www.dlcomp.com
Open in
urlscan Pro
173.236.80.186
Malicious Activity!
Public Scan
Effective URL: http://www.dlcomp.com/news/allah/view-module-load.php?login=gov-sales@splunk.com
Submission: On April 28 via manual from US
Summary
This is the only time www.dlcomp.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Email (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 | 173.236.80.186 173.236.80.186 | 32475 (SINGLEHOP...) (SINGLEHOP-LLC - SingleHop) | |
12 | 192.185.193.142 192.185.193.142 | 20013 (CYRUSONE) (CYRUSONE - CyrusOne LLC) | |
16 | 3 |
ASN32475 (SINGLEHOP-LLC - SingleHop, Inc., US)
PTR: m2714.sgded.com
www.dlcomp.com |
ASN20013 (CYRUSONE - CyrusOne LLC, US)
PTR: 192-185-193-142.unifiedlayer.com
www.taxisoft.gr |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
taxisoft.gr
www.taxisoft.gr Failed |
86 KB |
3 |
dlcomp.com
www.dlcomp.com |
5 KB |
16 | 2 |
Domain | Requested by | |
---|---|---|
12 | www.taxisoft.gr |
www.taxisoft.gr
|
3 | www.dlcomp.com |
www.dlcomp.com
|
16 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 2 frames:
Frame:
http://www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/view-module.php?login=gov-sales@splunk.com
Frame ID: 5739.1
Requests: 4 HTTP requests in this frame
Frame:
http://www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/excel.php?login=gov-sales@splunk.com
Frame ID: 5816.1
Requests: 14 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://www.dlcomp.com/news/allah/view.php?login=gov-sales@splunk.com Page URL
- http://www.dlcomp.com/news/allah/view-module-load.php?login=gov-sales@splunk.com Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://www.dlcomp.com/news/allah/view.php?login=gov-sales@splunk.com Page URL
- http://www.dlcomp.com/news/allah/view-module-load.php?login=gov-sales@splunk.com Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
view.php
www.dlcomp.com/news/allah/ |
12 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
Cookie set
view-module-load.php
www.dlcomp.com/news/allah/ |
766 B 529 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
view-module.php
www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
www.dlcomp.com/ |
551 B 551 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
view-module.php
www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/ Frame 5816 |
114 B 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
view-module-1.php
www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/ Frame 5816 |
13 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
view-module-2.php
www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/ Frame 5816 |
106 B 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
image.php
www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/ Frame 5816 |
13 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
excel.php
www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/ Frame 5816 |
13 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
EwrDefault.css
www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/hj_files/ Frame 5816 |
62 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
excelframe.css
www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/hj_files/ Frame 5816 |
29 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Aacorlib.js
www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/hj_files/ Frame 5816 |
79 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Ewa.js
www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/hj_files/ Frame 5816 |
1 KB 794 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Ewa_002.js
www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/hj_files/ Frame 5816 |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Ewa_003.js
www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/hj_files/ Frame 5816 |
30 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 5816 |
1001 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headersResponse headers |
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 5816 |
2 KB 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headersResponse headers |
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
FavIcon_Excel.ico
www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/hj_files/ Frame 5816 |
9 KB 9 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.taxisoft.gr
- URL
- http://www.taxisoft.gr/images/uploads/news/products-catalogue-excel-downloads2/view-module.php?login=gov-sales@splunk.com
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Email (Online)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
www.dlcomp.com
www.taxisoft.gr
www.taxisoft.gr
173.236.80.186
192.185.193.142
276b8d6f83b2ba40c0579daf0e2fe6a2ebf3bacc94a8151e4e0e390035d79d14
4210260e2f3909eeb253cd4427dd3e2c478fa34c44baaf6c8780e80ed5282a35
4cc1cf22458e2ee60cb6e76e7434cc5efd7d4adf5008c2823c88912c5865a81d
684c535f5d966a4c4f0b787dcc54528ae3032e55b5a35a7bfe1e579526f2b6c4
6ebf6fac87ecdfa3dc697a418e8e4a9307457506c6c700bfcf64e3629ec58f20
7f87a803dcaa9a3c75ec3b8f670c76709d494f3086d8c8d279ec7da52abf4380
8610ad89d5d8cc1a7023790114419916effd23f9444a861fdaade0e57035aea5
9308c82debe5ce32069c243be29ba0c53e94c7e75d4ac1593ef2e441faee6504
9bf08354e491a134d9a6557661835cfaf3ab6652c17aa0766524568400c6c9cd
9ed15518f9a5f3fffe3971f82ff00ab32f8802c814d8f1f39509dcf540388f16
b50eeb042d7412b33c7640119aaec499943037e08211372710f46606ec6f2760
bcabfc5bebe76ebeea553cfb3ce81591b229a57bb18e55946475d4efe61c6611
c643e6052bcbd7487b34522add3b1c41c3009a335f20a04fba61d5a0bf8de9ea
d1f978cee8a40a28cd221b7367ac0ad823a3b78ea6c81f20d05dbc7d9f79f95b