aikman-glory.tk Open in urlscan Pro
2400:cb00:2048:1::681f:5132 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://aikman-glory.tk/about_files/?email=
Effective URL:
http://aikman-glory.tk/about_files/sf5dc4adww0wv2ubsam2abeg.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=...
Submission: On July 30 via manual (July 30th 2018, 7:50:44 am UTC) from US

Summary HTTP 12 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 12 HTTP transactions. The main IP is 2400:cb00:2048:1::681f:5132, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is aikman-glory.tk.

This is the only time aikman-glory.tk was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Outlook Web Access (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 8	2400:cb00:204... 2400:cb00:2048:1::681f:5132	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
4	2400:cb00:204... 2400:cb00:2048:1::681f:5032	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	212.72.4.128 212.72.4.128	28885 (OMANTEL-N...) (OMANTEL-NAP-AS OmanTel NAP)
12	3

8 2400:cb00:2048:1::681f:5132 (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

aikman-glory.tk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2400:cb00:2048:1::681f:5032 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

aikman-glory.tk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.72.4.128 (Oman)

ASN28885 (OMANTEL-NAP-AS OmanTel NAP, OM)
PTR: mail.omantel.net.om

mail.omantel.net.om	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	aikman-glory.tk 1 redirects aikman-glory.tk	30 KB
1	omantel.net.om mail.omantel.net.om	175 B
12	2

	Domain	Requested by
12	aikman-glory.tk	1 redirects aikman-glory.tk
1	mail.omantel.net.om	aikman-glory.tk
12	2

This site contains links to these domains. Also see Links.

Domain
go.microsoft.com

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://aikman-glory.tk/about_files/sf5dc4adww0wv2ubsam2abeg.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Frame ID: DDC6D636F97D3F621959BCC003598A4B
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://aikman-glory.tk/about_files/?email= HTTP 302
http://aikman-glory.tk/about_files/sf5dc4adww0wv2ubsam2abeg.php?rand=13InboxLightaspxn.1774256418&f... Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /cloudflare/i

Page Statistics

12
Requests

0 %
HTTPS

67 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

29 kB
Transfer

36 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://go.microsoft.com/fwlink/?LinkId=65796
Title: security risks

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://aikman-glory.tk/about_files/?email= HTTP 302
http://aikman-glory.tk/about_files/sf5dc4adww0wv2ubsam2abeg.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request sf5dc4adww0wv2ubsam2abeg.php Show response
aikman-glory.tk/about_files/
Redirect Chain

http://aikman-glory.tk/about_files/?email=
http://aikman-glory.tk/about_files/sf5dc4adww0wv2ubsam2abeg.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&....

12 KB
4 KB

17ms
17ms

Document
text/html

2400:cb00:2048:1::681f:5132
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

http://aikman-glory.tk/about_files/sf5dc4adww0wv2ubsam2abeg.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4

Protocol

HTTP/1.1

Server

2400:cb00:2048:1::681f:5132 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e06a6fb94531db6eb05630d62d5d2d12a39207359f5bda8bdb684ccdd02b125e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Host: aikman-glory.tk
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Cookie: __cfduid=d574a191fde4b003e06b3d7effa9a06fd1532937033; PHPSESSID=qdhf9so7i0j1id009c3otq3215
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: DDC6D636F97D3F621959BCC003598A4B

Response headers

Date: Mon, 30 Jul 2018 07:50:33 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubdomains
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 44263c2887aa980a-FRA
Content-Encoding: gzip

Redirect headers

Date: Mon, 30 Jul 2018 07:50:33 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d574a191fde4b003e06b3d7effa9a06fd1532937033; expires=Tue, 30-Jul-19 07:50:33 GMT; path=/; domain=.aikman-glory.tk; HttpOnly PHPSESSID=qdhf9so7i0j1id009c3otq3215; path=/
Strict-Transport-Security: max-age=63072000; includeSubdomains
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: sf5dc4adww0wv2ubsam2abeg.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4#n=1252899642&fid=1&fav=1
Server: cloudflare
CF-RAY: 44263c28578b980a-FRA

