URL: http://tookaco.com/wp-admin/js/widgets/-/-/espin-ppl/csc.html
Submission: On July 23 via automatic, source openphish

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 14 HTTP transactions. The main IP is 91.98.96.132, located in Iran, Islamic Republic Of and belongs to POL, IR. The main domain is tookaco.com.
This is the only time tookaco.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic (Online)

Domain & IP information

IP Address AS Autonomous System
13 91.98.96.132 60976 (POL)
1 2 66.117.29.228 15224 (OMNITURE)
14 2
Apex Domain
Subdomains
Transfer
13 tookaco.com
tookaco.com
231 KB
2 2o7.net
synacor.112.2o7.net
2 KB
14 2
Domain Requested by
13 tookaco.com tookaco.com
2 synacor.112.2o7.net 1 redirects tookaco.com
14 2

This site contains links to these domains. Also see Links.

Domain
secure.centurylink.net
centurylink.net
Subject Issuer Validity Valid

1970-01-01 -
1970-01-01
a few seconds crt.sh

This page contains 1 frames:

Primary Page: http://tookaco.com/wp-admin/js/widgets/-/-/espin-ppl/csc.html
Frame ID: 931D041E14170CF24F6B063D013C8B16
Requests: 14 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

14
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

232 kB
Transfer

421 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • http://synacor.112.2o7.net/b/ss/synacortveauth/1/H.24.4/s07416381030409?AQB=1&ndh=1&t=23%2F6%2F2019%202%3A4%3A43%202%20-120&ce=UTF-8&ns=synacor&pageName=Federated%20Login&g=http%3A%2F%2Ftookaco.com%2Fwp-admin%2Fjs%2Fwidgets%2F-%2F-%2Fespin-ppl%2Fcsc.html&cc=USD&c1=CenturyLink&c6=Federated%20Login&c7=7a4816c3b72052726a665505abae3e3c&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1 HTTP 302
  • http://synacor.112.2o7.net/b/ss/synacortveauth/1/H.24.4/s07416381030409?AQB=1&pccr=true&vidn=2E9B278D8530B547-40000308E0004832&&ndh=1&t=23%2F6%2F2019%202%3A4%3A43%202%20-120&ce=UTF-8&ns=synacor&pageName=Federated%20Login&g=http%3A%2F%2Ftookaco.com%2Fwp-admin%2Fjs%2Fwidgets%2F-%2F-%2Fespin-ppl%2Fcsc.html&cc=USD&c1=CenturyLink&c6=Federated%20Login&c7=7a4816c3b72052726a665505abae3e3c&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1

14 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request csc.html
tookaco.com/wp-admin/js/widgets/-/-/espin-ppl/
14 KB
4 KB
Document
General
Full URL
http://tookaco.com/wp-admin/js/widgets/-/-/espin-ppl/csc.html
Protocol
HTTP/1.1
Server
91.98.96.132 , Iran, Islamic Republic Of, ASN60976 (POL, IR),
Reverse DNS
ir132.aryadns.com
Software
nginx / PleskLin
Resource Hash
420e5d89dc72e40e31fff3a9b7d5a9e21b97d2705976ba3e7864496c1b1ba1dc

Request headers

Host
tookaco.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx
Date
Tue, 23 Jul 2019 00:04:41 GMT
Content-Type
text/html
Last-Modified
Mon, 22 Jul 2019 13:39:56 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
ETag
W/"5d35bcac-3776"
X-Powered-By
PleskLin
Content-Encoding
gzip
bootstrap.css
tookaco.com/wp-admin/js/widgets/-/-/espin-ppl/csc_fichiers/
103 KB
22 KB
Stylesheet
General
Full URL
http://tookaco.com/wp-admin/js/widgets/-/-/espin-ppl/csc_fichiers/bootstrap.css
Requested by
Host: tookaco.com
URL: http://tookaco.com/wp-admin/js/widgets/-/-/espin-ppl/csc.html
Protocol
HTTP/1.1
Security
, ,
Server
91.98.96.132 , Iran, Islamic Republic Of, ASN60976 (POL, IR),
Reverse DNS
ir132.aryadns.com
Software
nginx / PleskLin
Resource Hash
b095c14e576cb3c64990abce12a5efb2e319999721456f2258e7c362834b673d

