philrootcrops.vsu.edu.ph Open in urlscan Pro
2400:cb00:2048:1::681c:70d Public Scan

Go To Rescan
Add Verdict Report

URL:
http://philrootcrops.vsu.edu.ph/modules/mod_login/rd2.html
Submission: On April 07 via automatic, source openphish (April 7th 2017, 10:13:15 am UTC)

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 4 countries across 7 domains to perform 17 HTTP transactions. The main IP is 2400:cb00:2048:1::681c:70d, located in United States and belongs to CLOUDFLARENET - CloudFlare, Inc., US. The main domain is philrootcrops.vsu.edu.ph.

This is the only time philrootcrops.vsu.edu.ph was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2400:cb00:204... 2400:cb00:2048:1::681c:70d	13335 (CLOUDFLAR...) (CLOUDFLARENET - CloudFlare)
1	2400:cb00:204... 2400:cb00:2048:1::6813:c366	13335 (CLOUDFLAR...) (CLOUDFLARENET - CloudFlare)
1	103.13.30.45 103.13.30.45	56309 (SIAMDATA-...) (SIAMDATA-TH 408 Fl4 CATTOWER)
2	198.11.132.19 198.11.132.19	45102 (CNNIC-ALI...) (CNNIC-ALIBABA-CN-NET-AP Alibaba (China) Technology Co.)
3	104.96.8.71 104.96.8.71	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	195.138.255.8 195.138.255.8	201011 (NETZBETRI...) (NETZBETRIEB-GMBH)
17	7

2 2400:cb00:2048:1::681c:70d (United States)

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)

philrootcrops.vsu.edu.ph	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:cb00:2048:1::6813:c366 (United States)

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.13.30.45 (Thailand)

ASN56309 (SIAMDATA-TH 408 Fl4 CATTOWER, TH)

www.billion-plus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.11.132.19 (San Mateo, United States)

ASN45102 (CNNIC-ALIBABA-CN-NET-AP Alibaba (China) Technology Co., Ltd., CN)

stylessl.aliunicorn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.96.8.71 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-96-8-71.deploy.static.akamaitechnologies.com

u.alicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.alicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
aeu.alicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.138.255.8 (Germany)

ASN201011 (NETZBETRIEB-GMBH, DE)

style.aliunicorn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	alicdn.com u.alicdn.com img.alicdn.com Failed i.alicdn.com aeu.alicdn.com	31 KB
3	aliunicorn.com stylessl.aliunicorn.com style.aliunicorn.com	177 KB
2	vsu.edu.ph philrootcrops.vsu.edu.ph	621 B
1	billion-plus.com www.billion-plus.com Failed	5 KB
1	cloudflare.com ajax.cloudflare.com	21 KB
0	alibaba.com Failed dmtracking2.alibaba.com Failed
0	mmstat.com Failed gj.mmstat.com Failed
17	7

	Domain	Requested by
2	stylessl.aliunicorn.com	www.billion-plus.com
2	philrootcrops.vsu.edu.ph
1	aeu.alicdn.com	www.billion-plus.com
1	style.aliunicorn.com	stylessl.aliunicorn.com
1	i.alicdn.com	www.billion-plus.com
1	u.alicdn.com	www.billion-plus.com
1	www.billion-plus.com
1	ajax.cloudflare.com	philrootcrops.vsu.edu.ph
0	dmtracking2.alibaba.com Failed	philrootcrops.vsu.edu.ph
0	gj.mmstat.com Failed	philrootcrops.vsu.edu.ph
0	img.alicdn.com Failed	www.billion-plus.com
17	11

This site contains no links.