GET
H/1.1 200
OK logon.css
aikman-glory.tk/about_files/ 2 KB
1 KB 34ms
33ms Stylesheet
text/css 2400:cb00:2048:1::681f:5132
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

http://aikman-glory.tk/about_files/logon.css

Requested by

Host: aikman-glory.tk
URL: http://aikman-glory.tk/about_files/sf5dc4adww0wv2ubsam2abeg.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4

Protocol

HTTP/1.1

Server

2400:cb00:2048:1::681f:5132 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

da50bcb5382766a7c25162bbfd523928ccecf337ed574af0b249a59b546cb834

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: aikman-glory.tk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://aikman-glory.tk/about_files/sf5dc4adww0wv2ubsam2abeg.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Cookie: __cfduid=d574a191fde4b003e06b3d7effa9a06fd1532937033; PHPSESSID=qdhf9so7i0j1id009c3otq3215
Connection: keep-alive
Cache-Control: no-cache
Referer: http://aikman-glory.tk/about_files/sf5dc4adww0wv2ubsam2abeg.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 30 Jul 2018 07:50:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 10 Jun 2015 12:49:50 GMT
Server: cloudflare
X-Frame-Options: DENY
ETag: W/"66926-9d9-518294f7ef780"
Strict-Transport-Security: max-age=63072000; includeSubdomains
Content-Type: text/css
Cache-Control: public, max-age=14400
CF-RAY: 44263c28a7b6980a-FRA
Expires: Mon, 30 Jul 2018 11:50:33 GMT

GET
H/1.1 200
OK owafont.css
aikman-glory.tk/about_files/ 5 KB
2 KB 60ms
54ms Stylesheet
text/css 2400:cb00:2048:1::681f:5032
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

http://aikman-glory.tk/about_files/owafont.css

Requested by

Protocol

HTTP/1.1

Server

2400:cb00:2048:1::681f:5032 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a8a50bbfec3340a13879de71a5dbe889eca252ac9cfb523c6cea94f05b7b673

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: aikman-glory.tk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://aikman-glory.tk/about_files/sf5dc4adww0wv2ubsam2abeg.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Cookie: __cfduid=d574a191fde4b003e06b3d7effa9a06fd1532937033; PHPSESSID=qdhf9so7i0j1id009c3otq3215
Connection: keep-alive
Cache-Control: no-cache
Referer: http://aikman-glory.tk/about_files/sf5dc4adww0wv2ubsam2abeg.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 30 Jul 2018 07:50:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 10 Jun 2015 12:53:20 GMT
Server: cloudflare
X-Frame-Options: DENY
ETag: W/"66927-12d6-518295c035000"
Strict-Transport-Security: max-age=63072000; includeSubdomains
Content-Type: text/css
Cache-Control: public, max-age=14400
CF-RAY: 44263c28b41163a9-FRA
Expires: Mon, 30 Jul 2018 11:50:33 GMT

GET
H/1.1 200
OK lgntopl.gif
aikman-glory.tk/about_files/ 4 KB
5 KB 30ms
30ms Image
image/gif 2400:cb00:2048:1::681f:5132
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://aikman-glory.tk/about_files/lgntopl.gif

Requested by

Protocol

HTTP/1.1

Server

2400:cb00:2048:1::681f:5132 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5210f24b7b78ab6418056a88a82dd0af4675551379f19047e4a016f72a6433df

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: aikman-glory.tk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://aikman-glory.tk/about_files/sf5dc4adww0wv2ubsam2abeg.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Cookie: __cfduid=d574a191fde4b003e06b3d7effa9a06fd1532937033; PHPSESSID=qdhf9so7i0j1id009c3otq3215
Connection: keep-alive
Cache-Control: no-cache
Referer: http://aikman-glory.tk/about_files/sf5dc4adww0wv2ubsam2abeg.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 30 Jul 2018 07:50:33 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
Connection: keep-alive
Content-Length: 4375
Last-Modified: Wed, 10 Jun 2015 12:47:02 GMT
Server: cloudflare
X-Frame-Options: DENY
ETag: "66923-1117-51829457b7d80"
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: public, max-age=14400
Accept-Ranges: bytes
CF-RAY: 44263c28e7ce980a-FRA
Expires: Mon, 30 Jul 2018 11:50:33 GMT

GET
H/1.1 200
OK lgntopr.gif
aikman-glory.tk/about_files/ 581 B
1 KB 29ms
28ms Image
image/gif 2400:cb00:2048:1::681f:5032
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://aikman-glory.tk/about_files/lgntopr.gif

Requested by

Protocol

HTTP/1.1

Server

2400:cb00:2048:1::681f:5032 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f27d451896ac6a8b768361e3f07c2adf1ee7ae6bcb92ac6d0bda7fb5cf915301

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: aikman-glory.tk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://aikman-glory.tk/about_files/sf5dc4adww0wv2ubsam2abeg.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Cookie: __cfduid=d574a191fde4b003e06b3d7effa9a06fd1532937033; PHPSESSID=qdhf9so7i0j1id009c3otq3215
Connection: keep-alive
Cache-Control: no-cache
Referer: http://aikman-glory.tk/about_files/sf5dc4adww0wv2ubsam2abeg.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 30 Jul 2018 07:50:33 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
Connection: keep-alive
Content-Length: 581
Last-Modified: Wed, 10 Jun 2015 12:47:26 GMT
Server: cloudflare
X-Frame-Options: DENY
ETag: "66924-245-5182946e9b380"
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: public, max-age=14400
Accept-Ranges: bytes
CF-RAY: 44263c29142563a9-FRA
Expires: Mon, 30 Jul 2018 11:50:33 GMT

GET
H/1.1 200
OK CookieAuth.dll
mail.omantel.net.om/ 61 B
175 B 780ms
128ms Image
image/gif 212.72.4.128
OMANTEL-NAP-AS Om...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mail.omantel.net.om/CookieAuth.dll?GetPic?formdir=1&image=lgnexlogo.gif
Requested by: Host: aikman-glory.tk
URL: http://aikman-glory.tk/about_files/sf5dc4adww0wv2ubsam2abeg.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Protocol: HTTP/1.1
Server: 212.72.4.128 , Oman, ASN28885 (OMANTEL-NAP-AS OmanTel NAP, OM),
Reverse DNS: mail.omantel.net.om
Software: /
Resource Hash: b125c5f621a199d89bc496740d7dac72f1a8462465a1b61e331727f5d369b2f4

Request headers

Referer: http://aikman-glory.tk/about_files/sf5dc4adww0wv2ubsam2abeg.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Cache-control: max-age=604800
Connection: close
Content-Length: 61
Content-Type: image/gif

GET
H/1.1 200
OK lgnbotl.gif
aikman-glory.tk/about_files/ 9 KB
10 KB 39ms
35ms Image
image/gif 2400:cb00:2048:1::681f:5132
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://aikman-glory.tk/about_files/lgnbotl.gif

Requested by

Protocol

HTTP/1.1

Server

2400:cb00:2048:1::681f:5132 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e2cda541bf24815df2facd5729d44b70ef4e4bdd160169295944aefc9e51b0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: aikman-glory.tk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://aikman-glory.tk/about_files/sf5dc4adww0wv2ubsam2abeg.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Cookie: __cfduid=d574a191fde4b003e06b3d7effa9a06fd1532937033; PHPSESSID=qdhf9so7i0j1id009c3otq3215
Connection: keep-alive
Cache-Control: no-cache
Referer: http://aikman-glory.tk/about_files/sf5dc4adww0wv2ubsam2abeg.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 30 Jul 2018 07:50:33 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
Connection: keep-alive
Content-Length: 9311
Last-Modified: Wed, 10 Jun 2015 13:01:35 GMT
Server: cloudflare
X-Frame-Options: DENY
ETag: "6691c-245f-51829798469c0"
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: public, max-age=14400
Accept-Ranges: bytes
CF-RAY: 44263c2917e5980a-FRA
Expires: Mon, 30 Jul 2018 11:50:33 GMT

GET
H/1.1 200
OK lgnbotr.gif
aikman-glory.tk/about_files/ 2 KB
3 KB 37ms
31ms Image
image/gif 2400:cb00:2048:1::681f:5132
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://aikman-glory.tk/about_files/lgnbotr.gif

Requested by

Protocol

HTTP/1.1

Server

2400:cb00:2048:1::681f:5132 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

97305ffb8ff74176df42bcd213e7cdfd7679630e19911a2db7b399c7960aec3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: aikman-glory.tk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://aikman-glory.tk/about_files/sf5dc4adww0wv2ubsam2abeg.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Cookie: __cfduid=d574a191fde4b003e06b3d7effa9a06fd1532937033; PHPSESSID=qdhf9so7i0j1id009c3otq3215
Connection: keep-alive
Cache-Control: no-cache
Referer: http://aikman-glory.tk/about_files/sf5dc4adww0wv2ubsam2abeg.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 30 Jul 2018 07:50:33 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
Connection: keep-alive
Content-Length: 2392
Last-Modified: Wed, 10 Jun 2015 13:01:51 GMT
Server: cloudflare
X-Frame-Options: DENY
ETag: "6691e-958-518297a788dc0"
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: public, max-age=14400
Accept-Ranges: bytes
CF-RAY: 44263c2917d3bef8-FRA
Expires: Mon, 30 Jul 2018 11:50:33 GMT

GET
H/1.1 200
OK lgnbotm.gif
aikman-glory.tk/about_files/ 276 B
797 B 40ms
35ms Image
image/gif 2400:cb00:2048:1::681f:5132
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://aikman-glory.tk/about_files/lgnbotm.gif

Requested by

Protocol

HTTP/1.1

Server

2400:cb00:2048:1::681f:5132 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6097839fd066f359bbe21fb228714cd33385a6995a060eaa504ee190e3c1178a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: aikman-glory.tk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://aikman-glory.tk/about_files/logon.css
Cookie: __cfduid=d574a191fde4b003e06b3d7effa9a06fd1532937033; PHPSESSID=qdhf9so7i0j1id009c3otq3215
Connection: keep-alive
Cache-Control: no-cache
Referer: http://aikman-glory.tk/about_files/logon.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 30 Jul 2018 07:50:33 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
Connection: keep-alive
Content-Length: 276
Last-Modified: Wed, 10 Jun 2015 12:51:01 GMT
Server: cloudflare
X-Frame-Options: DENY
ETag: "6691d-114-5182953ba5740"
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: public, max-age=14400
Accept-Ranges: bytes
CF-RAY: 44263c2915699792-FRA
Expires: Mon, 30 Jul 2018 11:50:33 GMT

GET
H/1.1 200
OK lgnright.gif
aikman-glory.tk/about_files/ 306 B
827 B 44ms
39ms Image
image/gif 2400:cb00:2048:1::681f:5032
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://aikman-glory.tk/about_files/lgnright.gif

Requested by

Protocol

HTTP/1.1

Server

2400:cb00:2048:1::681f:5032 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9626d4f60b20f2da50f763f20d891a70625dde0dba68116896026c400b8b775

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: aikman-glory.tk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://aikman-glory.tk/about_files/logon.css
Cookie: __cfduid=d574a191fde4b003e06b3d7effa9a06fd1532937033; PHPSESSID=qdhf9so7i0j1id009c3otq3215
Connection: keep-alive
Cache-Control: no-cache
Referer: http://aikman-glory.tk/about_files/logon.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 30 Jul 2018 07:50:33 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
Connection: keep-alive
Content-Length: 306
Last-Modified: Wed, 10 Jun 2015 12:51:32 GMT
Server: cloudflare
X-Frame-Options: DENY
ETag: "66921-132-5182955935d00"
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: public, max-age=14400
Accept-Ranges: bytes
CF-RAY: 44263c29176464e7-FRA
Expires: Mon, 30 Jul 2018 11:50:33 GMT

GET
H/1.1 200
OK lgnleft.gif
aikman-glory.tk/about_files/ 290 B
811 B 34ms
30ms Image
image/gif 2400:cb00:2048:1::681f:5132
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://aikman-glory.tk/about_files/lgnleft.gif

Requested by

Protocol

HTTP/1.1

Server

2400:cb00:2048:1::681f:5132 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

96a4b86c4a5ff1f1aa67c52287be64ebd51598d32cbd1249351e462cae549185

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: aikman-glory.tk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://aikman-glory.tk/about_files/logon.css
Cookie: __cfduid=d574a191fde4b003e06b3d7effa9a06fd1532937033; PHPSESSID=qdhf9so7i0j1id009c3otq3215
Connection: keep-alive
Cache-Control: no-cache
Referer: http://aikman-glory.tk/about_files/logon.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 30 Jul 2018 07:50:33 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
Connection: keep-alive
Content-Length: 290
Last-Modified: Wed, 10 Jun 2015 12:51:50 GMT
Server: cloudflare
X-Frame-Options: DENY
ETag: "66920-122-5182956a60580"
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: public, max-age=14400
Accept-Ranges: bytes
CF-RAY: 44263c2916da97f2-FRA
Expires: Mon, 30 Jul 2018 11:50:33 GMT

GET
H/1.1 200
OK lgntopm.gif
aikman-glory.tk/about_files/ 58 B
577 B 43ms
25ms Image
image/gif 2400:cb00:2048:1::681f:5032
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://aikman-glory.tk/about_files/lgntopm.gif

Requested by

Protocol

HTTP/1.1

Server

2400:cb00:2048:1::681f:5032 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d894a6800fd18d20423c66066097b9653be9eb3796f6a0e216dca220c45d6d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: aikman-glory.tk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://aikman-glory.tk/about_files/logon.css
Cookie: __cfduid=d574a191fde4b003e06b3d7effa9a06fd1532937033; PHPSESSID=qdhf9so7i0j1id009c3otq3215
Connection: keep-alive
Cache-Control: no-cache
Referer: http://aikman-glory.tk/about_files/logon.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 30 Jul 2018 07:50:33 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
Connection: keep-alive
Content-Length: 58
Last-Modified: Wed, 10 Jun 2015 12:50:48 GMT
Server: cloudflare
X-Frame-Options: DENY
ETag: "66925-3a-5182952f3fa00"
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: public, max-age=14400
Accept-Ranges: bytes
CF-RAY: 44263c29342963a9-FRA
Expires: Mon, 30 Jul 2018 11:50:33 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Outlook Web Access (Online)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

number| a_fGzpEnbl number| g_fFcs function| window_onload

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			aikman-glory.tk/	1969-12-31 23:59:59	Name: PHPSESSID Value: qdhf9so7i0j1id009c3otq3215
			.aikman-glory.tk/	1970-01-19 02:34:33	Name: __cfduid Value: d574a191fde4b003e06b3d7effa9a06fd1532937033

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aikman-glory.tk
mail.omantel.net.om
212.72.4.128
2400:cb00:2048:1::681f:5032
2400:cb00:2048:1::681f:5132
0e2cda541bf24815df2facd5729d44b70ef4e4bdd160169295944aefc9e51b0b
5210f24b7b78ab6418056a88a82dd0af4675551379f19047e4a016f72a6433df
5a8a50bbfec3340a13879de71a5dbe889eca252ac9cfb523c6cea94f05b7b673
6097839fd066f359bbe21fb228714cd33385a6995a060eaa504ee190e3c1178a
96a4b86c4a5ff1f1aa67c52287be64ebd51598d32cbd1249351e462cae549185
97305ffb8ff74176df42bcd213e7cdfd7679630e19911a2db7b399c7960aec3e
9d894a6800fd18d20423c66066097b9653be9eb3796f6a0e216dca220c45d6d6
a9626d4f60b20f2da50f763f20d891a70625dde0dba68116896026c400b8b775
b125c5f621a199d89bc496740d7dac72f1a8462465a1b61e331727f5d369b2f4
da50bcb5382766a7c25162bbfd523928ccecf337ed574af0b249a59b546cb834
e06a6fb94531db6eb05630d62d5d2d12a39207359f5bda8bdb684ccdd02b125e
f27d451896ac6a8b768361e3f07c2adf1ee7ae6bcb92ac6d0bda7fb5cf915301

aikman-glory.tk Open in urlscan Pro 2400:cb00:2048:1::681f:5132 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

12 Requests

0 %HTTPS

67 %IPv6

2 Domains

2 Subdomains

3 IPs

2 Countries

29 kBTransfer

36 kBSize

2 Cookies

1 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

3 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

aikman-glory.tk Open in urlscan Pro
2400:cb00:2048:1::681f:5132 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

0 %
HTTPS

67 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

29 kB
Transfer

36 kB
Size

2
Cookies

12 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!