Request headers

Referer
http://tookaco.com/wp-admin/js/widgets/-/-/espin-ppl/csc.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 23 Jul 2019 00:04:41 GMT
Content-Encoding
gzip
Last-Modified
Mon, 22 Jul 2019 13:39:56 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
W/"5d35bcac-19dd4"
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
social.css
tookaco.com/wp-admin/js/widgets/-/-/espin-ppl/csc_fichiers/
7 KB
3 KB
Stylesheet
General
Full URL
http://tookaco.com/wp-admin/js/widgets/-/-/espin-ppl/csc_fichiers/social.css
Requested by
Host: tookaco.com
URL: http://tookaco.com/wp-admin/js/widgets/-/-/espin-ppl/csc.html
Protocol
HTTP/1.1
Security
, ,
Server
91.98.96.132 , Iran, Islamic Republic Of, ASN60976 (POL, IR),
Reverse DNS
ir132.aryadns.com
Software
nginx / PleskLin
Resource Hash
82aa8220b0b10115902bf05d352ad727a2c21a7af61b20ae05dff5ff061de65c

Request headers

Referer
http://tookaco.com/wp-admin/js/widgets/-/-/espin-ppl/csc.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 23 Jul 2019 00:04:41 GMT
Content-Encoding
gzip
Last-Modified
Mon, 22 Jul 2019 13:39:56 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
W/"5d35bcac-1c7b"
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
social_responsive.css
tookaco.com/wp-admin/js/widgets/-/-/espin-ppl/csc_fichiers/
1 KB
899 B
Stylesheet
General
Full URL
http://tookaco.com/wp-admin/js/widgets/-/-/espin-ppl/csc_fichiers/social_responsive.css
Requested by
Host: tookaco.com
URL: http://tookaco.com/wp-admin/js/widgets/-/-/espin-ppl/csc.html
Protocol
HTTP/1.1
Security
, ,
Server
91.98.96.132 , Iran, Islamic Republic Of, ASN60976 (POL, IR),
Reverse DNS
ir132.aryadns.com
Software
nginx / PleskLin
Resource Hash
34e7485254321247359d42d049d1e880f0c54c3a6e9232ee99ccf9c17622b67f

Request headers

Referer
http://tookaco.com/wp-admin/js/widgets/-/-/espin-ppl/csc.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 23 Jul 2019 00:04:41 GMT
Content-Encoding
gzip
Last-Modified
Mon, 22 Jul 2019 13:39:56 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
W/"5d35bcac-5da"
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
social_login.css
tookaco.com/wp-admin/js/widgets/-/-/espin-ppl/csc_fichiers/
2 KB
1 KB
Stylesheet
General
Full URL
http://tookaco.com/wp-admin/js/widgets/-/-/espin-ppl/csc_fichiers/social_login.css
Requested by
Host: tookaco.com
URL: http://tookaco.com/wp-admin/js/widgets/-/-/espin-ppl/csc.html
Protocol
HTTP/1.1
Security
, ,
Server
91.98.96.132 , Iran, Islamic Republic Of, ASN60976 (POL, IR),
Reverse DNS
ir132.aryadns.com
Software
nginx / PleskLin
Resource Hash
678142bea0f875f9140575b7643f9f76486cf2139270371acd1543f063c93ec1

Request headers

Referer
http://tookaco.com/wp-admin/js/widgets/-/-/espin-ppl/csc.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 23 Jul 2019 00:04:42 GMT
Content-Encoding
gzip
Last-Modified
Mon, 22 Jul 2019 13:39:56 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
W/"5d35bcac-7ec"
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
quora.js
tookaco.com/wp-admin/js/widgets/-/-/espin-ppl/csc_fichiers/
128 B
455 B
Script
General
Full URL
http://tookaco.com/wp-admin/js/widgets/-/-/espin-ppl/csc_fichiers/quora.js
Requested by
Host: tookaco.com
URL: http://tookaco.com/wp-admin/js/widgets/-/-/espin-ppl/csc.html
Protocol
HTTP/1.1
Security
, ,
Server
91.98.96.132 , Iran, Islamic Republic Of, ASN60976 (POL, IR),
Reverse DNS
ir132.aryadns.com
Software
nginx / PleskLin
Resource Hash
44d0d4d970f61ac3792db6e448ed2495ec75b34c991024bb0067105d550b4593

Request headers

Referer
http://tookaco.com/wp-admin/js/widgets/-/-/espin-ppl/csc.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 23 Jul 2019 00:04:42 GMT
Content-Encoding
gzip
Last-Modified
Mon, 22 Jul 2019 13:39:56 GMT
X-Accel-Version
0.01
X-Powered-By
PleskLin
ETag
W/"20294f-80-58e453634369e"
Vary
Accept-Encoding
Content-Type
text/javascript
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx
jquery.js
tookaco.com/wp-admin/js/widgets/-/-/espin-ppl/csc_fichiers/
91 KB
38 KB
Script
General
Full URL
http://tookaco.com/wp-admin/js/widgets/-/-/espin-ppl/csc_fichiers/jquery.js
Requested by
Host: tookaco.com
URL: http://tookaco.com/wp-admin/js/widgets/-/-/espin-ppl/csc.html
Protocol
HTTP/1.1
Security
, ,
Server
91.98.96.132 , Iran, Islamic Republic Of, ASN60976 (POL, IR),
Reverse DNS
ir132.aryadns.com
Software
nginx / PleskLin
Resource Hash
4552f530dcc347a18f05ab8fed6bd386983f9d87ea1fcfdaf95e0bcbd559ac1d

Request headers

Referer
http://tookaco.com/wp-admin/js/widgets/-/-/espin-ppl/csc.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 23 Jul 2019 00:04:42 GMT
Content-Encoding
gzip
Last-Modified
Mon, 22 Jul 2019 13:39:56 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
W/"5d35bcac-16a79"
Vary
Accept-Encoding
Content-Type
text/javascript
Transfer-Encoding
chunked
Connection
keep-alive
pp258.png
tookaco.com/wp-admin/js/widgets/-/-/espin-ppl/csc_fichiers/
11 KB
11 KB
Image
General
Full URL
http://tookaco.com/wp-admin/js/widgets/-/-/espin-ppl/csc_fichiers/pp258.png
Requested by
Host: tookaco.com
URL: http://tookaco.com/wp-admin/js/widgets/-/-/espin-ppl/csc.html
Protocol
HTTP/1.1
Security
, ,
Server
91.98.96.132 , Iran, Islamic Republic Of, ASN60976 (POL, IR),
Reverse DNS
ir132.aryadns.com
Software
nginx / PleskLin
Resource Hash
6d8050cc8b33b9fdca434c4a66bde15cb8540db2a4bc29f7bb9ede78753477df

Request headers

Referer
http://tookaco.com/wp-admin/js/widgets/-/-/espin-ppl/csc.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 23 Jul 2019 00:04:42 GMT
ETag
"5d35bcac-2c09"
Last-Modified
Mon, 22 Jul 2019 13:39:56 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11273
visa-mastercard-amex_0.png
tookaco.com/wp-admin/js/widgets/-/-/espin-ppl/csc_fichiers/
109 KB
110 KB
Image
General
Full URL
http://tookaco.com/wp-admin/js/widgets/-/-/espin-ppl/csc_fichiers/visa-mastercard-amex_0.png
Requested by
Host: tookaco.com
URL: http://tookaco.com/wp-admin/js/widgets/-/-/espin-ppl/csc.html
Protocol
HTTP/1.1
Security
, ,
Server
91.98.96.132 , Iran, Islamic Republic Of, ASN60976 (POL, IR),
Reverse DNS
ir132.aryadns.com
Software
nginx / PleskLin
Resource Hash
0920ffb0edc4772a0f3c3a5ddc1084b14ff8e5f10a4d5932a8855f415e218eb4

Request headers

Referer
http://tookaco.com/wp-admin/js/widgets/-/-/espin-ppl/csc.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 23 Jul 2019 00:04:42 GMT
ETag
"5d35bcac-1b512"
Last-Modified
Mon, 22 Jul 2019 13:39:56 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
111890
modernizr.js
tookaco.com/wp-admin/js/widgets/-/-/espin-ppl/csc_fichiers/
12 KB
6 KB
Script
General
Full URL
http://tookaco.com/wp-admin/js/widgets/-/-/espin-ppl/csc_fichiers/modernizr.js
Requested by
Host: tookaco.com
URL: http://tookaco.com/wp-admin/js/widgets/-/-/espin-ppl/csc.html
Protocol
HTTP/1.1
Security
, ,
Server
91.98.96.132 , Iran, Islamic Republic Of, ASN60976 (POL, IR),
Reverse DNS
ir132.aryadns.com
Software
nginx / PleskLin
Resource Hash
fd413a60f3084fd9f633f1fcdf7ba4cb0a53f5eadc42ec0272d9a0fb9c439a50

Request headers

Referer
http://tookaco.com/wp-admin/js/widgets/-/-/espin-ppl/csc.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 23 Jul 2019 00:04:42 GMT
Content-Encoding
gzip
Last-Modified
Mon, 22 Jul 2019 13:39:56 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
W/"5d35bcac-3048"
Vary
Accept-Encoding
Content-Type
text/javascript
Transfer-Encoding
chunked
Connection
keep-alive
ddd.png
tookaco.com/wp-admin/js/widgets/-/-/espin-ppl/csc_fichiers/
12 KB
13 KB
Image
General
Full URL
http://tookaco.com/wp-admin/js/widgets/-/-/espin-ppl/csc_fichiers/ddd.png
Requested by
Host: tookaco.com
URL: http://tookaco.com/wp-admin/js/widgets/-/-/espin-ppl/csc.html
Protocol
HTTP/1.1
Security
, ,
Server
91.98.96.132 , Iran, Islamic Republic Of, ASN60976 (POL, IR),
Reverse DNS
ir132.aryadns.com
Software
nginx / PleskLin
Resource Hash
5838e7d63d42c3846c634374f3207cafa622a1e6551720dd1bb75835776192b5

Request headers

Referer
http://tookaco.com/wp-admin/js/widgets/-/-/espin-ppl/csc.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 23 Jul 2019 00:04:43 GMT
ETag
"5d35bcac-314f"
Last-Modified
Mon, 22 Jul 2019 13:39:56 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12623
bootstrap.js
tookaco.com/wp-admin/js/widgets/-/-/espin-ppl/csc_fichiers/
28 KB
9 KB
Script
General
Full URL
http://tookaco.com/wp-admin/js/widgets/-/-/espin-ppl/csc_fichiers/bootstrap.js
Requested by
Host: tookaco.com
URL: http://tookaco.com/wp-admin/js/widgets/-/-/espin-ppl/csc.html
Protocol
HTTP/1.1
Security
, ,
Server
91.98.96.132 , Iran, Islamic Republic Of, ASN60976 (POL, IR),
Reverse DNS
ir132.aryadns.com
Software
nginx / PleskLin
Resource Hash
7470f9d78491838f5cc3ee51d4ed4d8a232f6c80ae80706dff96c062d3d663b6

Request headers

Referer
http://tookaco.com/wp-admin/js/widgets/-/-/espin-ppl/csc.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 23 Jul 2019 00:04:42 GMT
Content-Encoding
gzip
Last-Modified
Mon, 22 Jul 2019 13:39:56 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
W/"5d35bcac-6f7a"
Vary
Accept-Encoding
Content-Type
text/javascript
Transfer-Encoding
chunked
Connection
keep-alive
s_code.js
tookaco.com/wp-admin/js/widgets/-/-/espin-ppl/csc_fichiers/
30 KB
14 KB
Script
General
Full URL
http://tookaco.com/wp-admin/js/widgets/-/-/espin-ppl/csc_fichiers/s_code.js
Requested by
Host: tookaco.com
URL: http://tookaco.com/wp-admin/js/widgets/-/-/espin-ppl/csc.html
Protocol
HTTP/1.1
Security
, ,
Server
91.98.96.132 , Iran, Islamic Republic Of, ASN60976 (POL, IR),
Reverse DNS
ir132.aryadns.com
Software
nginx / PleskLin
Resource Hash
f8e673c25be39d8531277d87b18ac3cf91def3c21ca9c171625e6c2aaa796bbd

Request headers

Referer
http://tookaco.com/wp-admin/js/widgets/-/-/espin-ppl/csc.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 23 Jul 2019 00:04:42 GMT
Content-Encoding
gzip
Last-Modified
Mon, 22 Jul 2019 13:39:56 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
W/"5d35bcac-7723"
Vary
Accept-Encoding
Content-Type
text/javascript
Transfer-Encoding
chunked
Connection
keep-alive
s07416381030409
synacor.112.2o7.net/b/ss/synacortveauth/1/H.24.4/
Redirect Chain
  • http://synacor.112.2o7.net/b/ss/synacortveauth/1/H.24.4/s07416381030409?AQB=1&ndh=1&t=23%2F6%2F2019%202%3A4%3A43%202%20-120&ce=UTF-8&ns=synacor&pageName=Federated%20Login&g=http%3A%2F%2Ftookaco.com...
  • http://synacor.112.2o7.net/b/ss/synacortveauth/1/H.24.4/s07416381030409?AQB=1&pccr=true&vidn=2E9B278D8530B547-40000308E0004832&&ndh=1&t=23%2F6%2F2019%202%3A4%3A43%202%20-120&ce=UTF-8&ns=synacor&pag...
43 B
738 B
Image
General
Full URL
http://synacor.112.2o7.net/b/ss/synacortveauth/1/H.24.4/s07416381030409?AQB=1&pccr=true&vidn=2E9B278D8530B547-40000308E0004832&&ndh=1&t=23%2F6%2F2019%202%3A4%3A43%202%20-120&ce=UTF-8&ns=synacor&pageName=Federated%20Login&g=http%3A%2F%2Ftookaco.com%2Fwp-admin%2Fjs%2Fwidgets%2F-%2F-%2Fespin-ppl%2Fcsc.html&cc=USD&c1=CenturyLink&c6=Federated%20Login&c7=7a4816c3b72052726a665505abae3e3c&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
Requested by
Host: tookaco.com
URL: http://tookaco.com/wp-admin/js/widgets/-/-/espin-ppl/csc.html
Protocol
HTTP/1.1
Security
, ,
Server
66.117.29.228 , United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS
Software
Omniture DC /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://tookaco.com/wp-admin/js/widgets/-/-/espin-ppl/csc.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 23 Jul 2019 00:04:43 GMT
X-Content-Type-Options
nosniff
X-C
ms-6.8.1
P3P
CP="This is not a P3P policy"
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Pragma
no-cache
Last-Modified
Wed, 24 Jul 2019 00:04:43 GMT
Server
Omniture DC
xserver
www71
ETag
"3358321435913256960-5571448656919283765"
Vary
*
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, max-age=0, no-transform, private
Expires
Mon, 22 Jul 2019 00:04:43 GMT

Redirect headers

Date
Tue, 23 Jul 2019 00:04:43 GMT
X-Content-Type-Options
nosniff
Access-Control-Allow-Origin
*
X-C
ms-6.8.1
P3P
CP="This is not a P3P policy"
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Pragma
no-cache
Last-Modified
Wed, 24 Jul 2019 00:04:43 GMT
Server
Omniture DC
xserver
www71
Content-Type
text/plain
Location
http://synacor.112.2o7.net/b/ss/synacortveauth/1/H.24.4/s07416381030409?AQB=1&pccr=true&vidn=2E9B278D8530B547-40000308E0004832&&ndh=1&t=23%2F6%2F2019%202%3A4%3A43%202%20-120&ce=UTF-8&ns=synacor&pageName=Federated%20Login&g=http%3A%2F%2Ftookaco.com%2Fwp-admin%2Fjs%2Fwidgets%2F-%2F-%2Fespin-ppl%2Fcsc.html&cc=USD&c1=CenturyLink&c6=Federated%20Login&c7=7a4816c3b72052726a665505abae3e3c&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
Cache-Control
no-cache, no-store, max-age=0, no-transform, private
Expires
Mon, 22 Jul 2019 00:04:43 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic (Online)

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| isNumber function| $ function| jQuery object| html5 object| Modernizr function| yepnope function| updateTracking object| jQuery1810015286123505497962 string| s_account object| s string| s_code string| s_objectID function| s_gi function| s_giqf string| s_an function| s_sp function| s_jn function| s_rep function| s_d function| s_fe function| s_fa function| s_ft object| s_c_il number| s_c_in number| s_giq object| s_i_synacor object| $elements string| $escaped

0 Cookies