Submitted URL: http://aksam.os.tc/webPushIframe
Effective URL: https://aksam.os.tc/webPushIframe
Submission: On October 08 via manual from TR

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 2 HTTP transactions. The main IP is 2606:4700::6811:2b61, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is aksam.os.tc.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on June 28th 2019. Valid for: 6 months.
This is the only time aksam.os.tc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:1::... 13335 (CLOUDFLAR...)
2 2
Apex Domain
Subdomains
Transfer
2 os.tc
aksam.os.tc
1 KB
1 onesignal.com
cdn.onesignal.com
3 KB
2 2
Domain Requested by
2 aksam.os.tc 1 redirects
1 cdn.onesignal.com aksam.os.tc
2 2

This site contains no links.

Subject Issuer Validity Valid
ssl762182.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-06-28 -
2020-01-04
6 months crt.sh
ssl382804.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-10-07 -
2020-04-14
6 months crt.sh

This page contains 1 frames:

Primary Page: https://aksam.os.tc/webPushIframe
Frame ID: EC67ECAEAA3D7C33CA9C1FCFE020BD13
Requests: 2 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://aksam.os.tc/webPushIframe HTTP 301
    https://aksam.os.tc/webPushIframe Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

2
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

4 kB
Transfer

9 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://aksam.os.tc/webPushIframe HTTP 301
    https://aksam.os.tc/webPushIframe Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request webPushIframe
aksam.os.tc/
Redirect Chain
  • http://aksam.os.tc/webPushIframe
  • https://aksam.os.tc/webPushIframe
512 B
723 B
Document
General
Full URL
https://aksam.os.tc/webPushIframe
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:2b61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Phusion Passenger 5.3.7
Resource Hash
f29c9f1f02d5790c3dc6c9c993cada7bba35ccf2de8c14a19a1272d3711f05f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
aksam.os.tc
:scheme
https
:path
/webPushIframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
accept-encoding
gzip, deflate, br
cookie
__cfduid=d8b35cf6418911802a9693f25f0f36aa51570516270
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200 200 OK
date
Tue, 08 Oct 2019 06:31:11 GMT
content-type
text/html; charset=utf-8
cache-control
public, max-age=3600
pragma
no-cache
x-xss-protection
1; mode=block
x-request-id
e120a12f-bcff-4626-a21a-f1227be31475
x-runtime
0.004702
x-content-type-options
nosniff
expires
Tue, 08 Oct 2019 07:31:11 GMT
x-powered-by
Phusion Passenger 5.3.7
cf-cache-status
HIT
age
1934
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
52261206987f5940-VIE
content-encoding
gzip

Redirect headers

Date
Tue, 08 Oct 2019 06:31:11 GMT
Content-Length
0
Connection
keep-alive
Set-Cookie
__cfduid=d8b35cf6418911802a9693f25f0f36aa51570516270; expires=Wed, 07-Oct-20 06:31:10 GMT; path=/; domain=.os.tc; HttpOnly
Location
https://aksam.os.tc/webPushIframe
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
52261204f81ccbbc-VIE
OneSignalSDK.js
cdn.onesignal.com/sdks/
8 KB
3 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: aksam.os.tc
URL: https://aksam.os.tc/webPushIframe
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:1::6813:884a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0d676d307d83c43afe67946ba65bfa126dea1ce58f2bd6fd3e8030e0d85e7c9

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://aksam.os.tc/webPushIframe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 08 Oct 2019 06:31:11 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
2053
etag
W/"41d0df615391610e30ff0de59eb02d17"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=43200
cf-ray
522612072f1359a0-VIE
expires
Tue, 08 Oct 2019 18:31:11 GMT

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| OneSignal

1 Cookies

Domain/Path Name / Value
.os.tc/ Name: __cfduid
Value: d8b35cf6418911802a9693f25f0f36aa51570516270

1 Console Messages

Source Level URL
Text
console-api log URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1)
Message:
OneSignal: Using fallback ES5 Stub for backwards compatibility.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aksam.os.tc
cdn.onesignal.com
2606:4700:1::6813:884a
2606:4700::6811:2b61
d0d676d307d83c43afe67946ba65bfa126dea1ce58f2bd6fd3e8030e0d85e7c9
f29c9f1f02d5790c3dc6c9c993cada7bba35ccf2de8c14a19a1272d3711f05f2