urlscan.io logo urlscan.io
SecurityTrails logo

www.skobdizomlss.io Open in urlscan Pro
64.111.107.178  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://shonim-beyahad.org.il/web/
Effective URL: https://www.skobdizomlss.io/NetsDK-2021/
Submission: On January 12 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 4 domains to perform 10 HTTP transactions. The main IP is 64.111.107.178, located in Brea, United States and belongs to DREAMHOST-AS, US. The main domain is www.skobdizomlss.io.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 9th 2021. Valid for: a year.
This is the only time www.skobdizomlss.io was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic (Online)

Domain & IP information

IP Address AS Autonomous System
1 1 185.18.206.246 61102 (INTERHOST)
8 64.111.107.178 26347 (DREAMHOST-AS)
1 2a04:4e42:1b:... 54113 (FASTLY)
10 3
Domain Requested by
8 www.skobdizomlss.io www.skobdizomlss.io
1 cdn.jsdelivr.net www.skobdizomlss.io
1 shonim-beyahad.org.il 1 redirects
0 emikbbbebcdfohonlaifafnoanocnebl Failed www.skobdizomlss.io
10 4

This site contains no links.

Subject Issuer Validity Valid
skobdizomlss.io
Sectigo RSA Domain Validation Secure Server CA		 2021-01-09 -
2022-01-09		 a year crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-10-26 -
2021-04-17		 6 months crt.sh

This page contains 1 frames:

Primary Page: https://www.skobdizomlss.io/NetsDK-2021/
Frame ID: 63133E243DF67718AF1054AE62D5760A
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://shonim-beyahad.org.il/web/ HTTP 302
    https://www.skobdizomlss.io/NetsDK-2021/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

10
Requests

90 %
HTTPS

33 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

353 kB
Transfer

2966 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://shonim-beyahad.org.il/web/ HTTP 302
    https://www.skobdizomlss.io/NetsDK-2021/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.skobdizomlss.io/NetsDK-2021/
Redirect Chain
  • http://shonim-beyahad.org.il/web/
  • https://www.skobdizomlss.io/NetsDK-2021/
17 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.skobdizomlss.io/NetsDK-2021/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.111.107.178 Brea, United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS
ps629769.dreamhostps.com
Software
Apache /
Resource Hash
efbb9105f648842ea56c4df31e6ccc242ab31fca32b48a72c3c9f61687d3971d

Request headers

:method
GET
:authority
www.skobdizomlss.io
:scheme
https
:path
/NetsDK-2021/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 07:00:25 GMT
server
Apache
last-modified
Mon, 11 Jan 2021 23:43:06 GMT
etag
"44dd-5b8a877bb3aa1-gzip"
accept-ranges
bytes
cache-control
max-age=600
expires
Tue, 12 Jan 2021 07:10:25 GMT
vary
Accept-Encoding,User-Agent
content-encoding
gzip
content-length
2233
content-type
text/html

Redirect headers

Server
nginx/1.15.9
Date
Tue, 12 Jan 2021 07:00:24 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
224
Connection
keep-alive
Location
https://www.skobdizomlss.io/NetsDK-2021/
nets.css
www.skobdizomlss.io/NetsDK-2021/index_files/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.skobdizomlss.io/NetsDK-2021/index_files/nets.css
Requested by
Host: www.skobdizomlss.io
URL: https://www.skobdizomlss.io/NetsDK-2021/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.111.107.178 Brea, United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS
ps629769.dreamhostps.com
Software
Apache /
Resource Hash
180fa62050180ab590483ab045edd4c3144a2583fa67b103825957120c9b9b44

Request headers

Referer
https://www.skobdizomlss.io/NetsDK-2021/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 07:00:25 GMT
content-encoding
gzip
last-modified
Mon, 11 Jan 2021 23:44:59 GMT
server
Apache
etag
"2210-5b8a87e7ba85a-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2500
expires
Thu, 11 Feb 2021 07:00:25 GMT
gh-buttons.css
www.skobdizomlss.io/NetsDK-2021/index_files/ 		13 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.skobdizomlss.io/NetsDK-2021/index_files/gh-buttons.css
Requested by
Host: www.skobdizomlss.io
URL: https://www.skobdizomlss.io/NetsDK-2021/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.111.107.178 Brea, United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS
ps629769.dreamhostps.com
Software
Apache /
Resource Hash
a1ffea9d14044badd0bc19eeaefa60ec451d695ecfe2cd2df8e4f470802daa6a

Request headers

Referer
https://www.skobdizomlss.io/NetsDK-2021/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 07:00:25 GMT
content-encoding
gzip
last-modified
Mon, 11 Jan 2021 23:45:05 GMT
server
Apache
etag
"329a-5b8a87ed7a2df-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2230
expires
Thu, 11 Feb 2021 07:00:25 GMT
tailwind.min.css
cdn.jsdelivr.net/npm/tailwindcss/dist/ 		3 MB
289 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/tailwindcss/dist/tailwind.min.css
Requested by
Host: www.skobdizomlss.io
URL: https://www.skobdizomlss.io/NetsDK-2021/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2b005c7cf61850fe295c6d1a88803c9d34ae02a47345676da07424b71bcc55fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.skobdizomlss.io/NetsDK-2021/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
10111
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
295432
etag
W/"2bcaee-Oi8U+A/NFcpD4Ev4wzzDUGBeUWw"
x-served-by
cache-fra19139-FRA, cache-hhn4067-HHN
date
Tue, 12 Jan 2021 07:00:25 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
custom.css
www.skobdizomlss.io/NetsDK-2021/ 		354 B
327 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.skobdizomlss.io/NetsDK-2021/custom.css
Requested by
Host: www.skobdizomlss.io
URL: https://www.skobdizomlss.io/NetsDK-2021/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.111.107.178 Brea, United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS
ps629769.dreamhostps.com
Software
Apache /
Resource Hash
a980ca8b833c16c9f8a0c4e0bf20c92ddac1b2f582781db2420888cc4a4a43b1

Request headers

Referer
https://www.skobdizomlss.io/NetsDK-2021/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 07:00:25 GMT
content-encoding
gzip
last-modified
Mon, 11 Jan 2021 23:42:19 GMT
server
Apache
etag
"162-5b8a874f0e25d-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=2592000
accept-ranges
bytes
content-length
207
expires
Thu, 11 Feb 2021 07:00:25 GMT
jquery-1.9.1.min.js
www.skobdizomlss.io/NetsDK-2021/index_files/ 		90 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.skobdizomlss.io/NetsDK-2021/index_files/jquery-1.9.1.min.js
Requested by
Host: www.skobdizomlss.io
URL: https://www.skobdizomlss.io/NetsDK-2021/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.111.107.178 Brea, United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS
ps629769.dreamhostps.com
Software
Apache /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

Referer
https://www.skobdizomlss.io/NetsDK-2021/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 07:00:25 GMT
content-encoding
gzip
last-modified
Mon, 11 Jan 2021 23:44:53 GMT
server
Apache
etag
"169d5-5b8a87e1f9e34-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
expires
Thu, 11 Feb 2021 07:00:25 GMT
EnrollmentBanner.jpg
www.skobdizomlss.io/NetsDK-2021/index_files/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.skobdizomlss.io/NetsDK-2021/index_files/EnrollmentBanner.jpg
Requested by
Host: www.skobdizomlss.io
URL: https://www.skobdizomlss.io/NetsDK-2021/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.111.107.178 Brea, United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS
ps629769.dreamhostps.com
Software
Apache /
Resource Hash
15de3acd388cf461e6bdf505c13c6a8640d39b9e045605d053c52d1a7bffc09e

Request headers

Referer
https://www.skobdizomlss.io/NetsDK-2021/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 07:00:25 GMT
last-modified
Mon, 11 Jan 2021 23:45:02 GMT
server
Apache
etag
"3c2e-5b8a87ea9ccac"
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
15406
expires
Thu, 11 Feb 2021 07:00:25 GMT
logo1.svg
www.skobdizomlss.io/NetsDK-2021/images/ 		15 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.skobdizomlss.io/NetsDK-2021/images/logo1.svg
Requested by
Host: www.skobdizomlss.io
URL: https://www.skobdizomlss.io/NetsDK-2021/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.111.107.178 Brea, United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS
ps629769.dreamhostps.com
Software
Apache /
Resource Hash
4cde4cfe55ed120a8d7824c407800bd6b5edfda61450a2c01362028541aada8a

Request headers

Referer
https://www.skobdizomlss.io/NetsDK-2021/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 07:00:25 GMT
content-encoding
gzip
last-modified
Mon, 11 Jan 2021 23:43:39 GMT
server
Apache
etag
"3d09-5b8a879b4c68f-gzip"
vary
Accept-Encoding,User-Agent
content-type
image/svg+xml
cache-control
max-age=2592000
accept-ranges
bytes
content-length
4424
expires
Thu, 11 Feb 2021 07:00:25 GMT
minerkill.js
emikbbbebcdfohonlaifafnoanocnebl/js/ 		0
0
gh-icons.png
www.skobdizomlss.io/NetsDK-2021/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.skobdizomlss.io/NetsDK-2021/images/gh-icons.png
Requested by
Host: www.skobdizomlss.io
URL: https://www.skobdizomlss.io/NetsDK-2021/index_files/gh-buttons.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.111.107.178 Brea, United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS
ps629769.dreamhostps.com
Software
Apache /
Resource Hash
018c7d12a799726510b7d6e7ce4a18023b3f70aded8102d3cdee725f34175658

Request headers

Referer
https://www.skobdizomlss.io/NetsDK-2021/index_files/gh-buttons.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 07:00:25 GMT
last-modified
Mon, 11 Jan 2021 23:43:00 GMT
server
Apache
etag
"f6c-5b8a877653b55"
vary
User-Agent,Accept-Encoding
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3948
expires
Thu, 11 Feb 2021 07:00:25 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
emikbbbebcdfohonlaifafnoanocnebl
URL
chrome-extension://emikbbbebcdfohonlaifafnoanocnebl/js/minerkill.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic (Online)

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| submitIt

0 Cookies