pay.k12c.com Open in urlscan Pro
47.96.16.185 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://pay.k12c.com/
Effective URL:
https://pay.k12c.com/login
Submission: On February 01 via automatic, source certstream-suspicious (February 1st 2021, 2:33:57 am UTC)

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 9 HTTP transactions. The main IP is 47.96.16.185, located in Hangzhou, China and belongs to CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN. The main domain is pay.k12c.com.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G1 on February 17th 2020. Valid for: a year.

This is the only time pay.k12c.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 6	47.96.16.185 47.96.16.185	37963 (CNNIC-ALI...) (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.)
1 1	114.55.26.52 114.55.26.52	37963 (CNNIC-ALI...) (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.)
4	58.215.145.29 58.215.145.29	23650 (CHINANET-...) (CHINANET-JIANGSU-PROVINCE-IDC AS Number for CHINANET jiangsu province backbone)
9	2

6 47.96.16.185 (Hangzhou, China) 1 redirects

ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN)

pay.k12c.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 114.55.26.52 (Hangzhou, China) 1 redirects

ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN)

114.55.26.52	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 58.215.145.29 (China)

ASN23650 (CHINANET-JIANGSU-PROVINCE-IDC AS Number for CHINANET jiangsu province backbone, CN)

www.bestudy360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	k12c.com 1 redirects pay.k12c.com	107 KB
4	bestudy360.com www.bestudy360.com	280 KB
9	2

	Domain	Requested by
6	pay.k12c.com	1 redirects pay.k12c.com
4	www.bestudy360.com	pay.k12c.com
9	2

This site contains no links.

Subject Issuer	Validity	Valid
pay.k12c.com Encryption Everywhere DV TLS CA - G1	`2020-02-17` - `2021-02-16`	a year	crt.sh
www.bestudy360.com Encryption Everywhere DV TLS CA - G1	`2020-03-19` - `2021-03-19`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://pay.k12c.com/login
Frame ID: A65464858129DD727B1760016845E390
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://pay.k12c.com/ HTTP 302
http://114.55.26.52:8081/cas/login?loginat=https://pay.k12c.com/login&service=https%3A%2F%2Fpay.k12c.... HTTP 302
https://pay.k12c.com/login Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

386 kB
Transfer

383 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://pay.k12c.com/ HTTP 302
http://114.55.26.52:8081/cas/login?loginat=https://pay.k12c.com/login&service=https%3A%2F%2Fpay.k12c.com%2F HTTP 302
https://pay.k12c.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200	Primary Request login Show response pay.k12c.com/ Redirect Chain https://pay.k12c.com/ http://114.55.26.52:8081/cas/login?loginat=https://pay.k12c.com/login&service=https%3A%2F%2Fpay.k12c.com%2F https://pay.k12c.com/login	4 KB 4 KB	248ms 247ms	Document text/html	47.96.16.185 CNNIC-ALIBABA-CN-...
General Check archive.org Show headers Download Go to Full URL https://pay.k12c.com/login Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 47.96.16.185 Hangzhou, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software nginx/1.13.6 / Resource Hash `4794b80cf51422cd58970a350d48263af1aeb59c8635992657fa834eefdbabf2` Request headers Host pay.k12c.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Server nginx/1.13.6 Date Mon, 01 Feb 2021 02:23:14 GMT Content-Type text/html;charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Origin * Content-Language en-US Redirect headers Server Apache-Coyote/1.1 Pragma no-cache Expires Thu, 01 Jan 1970 00:00:00 GMT Cache-Control no-cache no-store Set-Cookie JSESSIONID=96989B34A9360747EDD763244E478DCD; Path=/cas/; HttpOnly Location https://pay.k12c.com/login Content-Type text/html;charset=UTF-8 Content-Length 0 Date Mon, 01 Feb 2021 02:33:34 GMT
GET H/1.1	200	base.css pay.k12c.com/static/css/	1016 B 1 KB	249ms 248ms	Stylesheet text/css	47.96.16.185 CNNIC-ALIBABA-CN-...
General Check archive.org Show headers Download Go to Full URL https://pay.k12c.com/static/css/base.css Requested by Host: pay.k12c.com URL: https://pay.k12c.com/login Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 47.96.16.185 Hangzhou, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software nginx/1.13.6 / Resource Hash `91605fcbf9c85eafc017fc7509e1cc4050ec10d0b280d6270fbef733ab49ca16` Request headers Referer https://pay.k12c.com/login User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 01 Feb 2021 02:23:15 GMT Last-Modified Wed, 26 Sep 2018 08:29:48 GMT Server nginx/1.13.6 Content-Type text/css Access-Control-Allow-Origin * Connection keep-alive Accept-Ranges bytes Content-Length 1016
GET H/1.1	200	login.css pay.k12c.com/static/css/	4 KB 4 KB	496ms 247ms	Stylesheet text/css	47.96.16.185 CNNIC-ALIBABA-CN-...
General Check archive.org Show headers Download Go to Full URL https://pay.k12c.com/static/css/login.css Requested by Host: pay.k12c.com URL: https://pay.k12c.com/login Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 47.96.16.185 Hangzhou, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software nginx/1.13.6 / Resource Hash `d92b9b9c8e4de02fb53e3abeb9e1d693029f3b8efff09adff8b0e99363bd8175` Request headers Referer https://pay.k12c.com/login User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 01 Feb 2021 02:23:15 GMT Last-Modified Wed, 26 Sep 2018 08:29:48 GMT Server nginx/1.13.6 Content-Type text/css Access-Control-Allow-Origin * Connection keep-alive Accept-Ranges bytes Content-Length 3895
GET H2	200	9a2f19d8-56d3-4e77-a1aa-9999252f7741.png www.bestudy360.com/CSP/res/app/learninggrand/ad/	2 KB 3 KB	2220ms 992ms	Image image/png	58.215.145.29 CHINANET-JIANGSU-...
General Check archive.org Show headers Download Go to Show image Full URL https://www.bestudy360.com/CSP/res/app/learninggrand/ad/9a2f19d8-56d3-4e77-a1aa-9999252f7741.png Requested by Host: pay.k12c.com URL: https://pay.k12c.com/login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 58.215.145.29 , China, ASN23650 (CHINANET-JIANGSU-PROVINCE-IDC AS Number for CHINANET jiangsu province backbone, CN), Reverse DNS Software Tengine / Resource Hash `db6b3ecd90e310222a843ca5a32db9fc6d2c190703f2c61e5b31c02359f75b2c` Request headers Referer https://pay.k12c.com/login User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 01 Feb 2021 02:33:38 GMT via cache40.l2cn2630[79,200-0,H], cache42.l2cn2630[81,0], kunlun6.cn190[141,200-0,M], kunlun9.cn190[147,0] x-oss-request-id 601768824506783432BDCFC7 content-md5 vyHXNJry/HSsZXM2yf4M1g== age 0 x-cache MISS TCP_MISS dirn:-2:-2 x-oss-cdn-auth success x-swift-cachetime 3600 x-swift-savetime Mon, 01 Feb 2021 02:33:38 GMT content-length 2506 x-oss-object-type Normal last-modified Thu, 02 Nov 2017 06:50:52 GMT server Tengine etag "BF21D7349AF2FC74AC657336C9FE0CD6" access-control-allow-methods post,get content-type image/png access-control-allow-origin * x-oss-storage-class Standard accept-ranges bytes timing-allow-origin * x-oss-hash-crc64ecma 18215837397753877731 eagleid 3ad7913b16121468182923518e x-oss-server-time 54 ali-swift-global-savetime 1588885584
GET H2	200	fcde2382-29bb-438d-a783-fe08f8df05f3.png www.bestudy360.com/CSP/res/app/learninggrand/ad/	325 B 602 B	2202ms 975ms	Image image/png	58.215.145.29 CHINANET-JIANGSU-...
General Check archive.org Show headers Download Go to Show image Full URL https://www.bestudy360.com/CSP/res/app/learninggrand/ad/fcde2382-29bb-438d-a783-fe08f8df05f3.png Requested by Host: pay.k12c.com URL: https://pay.k12c.com/login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 58.215.145.29 , China, ASN23650 (CHINANET-JIANGSU-PROVINCE-IDC AS Number for CHINANET jiangsu province backbone, CN), Reverse DNS Software Tengine / Resource Hash `8ad7f64de9dc0f3055e20580c78e6ee195bc8c05ddaa072a41d0ed9353563e44` Request headers Referer https://pay.k12c.com/login User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 01 Feb 2021 02:33:38 GMT via cache7.l2cn2630[55,200-0,H], cache45.l2cn2630[56,0], kunlun10.cn190[124,200-0,M], kunlun9.cn190[130,0] x-oss-request-id 6017688225D95C3434F9B4A7 content-md5 vXH6BDgQnx+8hxT2FgGLbg== age 0 x-cache MISS TCP_MISS dirn:-2:-2 x-oss-cdn-auth success x-swift-cachetime 3600 x-swift-savetime Mon, 01 Feb 2021 02:33:38 GMT content-length 325 x-oss-object-type Normal last-modified Tue, 24 Oct 2017 01:35:36 GMT server Tengine etag "BD71FA0438109F1FBC8714F616018B6E" access-control-allow-methods post,get content-type image/png access-control-allow-origin * x-oss-storage-class Standard accept-ranges bytes timing-allow-origin * x-oss-hash-crc64ecma 3313861508690868380 eagleid 3ad7913b16121468182923522e x-oss-server-time 7 ali-swift-global-savetime 1588885584
