www.flamingi.com Open in urlscan Pro
185.38.248.125  Malicious Activity! Public Scan

URL: http://www.flamingi.com/film/aza/gn.html
Submission: On October 04 via automatic, source openphish

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 22 HTTP transactions. The main IP is 185.38.248.125, located in Poland and belongs to SPRINT-SDC, PL. The main domain is www.flamingi.com.
This is the only time www.flamingi.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: AOL (Online)

Domain & IP information

IP Address AS Autonomous System
13 185.38.248.125 197226 (SPRINT-SDC)
3 2606:2800:233... 15133 (EDGECAST)
1 152.195.39.122 15133 (EDGECAST)
1 2 2.16.186.80 20940 (AKAMAI-ASN1)
2 152.195.39.2 15133 (EDGECAST)
22 6
Domain Requested by
13 www.flamingi.com www.flamingi.com
3 s.aolcdn.com www.flamingi.com
2 cdn.at.atwola.com www.flamingi.com
2 b.scorecardresearch.com 1 redirects www.flamingi.com
1 at.atwola.com www.flamingi.com
0 b.flamingi.com Failed www.flamingi.com
0 o.sa.aol.com Failed www.flamingi.com
22 7
Subject Issuer Validity Valid
o.aolcdn.com
DigiCert SHA2 Secure Server CA
2017-10-24 -
2020-04-15
2 years crt.sh
at.atwola.com
DigiCert SHA2 High Assurance Server CA
2018-03-26 -
2020-03-30
2 years crt.sh

This page contains 4 frames:

Primary Page: http://www.flamingi.com/film/aza/gn.html
Frame ID: DEE9B3EE478DFA95805CC9CD93633B8A
Requests: 19 HTTP requests in this frame

Frame: https://at.atwola.com/adiframe/3.0/5113.1/221794/0/-1/size=1300x800;noperf=1;alias=93313514;artexc=art_flash,art_rrflash;kvpg=flamingi%2Ffilm%2Faza%2Fgn.html;kvugc=0;kvh5lsid=0;kvmn=93313514;kvgrp=673295744;kvismob=2;extmirroring=0;kvtile=1;target=_blank;aduho=0;grp=673295744
Frame ID: 0DE9331C6BAB6B6E3420F7C8EDBED0DE
Requests: 1 HTTP requests in this frame

Frame: http://cdn.at.atwola.com/_media/uac/guid.html
Frame ID: 2E7F6A7B59A042A46D8ACE52029B703E
Requests: 1 HTTP requests in this frame

Frame: http://cdn.at.atwola.com/_media/uac/tcode3.html
Frame ID: 734B910E35B0C359811E015E9B59B2A3
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Debian/i

Overall confidence: 100%
Detected patterns
  • script /three(?:\.min)?\.js/i

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • env /^s_(?:account|objectID|code|INST)$/i

Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i

Page Statistics

22
Requests

18 %
HTTPS

20 %
IPv6

5
Domains

7
Subdomains

6
IPs

3
Countries

93 kB
Transfer

265 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • http://b.scorecardresearch.com/b?rn=12525616&C1=2&C2=1000009&C4=http%3A%2F%2Fwww.flamingi.com%2Ffilm%2Faza%2Fgn.html&C5=us.snssignin&C7=http%3A%2F%2Fwww.flamingi.com%2Ffilm%2Faza%2Fgn.html&C8=AOL%20Mail%3A%20Simple%2C%20Free%2C%20Fun HTTP 302
  • http://b.scorecardresearch.com/b2?rn=12525616&C1=2&C2=1000009&C4=http%3A%2F%2Fwww.flamingi.com%2Ffilm%2Faza%2Fgn.html&C5=us.snssignin&C7=http%3A%2F%2Fwww.flamingi.com%2Ffilm%2Faza%2Fgn.html&C8=AOL%20Mail%3A%20Simple%2C%20Free%2C%20Fun

22 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request gn.html
www.flamingi.com/film/aza/
17 KB
6 KB
Document
General
Full URL
http://www.flamingi.com/film/aza/gn.html
Protocol
HTTP/1.1
Server
185.38.248.125 , Poland, ASN197226 (SPRINT-SDC, PL),
Reverse DNS
ww01.sys.ncse.pl
Software
Apache/2.2.22 (Debian) /
Resource Hash
d268d14fdd9fe0fe0e3225f084798306e3822e51de536f8a47f3370b18266d04

Request headers

Host
www.flamingi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 04 Oct 2018 17:14:55 GMT
Server
Apache/2.2.22 (Debian)
Last-Modified
Thu, 04 Oct 2018 13:08:47 GMT
ETag
"9f2a8c-4513-57766daf845fe"
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
5615
Content-Type
text/html
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
one.js
www.flamingi.com/film/aza/
71 KB
24 KB
Script
General
Full URL
http://www.flamingi.com/film/aza/one.js
Requested by
Host: www.flamingi.com
URL: http://www.flamingi.com/film/aza/gn.html
Protocol
HTTP/1.1
Server
185.38.248.125 , Poland, ASN197226 (SPRINT-SDC, PL),
Reverse DNS
ww01.sys.ncse.pl
Software
Apache/2.2.22 (Debian) /
Resource Hash
1adeb9b7455c164e01a88173d356742be2a4b5dc4977f0f64fee5b5d4b38e0b3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.flamingi.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.flamingi.com/film/aza/gn.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.flamingi.com/film/aza/gn.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 04 Oct 2018 17:14:55 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Oct 2018 13:08:47 GMT
Server
Apache/2.2.22 (Debian)
ETag
"9f2a6d-11a86-57766daf845fe"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
24692
two.js
www.flamingi.com/film/aza/
2 KB
1 KB
Script
General
Full URL
http://www.flamingi.com/film/aza/two.js
Requested by
Host: www.flamingi.com
URL: http://www.flamingi.com/film/aza/gn.html
Protocol
HTTP/1.1
Server
185.38.248.125 , Poland, ASN197226 (SPRINT-SDC, PL),
Reverse DNS
ww01.sys.ncse.pl
Software
Apache/2.2.22 (Debian) /
Resource Hash
f034a0a2d70ecbf001844124b32ae4281a5e10c3300215e6e9c727f7e3016673

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.flamingi.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.flamingi.com/film/aza/gn.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.flamingi.com/film/aza/gn.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 04 Oct 2018 17:14:55 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Oct 2018 13:08:47 GMT
Server
Apache/2.2.22 (Debian)
ETag
"9f2a8a-60b-57766daf845fe"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
701
one.css
www.flamingi.com/film/aza/
5 KB
2 KB
Stylesheet
General
Full URL
http://www.flamingi.com/film/aza/one.css
Requested by
Host: www.flamingi.com
URL: http://www.flamingi.com/film/aza/gn.html
Protocol
HTTP/1.1
Server
185.38.248.125 , Poland, ASN197226 (SPRINT-SDC, PL),
Reverse DNS
ww01.sys.ncse.pl
Software
Apache/2.2.22 (Debian) /
Resource Hash
3c51c146187d33648403eef72fd3a374667211dc1adb96088bd5319412c31f0b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.flamingi.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.flamingi.com/film/aza/gn.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.flamingi.com/film/aza/gn.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 04 Oct 2018 17:14:55 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Oct 2018 13:08:47 GMT
Server
Apache/2.2.22 (Debian)
ETag
"9f2a90-154f-57766daf845fe"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
1487
two.css
www.flamingi.com/film/aza/
720 B
690 B
Stylesheet
General
Full URL
http://www.flamingi.com/film/aza/two.css
Requested by
Host: www.flamingi.com
URL: http://www.flamingi.com/film/aza/gn.html
Protocol
HTTP/1.1
Server
185.38.248.125 , Poland, ASN197226 (SPRINT-SDC, PL),
Reverse DNS
ww01.sys.ncse.pl
Software
Apache/2.2.22 (Debian) /
Resource Hash
1671293756c66402b96ad2688ef2bd31043e88bea28946ae84dde34e211a6608

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.flamingi.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.flamingi.com/film/aza/gn.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.flamingi.com/film/aza/gn.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 04 Oct 2018 17:14:55 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Oct 2018 13:08:47 GMT
Server
Apache/2.2.22 (Debian)
ETag
"9f2acb-2d0-57766daf845fe"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
352
three.css
www.flamingi.com/film/aza/
2 KB
1004 B
Stylesheet
General
Full URL
http://www.flamingi.com/film/aza/three.css
Requested by
Host: www.flamingi.com
URL: http://www.flamingi.com/film/aza/gn.html
Protocol
HTTP/1.1
Server
185.38.248.125 , Poland, ASN197226 (SPRINT-SDC, PL),
Reverse DNS
ww01.sys.ncse.pl
Software
Apache/2.2.22 (Debian) /
Resource Hash
6dd279d1a35abe8af11b61af0236d1e68179bbd8038a292e5fbd6b7b24f7c3e1

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.flamingi.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.flamingi.com/film/aza/gn.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.flamingi.com/film/aza/gn.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 04 Oct 2018 17:14:55 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Oct 2018 13:08:47 GMT
Server
Apache/2.2.22 (Debian)
ETag
"9f2a8e-69c-57766daf845fe"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
666
four.css
www.flamingi.com/film/aza/
12 KB
3 KB
Stylesheet
General
Full URL
http://www.flamingi.com/film/aza/four.css
Requested by
Host: www.flamingi.com
URL: http://www.flamingi.com/film/aza/gn.html
Protocol
HTTP/1.1
Server
185.38.248.125 , Poland, ASN197226 (SPRINT-SDC, PL),
Reverse DNS
ww01.sys.ncse.pl
Software
Apache/2.2.22 (Debian) /
Resource Hash
6132c8cceeb58bf32112892d6ff25cad7c47f84c8dec30ab0c99739286358b43

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.flamingi.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.flamingi.com/film/aza/gn.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.flamingi.com/film/aza/gn.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 04 Oct 2018 17:14:55 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Oct 2018 13:08:47 GMT
Server
Apache/2.2.22 (Debian)
ETag
"9f2a60-3004-57766daf845fe"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
3114
five.css
www.flamingi.com/film/aza/
24 KB
5 KB
Stylesheet
General
Full URL
http://www.flamingi.com/film/aza/five.css
Requested by
Host: www.flamingi.com
URL: http://www.flamingi.com/film/aza/gn.html
Protocol
HTTP/1.1
Server
185.38.248.125 , Poland, ASN197226 (SPRINT-SDC, PL),
Reverse DNS
ww01.sys.ncse.pl
Software
Apache/2.2.22 (Debian) /
Resource Hash
a3257db99e7d9274c99306304753257c82ffd01ffd3b87f06c697104a331b02c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.flamingi.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.flamingi.com/film/aza/gn.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.flamingi.com/film/aza/gn.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 04 Oct 2018 17:14:55 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Oct 2018 13:08:47 GMT
Server
Apache/2.2.22 (Debian)
ETag
"9f2a5d-6100-57766daf845fe"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
5240
error.gif
s.aolcdn.com/os/landingpages/images/
357 B
357 B
Image
General
Full URL
https://s.aolcdn.com/os/landingpages/images/error.gif
Requested by
Host: www.flamingi.com
URL: http://www.flamingi.com/film/aza/gn.html
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:2800:233:af6:eab:2108:1892:6d8 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (frc/8FA2) /
Resource Hash
1c11c4246b306b5d74cea14ff787b4763bd6413d9b8c37e40f20a6b21b603c79

Request headers

Referer
http://www.flamingi.com/film/aza/gn.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
504
date
Thu, 04 Oct 2018 17:15:00 GMT
server
ECAcc (frc/8FA2)
content-length
357
content-type
text/html
three.js
www.flamingi.com/film/aza/
36 KB
13 KB
Script
General
Full URL
http://www.flamingi.com/film/aza/three.js
Requested by
Host: www.flamingi.com
URL: http://www.flamingi.com/film/aza/gn.html
Protocol
HTTP/1.1
Server
185.38.248.125 , Poland, ASN197226 (SPRINT-SDC, PL),
Reverse DNS
ww01.sys.ncse.pl
Software
Apache/2.2.22 (Debian) /
Resource Hash
134f8a6088073a8c424017bf24c40ce25b8cca9c403cad0f2b8589a91ecd7b28

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.flamingi.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.flamingi.com/film/aza/gn.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.flamingi.com/film/aza/gn.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 04 Oct 2018 17:14:55 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Oct 2018 13:08:47 GMT
Server
Apache/2.2.22 (Debian)
ETag
"9f2a8b-90d2-57766daf845fe"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
12590
four.js
www.flamingi.com/film/aza/
19 KB
5 KB
Script
General
Full URL
http://www.flamingi.com/film/aza/four.js
Requested by
Host: www.flamingi.com
URL: http://www.flamingi.com/film/aza/gn.html
Protocol
HTTP/1.1
Server
185.38.248.125 , Poland, ASN197226 (SPRINT-SDC, PL),
Reverse DNS
ww01.sys.ncse.pl
Software
Apache/2.2.22 (Debian) /
Resource Hash
d0dc9ce292d18b59950ce7b275eabb77e49dc5336d5372aba5f1a2e4b85c3741

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.flamingi.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.flamingi.com/film/aza/gn.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.flamingi.com/film/aza/gn.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 04 Oct 2018 17:14:55 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Oct 2018 13:08:47 GMT
Server
Apache/2.2.22 (Debian)
ETag
"9f2ac0-4bb8-57766daf845fe"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
4904
lp-aol-head-lg.png
s.aolcdn.com/os/landingpages/images/
357 B
357 B
Image
General
Full URL
https://s.aolcdn.com/os/landingpages/images/lp-aol-head-lg.png
Requested by
Host: www.flamingi.com
URL: http://www.flamingi.com/film/aza/gn.html
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:2800:233:af6:eab:2108:1892:6d8 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (frc/8FEC) /
Resource Hash
1c11c4246b306b5d74cea14ff787b4763bd6413d9b8c37e40f20a6b21b603c79

Request headers

Referer
http://www.flamingi.com/film/aza/gn.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
504
date
Thu, 04 Oct 2018 17:15:10 GMT
server
ECAcc (frc/8FEC)
content-length
357
content-type
text/html
five.js
www.flamingi.com/film/aza/
4 KB
2 KB
Script
General
Full URL
http://www.flamingi.com/film/aza/five.js
Requested by
Host: www.flamingi.com
URL: http://www.flamingi.com/film/aza/gn.html
Protocol
HTTP/1.1
Server
185.38.248.125 , Poland, ASN197226 (SPRINT-SDC, PL),
Reverse DNS
ww01.sys.ncse.pl
Software
Apache/2.2.22 (Debian) /
Resource Hash
dcee5312b1a816445dcc424a72970ad633f4fdf67d35dd1e80beb3579f7b399f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.flamingi.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.flamingi.com/film/aza/gn.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.flamingi.com/film/aza/gn.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 04 Oct 2018 17:14:55 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Oct 2018 13:08:47 GMT
Server
Apache/2.2.22 (Debian)
ETag
"9f2acd-10f0-57766daf845fe"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1481
six.js
www.flamingi.com/film/aza/
1 KB
1023 B
Script
General
Full URL
http://www.flamingi.com/film/aza/six.js
Requested by
Host: www.flamingi.com
URL: http://www.flamingi.com/film/aza/gn.html
Protocol
HTTP/1.1
Server
185.38.248.125 , Poland, ASN197226 (SPRINT-SDC, PL),
Reverse DNS
ww01.sys.ncse.pl
Software
Apache/2.2.22 (Debian) /
Resource Hash
ca06cc86362548d949921dec1eb8c62696b3710d9654c81699b83e9060fe74b3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.flamingi.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.flamingi.com/film/aza/gn.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.flamingi.com/film/aza/gn.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 04 Oct 2018 17:14:55 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Oct 2018 13:08:47 GMT
Server
Apache/2.2.22 (Debian)
ETag
"9f2acc-531-57766daf845fe"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
672
aol_logo_new_sm.gif
s.aolcdn.com/os/landingpages/images/
357 B
357 B
Image
General
Full URL
https://s.aolcdn.com/os/landingpages/images/aol_logo_new_sm.gif
Requested by
Host: www.flamingi.com
URL: http://www.flamingi.com/film/aza/gn.html
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:2800:233:af6:eab:2108:1892:6d8 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (frc/8F80) /
Resource Hash
1c11c4246b306b5d74cea14ff787b4763bd6413d9b8c37e40f20a6b21b603c79

Request headers

Referer
http://www.flamingi.com/film/aza/three.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
504
date
Thu, 04 Oct 2018 17:15:10 GMT
server
ECAcc (frc/8F80)
content-length
357
content-type
text/html
size=1300x800;noperf=1;alias=93313514;artexc=art_flash,art_rrflash;kvpg=flamingi%2Ffilm%2Faza%2Fgn.html;kvugc=0;kvh5lsid=0;kvmn=93313514;kvgrp=673295744;kvismob=2;extmirroring=0;kvtile=1;target=_bl...
at.atwola.com/adiframe/3.0/5113.1/221794/0/-1/ Frame 0DE9
0
0
Document
General
Full URL
https://at.atwola.com/adiframe/3.0/5113.1/221794/0/-1/size=1300x800;noperf=1;alias=93313514;artexc=art_flash,art_rrflash;kvpg=flamingi%2Ffilm%2Faza%2Fgn.html;kvugc=0;kvh5lsid=0;kvmn=93313514;kvgrp=673295744;kvismob=2;extmirroring=0;kvtile=1;target=_blank;aduho=0;grp=673295744
Requested by
Host: www.flamingi.com
URL: http://www.flamingi.com/film/aza/three.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
152.195.39.122 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
at.atwola.com
:scheme
https
:path
/adiframe/3.0/5113.1/221794/0/-1/size=1300x800;noperf=1;alias=93313514;artexc=art_flash,art_rrflash;kvpg=flamingi%2Ffilm%2Faza%2Fgn.html;kvugc=0;kvh5lsid=0;kvmn=93313514;kvgrp=673295744;kvismob=2;extmirroring=0;kvtile=1;target=_blank;aduho=0;grp=673295744
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://www.flamingi.com/film/aza/gn.html
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.flamingi.com/film/aza/gn.html

Response headers

status
200
cache-control
no-store, no-cache
date
Thu, 04 Oct 2018 17:14:56 GMT
expires
Mon, 15 Jun 1998 00:00:00 GMT
pragma
no-cache
server
nginx
content-length
1
seven.js
www.flamingi.com/film/aza/
70 KB
27 KB
Script
General
Full URL
http://www.flamingi.com/film/aza/seven.js
Requested by
Host: www.flamingi.com
URL: http://www.flamingi.com/film/aza/gn.html
Protocol
HTTP/1.1
Server
185.38.248.125 , Poland, ASN197226 (SPRINT-SDC, PL),
Reverse DNS
ww01.sys.ncse.pl
Software
Apache/2.2.22 (Debian) /
Resource Hash
2b071adac5f3085652b2f26f147f4c675ac2b34e914428ada2c1caab156da13f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.flamingi.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.flamingi.com/film/aza/gn.html
Cookie
testcookie
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.flamingi.com/film/aza/gn.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 04 Oct 2018 17:14:55 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Oct 2018 13:08:47 GMT
Server
Apache/2.2.22 (Debian)
ETag
"9f2ace-1167a-57766daf845fe"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
27713
b2
b.scorecardresearch.com/
Redirect Chain
  • http://b.scorecardresearch.com/b?rn=12525616&C1=2&C2=1000009&C4=http%3A%2F%2Fwww.flamingi.com%2Ffilm%2Faza%2Fgn.html&C5=us.snssignin&C7=http%3A%2F%2Fwww.flamingi.com%2Ffilm%2Faza%2Fgn.html&C8=AOL%2...
  • http://b.scorecardresearch.com/b2?rn=12525616&C1=2&C2=1000009&C4=http%3A%2F%2Fwww.flamingi.com%2Ffilm%2Faza%2Fgn.html&C5=us.snssignin&C7=http%3A%2F%2Fwww.flamingi.com%2Ffilm%2Faza%2Fgn.html&C8=AOL%...
0
248 B
Image
General
Full URL
http://b.scorecardresearch.com/b2?rn=12525616&C1=2&C2=1000009&C4=http%3A%2F%2Fwww.flamingi.com%2Ffilm%2Faza%2Fgn.html&C5=us.snssignin&C7=http%3A%2F%2Fwww.flamingi.com%2Ffilm%2Faza%2Fgn.html&C8=AOL%20Mail%3A%20Simple%2C%20Free%2C%20Fun
Requested by
Host: www.flamingi.com
URL: http://www.flamingi.com/film/aza/gn.html
Protocol
HTTP/1.1
Server
2.16.186.80 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-80.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.flamingi.com/film/aza/gn.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Oct 2018 17:14:55 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
http://b.scorecardresearch.com/b2?rn=12525616&C1=2&C2=1000009&C4=http%3A%2F%2Fwww.flamingi.com%2Ffilm%2Faza%2Fgn.html&C5=us.snssignin&C7=http%3A%2F%2Fwww.flamingi.com%2Ffilm%2Faza%2Fgn.html&C8=AOL%20Mail%3A%20Simple%2C%20Free%2C%20Fun
Pragma
no-cache
Date
Thu, 04 Oct 2018 17:14:55 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
s9110939448492
o.sa.aol.com/b/ss/aolsnssignin/1/H.25.4/
0
0

/
b.flamingi.com/vanity/
0
0

guid.html
cdn.at.atwola.com/_media/uac/ Frame 2E7F
0
0
Document
General
Full URL
http://cdn.at.atwola.com/_media/uac/guid.html
Requested by
Host: www.flamingi.com
URL: http://www.flamingi.com/film/aza/three.js
Protocol
HTTP/1.1
Server
152.195.39.2 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40EA) /
Resource Hash

Request headers

Host
cdn.at.atwola.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://www.flamingi.com/film/aza/gn.html
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.flamingi.com/film/aza/gn.html

Response headers

Content-Encoding
gzip
Cache-Control
public,max-age=86400
Content-Type
text/html
Date
Thu, 04 Oct 2018 17:15:10 GMT
Etag
"edcc349e33363d7acd1160e5ab8667c2+gzip"
Last-Modified
Wed, 30 May 2018 14:42:16 GMT
Server
ECS (fcn/40EA)
Vary
Accept-Encoding
x-amz-id-2
Qxi3kQNprWJSd/HRDZasxOFjbBrlvHpYSN25qFRK8Qem7vuhT46QlMUI/SF66PwmStBCdxEb8Mc=
x-amz-request-id
58E66B53863183D5
x-amz-server-side-encryption
AES256
x-amz-version-id
91baVici61s1erwAdEWDSSeoxJQZGjEi
X-Cache
HIT
Content-Length
440
tcode3.html
cdn.at.atwola.com/_media/uac/ Frame 734B
0
0
Document
General
Full URL
http://cdn.at.atwola.com/_media/uac/tcode3.html
Requested by
Host: www.flamingi.com
URL: http://www.flamingi.com/film/aza/three.js
Protocol
HTTP/1.1
Server
152.195.39.2 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41AA) /
Resource Hash

Request headers

Host
cdn.at.atwola.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://www.flamingi.com/film/aza/gn.html
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.flamingi.com/film/aza/gn.html

Response headers

Content-Encoding
gzip
Cache-Control
public,max-age=86400
Content-Type
text/html
Date
Thu, 04 Oct 2018 17:15:10 GMT
Etag
"f7e4c1210773cd4f8ea43ad0db262541+gzip"
Last-Modified
Tue, 26 Jun 2018 16:37:12 GMT
Server
ECS (fcn/41AA)
Vary
Accept-Encoding
x-amz-id-2
L8Vm1GHvoAGWUhjU5w3S4gMgEKNQuA19dUOeNvP2CPs4zkl7YWKynCBn6wHCCiMJ8RAxgf1PPhk=
x-amz-request-id
7B1511D4B64C5746
x-amz-server-side-encryption
AES256
x-amz-version-id
Kbkop6LJf7RibsGsHG2rGz48ZKaYmom0
X-Cache
HIT
Content-Length
775

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
o.sa.aol.com
URL
http://o.sa.aol.com/b/ss/aolsnssignin/1/H.25.4/s9110939448492?AQB=1&ndh=1&t=4%2F9%2F2018%2017%3A14%3A55%204%200&fid=39ABD72EDA2A5823-0DC49013D10F0BDC&ns=aolllc&cl=63072000&pageName=sso%20%3A%20login&g=http%3A%2F%2Fwww.flamingi.com%2Ffilm%2Faza%2Fgn.html&cc=USD&ch=us.snssignin&server=my.screenname.aol.com&events=event10%2Cevent12&c1=sso%20%3A%20ssologin&c2=sso%20%3A%20&c3=gmt_5&c7=D%3DDNT&c10=external%20web%20browser&c12=%2FsnsUiDriver.jsp&c13=non-authenticated&c14=no%20referrer&c15=unavailable&c16=sns.webmail.aol.com&c17=lp&c18=0&c19=wa3&c20=en-us&c21=AOLPortal&c22=.aol.com&c23=newmail-en-us-v2&c24=D%3Dv52&c49=H.25.4-Dec2014%7Cmmx_1&v52=uaid_na&c55=673295744&c56=www.flamingi.com&c61=D%3Dpccr&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
Domain
b.flamingi.com
URL
http://b.flamingi.com/vanity/?ts=1538673296359&h=www.flamingi.com&v=36&r=&l=0&k=1&m=1600x1200&bd=1600x1200&tz=0&ms=504&t=AOL%20Mail%3A%20Simple%2C%20Free%2C%20Fun&dL_ch=us.snssignin&dL_dpt=sso%20%3A%20ssologin&ads_grp=673295744&dL_sDpt=sso%20%3A%20&pgvis=1

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: AOL (Online)

287 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| snslp_aligntoelement function| cleanupchromejs function| isEmpty function| modifyCreateAccountLink function| layerClicked function| loadConfig boolean| cookieEnabled undefined| layer string| adsLo number| adsUAC number| adsUACD number| adsDebug undefined| adsUACH string| adsIntMN number| adsGUID number| adsSecure function| adsLoadUAC string| adsHt string| adsNt string| adsPl string| adsESN string| adsATWM string| adsTp string| adsATOth string| adsATMob string| adsSrAT number| adsTacOK number| adsHashOK object| adsD string| aolAdFdBkStr number| adsAddOn number| adsAJAXAddOn number| adsMob string| adsCo string| adsVal number| adsCp string| adsMNS string| adsTPS string| adsExcV number| adsLNm string| adsKV string| adsIP undefined| adsSz string| adsNt2 string| adsPing string| adsUA boolean| adsIE number| adsAJAX string| adsTzAT string| adsNMSG number| adsTile string| adsPage object| adsDivs number| adsQuigo undefined| adsCA object| adsCF object| adsCW object| adsCH object| adsCAd string| adsChn string| adsMOE string| adsOverS string| adsOverF number| adsScr string| adsRRDevil string| adsRRCalled string| adsDev string| atwAd1Time number| atwLoaded number| atwReset string| adsOverlay string| adsCloseTime object| ATW3_AdObj number| adsCloseTVar number| adsLoadSync string| adsSyncTime number| adsSyncDelay number| adsMSP number| adsMobDyn string| adsAddOnMQ undefined| adsStD number| atwSticky number| atwStickyT string| adSetInV number| adsSonarT number| adsSonarV function| adsOverlayAd function| adsOverlayAdCall function| adsOverlayCloseOff function| adsOverCloseFn function| adsDisableGUID function| adsGUIDFn function| adSet101x1 function| adSetMOAT function| adsDisableMSP function| adsDisableMobDyn function| adSetAddOnPl function| adSetSyncDelay function| adsLoadedSync function| adsHashFn function| adsTacFn function| adsDisableHash function| adsDisableTacoda function| adUACInit function| adsCkCol function| adsDoOnL function| adSetNetId function| adSetPlId function| adSetHtNm function| adSetHtNmAT function| adSetAMS function| adSetTarget function| adSetSN function| adSetWM function| adSetOthAT function| adSetOthMob function| adSetCo function| adSetAddOn function| adSetAJAXAddOn function| adSetType function| adSetSearch function| adSendTerms function| adSetAdURL function| adsShowDiv function| adsHideDiv function| adsResetPg function| adsReloadAll function| adsReloadAd function| adsReloadIframe function| adsReloadIframeAll function| adSetOthDclk function| adSetDelay function| adSetExt function| adsGetAdURL function| adsDevilObj function| adsRMIFOnL function| adsRmChildren function| adsClrDiv function| adsClrAd function| adsGetObj function| adsLoadAd function| adsDelaySonar function| adSetupDiv function| adsCkPlg function| adsGetValues function| adSetSticky function| adsSticky function| adSetInView function| adsATWDelay function| htmlAdWHDyn function| htmlAdWH number| adsIn string| adsSZ number| adsOverDelay function| adsSonar function| RetVal function| User function| LoginVal function| QtnIdVal function| prereqchecks function| setCookie function| trimString function| stripOffAOLDomains function| handleUrl function| xstooltip_findPosX function| xstooltip_findPosY function| clearLbl function| checkLbl function| clearPwdLbl function| checkPwdLbl function| selectRange function| includeJsFile function| AsqVal function| asqReset function| checkAsqChange function| valAsqCreate function| valAsqCreateNew function| valAsqChange function| valAsqAnswers function| snsCheckAsq function| validateAsq function| snsCheckSecurID function| validateSecureID function| snscheckregimagtext function| valRegImageText function| getObject function| playAudio function| refreshImage function| valOIDForm function| setOpenID function| populateUrl function| showBubbleText function| hideBubbleText function| AuthUtil function| Tab function| UI object| uiArr object| btnArr object| AOLAliasDivs function| getById function| getStyle function| isAOLAlias function| getAuthTabWidth function| getAuthTabFilePrefix function| showTab2 function| createTabList function| attachAuthEvents function| showTabs function| showContent function| showAOLAliasTab function| showOidTabs function| showFirstTabs function| createTabList2 function| showTab2Set function| show2Tab function| showAOLAliasTab2 function| showTabsSet function| attachAuthEvents2 function| showTabSet function| checkOIDFormSubmission function| GetWidth function| GetHeight function| authPopupLogin function| wIE function| validateTab function| validateAolTab object| lgnEl object| pwdEl string| si3Class boolean| noPh number| ie function| setFocus boolean| isIE boolean| isWin boolean| isOpera boolean| isSafari function| ControlVersion function| GetSwfVer function| DetectFlashVer function| AC_AddExtension function| AC_Generateobj function| AC_FL_RunContent function| AC_GetArgs number| requiredMajorVersion number| requiredMinorVersion number| requiredRevision boolean| hasProductInstall boolean| hasRequestedVersion function| getFlashDPCookie function| getCookie function| thisMovie number| versionStr function| runOmni object| bN_cfg string| s_265_account string| snEleHref string| snEleTitle string| premiumRegUrlText string| premiumRegUrl string| premiumRegBlock function| s_gi function| s_giqf string| s_265_masterAccount function| s_265_comScore undefined| s_sv_dynamic_root undefined| s_sv_gather_root string| s_code string| s_objectID object| Aol object| bN string| s_account string| s_an function| s_sp function| s_jn function| s_rep function| s_d function| s_fe function| s_fa function| s_ft object| s_c_il number| s_c_in object| s_265 number| s_giq string| s_tnt object| s_i_aolllc

0 Cookies