Submitted URL: http://www.dlcomp.com/news/allah/view.php?login=gov-sales@splunk.com
Effective URL: http://www.dlcomp.com/news/allah/view-module-load.php?login=gov-sales@splunk.com
Submission: On April 28 via manual from US

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 16 HTTP transactions. The main IP is 173.236.80.186, located in Chicago, United States and belongs to SINGLEHOP-LLC - SingleHop, Inc., US. The main domain is www.dlcomp.com.
This is the only time www.dlcomp.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Email (Online)

Domain & IP information

IP Address AS Autonomous System
3 173.236.80.186 32475 (SINGLEHOP...)
12 192.185.193.142 20013 (CYRUSONE)
16 3
Apex Domain
Subdomains
Transfer
12 taxisoft.gr
www.taxisoft.gr Failed
86 KB
3 dlcomp.com
www.dlcomp.com
5 KB
16 2
Domain Requested by
12 www.taxisoft.gr www.taxisoft.gr
3 www.dlcomp.com www.dlcomp.com
16 2

This site contains no links.

Subject Issuer Validity Valid

This page contains 2 frames:

Frame: http://www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/view-module.php?login=gov-sales@splunk.com
Frame ID: 5739.1
Requests: 4 HTTP requests in this frame

Frame: http://www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/excel.php?login=gov-sales@splunk.com
Frame ID: 5816.1
Requests: 14 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://www.dlcomp.com/news/allah/view.php?login=gov-sales@splunk.com Page URL
  2. http://www.dlcomp.com/news/allah/view-module-load.php?login=gov-sales@splunk.com Page URL

Page Statistics

16
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

91 kB
Transfer

266 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.dlcomp.com/news/allah/view.php?login=gov-sales@splunk.com Page URL
  2. http://www.dlcomp.com/news/allah/view-module-load.php?login=gov-sales@splunk.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
view.php
www.dlcomp.com/news/allah/
12 KB
4 KB
Document

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
www.dlcomp.com
Accept-Language
en-US,en;q=0.8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Cache-Control
no-cache
Connection
keep-alive
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Fri, 28 Apr 2017 00:05:33 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Apache/2.2.24 (Unix) mod_hive/5.5 mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fastcgi/2.4.6 mod_fcgid/2.3.6
Transfer-Encoding
chunked
Content-Type
text/html
Connection
Keep-Alive
Host-Header
192fc2e7e50945beb8231a492d6a8024 192fc2e7e50945beb8231a492d6a8024
Keep-Alive
timeout=5, max=100
Primary Request Cookie set view-module-load.php
www.dlcomp.com/news/allah/
766 B
529 B
Document
General
Full URL
http://www.dlcomp.com/news/allah/view-module-load.php?login=gov-sales@splunk.com
Requested by
Host: www.dlcomp.com
URL: http://www.dlcomp.com/news/allah/view.php?login=gov-sales@splunk.com
Protocol
HTTP/1.1
Server
173.236.80.186 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop, Inc., US),
Reverse DNS
m2714.sgded.com
Software
Apache/2.2.24 (Unix) mod_hive/5.5 mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fastcgi/2.4.6 mod_fcgid/2.3.6 /
Resource Hash
276b8d6f83b2ba40c0579daf0e2fe6a2ebf3bacc94a8151e4e0e390035d79d14

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
www.dlcomp.com
Accept-Language
en-US,en;q=0.8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Referer
http://www.dlcomp.com/news/allah/view.php?login=gov-sales@splunk.com
Connection
keep-alive
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
Referer
http://www.dlcomp.com/news/allah/view.php?login=gov-sales@splunk.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 Apr 2017 00:05:34 GMT
Content-Encoding
gzip
Server
Apache/2.2.24 (Unix) mod_hive/5.5 mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fastcgi/2.4.6 mod_fcgid/2.3.6
Vary
Accept-Encoding
Content-Type
text/html
Set-Cookie
PHPSESSID=91ckulbd032vlf6slvcopaf1p7; path=/
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding
chunked
Connection
Keep-Alive
Host-Header
192fc2e7e50945beb8231a492d6a8024 192fc2e7e50945beb8231a492d6a8024
Keep-Alive
timeout=5, max=99
Expires
Thu, 19 Nov 1981 08:52:00 GMT
view-module.php
www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/
0
0

