www.flamingi.com
Open in
urlscan Pro
185.38.248.125
Malicious Activity!
Public Scan
Submission: On October 04 via automatic, source openphish
Summary
This is the only time www.flamingi.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: AOL (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
13 | 185.38.248.125 185.38.248.125 | 197226 (SPRINT-SDC) (SPRINT-SDC) | |
3 | 2606:2800:233... 2606:2800:233:af6:eab:2108:1892:6d8 | 15133 (EDGECAST) (EDGECAST - MCI Communications Services) | |
1 | 152.195.39.122 152.195.39.122 | 15133 (EDGECAST) (EDGECAST - MCI Communications Services) | |
1 2 | 2.16.186.80 2.16.186.80 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 | 152.195.39.2 152.195.39.2 | 15133 (EDGECAST) (EDGECAST - MCI Communications Services) | |
22 | 6 |
ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
s.aolcdn.com |
ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
at.atwola.com |
ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-80.deploy.static.akamaitechnologies.com
b.scorecardresearch.com |
ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
cdn.at.atwola.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
flamingi.com
www.flamingi.com b.flamingi.com Failed |
92 KB |
3 |
atwola.com
at.atwola.com cdn.at.atwola.com |
|
3 |
aolcdn.com
s.aolcdn.com |
1 KB |
2 |
scorecardresearch.com
1 redirects
b.scorecardresearch.com |
985 B |
0 |
aol.com
Failed
o.sa.aol.com Failed |
|
22 | 5 |
Domain | Requested by | |
---|---|---|
13 | www.flamingi.com |
www.flamingi.com
|
3 | s.aolcdn.com |
www.flamingi.com
|
2 | cdn.at.atwola.com |
www.flamingi.com
|
2 | b.scorecardresearch.com |
1 redirects
www.flamingi.com
|
1 | at.atwola.com |
www.flamingi.com
|
0 | b.flamingi.com Failed |
www.flamingi.com
|
0 | o.sa.aol.com Failed |
www.flamingi.com
|
22 | 7 |
This site contains links to these domains. Also see Links.
Domain |
---|
help.aol.com |
aol.com |
help.channels.aol.com |
account.aol.com |
new.aol.com |
www.corp.aol.com |
privacy.aol.com |
legal.aol.com |
adinfo.aol.com |
daol.aol.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
o.aolcdn.com DigiCert SHA2 Secure Server CA |
2017-10-24 - 2020-04-15 |
2 years | crt.sh |
at.atwola.com DigiCert SHA2 High Assurance Server CA |
2018-03-26 - 2020-03-30 |
2 years | crt.sh |
This page contains 4 frames:
Primary Page:
http://www.flamingi.com/film/aza/gn.html
Frame ID: DEE9B3EE478DFA95805CC9CD93633B8A
Requests: 19 HTTP requests in this frame
Frame:
https://at.atwola.com/adiframe/3.0/5113.1/221794/0/-1/size=1300x800;noperf=1;alias=93313514;artexc=art_flash,art_rrflash;kvpg=flamingi%2Ffilm%2Faza%2Fgn.html;kvugc=0;kvh5lsid=0;kvmn=93313514;kvgrp=673295744;kvismob=2;extmirroring=0;kvtile=1;target=_blank;aduho=0;grp=673295744
Frame ID: 0DE9331C6BAB6B6E3420F7C8EDBED0DE
Requests: 1 HTTP requests in this frame
Frame:
http://cdn.at.atwola.com/_media/uac/guid.html
Frame ID: 2E7F6A7B59A042A46D8ACE52029B703E
Requests: 1 HTTP requests in this frame
Frame:
http://cdn.at.atwola.com/_media/uac/tcode3.html
Frame ID: 734B910E35B0C359811E015E9B59B2A3
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
Debian (Operating Systems) ExpandDetected patterns
- headers server /Debian/i
three.js (JavaScript Graphics) Expand
Detected patterns
- script /three(?:\.min)?\.js/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
SiteCatalyst (Analytics) Expand
Detected patterns
- env /^s_(?:account|objectID|code|INST)$/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- env /^jQuery$/i
Page Statistics
11 Outgoing links
These are links going to different origins than the main page.
Title: Help article.
Search URL Search Domain Scan URL
Title: Aol.
