www.pacuniversity.ac.ke Open in urlscan Pro
41.204.161.224 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://customer-care-infos.blogspot.be/
Effective URL:
https://www.pacuniversity.ac.ke/administrator/components/com_banners/control/N_v1/Netflix224/
Submission: On September 20 via api (September 20th 2020, 8:25:36 pm UTC) from IE

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 4 domains to perform 11 HTTP transactions. The main IP is 41.204.161.224, located in Kenya and belongs to KENET-AS, KE. The main domain is www.pacuniversity.ac.ke.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on September 2nd 2020. Valid for: a year.

This is the only time www.pacuniversity.ac.ke was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Netflix (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 2	2a00:1450:400... 2a00:1450:4001:820::2001	15169 (GOOGLE) (GOOGLE)
2 11	41.204.161.224 41.204.161.224	36914 (KENET-AS) (KENET-AS)
1	2606:4700:20:... 2606:4700:20::681a:82c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	3

2 2a00:1450:4001:820::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

customer-care-infos.blogspot.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
customer-care-infos.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 41.204.161.224 (Kenya) 2 redirects

ASN36914 (KENET-AS, KE)

www.pacuniversity.ac.ke	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:82c (United States)

ASN13335 (CLOUDFLARENET, US)

ipapi.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	pacuniversity.ac.ke 2 redirects www.pacuniversity.ac.ke	535 KB
1	ipapi.co ipapi.co	767 B
1	blogspot.com customer-care-infos.blogspot.com	15 KB
1	blogspot.be 1 redirects customer-care-infos.blogspot.be	435 B
11	4

	Domain	Requested by
11	www.pacuniversity.ac.ke	2 redirects customer-care-infos.blogspot.com www.pacuniversity.ac.ke
1	ipapi.co	www.pacuniversity.ac.ke
1	customer-care-infos.blogspot.com
1	customer-care-infos.blogspot.be	1 redirects
11	4

This site contains no links.

Subject Issuer	Validity	Valid
misc-sni.blogspot.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.pacuniversity.ac.ke COMODO RSA Organization Validation Secure Server CA	`2020-09-02` - `2021-09-07`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-17` - `2021-07-17`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.pacuniversity.ac.ke/administrator/components/com_banners/control/N_v1/Netflix224/
Frame ID: 8130AE54545E01A72868CE498F5799E3
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://customer-care-infos.blogspot.be/ HTTP 302
https://customer-care-infos.blogspot.com/ Page URL
https://www.pacuniversity.ac.ke/administrator/components/com_banners/html/ Page URL
https://www.pacuniversity.ac.ke/administrator/components/com_banners/control/N_v1/ HTTP 302
https://www.pacuniversity.ac.ke/administrator/components/com_banners/control/N_v1/Netflix224 HTTP 301
https://www.pacuniversity.ac.ke/administrator/components/com_banners/control/N_v1/Netflix224/ Page URL

Detected technologies

Java (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /GSE/i

OpenGSE (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /GSE/i

Page Statistics

11
Requests

100 %
HTTPS

67 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

550 kB
Transfer

602 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://customer-care-infos.blogspot.be/ HTTP 302
https://customer-care-infos.blogspot.com/ Page URL
https://www.pacuniversity.ac.ke/administrator/components/com_banners/html/ Page URL
https://www.pacuniversity.ac.ke/administrator/components/com_banners/control/N_v1/ HTTP 302
https://www.pacuniversity.ac.ke/administrator/components/com_banners/control/N_v1/Netflix224 HTTP 301
https://www.pacuniversity.ac.ke/administrator/components/com_banners/control/N_v1/Netflix224/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://customer-care-infos.blogspot.be/ HTTP 302
https://customer-care-infos.blogspot.com/

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/
customer-care-infos.blogspot.com/
Redirect Chain

https://customer-care-infos.blogspot.be/
https://customer-care-infos.blogspot.com/