Subject Issuer	Validity	Valid
stylessl.aliunicorn.com GlobalSign Organization Validation CA - SHA256 - G2	`2016-10-24` - `2017-10-25`	a year	crt.sh
ru.aliexpress.com Symantec Class 3 Secure Server CA - G4	`2017-02-15` - `2017-08-30`	6 months	crt.sh

This page contains 2 frames:

Frame: http://www.billion-plus.com/wp-content/plugins/types/plus/login.alibaba.com/index.html
Frame ID: 24429.1
Requests: 4 HTTP requests in this frame

Frame: http://www.billion-plus.com/wp-content/plugins/types/plus/login.alibaba.com/index.html
Frame ID: 24456.1
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

17
Requests

18 %
HTTPS

33 %
IPv6

7
Domains

11
Subdomains

7
IPs

4
Countries

236 kB
Transfer

814 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set rd2.html Show response philrootcrops.vsu.edu.ph/modules/mod_login/	827 B 578 B	785ms 773ms	Document text/html	2400:cb00:2048:1::681c:70d CloudFlare
General Check archive.org Show headers Download Go to Full URL http://philrootcrops.vsu.edu.ph/modules/mod_login/rd2.html Protocol HTTP/1.1 Server 2400:cb00:2048:1::681c:70d , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US), Reverse DNS Software cloudflare-nginx / Resource Hash `7ab3acb71f4d2fb88af87c76e789552a7c216bbdf1322f674a5193d3930df2a4` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host philrootcrops.vsu.edu.ph Accept-Language en-US,en;q=0.8 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/;q=0.8 Cache-Control no-cache Connection keep-alive Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36 Response headers Date Fri, 07 Apr 2017 10:13:05 GMT Content-Encoding gzip Vary Accept-Encoding Last-Modified Fri, 07 Apr 2017 08:45:24 GMT Server cloudflare-nginx Transfer-Encoding chunked Content-Type text/html Set-Cookie __cfduid=d0d68b863e1a7110ab1dad4d119ff76281491559984; expires=Sat, 07-Apr-18 10:13:04 GMT; path=/; domain=.vsu.edu.ph; HttpOnly Connection keep-alive CF-RAY 34bc365032382726-FRA
GET H/1.1	200 OK	Cookie set cloudflare.min.js Show response ajax.cloudflare.com/cdn-cgi/nexp/dok3v=f2befc48d1/	59 KB 21 KB	13ms 7ms	Script text/javascript	2400:cb00:2048:1::6813:c366 CloudFlare
General Check archive.org Show headers Download Go to Full URL http://ajax.cloudflare.com/cdn-cgi/nexp/dok3v=f2befc48d1/cloudflare.min.js Requested by Host: philrootcrops.vsu.edu.ph URL: http://philrootcrops.vsu.edu.ph/modules/mod_login/rd2.html Protocol HTTP/1.1 Server 2400:cb00:2048:1::6813:c366 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US), Reverse DNS Software cloudflare-nginx / Resource Hash `37e87b4725153085833463f5f22462081ab785002c923fbd56103fe932e0b428` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host ajax.cloudflare.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Accept / Referer http://philrootcrops.vsu.edu.ph/modules/mod_login/rd2.html Connection keep-alive Cache-Control no-cache Referer http://philrootcrops.vsu.edu.ph/modules/mod_login/rd2.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Date Fri, 07 Apr 2017 10:13:05 GMT Content-Encoding gzip Last-Modified Mon, 12 Dec 2016 21:27:50 GMT Server cloudflare-nginx Vary Accept-Encoding Content-Type text/javascript Set-Cookie __cfduid=da78a8e6df8985f9addf7c955dfffa0211491559985; expires=Sat, 07-Apr-18 10:13:05 GMT; path=/; domain=.cloudflare.com; HttpOnly Cache-Control public, max-age=31536000 Transfer-Encoding chunked Connection keep-alive CF-RAY 34bc36551046271a-FRA Expires Sat, 07 Apr 2018 10:13:05 GMT
GET		index.html www.billion-plus.com/wp-content/plugins/types/plus/login.alibaba.com/	0 0

