ok-investment.com
Open in
urlscan Pro
5.100.249.241
Malicious Activity!
Public Scan
Submission: On August 02 via automatic, source openphish
Summary
This is the only time ok-investment.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic (Online) DHL (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
18 | 5.100.249.241 5.100.249.241 | 12400 (PARTNER-AS) (PARTNER-AS) | |
1 | 54.148.84.95 54.148.84.95 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
19 | 2 |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-148-84-95.us-west-2.compute.amazonaws.com
www.sitepoint.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
ok-investment.com
ok-investment.com |
3 MB |
1 |
sitepoint.com
www.sitepoint.com |
6 KB |
19 | 2 |
Domain | Requested by | |
---|---|---|
18 | ok-investment.com |
ok-investment.com
|
1 | www.sitepoint.com |
ok-investment.com
|
19 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://ok-investment.com/wp-content/uploads/DHL/login.php?cmd=login_submit&id=ba2d09c82258f316670b5b26dc3cc864ba2d09c82258f316670b5b26dc3cc864&session=ba2d09c82258f316670b5b26dc3cc864ba2d09c82258f316670b5b26dc3cc864
Frame ID: 65768D2BC8C60C798CE4C508F58891E7
Requests: 19 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
login.php
ok-investment.com/wp-content/uploads/DHL/ |
6 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
MaskedPassword.js
www.sitepoint.com/examples/password/MaskedPassword/ |
17 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
d1.png
ok-investment.com/wp-content/uploads/DHL/images/ |
31 KB 31 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
d2.png
ok-investment.com/wp-content/uploads/DHL/images/ |
709 KB 710 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
d3.png
ok-investment.com/wp-content/uploads/DHL/images/ |
265 KB 265 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
d4.png
ok-investment.com/wp-content/uploads/DHL/images/ |
488 KB 488 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
d5.png
ok-investment.com/wp-content/uploads/DHL/images/ |
250 KB 250 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
d6.png
ok-investment.com/wp-content/uploads/DHL/images/ |
216 KB 216 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
d7.png
ok-investment.com/wp-content/uploads/DHL/images/ |
223 KB 223 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
d8.png
ok-investment.com/wp-content/uploads/DHL/images/ |
159 KB 160 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
d9.png
ok-investment.com/wp-content/uploads/DHL/images/ |
184 KB 184 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
d10.png
ok-investment.com/wp-content/uploads/DHL/images/ |
114 KB 115 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
d12.png
ok-investment.com/wp-content/uploads/DHL/images/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
d13.png
ok-investment.com/wp-content/uploads/DHL/images/ |
996 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
d14.png
ok-investment.com/wp-content/uploads/DHL/images/ |
941 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
d15.png
ok-investment.com/wp-content/uploads/DHL/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
d16.png
ok-investment.com/wp-content/uploads/DHL/images/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
view.png
ok-investment.com/wp-content/uploads/DHL/images/ |
641 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
d11.png
ok-investment.com/wp-content/uploads/DHL/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic (Online) DHL (Transportation)2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| MaskedPassword function| unhideBody0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ok-investment.com
www.sitepoint.com
5.100.249.241
54.148.84.95
0110c63d9e456b1af3c860277d123f024b1eecfa43ed228157af0668b4c3bef9
0c463bfba324035c1fa2dbc5fc435ab0a5da7ccf6f374dcd717b9d22b723c3c5
1c3fd0445b726ed606da92d866754c29a8b5f6ceb9e7ce11dda63e09a761de06
24aec52bdc0490fcd2c839c1711fd16dc920536d4dc15f1986cbc6efaa469b77
29a2c646032a69a626287ae18081de2925752fdfa13c5cbcf0647ed621f38eae
2cfdb08c07395b0be65df154f068ade61c1bfad7e3e3e2d0e40b85319fa95825
30372cc872afef0dc2b7ac8755590ffe556e26a60e8567069c92d8dbe033039e
40875500f2a6a843db2e0e4a0b2c3ba1357a9f6059ca083a3450e42fe6fde5c4
4595e36396f2ced7f376a28dfe2f4b84809424f0799a05e33ecabdec7d666b57
65cf81dcd5e3fda22c4bb3c963a81fff0d9e8726534314ac24c7a8ebc5bf0161
977e02a7ca7c2c87a045e91547332f30e05e7fa214fa34e579321f2b48bc1340
9eb96527daf0eaeccaed4362070799f5dd3f1bed28c0d4feffb47adb05810857
9ffc0298999e507d2404631905054b810e796b7478172e81f9387de552ff4eb8
a0c5f9eb297553b5686a73081dded7fc12fa76bb69f1569ba2d36a66dbd7685b
b9e0d301ffeed045b554d554fe938e6d800971291234bb48a5db4c6f0aabb003
d3e849512ca0907935f9cf17bc1ac9f61e7168d5023d76d71dfaa1c23b44b8e1
e293a7b8fc4c6bedef92241155dff64048baae3c9e27552f3d2290e1efc15be5
f1974a9f1e34488f42ec6749dee8ac0ce85d3b8ae906d85480a797aa95f5b2f5
f86d4901824ac6d6b11ccafa2d3c7d06221ba2d072b6d85cc6772be60f5d2a53