69 KB
15 KB

661ms
659ms

Document
text/html

2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://customer-care-infos.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: customer-care-infos.blogspot.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
content-type: text/html; charset=UTF-8
expires: Sun, 20 Sep 2020 20:25:17 GMT
date: Sun, 20 Sep 2020 20:25:17 GMT
cache-control: private, max-age=0
last-modified: Mon, 24 Aug 2020 16:09:20 GMT
etag: W/"e641cfa678f8e10a944cb46c9903b6973b7e5c14b04c9b66457671d1d0a16bd1"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 15161
server: GSE
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

status: 302
location: https://customer-care-infos.blogspot.com/
content-type: text/html; charset=UTF-8
content-encoding: gzip
date: Sun, 20 Sep 2020 20:25:16 GMT
expires: Sun, 20 Sep 2020 20:25:16 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 186
server: GSE
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK / Show response
www.pacuniversity.ac.ke/administrator/components/com_banners/html/ 715 B
936 B 730ms
208ms Document
text/html 41.204.161.224
KENET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pacuniversity.ac.ke/administrator/components/com_banners/html/
Requested by: Host: customer-care-infos.blogspot.com
URL: https://customer-care-infos.blogspot.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 41.204.161.224 , Kenya, ASN36914 (KENET-AS, KE),
Reverse DNS
Software: Apache/2.4.6 / PHP/7.2.24
Resource Hash: fbcfc40856714577e2009cac74e8a73bd63e23fa713060769fbebb61e6822711

Request headers

Host: www.pacuniversity.ac.ke
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://customer-care-infos.blogspot.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://customer-care-infos.blogspot.com/

Response headers

Date: Sun, 20 Sep 2020 20:24:31 GMT
Server: Apache/2.4.6
X-Powered-By: PHP/7.2.24
Content-Length: 715
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
www.pacuniversity.ac.ke/administrator/components/com_banners/control/N_v1/Netflix224/
Redirect Chain

https://www.pacuniversity.ac.ke/administrator/components/com_banners/control/N_v1/
https://www.pacuniversity.ac.ke/administrator/components/com_banners/control/N_v1/Netflix224
https://www.pacuniversity.ac.ke/administrator/components/com_banners/control/N_v1/Netflix224/

5 KB
5 KB

431ms
431ms

Document
text/html

41.204.161.224
KENET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pacuniversity.ac.ke/administrator/components/com_banners/control/N_v1/Netflix224/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 41.204.161.224 , Kenya, ASN36914 (KENET-AS, KE),
Reverse DNS
Software: Apache/2.4.6 / PHP/7.2.24
Resource Hash: 6234ae41030baef8a0d4152424e7c939d28ce579af66ddc2f2c5e6dee1c6a313

Request headers

Host: www.pacuniversity.ac.ke
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://www.pacuniversity.ac.ke/administrator/components/com_banners/html/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.pacuniversity.ac.ke/administrator/components/com_banners/html/

Response headers

Date: Sun, 20 Sep 2020 20:24:33 GMT
Server: Apache/2.4.6
X-Powered-By: PHP/7.2.24
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=0frss2spl11m6ool3r1h6i335j; path=/
Content-Length: 4913
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Sun, 20 Sep 2020 20:24:33 GMT
Server: Apache/2.4.6
Location: https://www.pacuniversity.ac.ke/administrator/components/com_banners/control/N_v1/Netflix224/
Content-Length: 301
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK style.css
www.pacuniversity.ac.ke/administrator/components/com_banners/control/N_v1/Netflix224/css/ 21 KB
21 KB 549ms
545ms Stylesheet
text/css 41.204.161.224
KENET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pacuniversity.ac.ke/administrator/components/com_banners/control/N_v1/Netflix224/css/style.css
Requested by: Host: www.pacuniversity.ac.ke
URL: https://www.pacuniversity.ac.ke/administrator/components/com_banners/control/N_v1/Netflix224/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 41.204.161.224 , Kenya, ASN36914 (KENET-AS, KE),
Reverse DNS
Software: Apache/2.4.6 /
Resource Hash: 2f085a84cb00b9b35b5125231a1accae74aba455992b2b21c28380345ba52c53

Request headers

Referer: https://www.pacuniversity.ac.ke/administrator/components/com_banners/control/N_v1/Netflix224/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 20 Sep 2020 20:24:34 GMT
Last-Modified: Sun, 20 Sep 2020 20:24:33 GMT
Server: Apache/2.4.6
ETag: "5283-5afc485935f40"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 21123

GET
H/1.1 200
OK app.css
www.pacuniversity.ac.ke/administrator/components/com_banners/control/N_v1/Netflix224/css/ 2 KB
3 KB 1200ms
855ms Stylesheet
text/css 41.204.161.224
KENET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pacuniversity.ac.ke/administrator/components/com_banners/control/N_v1/Netflix224/css/app.css
Requested by: Host: www.pacuniversity.ac.ke
URL: https://www.pacuniversity.ac.ke/administrator/components/com_banners/control/N_v1/Netflix224/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 41.204.161.224 , Kenya, ASN36914 (KENET-AS, KE),
Reverse DNS
Software: Apache/2.4.6 /
Resource Hash: 5efb393cf10db7ee157dcd3109179e7619633c7e8d17c5ab3eab1ea1278f6dd1

