pldt.com-cloud.co Open in urlscan Pro
2a02:26f0:78::174a:189a Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://pldt.com-cloud.co/ph/v-1i7.html
Submission: On September 26 via manual (September 26th 2017, 9:16:36 am UTC) from PH

Summary HTTP 12 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 12 HTTP transactions. The main IP is 2a02:26f0:78::174a:189a, located in European Union and belongs to AKAMAI-ASN1, US. The main domain is pldt.com-cloud.co.

This is the only time pldt.com-cloud.co was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
3	2a02:26f0:78:... 2a02:26f0:78::174a:189a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	2a02:26f0:78:... 2a02:26f0:78::174a:189c	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:81a::200a	15169 (GOOGLE) (GOOGLE - Google Inc.)
12	3

3 2a02:26f0:78::174a:189a (European Union)

ASN20940 (AKAMAI-ASN1, US)

pldt.com-cloud.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:26f0:78::174a:189c (European Union)

ASN20940 (AKAMAI-ASN1, US)

pldt.com-cloud.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::200a (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	com-cloud.co pldt.com-cloud.co	91 KB
1	googleapis.com ajax.googleapis.com	29 KB
12	2

	Domain	Requested by
11	pldt.com-cloud.co	pldt.com-cloud.co
1	ajax.googleapis.com	pldt.com-cloud.co
12	2

This site contains links to these domains. Also see Links.

Domain
iniua.voluumtrk.com

Subject Issuer	Validity	Valid
*.googleapis.com Google Internet Authority G2	`2017-09-13` - `2017-12-06`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://pldt.com-cloud.co/ph/v-1i7.html
Frame ID: 16053.1
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js/i

Page Statistics

12
Requests

8 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

120 kB
Transfer

271 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://iniua.voluumtrk.com/click
Title: OK

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request v-1i7.html Show response
pldt.com-cloud.co/ph/ 13 KB
3 KB 381ms
231ms Document
text/html 2a02:26f0:78::174a:189a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://pldt.com-cloud.co/ph/v-1i7.html
Protocol: HTTP/1.1
Server: 2a02:26f0:78::174a:189a , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: cdfe599e2765e8ef275657e7bee3a92a9ed9ee37c7e8917a040e8e58c3e24367

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: pldt.com-cloud.co
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control: no-cache
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date: Tue, 26 Sep 2017 09:16:26 GMT
Content-Encoding: gzip
Origin: https://mycloud.rackspace.com
Last-Modified: Thu, 14 Sep 2017 13:24:51 GMT
X-Trans-Id: tx53043f0d094342a4bf4f0-0059ba84ablon3
ETag: 87c47141ce2629b4c0bb5087703d13c6
Vary: Accept-Encoding
Content-Type: text/html
X-Timestamp: 1505395490.50837
Cache-Control: public, max-age=259174
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3538
Expires: Fri, 29 Sep 2017 09:16:00 GMT

GET
H/1.1 200
OK style.css
pldt.com-cloud.co/ph/ 8 KB
2 KB 124ms
124ms Stylesheet
text/css 2a02:26f0:78::174a:189a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://pldt.com-cloud.co/ph/style.css
Requested by: Host: pldt.com-cloud.co
URL: http://pldt.com-cloud.co/ph/v-1i7.html
Protocol: HTTP/1.1
Server: 2a02:26f0:78::174a:189a , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: a3a377894497936b69ad50388cc22581818ece4fc9182ee7b06ce6827901e1b8

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: pldt.com-cloud.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://pldt.com-cloud.co/ph/v-1i7.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://pldt.com-cloud.co/ph/v-1i7.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date: Tue, 26 Sep 2017 09:16:26 GMT
Content-Encoding: gzip
Origin: https://mycloud.rackspace.com
Last-Modified: Thu, 14 Sep 2017 13:21:17 GMT
X-Trans-Id: tx3b4739ca38b34c79afd7c-0059ca1aealon3
ETag: 9a765b2e95fa6ccb8de717cbf69d44f9
Vary: Accept-Encoding
Content-Type: text/css
X-Timestamp: 1505395276.62740
Cache-Control: public, max-age=259163
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2033
Expires: Fri, 29 Sep 2017 09:15:49 GMT

GET
H/1.1 200
OK logo.png
pldt.com-cloud.co/ph/ 10 KB
10 KB 158ms
152ms Image
image/png 2a02:26f0:78::174a:189c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pldt.com-cloud.co/ph/logo.png
Requested by: Host: pldt.com-cloud.co
URL: http://pldt.com-cloud.co/ph/v-1i7.html
Protocol: HTTP/1.1
Server: 2a02:26f0:78::174a:189c , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: d77cab25220c1ed240ad13153363871bed823f1ee8c740d4868018d1e17e5f13

