00:6e:f7:88:5c:b9:7d:
• 8f:31:64:34:65:de:c0:03:76:fe:71:3c:2f:09:c1:84:2a:e0:
• 16:61:8e:25:ca:9e:f5:dd:e9:df:de:8b:53:f6:59:98:ae:15:
• 96:f7:a4:5f:6c:8e:59:1f:2a:47:56:4a:f1:0c:a4:1e:2f:f1:
• 56:3f:ca:ee:5a:53:c1:32:67:7f:5e:75:5e:1b:ac:97:34:fc:
• 48:35:d5:33:44:57:8a:9d:ec:79:f0:29:ea:f7:95:bc:cb:31:
• ee:e5:2d:57

Technologies

ntpd OpenSSH

Additional Links

*** Virustotal ***

*** WayBackMachine ***