Request headers

Referer: https://www.pacuniversity.ac.ke/administrator/components/com_banners/control/N_v1/Netflix224/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 20 Sep 2020 20:24:34 GMT
Last-Modified: Sun, 20 Sep 2020 20:24:33 GMT
Server: Apache/2.4.6
ETag: "9e2-5afc485935f40"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2530

GET
H/1.1 200
OK jquery.min.js Show response
www.pacuniversity.ac.ke/administrator/components/com_banners/control/N_v1/Netflix224/js/ 152 KB
153 KB 1203ms
858ms Script
application/javascript 41.204.161.224
KENET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pacuniversity.ac.ke/administrator/components/com_banners/control/N_v1/Netflix224/js/jquery.min.js
Requested by: Host: www.pacuniversity.ac.ke
URL: https://www.pacuniversity.ac.ke/administrator/components/com_banners/control/N_v1/Netflix224/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 41.204.161.224 , Kenya, ASN36914 (KENET-AS, KE),
Reverse DNS
Software: Apache/2.4.6 /
Resource Hash: 7aa387f2db11236e0a3d6e4124c33bbf9f588dff926a1454a92ce694fc84c620

Request headers

Referer: https://www.pacuniversity.ac.ke/administrator/components/com_banners/control/N_v1/Netflix224/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 20 Sep 2020 20:24:34 GMT
Last-Modified: Sun, 20 Sep 2020 20:24:33 GMT
Server: Apache/2.4.6
ETag: "261cf-5afc485938e20"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 156111

GET
H/1.1 200
OK validet.js Show response
www.pacuniversity.ac.ke/administrator/components/com_banners/control/N_v1/Netflix224/js/ 7 KB
7 KB 1205ms
838ms Script
application/javascript 41.204.161.224
KENET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pacuniversity.ac.ke/administrator/components/com_banners/control/N_v1/Netflix224/js/validet.js
Requested by: Host: www.pacuniversity.ac.ke
URL: https://www.pacuniversity.ac.ke/administrator/components/com_banners/control/N_v1/Netflix224/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 41.204.161.224 , Kenya, ASN36914 (KENET-AS, KE),
Reverse DNS
Software: Apache/2.4.6 /
Resource Hash: 3668352cee7c03431751e26e34aebf496fe874ae28a8b96c4481dc129b502822

Request headers

Referer: https://www.pacuniversity.ac.ke/administrator/components/com_banners/control/N_v1/Netflix224/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 20 Sep 2020 20:24:34 GMT
Last-Modified: Sun, 20 Sep 2020 20:24:33 GMT
Server: Apache/2.4.6
ETag: "1c52-5afc485938e20"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 7250

GET
H/1.1 200
OK bg-login-large.jpg
www.pacuniversity.ac.ke/administrator/components/com_banners/control/N_v1/Netflix224/img/ 342 KB
342 KB 539ms
539ms Image
image/jpeg 41.204.161.224
KENET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pacuniversity.ac.ke/administrator/components/com_banners/control/N_v1/Netflix224/img/bg-login-large.jpg
Requested by: Host: www.pacuniversity.ac.ke
URL: https://www.pacuniversity.ac.ke/administrator/components/com_banners/control/N_v1/Netflix224/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 41.204.161.224 , Kenya, ASN36914 (KENET-AS, KE),
Reverse DNS
Software: Apache/2.4.6 /
Resource Hash: 68a140f407da7acc8b00ae9eb2be5a09df4b046277a3bfe03881417a068da7e4

Request headers

Referer: https://www.pacuniversity.ac.ke/administrator/components/com_banners/control/N_v1/Netflix224/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 20 Sep 2020 20:24:35 GMT
Last-Modified: Sun, 20 Sep 2020 20:24:33 GMT
Server: Apache/2.4.6
ETag: "55787-5afc485936328"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 350087

GET
H/1.1 200
OK FB-logo.png
www.pacuniversity.ac.ke/administrator/components/com_banners/control/N_v1/Netflix224/img/ 1 KB
2 KB 766ms
766ms Image
image/png 41.204.161.224
KENET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pacuniversity.ac.ke/administrator/components/com_banners/control/N_v1/Netflix224/img/FB-logo.png
Requested by: Host: www.pacuniversity.ac.ke
URL: https://www.pacuniversity.ac.ke/administrator/components/com_banners/control/N_v1/Netflix224/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 41.204.161.224 , Kenya, ASN36914 (KENET-AS, KE),
Reverse DNS
Software: Apache/2.4.6 /
Resource Hash: 3e49d9dc43267590184389ab3da0cb9f7308c9c848667dab109a0f7c73450ece