GET H/1.1	200 OK	favicon.ico philrootcrops.vsu.edu.ph/	43 B 43 B	7ms 7ms	Other image/vnd.microsoft.icon	2400:cb00:2048:1::681c:70d CloudFlare
General Check archive.org Show headers Download Go to Full URL http://philrootcrops.vsu.edu.ph/favicon.ico Protocol HTTP/1.1 Server 2400:cb00:2048:1::681c:70d , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US), Reverse DNS Software cloudflare-nginx / Resource Hash `56b97f9bcb141cc4e04ebe1320dd6dab5fac7166c6977f92783e5762d2688e10` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host philrootcrops.vsu.edu.ph Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36 Accept image/webp,image/,/;q=0.8 Referer* http://philrootcrops.vsu.edu.ph/modules/mod_login/rd2.html Cookie __cfduid=d0d68b863e1a7110ab1dad4d119ff76281491559984 Connection keep-alive Cache-Control no-cache Referer http://philrootcrops.vsu.edu.ph/modules/mod_login/rd2.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36 Response headers Date Fri, 07 Apr 2017 10:13:05 GMT CF-Cache-Status HIT Last-Modified Wed, 01 Jan 2014 14:19:00 GMT Server cloudflare-nginx ETag "2b-4eee95bb19d00" Vary Accept-Encoding Content-Type image/vnd.microsoft.icon Cache-Control public, max-age=604800 Connection keep-alive Accept-Ranges bytes CF-RAY 34bc365544742726-FRA Content-Length 43 Expires Fri, 14 Apr 2017 10:13:05 GMT
GET H/1.1	200 OK	index.html Show response www.billion-plus.com/wp-content/plugins/types/plus/login.alibaba.com/ Frame 2445	21 KB 5 KB	1176ms 437ms	Document text/html	103.13.30.45 SIAMDATA-TH 408 F...
General Check archive.org Show headers Download Go to Full URL http://www.billion-plus.com/wp-content/plugins/types/plus/login.alibaba.com/index.html Protocol HTTP/1.1 Server 103.13.30.45 , Thailand, ASN56309 (SIAMDATA-TH 408 Fl4 CATTOWER, TH), Reverse DNS Software Apache/2 / Resource Hash `c06c52e997680d424b73dbab4cb2bbcd9e414a406ed359716e9fff73e96dfaa1` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host www.billion-plus.com Accept-Language en-US,en;q=0.8 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/;q=0.8 Referer http://philrootcrops.vsu.edu.ph/modules/mod_login/rd2.html Connection keep-alive Cache-Control no-cache Upgrade-Insecure-Requests 1 Referer http://philrootcrops.vsu.edu.ph/modules/mod_login/rd2.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36 Response headers Date Fri, 07 Apr 2017 10:13:08 GMT Content-Encoding gzip Last-Modified Fri, 07 Apr 2017 08:39:57 GMT Server Apache/2 ETag "a240a3-5540-54c8f9200a3f9" Vary Accept-Encoding,User-Agent Content-Type text/html Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=1, max=100 Content-Length 5163
GET H/1.1	200 OK	/ stylessl.aliunicorn.com/css/6v/ Frame 2445	129 KB 40 KB	3285ms 157ms	Stylesheet text/css	198.11.132.19 CNNIC-ALIBABA-CN-...
General Check archive.org Show headers Download Go to Full URL https://stylessl.aliunicorn.com/css/6v/??apollo/core/core-sc.css,apollo/core/rwd-sc.css,apollo/core/rwd-sc-ie8.css,apollo/mod/feedback/feedback-sc.css,run/common/switch-language/switch-language.css,apollo/mod/footer/footer-v4-sc.css,run/login/home/home-buyer.css,run/login/home/login-fix.css?t=15967a68e_1435ab11ae Requested by Host: www.billion-plus.com URL: http://www.billion-plus.com/wp-content/plugins/types/plus/login.alibaba.com/index.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.11.132.19 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-CN-NET-AP Alibaba (China) Technology Co., Ltd., CN), Reverse DNS Software Tengine/2.1.7_816788 / Resource Hash `74f5e92d3b108746cb375bae97a45bef0d42f715fa16fa543d9d5bb29a05638a` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch, br Host stylessl.aliunicorn.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36 Accept text/css,/;q=0.1 Referer http://www.billion-plus.com/wp-content/plugins/types/plus/login.alibaba.com/index.html Connection keep-alive Cache-Control no-cache Referer http://www.billion-plus.com/wp-content/plugins/types/plus/login.alibaba.com/index.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36 Response headers Date Fri, 07 Apr 2017 10:13:09 GMT Content-Encoding gzip Vary Accept-Encoding Last-Modified Tue, 28 Mar 2017 08:56:41 GMT Server Tengine/2.1.7_816788 Transfer-Encoding chunked Content-Type text/css Access-Control-Allow-Origin * Cache-Control max-age=31536000 Connection close Expires Sat, 07 Apr 2018 10:13:09 GMT
GET H/1.1	200 OK	/ Show response stylessl.aliunicorn.com/js/6v/biz/login/home/ Frame 2445	392 KB 104 KB	3327ms 199ms	Script application/javascript	198.11.132.19 CNNIC-ALIBABA-CN-...
General Check archive.org Show headers Download Go to Full URL https://stylessl.aliunicorn.com/js/6v/biz/login/home/??preload.js?t=630906a9_626294dd08 Requested by Host: www.billion-plus.com URL: http://www.billion-plus.com/wp-content/plugins/types/plus/login.alibaba.com/index.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.11.132.19 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-CN-NET-AP Alibaba (China) Technology Co., Ltd., CN), Reverse DNS Software Tengine/2.1.7_816788 / Resource Hash `26b392b3516a9db46064319e7fbeb124d297b9983f8c1106d0f7934f3bccc9df` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch, br Host stylessl.aliunicorn.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36 Accept / Referer http://www.billion-plus.com/wp-content/plugins/types/plus/login.alibaba.com/index.html Connection keep-alive Cache-Control no-cache Referer http://www.billion-plus.com/wp-content/plugins/types/plus/login.alibaba.com/index.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36 Response headers Date Fri, 07 Apr 2017 10:13:09 GMT Content-Encoding gzip Vary Accept-Encoding Last-Modified Fri, 07 Apr 2017 03:59:00 GMT Server Tengine/2.1.7_816788 Transfer-Encoding chunked Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=30 Connection close Expires Fri, 07 Apr 2017 10:13:39 GMT
GET H/1.1	200 OK	aplus_en.js Show response u.alicdn.com/js/ Frame 2445	85 KB 28 KB	20ms 10ms	Script application/javascript	104.96.8.71 Akamai Technologies
General Check archive.org Show headers Download Go to Full URL http://u.alicdn.com/js/aplus_en.js Requested by Host: www.billion-plus.com URL: http://www.billion-plus.com/wp-content/plugins/types/plus/login.alibaba.com/index.html Protocol HTTP/1.1 Server 104.96.8.71 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a104-96-8-71.deploy.static.akamaitechnologies.com Software Tengine / Resource Hash `853b121f9e51e3df8e04b120104aedfa101e3e0d4935712de1bf238e2d417b45` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host u.alicdn.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36 Accept / Referer http://www.billion-plus.com/wp-content/plugins/types/plus/login.alibaba.com/index.html Connection keep-alive Cache-Control no-cache Referer http://www.billion-plus.com/wp-content/plugins/types/plus/login.alibaba.com/index.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36 Response headers Date Fri, 07 Apr 2017 10:13:06 GMT Content-Encoding gzip FW_IP 104.96.8.71 Connection keep-alive Content-Length 29145 Last-Modified Tue, 28 Mar 2017 08:56:09 GMT Server Tengine ETag 1d875c3d_0 Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Expose-Headers FW_IP Cache-Control max-age=332 SERVED-FROM 95.101.91.87 Timing-Allow-Origin * Network_Info DE_FRANKFURT_24940 Expires Fri, 07 Apr 2017 10:18:38 GMT
GET		TB1awf5PXXXXXXLXFXXXXXXXXXX-585-350.jpg img.alicdn.com/tps/ Frame 2445	0 0

GET		TB1ROn8OpXXXXbZaXXXXXXXXXXX-32-31.png img.alicdn.com/tps/ Frame 2445	0 0

GET H/1.1	200 OK	footer.css i.alicdn.com/sc-footer/20160321161740/dist/ Frame 2445	7 KB 2 KB	20ms 10ms	Stylesheet text/css	104.96.8.71 Akamai Technologies
General Check archive.org Show headers Download Go to Full URL http://i.alicdn.com/sc-footer/20160321161740/dist/footer.css Requested by Host: www.billion-plus.com URL: http://www.billion-plus.com/wp-content/plugins/types/plus/login.alibaba.com/index.html Protocol HTTP/1.1 Server 104.96.8.71 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a104-96-8-71.deploy.static.akamaitechnologies.com Software Tengine / Resource Hash `71e9caa7c17b20aac3baa32a9a4fbba2bb95634a6bdcc886af7e876c70b1f9a8` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host i.alicdn.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36 Accept text/css,/;q=0.1 Referer http://www.billion-plus.com/wp-content/plugins/types/plus/login.alibaba.com/index.html Connection keep-alive Cache-Control no-cache Referer http://www.billion-plus.com/wp-content/plugins/types/plus/login.alibaba.com/index.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36 Response headers Date Fri, 07 Apr 2017 10:13:06 GMT Content-Encoding gzip FW_IP 104.96.8.71 Connection keep-alive Content-Length 1572 Last-Modified Mon, 21 Mar 2016 08:17:42 GMT Server Tengine Vary Accept-Encoding Content-Type text/css Access-Control-Allow-Origin * Access-Control-Expose-Headers FW_IP Cache-Control max-age=8017862 SERVED-FROM 2.17.123.13 Timing-Allow-Origin * Network_Info DE_FRANKFURT_24940 Expires Sun, 09 Jul 2017 05:24:08 GMT
GET H/1.1	200 OK	jquery.js Show response style.aliunicorn.com/js/6v/lib/gallery/jquery/ Frame 2445	92 KB 33 KB	184ms 4ms	Script application/javascript	195.138.255.8 NETZBETRIEB-GMBH
General Check archive.org Show headers Download Go to Full URL http://style.aliunicorn.com/js/6v/lib/gallery/jquery/jquery.js?t=4b3d51b3_0 Requested by Host: stylessl.aliunicorn.com URL: https://stylessl.aliunicorn.com/js/6v/biz/login/home/??preload.js?t=630906a9_626294dd08 Protocol HTTP/1.1 Server 195.138.255.8 , Germany, ASN201011 (NETZBETRIEB-GMBH, DE), Reverse DNS Software Tengine / Resource Hash `f9ee76107677a7dec3f02cfe8c473fc379e519219dd84b8f7aaa0f1ef1799791` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host style.aliunicorn.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36 Accept / Referer http://www.billion-plus.com/wp-content/plugins/types/plus/login.alibaba.com/index.html Connection keep-alive Cache-Control no-cache Referer http://www.billion-plus.com/wp-content/plugins/types/plus/login.alibaba.com/index.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36 Response headers Date Fri, 07 Apr 2017 10:13:10 GMT Content-Encoding gzip Last-Modified Thu, 16 Mar 2017 06:42:01 GMT Server Tengine FW_IP 195.138.255.8 Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Expose-Headers FW_IP Cache-Control max-age=29692553 Connection keep-alive Timing-Allow-Origin * Content-Length 33502 Expires Sat, 17 Mar 2018 02:09:03 GMT
GET		7.gif gj.mmstat.com/ Frame 2445	0 0

GET		b.jpg dmtracking2.alibaba.com/ Frame 2445	0 0

GET		new-header-v4-2@1x.png stylessl.aliunicorn.com/simg/sprites/app/ Frame 2445	0 0

GET DATA	200 OK	truncated / Frame 2445	13 KB 0		Font application/x-font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `70b1f47975c93e09401685d032d0940a82b9bb47c4acfe700eaa3985f0b0dac0` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36 Origin http://www.billion-plus.com Response headers Access-Control-Allow-Origin * Content-Type application/x-font-woff;charset=utf-8
GET		TB16I7yPVXXXXbkXXXXXXXXXXXX-2200-600.jpg img.alicdn.com/tps/ Frame 2445	0 0

GET DATA	200 OK	truncated / Frame 2445	13 KB 0		Font application/x-font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `2d303e5e7d94da2b21df48b7b62b6d10b2e5b434da6848c15f35c6e517b9d7bd` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36 Origin http://www.billion-plus.com Response headers Access-Control-Allow-Origin * Content-Type application/x-font-woff;charset=utf-8
GET H2	200	JSocket.swf aeu.alicdn.com/flash/ Frame 2445	1 KB 1 KB	34ms 10ms	Other application/x-shockwave-flash	104.96.8.71 Akamai Technologies
General Check archive.org Show headers Download Go to Full URL https://aeu.alicdn.com/flash/JSocket.swf Requested by Host: www.billion-plus.com URL: http://www.billion-plus.com/wp-content/plugins/types/plus/login.alibaba.com/index.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.96.8.71 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a104-96-8-71.deploy.static.akamaitechnologies.com Software Tengine / Resource Hash `bb5f3a1cdfd2138c0322bd1bcff7e62d237390cff48715164ee8c5ad66bf8f10` Request headers :path /flash/JSocket.swf pragma no-cache accept-encoding gzip, deflate, sdch, br x-requested-with ShockwaveFlash/25.0.0.127 accept-language en-US,en;q=0.8 user-agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36 accept / cache-control no-cache :authority aeu.alicdn.com referer http://www.billion-plus.com/wp-content/plugins/types/plus/login.alibaba.com/index.html :scheme https :method GET Referer http://www.billion-plus.com/wp-content/plugins/types/plus/login.alibaba.com/index.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36 X-Requested-With ShockwaveFlash/25.0.0.127 Response headers date Fri, 07 Apr 2017 10:13:10 GMT x-oss-request-id 57D41A58CE46F81667B9AE66 status 200 content-length 1513 x-oss-object-type Normal last-modified Wed, 20 Jul 2016 08:47:19 GMT server Tengine etag "E9724572D37E5CA98ABD364302146B6A" content-type application/x-shockwave-flash cache-control max-age=617 served-from 95.101.91.61 accept-ranges bytes timing-allow-origin * * network_info DE_FRANKFURT_24940 x-oss-server-time 1 expires Fri, 07 Apr 2017 10:23:27 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.billion-plus.com
URL: http://www.billion-plus.com/wp-content/plugins/types/plus/login.alibaba.com/index.html

Domain: img.alicdn.com
URL: http://img.alicdn.com/tps/TB1awf5PXXXXXXLXFXXXXXXXXXX-585-350.jpg

Domain: img.alicdn.com
URL: http://img.alicdn.com/tps/TB1ROn8OpXXXXbZaXXXXXXXXXXX-32-31.png

Domain: gj.mmstat.com
URL: http://gj.mmstat.com/7.gif?logtype=1&title=&pre=http%3A%2F%2Fphilrootcrops.vsu.edu.ph%2Fmodules%2Fmod_login%2Frd2.html&cache=7ba240e&scr=1600x1200&isbeta=5&spm-cnt=a2700.homelogin.0.0.yzJbgS&aplus&userid=&ali_beacon_id=105.112.16.177.1477582082853.397553.3&ali_apache_id=105.112.16.177.147758207912.238038.2&ali_apache_track=%22mt%3D3%7Cmid%3Dng1106855707mtrx%22&ali_apache_tracktmp=%22W_signed%3DY%22&dmtrack_c=%7Baep_usuc_f%3D-%7Caeu_cid%3D-%7D&pageid=697021030ab0aa2258c72f6615b47e7456f1bcdc59&hn=enlogin010176170034.ot7&asid=AQAAAABmL8dYp9ezUQAAAABVtWovPYD9ZA%3D%3D&dmtrack_b=%7Bifm%3D0%7Clogin%3D0%7D&p=1&o=linux&b=chrome57&s=1600x1200&w=webkit&mx=360ee

Domain: dmtracking2.alibaba.com
URL: http://dmtracking2.alibaba.com/b.jpg?cD17MX0mdT17L3d3dy5iaWxsaW9uLXBsdXMuY29tL3dwLWNvbnRlbnQvcGx1Z2lucy90eXBlcy9wbHVzL2xvZ2luLmFsaWJhYmEuY29tL2luZGV4Lmh0bWx9Jm09e0dFVH0mcz17MjAwfSZyPXtodHRwOi8vcGhpbHJvb3Rjcm9wcy52c3UuZWR1LnBoL21vZHVsZXMvbW9kX2xvZ2luL3JkMi5odG1sfSZhPXstfSZiPXtzcG1hYj1hMjcwMC5ob21lbG9naW58aWZtPTB8bG9naW49MH0mYz17YWVwX3VzdWNfZj0tfGFldV9jaWQ9LX0=&pageid=697021030ab0aa2258c72f6615b47e7456f1bcdc59&sys=chrome57.0|x11|1600*1200|en-US&ver=41&time=1491559990645

Domain: stylessl.aliunicorn.com
URL: https://stylessl.aliunicorn.com/simg/sprites/app/new-header-v4-2@1x.png?t=21312772_0

Domain: img.alicdn.com
URL: http://img.alicdn.com/tps/TB16I7yPVXXXXbkXXXXXXXXXXXX-2200-600.jpg

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.vsu.edu.ph/	2018-04-07 10:13:04	Name: __cfduid Value: d0d68b863e1a7110ab1dad4d119ff76281491559984

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aeu.alicdn.com
ajax.cloudflare.com
dmtracking2.alibaba.com
gj.mmstat.com
i.alicdn.com
img.alicdn.com
philrootcrops.vsu.edu.ph
style.aliunicorn.com
stylessl.aliunicorn.com
u.alicdn.com
www.billion-plus.com
dmtracking2.alibaba.com
gj.mmstat.com
img.alicdn.com
stylessl.aliunicorn.com
www.billion-plus.com
103.13.30.45
104.96.8.71
195.138.255.8
198.11.132.19
2400:cb00:2048:1::6813:c366
2400:cb00:2048:1::681c:70d
26b392b3516a9db46064319e7fbeb124d297b9983f8c1106d0f7934f3bccc9df
2d303e5e7d94da2b21df48b7b62b6d10b2e5b434da6848c15f35c6e517b9d7bd
37e87b4725153085833463f5f22462081ab785002c923fbd56103fe932e0b428
56b97f9bcb141cc4e04ebe1320dd6dab5fac7166c6977f92783e5762d2688e10
70b1f47975c93e09401685d032d0940a82b9bb47c4acfe700eaa3985f0b0dac0
71e9caa7c17b20aac3baa32a9a4fbba2bb95634a6bdcc886af7e876c70b1f9a8
74f5e92d3b108746cb375bae97a45bef0d42f715fa16fa543d9d5bb29a05638a
7ab3acb71f4d2fb88af87c76e789552a7c216bbdf1322f674a5193d3930df2a4
853b121f9e51e3df8e04b120104aedfa101e3e0d4935712de1bf238e2d417b45
bb5f3a1cdfd2138c0322bd1bcff7e62d237390cff48715164ee8c5ad66bf8f10
c06c52e997680d424b73dbab4cb2bbcd9e414a406ed359716e9fff73e96dfaa1
f9ee76107677a7dec3f02cfe8c473fc379e519219dd84b8f7aaa0f1ef1799791

philrootcrops.vsu.edu.ph Open in urlscan Pro 2400:cb00:2048:1::681c:70d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

17 Requests

18 %HTTPS

33 %IPv6

7 Domains

11 Subdomains

7 IPs

4 Countries

236 kBTransfer

814 kBSize

1 Cookies

0 Outgoing links

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

1 Cookies

Indicators

philrootcrops.vsu.edu.ph Open in urlscan Pro
2400:cb00:2048:1::681c:70d Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

18 %
HTTPS

33 %
IPv6

7
Domains

11
Subdomains

7
IPs

4
Countries

236 kB
Transfer

814 kB
Size

1
Cookies

17 HTTP transactions
2 data transactions