Search URL Search Domain Scan URL
Title: help
Search URL Search Domain Scan URL
Title: Forgot password?
Search URL Search Domain Scan URL
Title: Get a Free Username
Search URL Search Domain Scan URL
Title: AOL Inc.
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Terms of Service
Search URL Search Domain Scan URL
Title: About Our Ads
Search URL Search Domain Scan URL
Title: Site Map
Search URL Search Domain Scan URL
Title: Help
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 16- http://b.scorecardresearch.com/b?rn=12525616&C1=2&C2=1000009&C4=http%3A%2F%2Fwww.flamingi.com%2Ffilm%2Faza%2Fgn.html&C5=us.snssignin&C7=http%3A%2F%2Fwww.flamingi.com%2Ffilm%2Faza%2Fgn.html&C8=AOL%20Mail%3A%20Simple%2C%20Free%2C%20Fun HTTP 302
- http://b.scorecardresearch.com/b2?rn=12525616&C1=2&C2=1000009&C4=http%3A%2F%2Fwww.flamingi.com%2Ffilm%2Faza%2Fgn.html&C5=us.snssignin&C7=http%3A%2F%2Fwww.flamingi.com%2Ffilm%2Faza%2Fgn.html&C8=AOL%20Mail%3A%20Simple%2C%20Free%2C%20Fun
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
gn.html
www.flamingi.com/film/aza/ |
17 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
one.js
www.flamingi.com/film/aza/ |
71 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
two.js
www.flamingi.com/film/aza/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
one.css
www.flamingi.com/film/aza/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
two.css
www.flamingi.com/film/aza/ |
720 B 690 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
three.css
www.flamingi.com/film/aza/ |
2 KB 1004 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
four.css
www.flamingi.com/film/aza/ |
12 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
five.css
www.flamingi.com/film/aza/ |
24 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
error.gif
s.aolcdn.com/os/landingpages/images/ |
357 B 357 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
three.js
www.flamingi.com/film/aza/ |
36 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
four.js
www.flamingi.com/film/aza/ |
19 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
lp-aol-head-lg.png
s.aolcdn.com/os/landingpages/images/ |
357 B 357 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
five.js
www.flamingi.com/film/aza/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
six.js
www.flamingi.com/film/aza/ |
1 KB 1023 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
aol_logo_new_sm.gif
s.aolcdn.com/os/landingpages/images/ |
357 B 357 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
size=1300x800;noperf=1;alias=93313514;artexc=art_flash,art_rrflash;kvpg=flamingi%2Ffilm%2Faza%2Fgn.html;kvugc=0;kvh5lsid=0;kvmn=93313514;kvgrp=673295744;kvismob=2;extmirroring=0;kvtile=1;target=_bl...
at.atwola.com/adiframe/3.0/5113.1/221794/0/-1/ Frame 0DE9 |
0 0 |
Document
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
seven.js
www.flamingi.com/film/aza/ |
70 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
b2
b.scorecardresearch.com/ Redirect Chain
|
0 248 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
s9110939448492
o.sa.aol.com/b/ss/aolsnssignin/1/H.25.4/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
b.flamingi.com/vanity/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
guid.html
cdn.at.atwola.com/_media/uac/ Frame 2E7F |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tcode3.html
cdn.at.atwola.com/_media/uac/ Frame 734B |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- o.sa.aol.com
- URL
- http://o.sa.aol.com/b/ss/aolsnssignin/1/H.25.4/s9110939448492?AQB=1&ndh=1&t=4%2F9%2F2018%2017%3A14%3A55%204%200&fid=39ABD72EDA2A5823-0DC49013D10F0BDC&ns=aolllc&cl=63072000&pageName=sso%20%3A%20login&g=http%3A%2F%2Fwww.flamingi.com%2Ffilm%2Faza%2Fgn.html&cc=USD&ch=us.snssignin&server=my.screenname.aol.com&events=event10%2Cevent12&c1=sso%20%3A%20ssologin&c2=sso%20%3A%20&c3=gmt_5&c7=D%3DDNT&c10=external%20web%20browser&c12=%2FsnsUiDriver.jsp&c13=non-authenticated&c14=no%20referrer&c15=unavailable&c16=sns.webmail.aol.com&c17=lp&c18=0&c19=wa3&c20=en-us&c21=AOLPortal&c22=.aol.com&c23=newmail-en-us-v2&c24=D%3Dv52&c49=H.25.4-Dec2014%7Cmmx_1&v52=uaid_na&c55=673295744&c56=www.flamingi.com&c61=D%3Dpccr&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