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: pldt.com-cloud.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://pldt.com-cloud.co/ph/v-1i7.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://pldt.com-cloud.co/ph/v-1i7.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date: Tue, 26 Sep 2017 09:16:26 GMT
Origin: https://mycloud.rackspace.com
Last-Modified: Thu, 14 Sep 2017 13:21:17 GMT
X-Trans-Id: txb94a3651d029485ca3945-0059bd8de7lon3
ETag: 5c8630b01b87edda77da87a2d5885151
Content-Type: image/png
X-Timestamp: 1505395276.41569
Cache-Control: public, max-age=259161
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10016
Expires: Fri, 29 Sep 2017 09:15:47 GMT

GET
H/1.1 200
OK iphone_7.gif
pldt.com-cloud.co/ph/ 4 KB
4 KB 93ms
87ms Image
image/gif 2a02:26f0:78::174a:189c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pldt.com-cloud.co/ph/iphone_7.gif
Requested by: Host: pldt.com-cloud.co
URL: http://pldt.com-cloud.co/ph/v-1i7.html
Protocol: HTTP/1.1
Server: 2a02:26f0:78::174a:189c , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 3a79e300bda4cedb73426c5a7179987081cda1b53847937455c498b7a48beb53

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: pldt.com-cloud.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://pldt.com-cloud.co/ph/v-1i7.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://pldt.com-cloud.co/ph/v-1i7.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date: Tue, 26 Sep 2017 09:16:26 GMT
Origin: https://mycloud.rackspace.com
Last-Modified: Thu, 14 Sep 2017 13:21:17 GMT
ETag: 3e2cfba8804b6f9fb78644bcfd1a79b3
Content-Type: image/gif
X-Timestamp: 1505395276.31184
Cache-Control: public, max-age=259186
Content-Length: 3599
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: tx50fa7cb7ee434ad5b0fec-0059ca1aealon3
Expires: Fri, 29 Sep 2017 09:16:12 GMT

GET
H/1.1 200
OK samsung.gif
pldt.com-cloud.co/ph/ 4 KB
4 KB 153ms
124ms Image
image/gif 2a02:26f0:78::174a:189c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pldt.com-cloud.co/ph/samsung.gif
Requested by: Host: pldt.com-cloud.co
URL: http://pldt.com-cloud.co/ph/v-1i7.html
Protocol: HTTP/1.1
Server: 2a02:26f0:78::174a:189c , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: ead5741f52e49fb2382509397d90e141c85913a2d1807ff6bf1b8ed976c68556

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: pldt.com-cloud.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://pldt.com-cloud.co/ph/v-1i7.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://pldt.com-cloud.co/ph/v-1i7.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date: Tue, 26 Sep 2017 09:16:26 GMT
Origin: https://mycloud.rackspace.com
Last-Modified: Thu, 14 Sep 2017 13:21:17 GMT
ETag: 5544d83fba5dd2e06f06f81f7dfba600
Content-Type: image/gif
X-Timestamp: 1505395276.45202
Cache-Control: public, max-age=259200
Content-Length: 3916
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: txc607e1aa4b104de8a6c83-0059ca1aealon3
Expires: Fri, 29 Sep 2017 09:16:26 GMT

GET
H/1.1 200
OK disqus_hr.gif
pldt.com-cloud.co/ph/ 90 B
90 B 123ms
123ms Image
image/gif 2a02:26f0:78::174a:189c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pldt.com-cloud.co/ph/disqus_hr.gif
Requested by: Host: pldt.com-cloud.co
URL: http://pldt.com-cloud.co/ph/v-1i7.html
Protocol: HTTP/1.1
Server: 2a02:26f0:78::174a:189c , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: afe0c709cf4b479c6c621957b265236e04898760fde3bb29939db4afef4d13c0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: pldt.com-cloud.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://pldt.com-cloud.co/ph/v-1i7.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://pldt.com-cloud.co/ph/v-1i7.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date: Tue, 26 Sep 2017 09:16:26 GMT
Origin: https://mycloud.rackspace.com
Last-Modified: Thu, 14 Sep 2017 13:21:17 GMT
X-Trans-Id: tx8feb2b9a71bd457fb59c5-0059bd94b2lon3
ETag: 83f82d9dc4eba9492c521cc3a85f71d8
Content-Type: image/gif
X-Timestamp: 1505395276.24223
Cache-Control: public, max-age=259200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 90
Expires: Fri, 29 Sep 2017 09:16:26 GMT