GET H2	200	de917d25-7588-457c-87f0-c877f24e15d8.png www.bestudy360.com/CSP/res/app/learninggrand/ad/	275 KB 275 KB	2480ms 1253ms	Image image/png	58.215.145.29 CHINANET-JIANGSU-...
General Check archive.org Show headers Download Go to Show image Full URL https://www.bestudy360.com/CSP/res/app/learninggrand/ad/de917d25-7588-457c-87f0-c877f24e15d8.png Requested by Host: pay.k12c.com URL: https://pay.k12c.com/login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 58.215.145.29 , China, ASN23650 (CHINANET-JIANGSU-PROVINCE-IDC AS Number for CHINANET jiangsu province backbone, CN), Reverse DNS Software Tengine / Resource Hash `a1aa18f40cc9d31d0fb8e62c7c68dc4b694cb184563da3e5521adb9cf5144d18` Request headers Referer https://pay.k12c.com/login User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 01 Feb 2021 02:33:38 GMT via cache56.l2cn2630[93,200-0,H], cache3.l2cn2630[121,0], kunlun3.cn190[198,200-0,M], kunlun9.cn190[208,0] x-oss-request-id 601768820BC3D9393986389E content-md5 qyQqPF1RJkXCvdq2W5JdtA== age 0 x-cache MISS TCP_MISS dirn:-2:-2 x-oss-cdn-auth success x-swift-cachetime 3600 x-swift-savetime Mon, 01 Feb 2021 02:33:38 GMT content-length 281308 x-oss-object-type Normal last-modified Tue, 07 Nov 2017 08:34:57 GMT server Tengine etag "AB242A3C5D512645C2BDDAB65B925DB4" access-control-allow-methods post,get content-type image/png access-control-allow-origin * x-oss-storage-class Standard accept-ranges bytes timing-allow-origin * x-oss-hash-crc64ecma 3106765442791312100 eagleid 3ad7913b16121468182923525e x-oss-server-time 81 ali-swift-global-savetime 1588885584
GET H2	200	1d055d11-ec6e-4199-8043-524251fbd0c2.png www.bestudy360.com/CSP/res/app/learninggrand/ad/	363 B 949 B	2198ms 971ms	Image image/png	58.215.145.29 CHINANET-JIANGSU-...
General Check archive.org Show headers Download Go to Show image Full URL https://www.bestudy360.com/CSP/res/app/learninggrand/ad/1d055d11-ec6e-4199-8043-524251fbd0c2.png Requested by Host: pay.k12c.com URL: https://pay.k12c.com/login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 58.215.145.29 , China, ASN23650 (CHINANET-JIANGSU-PROVINCE-IDC AS Number for CHINANET jiangsu province backbone, CN), Reverse DNS Software Tengine / Resource Hash `4a6a27aca09180b1e57e2a41e03404837ad4f31787c665c13f56d75e59815bfd` Request headers Referer https://pay.k12c.com/login User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 01 Feb 2021 02:33:38 GMT via cache44.l2cn2630[48,200-0,H], cache67.l2cn2630[49,0], kunlun3.cn190[116,200-0,M], kunlun9.cn190[126,0] x-oss-request-id 601768820BC3D9303557389E content-md5 2ioVdJY3+bV0WEWjbBGaXA== age 0 x-cache MISS TCP_MISS dirn:-2:-2 x-oss-cdn-auth success x-swift-cachetime 3600 x-swift-savetime Mon, 01 Feb 2021 02:33:38 GMT content-length 363 x-oss-object-type Normal last-modified Fri, 03 Nov 2017 07:22:04 GMT server Tengine etag "DA2A15749637F9B5745845A36C119A5C" access-control-allow-methods post,get content-type image/png access-control-allow-origin * x-oss-storage-class Standard accept-ranges bytes timing-allow-origin * x-oss-hash-crc64ecma 13132174904872524127 eagleid 3ad7913b16121468182923531e x-oss-server-time 16 ali-swift-global-savetime 1588885584
GET H/1.1	200	jquery-1.12.1.min.js Show response pay.k12c.com/static/lab/	95 KB 95 KB	970ms 480ms	Script application/javascript	47.96.16.185 CNNIC-ALIBABA-CN-...
General Check archive.org Show headers Download Go to Full URL https://pay.k12c.com/static/lab/jquery-1.12.1.min.js Requested by Host: pay.k12c.com URL: https://pay.k12c.com/login Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 47.96.16.185 Hangzhou, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software nginx/1.13.6 / Resource Hash `8048732062381527d65d8bb413eab335155633d47092f9cc16d08d87dfe18f91` Request headers Referer https://pay.k12c.com/login User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 01 Feb 2021 02:23:15 GMT Last-Modified Wed, 26 Sep 2018 08:29:50 GMT Server nginx/1.13.6 Content-Type application/javascript Access-Control-Allow-Origin * Connection keep-alive Accept-Ranges bytes Content-Length 97408
GET H/1.1	200	base.js Show response pay.k12c.com/static/js/	2 KB 2 KB	740ms 247ms	Script application/javascript	47.96.16.185 CNNIC-ALIBABA-CN-...
General Check archive.org Show headers Download Go to Full URL https://pay.k12c.com/static/js/base.js Requested by Host: pay.k12c.com URL: https://pay.k12c.com/login Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 47.96.16.185 Hangzhou, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software nginx/1.13.6 / Resource Hash `35474cb39c274152e3b836a22d25a2631e2729bbe7913052208842ca2db33bae` Request headers Referer https://pay.k12c.com/login User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 01 Feb 2021 02:23:15 GMT Last-Modified Wed, 26 Sep 2018 08:29:48 GMT Server nginx/1.13.6 Content-Type application/javascript Access-Control-Allow-Origin * Connection keep-alive Accept-Ranges bytes Content-Length 1995