favicon.ico
www.dlcomp.com/
551 B
551 B
Other

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
www.dlcomp.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://www.dlcomp.com/news/allah/view-module-load.php?login=gov-sales@splunk.com
Cookie
PHPSESSID=91ckulbd032vlf6slvcopaf1p7
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dlcomp.com/news/allah/view-module-load.php?login=gov-sales@splunk.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Fri, 28 Apr 2017 00:05:34 GMT
Server
Apache/2.2.24 (Unix) mod_hive/5.5 mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fastcgi/2.4.6 mod_fcgid/2.3.6
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
551
Content-Type
text/html; charset=iso-8859-1
view-module.php
www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/ Frame 5816
114 B
0
Document
General
Full URL
http://www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/view-module.php?login=gov-sales@splunk.com
Protocol
HTTP/1.1
Server
192.185.193.142 Houston, United States, ASN20013 (CYRUSONE - CyrusOne LLC, US),
Reverse DNS
192-185-193-142.unifiedlayer.com
Software
nginx/1.12.0 /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
www.taxisoft.gr
Accept-Language
en-US,en;q=0.8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Referer
http://www.dlcomp.com/news/allah/view-module-load.php?login=gov-sales@splunk.com
Connection
keep-alive
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
Referer
http://www.dlcomp.com/news/allah/view-module-load.php?login=gov-sales@splunk.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Fri, 28 Apr 2017 00:07:54 GMT
Content-Encoding
gzip
Server
nginx/1.12.0
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html
view-module-1.php
www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/ Frame 5816
13 KB
5 KB
Document
General
Full URL
http://www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/view-module-1.php?login=gov-sales@splunk.com
Requested by
Host: www.taxisoft.gr
URL: http://www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/view-module.php?login=gov-sales@splunk.com
Protocol
HTTP/1.1
Server
192.185.193.142 Houston, United States, ASN20013 (CYRUSONE - CyrusOne LLC, US),
Reverse DNS
192-185-193-142.unifiedlayer.com
Software
nginx/1.12.0 /
Resource Hash
6ebf6fac87ecdfa3dc697a418e8e4a9307457506c6c700bfcf64e3629ec58f20

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
www.taxisoft.gr
Accept-Language
en-US,en;q=0.8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Referer
http://www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/view-module.php?login=gov-sales@splunk.com
Connection
keep-alive
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
Referer
http://www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/view-module.php?login=gov-sales@splunk.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Fri, 28 Apr 2017 00:07:54 GMT
Content-Encoding
gzip
Server
nginx/1.12.0
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html
view-module-2.php
www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/ Frame 5816
106 B
0
Document
General
Full URL
http://www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/view-module-2.php?login=gov-sales@splunk.com
Requested by
Host: www.taxisoft.gr
URL: http://www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/view-module-1.php?login=gov-sales@splunk.com
Protocol
HTTP/1.1
Server
192.185.193.142 Houston, United States, ASN20013 (CYRUSONE - CyrusOne LLC, US),
Reverse DNS
192-185-193-142.unifiedlayer.com
Software
nginx/1.12.0 /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
www.taxisoft.gr
Accept-Language
en-US,en;q=0.8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Referer
http://www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/view-module-1.php?login=gov-sales@splunk.com
Connection
keep-alive
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
Referer
http://www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/view-module-1.php?login=gov-sales@splunk.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Fri, 28 Apr 2017 00:07:54 GMT
Content-Encoding
gzip
Server
nginx/1.12.0
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html
image.php
www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/ Frame 5816
13 KB
5 KB
Document
General
Full URL
http://www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/image.php?login=gov-sales@splunk.com
Requested by
Host: www.taxisoft.gr
URL: http://www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/view-module-2.php?login=gov-sales@splunk.com
Protocol
HTTP/1.1
Server
192.185.193.142 Houston, United States, ASN20013 (CYRUSONE - CyrusOne LLC, US),
Reverse DNS
192-185-193-142.unifiedlayer.com
Software
nginx/1.12.0 /
Resource Hash
bcabfc5bebe76ebeea553cfb3ce81591b229a57bb18e55946475d4efe61c6611