Request headers

Referer: https://www.pacuniversity.ac.ke/administrator/components/com_banners/control/N_v1/Netflix224/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 20 Sep 2020 20:24:36 GMT
Last-Modified: Sun, 20 Sep 2020 20:24:33 GMT
Server: Apache/2.4.6
ETag: "5af-5afc485936af8"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1455

GET
H/1.1 200
OK glob.png
www.pacuniversity.ac.ke/administrator/components/com_banners/control/N_v1/Netflix224/img/ 842 B
1 KB 745ms
745ms Image
image/png 41.204.161.224
KENET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pacuniversity.ac.ke/administrator/components/com_banners/control/N_v1/Netflix224/img/glob.png
Requested by: Host: www.pacuniversity.ac.ke
URL: https://www.pacuniversity.ac.ke/administrator/components/com_banners/control/N_v1/Netflix224/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 41.204.161.224 , Kenya, ASN36914 (KENET-AS, KE),
Reverse DNS
Software: Apache/2.4.6 /
Resource Hash: 4f8072ca4cdc4412083462c38eebc18bb5a0b919fb4bb63ec98769f0b644306e

Request headers

Referer: https://www.pacuniversity.ac.ke/administrator/components/com_banners/control/N_v1/Netflix224/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 20 Sep 2020 20:24:36 GMT
Last-Modified: Sun, 20 Sep 2020 20:24:33 GMT
Server: Apache/2.4.6
ETag: "34a-5afc485936af8"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 842

GET
H2 200 / Show response
ipapi.co/json/ 729 B
767 B 234ms
217ms XHR
application/json 2606:4700:20::681a:82c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ipapi.co/json/

Requested by

Host: www.pacuniversity.ac.ke
URL: https://www.pacuniversity.ac.ke/administrator/components/com_banners/control/N_v1/Netflix224/js/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:20::681a:82c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed6a667b843199174dd727f0d8f3dc690c504866128b47d440f071616555022f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.pacuniversity.ac.ke/administrator/components/com_banners/control/N_v1/Netflix224/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Sun, 20 Sep 2020 20:25:22 GMT
content-encoding: br
vary: Host, Origin
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
allow: OPTIONS, POST, GET, HEAD, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.pacuniversity.ac.ke
cf-ray: 5d5e467c6b871f51-FRA
cf-request-id: 054eca61bf00001f511d13e200000001

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Netflix (Online)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes function| $ function| jQuery function| ipLookUp

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.pacuniversity.ac.ke/	1969-12-31 23:59:59	Name: PHPSESSID Value: 0frss2spl11m6ool3r1h6i335j

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

customer-care-infos.blogspot.be
customer-care-infos.blogspot.com
ipapi.co
www.pacuniversity.ac.ke
2606:4700:20::681a:82c
2a00:1450:4001:820::2001
41.204.161.224
2f085a84cb00b9b35b5125231a1accae74aba455992b2b21c28380345ba52c53
3668352cee7c03431751e26e34aebf496fe874ae28a8b96c4481dc129b502822
3e49d9dc43267590184389ab3da0cb9f7308c9c848667dab109a0f7c73450ece
4f8072ca4cdc4412083462c38eebc18bb5a0b919fb4bb63ec98769f0b644306e
5efb393cf10db7ee157dcd3109179e7619633c7e8d17c5ab3eab1ea1278f6dd1
6234ae41030baef8a0d4152424e7c939d28ce579af66ddc2f2c5e6dee1c6a313
68a140f407da7acc8b00ae9eb2be5a09df4b046277a3bfe03881417a068da7e4
7aa387f2db11236e0a3d6e4124c33bbf9f588dff926a1454a92ce694fc84c620
ed6a667b843199174dd727f0d8f3dc690c504866128b47d440f071616555022f
fbcfc40856714577e2009cac74e8a73bd63e23fa713060769fbebb61e6822711

www.pacuniversity.ac.ke Open in urlscan Pro 41.204.161.224 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

11 Requests

100 %HTTPS

67 %IPv6

4 Domains

4 Subdomains

3 IPs

3 Countries

550 kBTransfer

602 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

4 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

www.pacuniversity.ac.ke Open in urlscan Pro
41.204.161.224 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

67 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

550 kB
Transfer

602 kB
Size

1
Cookies

11 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!