- Domain
- b.flamingi.com
- URL
- http://b.flamingi.com/vanity/?ts=1538673296359&h=www.flamingi.com&v=36&r=&l=0&k=1&m=1600x1200&bd=1600x1200&tz=0&ms=504&t=AOL%20Mail%3A%20Simple%2C%20Free%2C%20Fun&dL_ch=us.snssignin&dL_dpt=sso%20%3A%20ssologin&ads_grp=673295744&dL_sDpt=sso%20%3A%20&pgvis=1
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: AOL (Online)287 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery function| snslp_aligntoelement function| cleanupchromejs function| isEmpty function| modifyCreateAccountLink function| layerClicked function| loadConfig boolean| cookieEnabled undefined| layer string| adsLo number| adsUAC number| adsUACD number| adsDebug undefined| adsUACH string| adsIntMN number| adsGUID number| adsSecure function| adsLoadUAC string| adsHt string| adsNt string| adsPl string| adsESN string| adsATWM string| adsTp string| adsATOth string| adsATMob string| adsSrAT number| adsTacOK number| adsHashOK object| adsD string| aolAdFdBkStr number| adsAddOn number| adsAJAXAddOn number| adsMob string| adsCo string| adsVal number| adsCp string| adsMNS string| adsTPS string| adsExcV number| adsLNm string| adsKV string| adsIP undefined| adsSz string| adsNt2 string| adsPing string| adsUA boolean| adsIE number| adsAJAX string| adsTzAT string| adsNMSG number| adsTile string| adsPage object| adsDivs number| adsQuigo undefined| adsCA object| adsCF object| adsCW object| adsCH object| adsCAd string| adsChn string| adsMOE string| adsOverS string| adsOverF number| adsScr string| adsRRDevil string| adsRRCalled string| adsDev string| atwAd1Time number| atwLoaded number| atwReset string| adsOverlay string| adsCloseTime object| ATW3_AdObj number| adsCloseTVar number| adsLoadSync string| adsSyncTime number| adsSyncDelay number| adsMSP number| adsMobDyn string| adsAddOnMQ undefined| adsStD number| atwSticky number| atwStickyT string| adSetInV number| adsSonarT number| adsSonarV function| adsOverlayAd function| adsOverlayAdCall function| adsOverlayCloseOff function| adsOverCloseFn function| adsDisableGUID function| adsGUIDFn function| adSet101x1 function| adSetMOAT function| adsDisableMSP function| adsDisableMobDyn function| adSetAddOnPl function| adSetSyncDelay function| adsLoadedSync function| adsHashFn function| adsTacFn function| adsDisableHash function| adsDisableTacoda function| adUACInit function| adsCkCol function| adsDoOnL function| adSetNetId function| adSetPlId function| adSetHtNm function| adSetHtNmAT function| adSetAMS function| adSetTarget function| adSetSN function| adSetWM function| adSetOthAT function| adSetOthMob function| adSetCo function| adSetAddOn function| adSetAJAXAddOn function| adSetType function| adSetSearch function| adSendTerms function| adSetAdURL function| adsShowDiv function| adsHideDiv function| adsResetPg function| adsReloadAll function| adsReloadAd function| adsReloadIframe function| adsReloadIframeAll function| adSetOthDclk function| adSetDelay function| adSetExt function| adsGetAdURL function| adsDevilObj function| adsRMIFOnL function| adsRmChildren function| adsClrDiv function| adsClrAd function| adsGetObj function| adsLoadAd function| adsDelaySonar function| adSetupDiv function| adsCkPlg function| adsGetValues function| adSetSticky function| adsSticky function| adSetInView function| adsATWDelay function| htmlAdWHDyn function| htmlAdWH number| adsIn string| adsSZ number| adsOverDelay function| adsSonar function| RetVal function| User function| LoginVal function| QtnIdVal function| prereqchecks