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
www.taxisoft.gr
Accept-Language
en-US,en;q=0.8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Referer
http://www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/view-module-2.php?login=gov-sales@splunk.com
Connection
keep-alive
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
Referer
http://www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/view-module-2.php?login=gov-sales@splunk.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Fri, 28 Apr 2017 00:07:55 GMT
Content-Encoding
gzip
Server
nginx/1.12.0
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html
excel.php
www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/ Frame 5816
13 KB
6 KB
Document
General
Full URL
http://www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/excel.php?login=gov-sales@splunk.com
Requested by
Host: www.taxisoft.gr
URL: http://www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/image.php?login=gov-sales@splunk.com
Protocol
HTTP/1.1
Server
192.185.193.142 Houston, United States, ASN20013 (CYRUSONE - CyrusOne LLC, US),
Reverse DNS
192-185-193-142.unifiedlayer.com
Software
nginx/1.12.0 /
Resource Hash
d1f978cee8a40a28cd221b7367ac0ad823a3b78ea6c81f20d05dbc7d9f79f95b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
www.taxisoft.gr
Accept-Language
en-US,en;q=0.8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Referer
http://www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/image.php?login=gov-sales@splunk.com
Connection
keep-alive
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
Referer
http://www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/image.php?login=gov-sales@splunk.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Fri, 28 Apr 2017 00:07:55 GMT
Content-Encoding
gzip
Server
nginx/1.12.0
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html
EwrDefault.css
www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/hj_files/ Frame 5816
62 KB
16 KB
Stylesheet
General
Full URL
http://www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/hj_files/EwrDefault.css
Requested by
Host: www.taxisoft.gr
URL: http://www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/excel.php?login=gov-sales@splunk.com
Protocol
HTTP/1.1
Server
192.185.193.142 Houston, United States, ASN20013 (CYRUSONE - CyrusOne LLC, US),
Reverse DNS
192-185-193-142.unifiedlayer.com
Software
nginx/1.12.0 /
Resource Hash
4210260e2f3909eeb253cd4427dd3e2c478fa34c44baaf6c8780e80ed5282a35

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
www.taxisoft.gr
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/excel.php?login=gov-sales@splunk.com
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/excel.php?login=gov-sales@splunk.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Fri, 28 Apr 2017 00:07:55 GMT
Content-Encoding
gzip
Last-Modified
Mon, 26 Sep 2016 04:48:08 GMT
Server
nginx/1.12.0
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/css
excelframe.css
www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/hj_files/ Frame 5816
29 KB
8 KB
Stylesheet
General
Full URL
http://www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/hj_files/excelframe.css
Requested by
Host: www.taxisoft.gr
URL: http://www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/excel.php?login=gov-sales@splunk.com
Protocol
HTTP/1.1
Server
192.185.193.142 Houston, United States, ASN20013 (CYRUSONE - CyrusOne LLC, US),
Reverse DNS
192-185-193-142.unifiedlayer.com
Software
nginx/1.12.0 /
Resource Hash
8610ad89d5d8cc1a7023790114419916effd23f9444a861fdaade0e57035aea5

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
www.taxisoft.gr
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/excel.php?login=gov-sales@splunk.com
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/excel.php?login=gov-sales@splunk.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Fri, 28 Apr 2017 00:07:55 GMT
Content-Encoding
gzip
Last-Modified
Mon, 26 Sep 2016 04:48:08 GMT
Server
nginx/1.12.0
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/css
Aacorlib.js
www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/hj_files/ Frame 5816
79 KB
26 KB
Script
General
Full URL
http://www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/hj_files/Aacorlib.js
Requested by
Host: www.taxisoft.gr
URL: http://www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/excel.php?login=gov-sales@splunk.com
Protocol
HTTP/1.1
Server
192.185.193.142 Houston, United States, ASN20013 (CYRUSONE - CyrusOne LLC, US),
Reverse DNS
192-185-193-142.unifiedlayer.com
Software
nginx/1.12.0 /
Resource Hash
9308c82debe5ce32069c243be29ba0c53e94c7e75d4ac1593ef2e441faee6504

Request headers

Pragma
no-cache
Origin
http://www.taxisoft.gr
Accept-Encoding
gzip, deflate, sdch
Host
www.taxisoft.gr
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
*/*
Referer
http://www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/excel.php?login=gov-sales@splunk.com
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Referer
http://www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/excel.php?login=gov-sales@splunk.com
Origin
http://www.taxisoft.gr

Response headers

Date
Fri, 28 Apr 2017 00:07:55 GMT
Content-Encoding
gzip
Last-Modified
Mon, 26 Sep 2016 04:48:10 GMT
Server
nginx/1.12.0
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/javascript
Ewa.js
www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/hj_files/ Frame 5816
1 KB
794 B
Script
General
Full URL
http://www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/hj_files/Ewa.js
Requested by
Host: www.taxisoft.gr
URL: http://www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/excel.php?login=gov-sales@splunk.com
Protocol
HTTP/1.1
Server
192.185.193.142 Houston, United States, ASN20013 (CYRUSONE - CyrusOne LLC, US),
Reverse DNS
192-185-193-142.unifiedlayer.com
Software
nginx/1.12.0 /
Resource Hash
4cc1cf22458e2ee60cb6e76e7434cc5efd7d4adf5008c2823c88912c5865a81d