GET
H/1.1 200
OK loader2.gif
pldt.com-cloud.co/ph/ 2 KB
2 KB 107ms
107ms Image
image/gif 2a02:26f0:78::174a:189c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pldt.com-cloud.co/ph/loader2.gif
Requested by: Host: pldt.com-cloud.co
URL: http://pldt.com-cloud.co/ph/v-1i7.html
Protocol: HTTP/1.1
Server: 2a02:26f0:78::174a:189c , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 81f8c055e3b99087883460c942b82d796fe5d2512101511e85d395b7a1690738

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: pldt.com-cloud.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://pldt.com-cloud.co/ph/v-1i7.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://pldt.com-cloud.co/ph/v-1i7.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date: Tue, 26 Sep 2017 09:16:26 GMT
Origin: https://mycloud.rackspace.com
Last-Modified: Thu, 14 Sep 2017 13:21:17 GMT
X-Trans-Id: tx84f3c6ae39e440f69cca1-0059bd8a94lon3
ETag: eb8d012e3a96ad781df62f79ae2d8b47
Content-Type: image/gif
X-Timestamp: 1505395276.31384
Cache-Control: public, max-age=259200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1818
Expires: Fri, 29 Sep 2017 09:16:26 GMT

GET
H/1.1 200
OK jquery-1.12.0.min.js Show response
pldt.com-cloud.co/ph/ 85 KB
29 KB 255ms
254ms Script
application/javascript 2a02:26f0:78::174a:189a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://pldt.com-cloud.co/ph/jquery-1.12.0.min.js
Requested by: Host: pldt.com-cloud.co
URL: http://pldt.com-cloud.co/ph/v-1i7.html
Protocol: HTTP/1.1
Server: 2a02:26f0:78::174a:189a , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 892fcc249b9b0fd6e8727741d21d5cdd5474238327ba116308b5dfad6ddfd1bd

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: pldt.com-cloud.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept: */*
Referer: http://pldt.com-cloud.co/ph/v-1i7.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://pldt.com-cloud.co/ph/v-1i7.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date: Tue, 26 Sep 2017 09:16:26 GMT
Content-Encoding: gzip
Origin: https://mycloud.rackspace.com
Last-Modified: Thu, 14 Sep 2017 13:21:17 GMT
X-Trans-Id: txf62f06749e54459db61ff-0059ca1aealon3
ETag: ac5017a6c6a77a3db6f989b281084b6f
Vary: Accept-Encoding
Content-Type: application/javascript
X-Timestamp: 1505395276.43217
Cache-Control: public, max-age=259157
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30117
Expires: Fri, 29 Sep 2017 09:15:43 GMT

GET
H/1.1 200
OK script.js Show response
pldt.com-cloud.co/ph/ 1 KB
301 B 92ms
86ms Script
application/javascript 2a02:26f0:78::174a:189c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://pldt.com-cloud.co/ph/script.js
Requested by: Host: pldt.com-cloud.co
URL: http://pldt.com-cloud.co/ph/v-1i7.html
Protocol: HTTP/1.1
Server: 2a02:26f0:78::174a:189c , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: f7e75a703941d8f187f22c709c57fbe522ad5bd1d0689198bf3c2dee83cb575f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: pldt.com-cloud.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept: */*
Referer: http://pldt.com-cloud.co/ph/v-1i7.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://pldt.com-cloud.co/ph/v-1i7.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date: Tue, 26 Sep 2017 09:16:26 GMT
Content-Encoding: gzip
Origin: https://mycloud.rackspace.com
Last-Modified: Thu, 14 Sep 2017 13:21:17 GMT
X-Trans-Id: tx2ed431aeef5144f9bdae6-0059ca1aealon3
ETag: f1747ecec3279100dc1b6826fc960282
Vary: Accept-Encoding
Content-Type: application/javascript
X-Timestamp: 1505395276.42501
Cache-Control: public, max-age=259191
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 301
Expires: Fri, 29 Sep 2017 09:16:17 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.0/ 84 KB
29 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:81a::200a
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js

Requested by

Host: pldt.com-cloud.co
URL: http://pldt.com-cloud.co/ph/v-1i7.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81a::200a , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /ajax/libs/jquery/2.2.0/jquery.min.js
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept: */*
cache-control: no-cache
:authority: ajax.googleapis.com
referer: http://pldt.com-cloud.co/ph/v-1i7.html
:scheme: https
:method: GET
Referer: http://pldt.com-cloud.co/ph/v-1i7.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date: Mon, 04 Sep 2017 16:40:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1874148
status: 200
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 30089
x-xss-protection: 1; mode=block
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Sep 2018 16:40:38 GMT

GET
H/1.1 200
OK bootstrap.js Show response
pldt.com-cloud.co/ph/ 35 KB
9 KB 148ms
142ms Script
application/javascript 2a02:26f0:78::174a:189c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://pldt.com-cloud.co/ph/bootstrap.js
Requested by: Host: pldt.com-cloud.co
URL: http://pldt.com-cloud.co/ph/v-1i7.html
Protocol: HTTP/1.1
Server: 2a02:26f0:78::174a:189c , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 6447e59227786bcda7ad58ef045540cba328e5ec0e5ddbd88b4f57122feaf926

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: pldt.com-cloud.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept: */*
Referer: http://pldt.com-cloud.co/ph/v-1i7.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://pldt.com-cloud.co/ph/v-1i7.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date: Tue, 26 Sep 2017 09:16:26 GMT
Content-Encoding: gzip
Origin: https://mycloud.rackspace.com
Last-Modified: Thu, 14 Sep 2017 13:21:17 GMT
X-Trans-Id: tx88c79907f6bd412e8cf09-0059ca1aealon3
ETag: 1ae0e64754a542cbea996dec63c326fd
Vary: Accept-Encoding
Content-Type: application/javascript
X-Timestamp: 1505395276.31125
Cache-Control: public, max-age=259193
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9545
Expires: Fri, 29 Sep 2017 09:16:19 GMT

GET
H/1.1 200
OK helveticaltstd-lightcond-webfont.woff
pldt.com-cloud.co/ph/ 28 KB
28 KB 164ms
160ms Font
application/font-woff 2a02:26f0:78::174a:189c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://pldt.com-cloud.co/ph/helveticaltstd-lightcond-webfont.woff
Requested by: Host: pldt.com-cloud.co
URL: http://pldt.com-cloud.co/ph/v-1i7.html
Protocol: HTTP/1.1
Server: 2a02:26f0:78::174a:189c , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 59d04673a30e91b9230adb74605627670cb2f408bd2cc898391c614c8b304325

Request headers

Pragma: no-cache
Origin: http://pldt.com-cloud.co
Accept-Encoding: gzip, deflate
Host: pldt.com-cloud.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept: */*
Referer: http://pldt.com-cloud.co/ph/style.css
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Referer: http://pldt.com-cloud.co/ph/style.css
Origin: http://pldt.com-cloud.co

Response headers

Date: Tue, 26 Sep 2017 09:16:26 GMT
Origin: https://mycloud.rackspace.com
Last-Modified: Thu, 14 Sep 2017 13:21:17 GMT
X-Trans-Id: tx3d557a4e14bb4802beefd-0059bd8de8lon3
ETag: 3a0b76830542c3ceeee11535982428af
Content-Type: application/font-woff
X-Timestamp: 1505395276.26543
Cache-Control: public, max-age=259200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 28228
Expires: Fri, 29 Sep 2017 09:16:26 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
pldt.com-cloud.co
2a00:1450:4001:81a::200a
2a02:26f0:78::174a:189a
2a02:26f0:78::174a:189c
3a79e300bda4cedb73426c5a7179987081cda1b53847937455c498b7a48beb53
59d04673a30e91b9230adb74605627670cb2f408bd2cc898391c614c8b304325
6447e59227786bcda7ad58ef045540cba328e5ec0e5ddbd88b4f57122feaf926
81f8c055e3b99087883460c942b82d796fe5d2512101511e85d395b7a1690738
892fcc249b9b0fd6e8727741d21d5cdd5474238327ba116308b5dfad6ddfd1bd
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
a3a377894497936b69ad50388cc22581818ece4fc9182ee7b06ce6827901e1b8
afe0c709cf4b479c6c621957b265236e04898760fde3bb29939db4afef4d13c0
cdfe599e2765e8ef275657e7bee3a92a9ed9ee37c7e8917a040e8e58c3e24367
d77cab25220c1ed240ad13153363871bed823f1ee8c740d4868018d1e17e5f13
ead5741f52e49fb2382509397d90e141c85913a2d1807ff6bf1b8ed976c68556
f7e75a703941d8f187f22c709c57fbe522ad5bd1d0689198bf3c2dee83cb575f

pldt.com-cloud.co Open in urlscan Pro 2a02:26f0:78::174a:189a Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

12 Requests

8 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

3 IPs

2 Countries

120 kBTransfer

271 kBSize

0 Cookies

1 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

0 Cookies

Indicators

pldt.com-cloud.co Open in urlscan Pro
2a02:26f0:78::174a:189a Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

8 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

120 kB
Transfer

271 kB
Size

0
Cookies

12 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!