urlscan.io logo urlscan.io
SecurityTrails logo

www.roithai.com Open in urlscan Pro
27.254.77.63  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.roithai.com/picture/1515044172.3Trrshell.php
Submission: On December 04 via manual from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 7 HTTP transactions. The main IP is 27.254.77.63, located in Thailand and belongs to CSLOXINFO-AS-AP CS LOXINFO PUBLIC COMPANY LIMITED, TH. The main domain is www.roithai.com.
This is the only time www.roithai.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 27.254.77.63 4750 (CSLOXINFO...)
2 2606:4700:30:... 13335 (CLOUDFLAR...)
1 151.101.12.193 54113 (FASTLY)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 35.165.65.14 16509 (AMAZON-02)
7 6
1    27.254.77.63 (Thailand)

ASN4750 (CSLOXINFO-AS-AP CS LOXINFO PUBLIC COMPANY LIMITED, TH)
www.roithai.com
2    2606:4700:30::6812:2980 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
r00t.info
1    151.101.12.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
i.imgur.com
1    2606:4700:30::681f:4719 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
expoilt.com
1    35.165.65.14 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-165-65-14.us-west-2.compute.amazonaws.com
apycom.com
Apex Domain
Subdomains		 Transfer
2 r00t.info
r00t.info
593 B
1 apycom.com
apycom.com
471 B
1 expoilt.com
expoilt.com
406 B
1 imgur.com
i.imgur.com
51 KB
1 roithai.com
www.roithai.com
3 MB
0 arabsh.com Failed
img03.arabsh.com Failed
7 6
Domain Requested by
2 r00t.info www.roithai.com
1 apycom.com www.roithai.com
1 expoilt.com www.roithai.com
1 i.imgur.com www.roithai.com
1 www.roithai.com
0 img03.arabsh.com Failed www.roithai.com
7 6

This site contains no links.

Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://www.roithai.com/picture/1515044172.3Trrshell.php
Frame ID: 790293308DC6972A5957E5646050A912
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Page Statistics

7
Requests

0 %
HTTPS

40 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

2869 kB
Transfer

2865 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set 1515044172.3Trrshell.php
www.roithai.com/picture/ 		3 MB
3 MB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.roithai.com/picture/1515044172.3Trrshell.php
Protocol
HTTP/1.1
Server
27.254.77.63 , Thailand, ASN4750 (CSLOXINFO-AS-AP CS LOXINFO PUBLIC COMPANY LIMITED, TH),
Reverse DNS
Software
Apache / PleskLin
Resource Hash
92458bb83138b964b823dceaf3a951872b71cc74ebc19b1d0d26b395d707c54d

Request headers

Host
www.roithai.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 04 Dec 2019 03:40:08 GMT
Server
Apache
Set-Cookie
PHPSESSID=2si6fi4nlkmh1uig9qra6c8dr7; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
X-Powered-By
PleskLin
Connection
close
Transfer-Encoding
chunked
Content-Type
text/html
ccb.js
r00t.info/ 		77 B
593 B 		Script
General
Check archive.org
Download Go to
Full URL
http://r00t.info/ccb.js
Requested by
Host: www.roithai.com
URL: http://www.roithai.com/picture/1515044172.3Trrshell.php
Protocol
HTTP/1.1
Server
2606:4700:30::6812:2980 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e47d4112f8264abd41238ba48f6d078ee7868290786b46e63800b4c0104f5da

Request headers

Referer
http://www.roithai.com/picture/1515044172.3Trrshell.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 04 Dec 2019 03:40:08 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
Last-Modified
Sun, 13 Oct 2019 22:21:26 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
53fac1d89845cba0-VIE
mVdgU0V.png
i.imgur.com/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://i.imgur.com/mVdgU0V.png
Requested by
Host: www.roithai.com
URL: http://www.roithai.com/picture/1515044172.3Trrshell.php
Protocol
HTTP/1.1
Server
151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
39264360b8576c8cf2e4f29ebc943affda441aca0a243699c16f8e6c6a8709cc

Request headers

Referer
http://www.roithai.com/picture/1515044172.3Trrshell.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 04 Dec 2019 03:40:08 GMT
Age
4033836
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
51986
X-Served-By
cache-bwi5121-BWI, cache-fra19168-FRA
Last-Modified
Wed, 30 Sep 2015 03:43:40 GMT
Server
cat factory 1.0
X-Timer
S1575430808.376462,VS0,VE1
ETag
"b65558bfedf2541d5b6458b20e4b5e39"
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
cache-control
public, max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
1, 1
log.js
r00t.info/lcrlamersavar/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://r00t.info/lcrlamersavar/log.js
Requested by
Host: www.roithai.com
URL: http://www.roithai.com/picture/1515044172.3Trrshell.php
Protocol
HTTP/1.1
Server
2606:4700:30::6812:2980 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://www.roithai.com/picture/1515044172.3Trrshell.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers
yaz.php
expoilt.com/ 		0
406 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://expoilt.com/yaz.php?a=http%3A//www.roithai.com/picture/1515044172.3Trrshell.php
Requested by
Host: www.roithai.com
URL: http://www.roithai.com/picture/1515044172.3Trrshell.php
Protocol
HTTP/1.1
Server
2606:4700:30::681f:4719 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.roithai.com/picture/1515044172.3Trrshell.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 04 Dec 2019 03:40:09 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Transfer-Encoding
chunked
Content-Type
text/html
Connection
keep-alive
CF-RAY
53fac1da9c0ecb98-VIE
0d37424266f70d.png
img03.arabsh.com/uploads/image/2012/09/11/ 		0
0
main-delimiter.png
apycom.com/ssc-data/items/1/00bfff/images/ 		229 B
471 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://apycom.com/ssc-data/items/1/00bfff/images/main-delimiter.png
Requested by
Host: www.roithai.com
URL: http://www.roithai.com/picture/1515044172.3Trrshell.php
Protocol
HTTP/1.1
Server
35.165.65.14 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-165-65-14.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
ab2c54d72874e6b83609b6e09f56c1bb00c8ce9951a3a685b7bb8f01cd8154fb

Request headers

Referer
http://www.roithai.com/picture/1515044172.3Trrshell.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 04 Dec 2019 03:40:08 GMT
Last-Modified
Fri, 04 Dec 2009 09:40:00 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
229

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
img03.arabsh.com
URL
http://img03.arabsh.com/uploads/image/2012/09/11/0d37424266f70d.png

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| a function| Encoder function| Encoder2 string| c_ string| a_ string| charset_ string| p1_ string| p2_ string| p3_ object| d function| set function| g

0 Cookies