oooprog.ru
Open in
urlscan Pro
91.226.92.10
Malicious Activity!
Public Scan
Submission: On February 11 via automatic, source openphish — Scanned from DE
Summary
This is the only time oooprog.ru was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Standard Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
14 | 91.226.92.10 91.226.92.10 | 12389 (ROSTELECO...) (ROSTELECOM-AS) | |
14 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
oooprog.ru
oooprog.ru |
244 KB |
14 | 1 |
Domain | Requested by | |
---|---|---|
14 | oooprog.ru |
oooprog.ru
|
14 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://oooprog.ru/rusgenerals/plugins/sp_xx/app/phone.php
Frame ID: C67447CF4D01D263459B9A750E679255
Requests: 14 HTTP requests in this frame
Screenshot
Page Title
Standard Bank Online BankingDetected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Font Awesome (Font Scripts) Expand
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
phone.php
oooprog.ru/rusgenerals/plugins/sp_xx/app/ |
12 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.min.css
oooprog.ru/rusgenerals/plugins/sp_xx/libraries/css/ |
67 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
oooprog.ru/rusgenerals/plugins/sp_xx/libraries/img/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-black.png
oooprog.ru/rusgenerals/plugins/sp_xx/libraries/img/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-blue.png
oooprog.ru/rusgenerals/plugins/sp_xx/libraries/img/ |
943 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.min-blessed49.css
oooprog.ru/rusgenerals/plugins/sp_xx/libraries/css/ |
303 KB 33 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.min-blessed45.css
oooprog.ru/rusgenerals/plugins/sp_xx/libraries/css/ |
425 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.min-blessed44.css
oooprog.ru/rusgenerals/plugins/sp_xx/libraries/css/ |
104 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.min-blessed41.css
oooprog.ru/rusgenerals/plugins/sp_xx/libraries/css/ |
240 KB 32 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.min-blessed40.css
oooprog.ru/rusgenerals/plugins/sp_xx/libraries/css/ |
324 KB 29 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.min-blessed39.css
oooprog.ru/rusgenerals/plugins/sp_xx/libraries/css/ |
247 KB 26 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bentonsans-regular-webfont.woff
oooprog.ru/rusgenerals/plugins/sp_xx/libraries/fonts/bentonsans/regular/ |
12 KB 12 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fontawesome-webfont.woff
oooprog.ru/rusgenerals/plugins/sp_xx/libraries/fonts/ |
43 KB 44 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bentonsans-medium-webfont.woff
oooprog.ru/rusgenerals/plugins/sp_xx/libraries/fonts/bentonsans/medium/ |
12 KB 12 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Standard Bank (Banking)2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| structuredClone function| isInputNumber1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
oooprog.ru/ | Name: PHPSESSID Value: qupbvsm8jqhn6cn019mlflpre5 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
oooprog.ru
91.226.92.10
0402b8e6e3b789ffec9618f6baea5b80a5c7d20a44394327a4d5a8e5ee369acf
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
13b5669dc857866805c2037d38b9700ffc95962336efacaf00fa540ef3aabb0c
1d37a24706a9b7ef61dfef37effcf7e9668080b854e2ecba5db74f89c208230d
299e172fe1689256371cfa87e838e714e3c5f0ec6b8d87edf3b42db96677dc2e
525039e52d78179e9652f13d6dfa0d68b3d3fd3656297d520f63ea2c09aa8fa8
a932a73280a10e52e2b30a07d2e6b5839885712421129781d7b985cb53292600
c415bbd5aeeaa215da204eeacdad5471ee670c054e295a2df1232a575166a2cf
c47b3a698d8e57d6edd9932c60661a5556e651c1ad5553851503f8f912640c5e
d17e6f2d39ee771eb41fb6a167661ce69fc228af8daf99bcb2f5a5058f5e20da
e22403a94b6dafdf14e615863c37f711615cd794d3cd09812a947c974bf99cca
e2746c264f16133ab654e9183c737eaf312c358a80f8b56c03c3b71f54e13473
e2a8bacece2281468315125ce7ffe5b2ffabd9e04348b6f5b3ebe73025fec613
e445ee8ab692bfd69e67fcda0ec88b375aff07fd69a391d33cf985e0c2e7d000