Request headers

Pragma
no-cache
Origin
http://www.taxisoft.gr
Accept-Encoding
gzip, deflate, sdch
Host
www.taxisoft.gr
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
*/*
Referer
http://www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/excel.php?login=gov-sales@splunk.com
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Referer
http://www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/excel.php?login=gov-sales@splunk.com
Origin
http://www.taxisoft.gr

Response headers

Date
Fri, 28 Apr 2017 00:07:55 GMT
Content-Encoding
gzip
Last-Modified
Mon, 26 Sep 2016 04:48:08 GMT
Server
nginx/1.12.0
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/javascript
Ewa_002.js
www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/hj_files/ Frame 5816
0
0
Script
General
Full URL
http://www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/hj_files/Ewa_002.js
Requested by
Host: www.taxisoft.gr
URL: http://www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/excel.php?login=gov-sales@splunk.com
Protocol
HTTP/1.1
Server
192.185.193.142 Houston, United States, ASN20013 (CYRUSONE - CyrusOne LLC, US),
Reverse DNS
192-185-193-142.unifiedlayer.com
Software
nginx/1.12.0 /
Resource Hash

Request headers

Pragma
no-cache
Origin
http://www.taxisoft.gr
Accept-Encoding
gzip, deflate, sdch
Host
www.taxisoft.gr
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
*/*
Referer
http://www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/excel.php?login=gov-sales@splunk.com
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Referer
http://www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/excel.php?login=gov-sales@splunk.com
Origin
http://www.taxisoft.gr

Response headers

Date
Fri, 28 Apr 2017 00:07:55 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18 Nov 2013 05:33:31 GMT
Server
nginx/1.12.0
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html
Ewa_003.js
www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/hj_files/ Frame 5816
30 KB
11 KB
Script
General
Full URL
http://www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/hj_files/Ewa_003.js
Requested by
Host: www.taxisoft.gr
URL: http://www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/excel.php?login=gov-sales@splunk.com
Protocol
HTTP/1.1
Server
192.185.193.142 Houston, United States, ASN20013 (CYRUSONE - CyrusOne LLC, US),
Reverse DNS
192-185-193-142.unifiedlayer.com
Software
nginx/1.12.0 /
Resource Hash
b50eeb042d7412b33c7640119aaec499943037e08211372710f46606ec6f2760

Request headers

Pragma
no-cache
Origin
http://www.taxisoft.gr
Accept-Encoding
gzip, deflate, sdch
Host
www.taxisoft.gr
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
*/*
Referer
http://www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/excel.php?login=gov-sales@splunk.com
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Referer
http://www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/excel.php?login=gov-sales@splunk.com
Origin
http://www.taxisoft.gr

Response headers

Date
Fri, 28 Apr 2017 00:07:55 GMT
Content-Encoding
gzip
Last-Modified
Mon, 26 Sep 2016 04:48:10 GMT
Server
nginx/1.12.0
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/javascript
truncated
/ Frame 5816
1001 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9bf08354e491a134d9a6557661835cfaf3ab6652c17aa0766524568400c6c9cd

Request headers

Response headers

truncated
/ Frame 5816
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7f87a803dcaa9a3c75ec3b8f670c76709d494f3086d8c8d279ec7da52abf4380

Request headers

Response headers

FavIcon_Excel.ico
www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/hj_files/ Frame 5816
9 KB
9 KB
Other
General
Full URL
http://www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/hj_files/FavIcon_Excel.ico
Protocol
HTTP/1.1
Server
192.185.193.142 Houston, United States, ASN20013 (CYRUSONE - CyrusOne LLC, US),
Reverse DNS
192-185-193-142.unifiedlayer.com
Software
nginx/1.12.0 /
Resource Hash
9ed15518f9a5f3fffe3971f82ff00ab32f8802c814d8f1f39509dcf540388f16

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
www.taxisoft.gr
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/excel.php?login=gov-sales@splunk.com
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/excel.php?login=gov-sales@splunk.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Fri, 28 Apr 2017 00:07:56 GMT
Last-Modified
Mon, 26 Sep 2016 04:53:30 GMT
Server
nginx/1.12.0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8958
Content-Type
image/x-icon

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.taxisoft.gr
URL
http://www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/view-module.php?login=gov-sales@splunk.com

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Email (Online)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies