www.siwiba.com.sb Open in urlscan Pro
116.90.60.58 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.siwiba.com.sb/cli/finder/sign_auth/sign_auth/sign_auth/953cfa3b4e529bbfa27e009e80af727e953cfa3b4e529bbfa27e009...
Submission: On May 23 via automatic, source openphish (May 23rd 2019, 10:02:41 am UTC)

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 8 HTTP transactions. The main IP is 116.90.60.58, located in Australia and belongs to DIGITALPACIFIC-AU Digital Pacific Pty Ltd Australia, AU. The main domain is www.siwiba.com.sb.

This is the only time www.siwiba.com.sb was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	116.90.60.58 116.90.60.58	55803 (DIGITALPA...) (DIGITALPACIFIC-AU Digital Pacific Pty Ltd Australia)
2	104.111.216.213 104.111.216.213	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	195.27.31.233 195.27.31.233	1273 (CW Vodafo...) (CW Vodafone Group PLC)
8	3

5 116.90.60.58 (Australia)

ASN55803 (DIGITALPACIFIC-AU Digital Pacific Pty Ltd Australia, AU)
PTR: vmres08.web-servers.com.au

www.siwiba.com.sb	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.216.213 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-216-213.deploy.static.akamaitechnologies.com

img.alicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
aeu.alicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.27.31.233 (Germany)

ASN1273 (CW Vodafone Group PLC, GB)

i.alipayobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	siwiba.com.sb www.siwiba.com.sb	47 KB
2	alicdn.com img.alicdn.com aeu.alicdn.com	73 KB
1	alipayobjects.com i.alipayobjects.com	20 KB
8	3

	Domain	Requested by
5	www.siwiba.com.sb	www.siwiba.com.sb
1	aeu.alicdn.com	www.siwiba.com.sb
1	i.alipayobjects.com	www.siwiba.com.sb
1	img.alicdn.com	www.siwiba.com.sb
8	4

This site contains no links.

Subject Issuer	Validity	Valid
ru.aliexpress.com DigiCert SHA2 Secure Server CA	`2019-03-12` - `2020-05-27`	a year	crt.sh
*.alipayobjects.com DigiCert SHA2 Secure Server CA	`2018-07-27` - `2019-07-27`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://www.siwiba.com.sb/cli/finder/sign_auth/sign_auth/sign_auth/953cfa3b4e529bbfa27e009e80af727e953cfa3b4e529bbfa27e009e80bf727e/authUpdate.php
Frame ID: 2C8E6EDED0AD350A66D4C48928021F19
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

LiteSpeed (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^LiteSpeed$/i

Page Statistics

8
Requests

25 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

3
IPs

3
Countries

140 kB
Transfer

252 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request authUpdate.php Show response www.siwiba.com.sb/cli/finder/sign_auth/sign_auth/sign_auth/953cfa3b4e529bbfa27e009e80af727e953cfa3b4e529bbfa27e009e80bf727e/	8 KB 3 KB	2346ms 621ms	Document text/html	116.90.60.58 DIGITALPACIFIC-AU...
General Check archive.org Show headers Download Go to Full URL http://www.siwiba.com.sb/cli/finder/sign_auth/sign_auth/sign_auth/953cfa3b4e529bbfa27e009e80af727e953cfa3b4e529bbfa27e009e80bf727e/authUpdate.php Protocol HTTP/1.1 Server 116.90.60.58 , Australia, ASN55803 (DIGITALPACIFIC-AU Digital Pacific Pty Ltd Australia, AU), Reverse DNS vmres08.web-servers.com.au Software LiteSpeed / PHP/7.1.29 Resource Hash `8ba6a2de0b9ec77d2abaaa76dd999f33d503ec991556503ab3474572e942e6d8` Request headers Host www.siwiba.com.sb Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers X-Powered-By PHP/7.1.29 Content-Type text/html; charset=UTF-8 Cache-Control public, max-age=0,public Expires Thu, 23 May 2019 10:02:21 GMT Content-Length 2761 Content-Encoding gzip Vary Accept-Encoding,User-Agent Date Thu, 23 May 2019 10:02:21 GMT Server LiteSpeed Connection close
GET H/1.1	200 OK	ucenter.css www.siwiba.com.sb/cli/finder/sign_auth/sign_auth/sign_auth/953cfa3b4e529bbfa27e009e80af727e953cfa3b4e529bbfa27e009e80bf727e/file/	42 KB 12 KB	804ms 323ms	Stylesheet text/css	116.90.60.58 DIGITALPACIFIC-AU...
General Check archive.org Show headers Download Go to Full URL http://www.siwiba.com.sb/cli/finder/sign_auth/sign_auth/sign_auth/953cfa3b4e529bbfa27e009e80af727e953cfa3b4e529bbfa27e009e80bf727e/file/ucenter.css Requested by Host: www.siwiba.com.sb URL: http://www.siwiba.com.sb/cli/finder/sign_auth/sign_auth/sign_auth/953cfa3b4e529bbfa27e009e80af727e953cfa3b4e529bbfa27e009e80bf727e/authUpdate.php Protocol HTTP/1.1 Server 116.90.60.58 , Australia, ASN55803 (DIGITALPACIFIC-AU Digital Pacific Pty Ltd Australia, AU), Reverse DNS vmres08.web-servers.com.au Software LiteSpeed / Resource Hash `9cf10b295789920dbc4dc02f31bcf7632c49c36cabbb1267aafe4988c92b53fd` Request headers Referer http://www.siwiba.com.sb/cli/finder/sign_auth/sign_auth/sign_auth/953cfa3b4e529bbfa27e009e80af727e953cfa3b4e529bbfa27e009e80bf727e/authUpdate.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 23 May 2019 10:02:22 GMT Content-Encoding gzip Last-Modified Fri, 20 Jul 2018 06:15:54 GMT Server LiteSpeed ETag "a80e-5b517e1a-b9224b29c4c2673b;gz" Vary Accept-Encoding,User-Agent Content-Type text/css Cache-Control public, max-age=31536000,public Connection Keep-Alive Accept-Ranges bytes Content-Length 11392 Expires Fri, 22 May 2020 10:02:22 GMT
GET H/1.1	200 OK	cj.js Show response www.siwiba.com.sb/cli/finder/sign_auth/sign_auth/sign_auth/953cfa3b4e529bbfa27e009e80af727e953cfa3b4e529bbfa27e009e80bf727e/file/	69 KB 32 KB	1767ms 322ms	Script application/javascript	116.90.60.58 DIGITALPACIFIC-AU...
General Check archive.org Show headers Download Go to Full URL http://www.siwiba.com.sb/cli/finder/sign_auth/sign_auth/sign_auth/953cfa3b4e529bbfa27e009e80af727e953cfa3b4e529bbfa27e009e80bf727e/file/cj.js Requested by Host: www.siwiba.com.sb URL: http://www.siwiba.com.sb/cli/finder/sign_auth/sign_auth/sign_auth/953cfa3b4e529bbfa27e009e80af727e953cfa3b4e529bbfa27e009e80bf727e/authUpdate.php Protocol HTTP/1.1 Server 116.90.60.58 , Australia, ASN55803 (DIGITALPACIFIC-AU Digital Pacific Pty Ltd Australia, AU), Reverse DNS vmres08.web-servers.com.au Software LiteSpeed / Resource Hash `9abc332941e0b2d26c905f397a78b5d92472412cf19f18efa6f79f80257b5cd4` Request headers Referer http://www.siwiba.com.sb/cli/finder/sign_auth/sign_auth/sign_auth/953cfa3b4e529bbfa27e009e80af727e953cfa3b4e529bbfa27e009e80bf727e/authUpdate.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 23 May 2019 10:02:23 GMT Content-Encoding gzip Last-Modified Fri, 20 Jul 2018 06:15:52 GMT Server LiteSpeed ETag "11498-5b517e18-425ba718a2b2fb68;gz" Vary Accept-Encoding,User-Agent Content-Type application/javascript Cache-Control public, max-age=31536000,public Connection Keep-Alive Accept-Ranges bytes Content-Length 32091 Expires Fri, 22 May 2020 10:02:23 GMT
GET H/1.1	404 Not Found	saved_resource www.siwiba.com.sb/cli/finder/sign_auth/sign_auth/sign_auth/953cfa3b4e529bbfa27e009e80af727e953cfa3b4e529bbfa27e009e80bf727e/Alibaba%20Group%20_%20Member%20Center_files/	0 0	1126ms 317ms	Script text/html	116.90.60.58 DIGITALPACIFIC-AU...
General Check archive.org Show headers Download Go to Full URL http://www.siwiba.com.sb/cli/finder/sign_auth/sign_auth/sign_auth/953cfa3b4e529bbfa27e009e80af727e953cfa3b4e529bbfa27e009e80bf727e/Alibaba%20Group%20_%20Member%20Center_files/saved_resource Requested by Host: www.siwiba.com.sb URL: http://www.siwiba.com.sb/cli/finder/sign_auth/sign_auth/sign_auth/953cfa3b4e529bbfa27e009e80af727e953cfa3b4e529bbfa27e009e80bf727e/authUpdate.php Protocol HTTP/1.1 Server 116.90.60.58 , Australia, ASN55803 (DIGITALPACIFIC-AU Digital Pacific Pty Ltd Australia, AU), Reverse DNS vmres08.web-servers.com.au Software LiteSpeed / Resource Hash Request headers Referer http://www.siwiba.com.sb/cli/finder/sign_auth/sign_auth/sign_auth/953cfa3b4e529bbfa27e009e80af727e953cfa3b4e529bbfa27e009e80bf727e/authUpdate.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Pragma no-cache Date Thu, 23 May 2019 10:02:22 GMT Server LiteSpeed Vary User-Agent Content-Type text/html Cache-Control private, no-cache, no-store, must-revalidate, max-age=0,public Connection Keep-Alive Content-Length 618
GET H/1.1	200 OK	uab.js Show response www.siwiba.com.sb/cli/finder/sign_auth/sign_auth/sign_auth/953cfa3b4e529bbfa27e009e80af727e953cfa3b4e529bbfa27e009e80bf727e/file/	755 B 824 B	1444ms 318ms	Script application/javascript	116.90.60.58 DIGITALPACIFIC-AU...
General Check archive.org Show headers Download Go to Full URL http://www.siwiba.com.sb/cli/finder/sign_auth/sign_auth/sign_auth/953cfa3b4e529bbfa27e009e80af727e953cfa3b4e529bbfa27e009e80bf727e/file/uab.js Requested by Host: www.siwiba.com.sb URL: http://www.siwiba.com.sb/cli/finder/sign_auth/sign_auth/sign_auth/953cfa3b4e529bbfa27e009e80af727e953cfa3b4e529bbfa27e009e80bf727e/authUpdate.php Protocol HTTP/1.1 Server 116.90.60.58 , Australia, ASN55803 (DIGITALPACIFIC-AU Digital Pacific Pty Ltd Australia, AU), Reverse DNS vmres08.web-servers.com.au Software LiteSpeed / Resource Hash `87855f9863570a7f8250ec99d0352b3373c25eb4daf5f3b4002e26f25feee4d7` Request headers Referer http://www.siwiba.com.sb/cli/finder/sign_auth/sign_auth/sign_auth/953cfa3b4e529bbfa27e009e80af727e953cfa3b4e529bbfa27e009e80bf727e/authUpdate.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 23 May 2019 10:02:22 GMT Content-Encoding gzip Last-Modified Fri, 20 Jul 2018 06:15:54 GMT Server LiteSpeed ETag "2f3-5b517e1a-5bfb038e78155a4d;gz" Vary Accept-Encoding,User-Agent Content-Type application/javascript Cache-Control public, max-age=31536000,public Connection Keep-Alive Accept-Ranges bytes Content-Length 410 Expires Fri, 22 May 2020 10:02:22 GMT
GET H2	200	TB1VrzaJpXXXXaYXFXXS4Sb7pXX-228-800.png img.alicdn.com/tps/i4/	44 KB 44 KB	663ms 218ms	Image image/png	104.111.216.213 Akamai Technologies
General Check archive.org Show headers Download Go to Show image Full URL https://img.alicdn.com/tps/i4/TB1VrzaJpXXXXaYXFXXS4Sb7pXX-228-800.png Requested by Host: www.siwiba.com.sb URL: http://www.siwiba.com.sb/cli/finder/sign_auth/sign_auth/sign_auth/953cfa3b4e529bbfa27e009e80af727e953cfa3b4e529bbfa27e009e80bf727e/authUpdate.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.111.216.213 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a104-111-216-213.deploy.static.akamaitechnologies.com Software Tengine / Resource Hash `fcd01be1714efd8bec49330821106a6bc325429dbab7c24e584366832bfcacec` Request headers Referer http://www.siwiba.com.sb/cli/finder/sign_auth/sign_auth/sign_auth/953cfa3b4e529bbfa27e009e80af727e953cfa3b4e529bbfa27e009e80bf727e/file/ucenter.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Thu, 23 May 2019 10:02:23 GMT last-modified Thu, 08 Dec 2016 07:53:29 GMT server Tengine access-control-allow-origin * x-alicdn-via cache30.l2de1[M=T;FT=1;R=2;ST=124;UR=1;CT=0] ali-swift-global-savetime 1557942939 content-type image/png status 200 cache-control max-age=30873209 served-from 2.16.187.6 timing-allow-origin * network_info DE_FRANKFURT_9009 content-length 45087 expires Thu, 14 May 2020 17:55:52 GMT
GET H2	200	rei.woff i.alipayobjects.com/common/fonts/	19 KB 20 KB	3437ms 67ms	Font application/x-font-woff	195.27.31.233 CW Vodafone Group...
General Check archive.org Show headers Download Go to Full URL https://i.alipayobjects.com/common/fonts/rei.woff Requested by Host: www.siwiba.com.sb URL: http://www.siwiba.com.sb/cli/finder/sign_auth/sign_auth/sign_auth/953cfa3b4e529bbfa27e009e80af727e953cfa3b4e529bbfa27e009e80bf727e/authUpdate.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.27.31.233 , Germany, ASN1273 (CW Vodafone Group PLC, GB), Reverse DNS Software Tengine / Resource Hash `2fc4b5faf57998c3dfb0d2f3e172bc02391a0efdd35740d55734cf2a0d99f609` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer http://www.siwiba.com.sb/cli/finder/sign_auth/sign_auth/sign_auth/953cfa3b4e529bbfa27e009e80af727e953cfa3b4e529bbfa27e009e80bf727e/file/ucenter.css Origin http://www.siwiba.com.sb Response headers date Wed, 22 May 2019 08:19:26 GMT via spanner-internet-g2-19.em14[304], cache14.l2sg52[392,304-0,H], cache21.l2sg52[393,0], cache5.de1[0,200-0,H], cache4.de1[0,0] x-hostname apimg-40-5004 x-oss-request-id 5CE5060EED9B97B4B2B4E4DF content-md5 426ha5z9qljsg8Pr4yQezg== age 92580 x-cache HIT TCP_MEM_HIT dirn:4:731786641 status 200 x-swift-cachetime 604799 x-swift-savetime Wed, 22 May 2019 08:19:27 GMT content-length 19832 x-oss-object-type Normal last-modified Fri, 24 Jun 2016 08:09:14 GMT server Tengine etag "E36EA16B9CFDAA58EC83C3EBE3241ECE" ali-swift-global-savetime 1544252865 content-type application/x-font-woff access-control-allow-origin * cache-control max-age=604800 x-oss-storage-class Standard accept-ranges bytes timing-allow-origin * x-oss-hash-crc64ecma 1689112461200219459 eagleid c31b1fcc15586057462126017e x-oss-server-time 1 expires Wed, 29 May 2019 08:19:26 GMT
GET H/1.1	200 OK	cj.js Show response aeu.alicdn.com/static/13/	69 KB 28 KB	1114ms 49ms	Script application/x-javascript	104.111.216.213 Akamai Technologies
General Check archive.org Show headers Download Go to Full URL http://aeu.alicdn.com/static/13/cj.js Requested by Host: www.siwiba.com.sb URL: http://www.siwiba.com.sb/cli/finder/sign_auth/sign_auth/sign_auth/953cfa3b4e529bbfa27e009e80af727e953cfa3b4e529bbfa27e009e80bf727e/file/uab.js Protocol HTTP/1.1 Server 104.111.216.213 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a104-111-216-213.deploy.static.akamaitechnologies.com Software Tengine / Resource Hash `9abc332941e0b2d26c905f397a78b5d92472412cf19f18efa6f79f80257b5cd4` Request headers Referer http://www.siwiba.com.sb/cli/finder/sign_auth/sign_auth/sign_auth/953cfa3b4e529bbfa27e009e80af727e953cfa3b4e529bbfa27e009e80bf727e/authUpdate.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 23 May 2019 10:02:24 GMT Content-Encoding gzip Server Tengine Vary Accept-Encoding Ali-Swift-Global-Savetime 1466591772 Content-Type application/x-javascript X-ALICDN-Via cache50.l2de1[M=T;FT=1;R=1;UR=1;CT=0] Cache-Control max-age=223346033 SERVED-FROM 2.16.187.6 Connection keep-alive Timing-Allow-Origin * Network_Info DE_FRANKFURT_9009 Content-Length 28405 Expires Sat, 20 Jun 2026 10:36:17 GMT

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aeu.alicdn.com
i.alipayobjects.com
img.alicdn.com
www.siwiba.com.sb
104.111.216.213
116.90.60.58
195.27.31.233
2fc4b5faf57998c3dfb0d2f3e172bc02391a0efdd35740d55734cf2a0d99f609
87855f9863570a7f8250ec99d0352b3373c25eb4daf5f3b4002e26f25feee4d7
8ba6a2de0b9ec77d2abaaa76dd999f33d503ec991556503ab3474572e942e6d8
9abc332941e0b2d26c905f397a78b5d92472412cf19f18efa6f79f80257b5cd4
9cf10b295789920dbc4dc02f31bcf7632c49c36cabbb1267aafe4988c92b53fd
fcd01be1714efd8bec49330821106a6bc325429dbab7c24e584366832bfcacec

www.siwiba.com.sb Open in urlscan Pro 116.90.60.58 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

8 Requests

25 %HTTPS

0 %IPv6

3 Domains

4 Subdomains

3 IPs

3 Countries

140 kBTransfer

252 kBSize

0 Cookies

0 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

0 Cookies

Indicators

www.siwiba.com.sb Open in urlscan Pro
116.90.60.58 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

25 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

3
IPs

3
Countries

140 kB
Transfer

252 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions