![](/screenshots/2210b535-201b-45da-9085-1b537a14fa9a.png)
shark.okgomo.club
Open in
urlscan Pro
185.199.111.153
Malicious Activity!
Public Scan
Effective URL: https://shark.okgomo.club/
Submission: On July 07 via api from US
Summary
TLS certificate: Issued by R3 on July 7th 2021. Valid for: 3 months.
This is the only time shark.okgomo.club was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Scam (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 2 | 185.199.111.153 185.199.111.153 | 54113 (FASTLY) (FASTLY) | |
5 | 2a04:4e42:3::485 2a04:4e42:3::485 | 54113 (FASTLY) (FASTLY) | |
1 | 2600:9000:20e... 2600:9000:20eb:9800:3:b5aa:ad80:21 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a00:1450:400... 2a00:1450:4001:811::2016 | 15169 (GOOGLE) (GOOGLE) | |
5 | 2600:9000:21f... 2600:9000:21f3:600:13:652b:c180:21 | 16509 (AMAZON-02) (AMAZON-02) | |
13 | 5 |
ASN54113 (FASTLY, US)
PTR: cdn-185-199-111-153.github.com
meb05.github.io | |
shark.okgomo.club |
ASN16509 (AMAZON-02, US)
d13nu0oomnx5ti.cloudfront.net |
ASN15169 (GOOGLE, US)
play-lh.googleusercontent.com |
ASN16509 (AMAZON-02, US)
dgu9g3a2kzqx2.cloudfront.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
cloudfront.net
d13nu0oomnx5ti.cloudfront.net dgu9g3a2kzqx2.cloudfront.net |
47 KB |
5 |
jsdelivr.net
cdn.jsdelivr.net |
72 KB |
1 |
googleusercontent.com
play-lh.googleusercontent.com |
306 KB |
1 |
okgomo.club
shark.okgomo.club |
1 KB |
1 |
github.io
1 redirects
meb05.github.io |
197 B |
13 | 5 |
Domain | Requested by | |
---|---|---|
5 | dgu9g3a2kzqx2.cloudfront.net |
d13nu0oomnx5ti.cloudfront.net
|
5 | cdn.jsdelivr.net |
shark.okgomo.club
|
1 | play-lh.googleusercontent.com |
shark.okgomo.club
|
1 | d13nu0oomnx5ti.cloudfront.net |
shark.okgomo.club
|
1 | shark.okgomo.club | |
1 | meb05.github.io | 1 redirects |
13 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
shark.okgomo.club R3 |
2021-07-07 - 2021-10-05 |
3 months | crt.sh |
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020 |
2021-04-30 - 2022-06-01 |
a year | crt.sh |
*.cloudfront.net Amazon |
2021-03-19 - 2022-03-17 |
a year | crt.sh |
edgestatic.com GTS CA 1C3 |
2021-06-07 - 2021-08-30 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://shark.okgomo.club/
Frame ID: 086AD44E941F63C395FA1F84A1D85038
Requests: 13 HTTP requests in this frame
Screenshot
![](/screenshots/2210b535-201b-45da-9085-1b537a14fa9a.png)
Page URL History Show full URLs
-
https://meb05.github.io/shark
HTTP 301
https://shark.okgomo.club/ Page URL
Detected technologies
![](/vendor/wappa/icons/Ruby.png)
Detected patterns
- url /^https?:\/\/[^/]+\.github\.io\//i
- headers server /^GitHub\.com$/i
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
- script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Detected patterns
- headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i
![](/vendor/wappa/icons/Ruby on Rails.png)
Detected patterns
- url /^https?:\/\/[^/]+\.github\.io\//i
- headers server /^GitHub\.com$/i
Detected patterns
- url /^https?:\/\/[^/]+\.github\.io\//i
- headers server /^GitHub\.com$/i
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://meb05.github.io/shark
HTTP 301
https://shark.okgomo.club/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
shark.okgomo.club/ Redirect Chain
|
3 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
cdn.jsdelivr.net/gh/meb05/uploads@main/view/assets/css/ |
156 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
cdn.jsdelivr.net/gh/meb05/uploads@main/view/assets/css/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0339f82.js
d13nu0oomnx5ti.cloudfront.net/ |
23 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
eBRbBBK4Fz_Ojc3L55BfJfQ21mljcuO5EptADRlDwLHmHT8QaiWwQmVx0ZNM_4Mps8I
play-lh.googleusercontent.com/ |
305 KB 306 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
cdn.jsdelivr.net/gh/meb05/uploads@main/view/assets/js/ |
86 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
cdn.jsdelivr.net/gh/meb05/uploads@main/view/assets/js/ |
59 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
custom.min.js
cdn.jsdelivr.net/gh/meb05/uploads@main/view/assets/js/ |
4 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
html.1628108.56100.0.js
dgu9g3a2kzqx2.cloudfront.net/public/external/v2/ |
15 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css_front.css
dgu9g3a2kzqx2.cloudfront.net/public/external/ |
6 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css.css
dgu9g3a2kzqx2.cloudfront.net/public/clockers/CustomButton/ |
1010 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
guid
dgu9g3a2kzqx2.cloudfront.net/public/ |
0 285 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
check.php
dgu9g3a2kzqx2.cloudfront.net/public/external/ |
78 B 370 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Scam (Online)31 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| CPABUILDSETTINGS object| CPABUILDContentLocker number| __cfRLUnblockHandlers function| CPBContentLocker function| CPABuildLock function| CPABuildGetFeedURL function| CPABuildGetIframeURL function| CPABuildGetIframeHTML function| CPABuildUnlock function| CPABuildOfferComplete function| CPABuildOffersComplete function| CPABuildCheckForLead function| og_load function| CPABuildComplete function| call_locker function| $ function| jQuery object| bootstrap string| global_url1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
shark.okgomo.club/ | Name: _cpguid Value: tmxa90vb6 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.jsdelivr.net
d13nu0oomnx5ti.cloudfront.net
dgu9g3a2kzqx2.cloudfront.net
meb05.github.io
play-lh.googleusercontent.com
shark.okgomo.club
185.199.111.153
2600:9000:20eb:9800:3:b5aa:ad80:21
2600:9000:21f3:600:13:652b:c180:21
2a00:1450:4001:811::2016
2a04:4e42:3::485
07a0eeefbe7a4c220e934f2775e1e3e5bf2a24864e28018f04e9727b07d025a8
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
13d9ee2b5ca7d52f62544e8e3fca91c2646fb2e5d4cae49648f79941550d8b89
1afa5f37465a719d6e52756d03dfde5d78b4be5990c88aaa4a768829e00b0b2e
1da3f99dcf0c4efe3de2660fd69ec2c972e1dfba4b8d782588cc5fc66bca3f2d
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b
a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de
a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec
d24fce6de5fbadcea31ceffba43639bfa663003810cd395ef3d144fa3494d288
d71b75f37cbaa198fcac72013ceb2a2fe5b68c89902dbcf4b52ae28812cb9268
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855