function| setCookie function| trimString function| stripOffAOLDomains function| handleUrl function| xstooltip_findPosX function| xstooltip_findPosY function| clearLbl function| checkLbl function| clearPwdLbl function| checkPwdLbl function| selectRange function| includeJsFile function| AsqVal function| asqReset function| checkAsqChange function| valAsqCreate function| valAsqCreateNew function| valAsqChange function| valAsqAnswers function| snsCheckAsq function| validateAsq function| snsCheckSecurID function| validateSecureID function| snscheckregimagtext function| valRegImageText function| getObject function| playAudio function| refreshImage function| valOIDForm function| setOpenID function| populateUrl function| showBubbleText function| hideBubbleText function| AuthUtil function| Tab function| UI object| uiArr object| btnArr object| AOLAliasDivs function| getById function| getStyle function| isAOLAlias function| getAuthTabWidth function| getAuthTabFilePrefix function| showTab2 function| createTabList function| attachAuthEvents function| showTabs function| showContent function| showAOLAliasTab function| showOidTabs function| showFirstTabs function| createTabList2 function| showTab2Set function| show2Tab function| showAOLAliasTab2 function| showTabsSet function| attachAuthEvents2 function| showTabSet function| checkOIDFormSubmission function| GetWidth function| GetHeight function| authPopupLogin function| wIE function| validateTab function| validateAolTab object| lgnEl object| pwdEl string| si3Class boolean| noPh number| ie function| setFocus boolean| isIE boolean| isWin boolean| isOpera boolean| isSafari function| ControlVersion function| GetSwfVer function| DetectFlashVer function| AC_AddExtension function| AC_Generateobj function| AC_FL_RunContent function| AC_GetArgs number| requiredMajorVersion number| requiredMinorVersion number| requiredRevision boolean| hasProductInstall boolean| hasRequestedVersion function| getFlashDPCookie function| getCookie function| thisMovie number| versionStr function| runOmni object| bN_cfg string| s_265_account string| snEleHref string| snEleTitle string| premiumRegUrlText string| premiumRegUrl string| premiumRegBlock function| s_gi function| s_giqf string| s_265_masterAccount function| s_265_comScore undefined| s_sv_dynamic_root undefined| s_sv_gather_root string| s_code string| s_objectID object| Aol object| bN string| s_account string| s_an function| s_sp function| s_jn function| s_rep function| s_d function| s_fe function| s_fa function| s_ft object| s_c_il number| s_c_in object| s_265 number| s_giq string| s_tnt object| s_i_aolllc0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
at.atwola.com
b.flamingi.com
b.scorecardresearch.com
cdn.at.atwola.com
o.sa.aol.com
s.aolcdn.com
www.flamingi.com
b.flamingi.com
o.sa.aol.com
152.195.39.122
152.195.39.2
185.38.248.125
2.16.186.80
2606:2800:233:af6:eab:2108:1892:6d8
134f8a6088073a8c424017bf24c40ce25b8cca9c403cad0f2b8589a91ecd7b28
1671293756c66402b96ad2688ef2bd31043e88bea28946ae84dde34e211a6608
1adeb9b7455c164e01a88173d356742be2a4b5dc4977f0f64fee5b5d4b38e0b3
1c11c4246b306b5d74cea14ff787b4763bd6413d9b8c37e40f20a6b21b603c79
2b071adac5f3085652b2f26f147f4c675ac2b34e914428ada2c1caab156da13f
3c51c146187d33648403eef72fd3a374667211dc1adb96088bd5319412c31f0b
6132c8cceeb58bf32112892d6ff25cad7c47f84c8dec30ab0c99739286358b43
6dd279d1a35abe8af11b61af0236d1e68179bbd8038a292e5fbd6b7b24f7c3e1
a3257db99e7d9274c99306304753257c82ffd01ffd3b87f06c697104a331b02c
ca06cc86362548d949921dec1eb8c62696b3710d9654c81699b83e9060fe74b3
d0dc9ce292d18b59950ce7b275eabb77e49dc5336d5372aba5f1a2e4b85c3741
d268d14fdd9fe0fe0e3225f084798306e3822e51de536f8a47f3370b18266d04
dcee5312b1a816445dcc424a72970ad633f4fdf67d35dd1e80beb3579f7b399f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f034a0a2d70ecbf001844124b32ae4281a5e10c3300215e6e9c727f7e3016673