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

pay.k12c.com
www.bestudy360.com
114.55.26.52
47.96.16.185
58.215.145.29
35474cb39c274152e3b836a22d25a2631e2729bbe7913052208842ca2db33bae
4794b80cf51422cd58970a350d48263af1aeb59c8635992657fa834eefdbabf2
4a6a27aca09180b1e57e2a41e03404837ad4f31787c665c13f56d75e59815bfd
8048732062381527d65d8bb413eab335155633d47092f9cc16d08d87dfe18f91
8ad7f64de9dc0f3055e20580c78e6ee195bc8c05ddaa072a41d0ed9353563e44
91605fcbf9c85eafc017fc7509e1cc4050ec10d0b280d6270fbef733ab49ca16
a1aa18f40cc9d31d0fb8e62c7c68dc4b694cb184563da3e5521adb9cf5144d18
d92b9b9c8e4de02fb53e3abeb9e1d693029f3b8efff09adff8b0e99363bd8175
db6b3ecd90e310222a843ca5a32db9fc6d2c190703f2c61e5b31c02359f75b2c

pay.k12c.com Open in urlscan Pro 47.96.16.185 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

9 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

386 kBTransfer

383 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

0 Cookies

Indicators

pay.k12c.com Open in urlscan Pro
47.96.16.185 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

386 kB
Transfer

383 kB
Size

0
Cookies

9 HTTP transactions
0 data transactions