k-oktyabr.ru Open in urlscan Pro
194.63.140.119 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://k-oktyabr.ru/sinstall/images/emirates/
Submission Tags: @ipnigh
Submission: On December 21 via api (December 21st 2019, 12:37:22 pm UTC) from GB

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 13 HTTP transactions. The main IP is 194.63.140.119, located in Russian Federation and belongs to SUPERSERVERSDATACENTER, RU. The main domain is k-oktyabr.ru.

This is the only time k-oktyabr.ru was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Etisalat (Telecommunication)

Domain & IP information

	IP Address		AS Autonomous System
12	194.63.140.119 194.63.140.119		50113 (SUPERSERV...) (SUPERSERVERSDATACENTER)
13	2

12 194.63.140.119 (Russian Federation)

ASN50113 (SUPERSERVERSDATACENTER, RU)

k-oktyabr.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	k-oktyabr.ru k-oktyabr.ru	265 KB
0	Failed function sub() { [native code] }. Failed
13	2

	Domain	Requested by
12	k-oktyabr.ru	k-oktyabr.ru
0	scrapbook Failed	k-oktyabr.ru
13	2

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 2 frames:

Primary Page: http://k-oktyabr.ru/sinstall/images/emirates/
Frame ID: 15630B92472F41899DB3BF7E089635E2
Requests: 12 HTTP requests in this frame

Frame: http://k-oktyabr.ru/sinstall/images/emirates/index_1.html
Frame ID: F4B4DB4C07BED8165598CB06BA158C8F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

13
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

265 kB
Transfer

262 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response k-oktyabr.ru/sinstall/images/emirates/	7 KB 7 KB	337ms 100ms	Document text/html	194.63.140.119 SUPERSERVERSDATAC...
General Check archive.org Show headers Download Go to Full URL http://k-oktyabr.ru/sinstall/images/emirates/ Protocol HTTP/1.1 Server 194.63.140.119 , Russian Federation, ASN50113 (SUPERSERVERSDATACENTER, RU), Reverse DNS Software nginx/1.12.2 / Resource Hash `1fab06deb73e4973a5af4f87e9d7bf33d200fa479674ab2bd6843818f3355147` Request headers Host k-oktyabr.ru Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Server nginx/1.12.2 Date Sat, 21 Dec 2019 12:37:04 GMT Content-Type text/html; charset=UTF-8 Content-Length 6775 Connection keep-alive Last-Modified Wed, 18 Jul 2018 05:36:36 GMT ETag "56e0224-1a77-5713f7239f451" Accept-Ranges bytes
GET H/1.1	200 OK	login.css k-oktyabr.ru/sinstall/images/emirates/	7 KB 7 KB	59ms 58ms	Stylesheet text/css	194.63.140.119 SUPERSERVERSDATAC...
General Check archive.org Show headers Download Go to Full URL http://k-oktyabr.ru/sinstall/images/emirates/login.css Requested by Host: k-oktyabr.ru URL: http://k-oktyabr.ru/sinstall/images/emirates/ Protocol HTTP/1.1 Server 194.63.140.119 , Russian Federation, ASN50113 (SUPERSERVERSDATACENTER, RU), Reverse DNS Software nginx/1.12.2 / Resource Hash `04e70ab858827b00014d117cbf1fd7d83521783f25c4a151f27ad6132ac97f3b` Request headers Referer http://k-oktyabr.ru/sinstall/images/emirates/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sat, 21 Dec 2019 12:37:04 GMT Last-Modified Wed, 18 Jul 2018 05:36:36 GMT Server nginx/1.12.2 ETag "56e0226-1bd5-5713f7239f451" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 7125
GET H/1.1	200 OK	dojo.css k-oktyabr.ru/sinstall/images/emirates/	5 KB 5 KB	121ms 108ms	Stylesheet text/css	194.63.140.119 SUPERSERVERSDATAC...
General Check archive.org Show headers Download Go to Full URL http://k-oktyabr.ru/sinstall/images/emirates/dojo.css Requested by Host: k-oktyabr.ru URL: http://k-oktyabr.ru/sinstall/images/emirates/ Protocol HTTP/1.1 Server 194.63.140.119 , Russian Federation, ASN50113 (SUPERSERVERSDATACENTER, RU), Reverse DNS Software nginx/1.12.2 / Resource Hash `1aa40741103cc2ceb4542fbc06dbb3f1222600e85366e4f4efb4370af7878d68` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sat, 21 Dec 2019 12:37:04 GMT Last-Modified Wed, 18 Jul 2018 05:36:36 GMT Server nginx/1.12.2 ETag "56e021d-126e-5713f7239f069" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 4718
GET H/1.1	200 OK	dijit.css k-oktyabr.ru/sinstall/images/emirates/	33 KB 34 KB	129ms 115ms	Stylesheet text/css	194.63.140.119 SUPERSERVERSDATAC...
General Check archive.org Show headers Download Go to Full URL http://k-oktyabr.ru/sinstall/images/emirates/dijit.css Requested by Host: k-oktyabr.ru URL: http://k-oktyabr.ru/sinstall/images/emirates/ Protocol HTTP/1.1 Server 194.63.140.119 , Russian Federation, ASN50113 (SUPERSERVERSDATACENTER, RU), Reverse DNS Software nginx/1.12.2 / Resource Hash `efcc24c74e46e1713b4a09274a3bf8cde8db3c3ae3c5b3f212f6a9f902bf59c8` Request headers Referer http://k-oktyabr.ru/sinstall/images/emirates/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sat, 21 Dec 2019 12:37:04 GMT Last-Modified Wed, 18 Jul 2018 05:36:36 GMT Server nginx/1.12.2 ETag "56e021b-85b0-5713f7239f069" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 34224
GET H/1.1	200 OK	dijit_rtl.css k-oktyabr.ru/sinstall/images/emirates/	2 KB 2 KB	133ms 120ms	Stylesheet text/css	194.63.140.119 SUPERSERVERSDATAC...
General Check archive.org Show headers Download Go to Full URL http://k-oktyabr.ru/sinstall/images/emirates/dijit_rtl.css Requested by Host: k-oktyabr.ru URL: http://k-oktyabr.ru/sinstall/images/emirates/ Protocol HTTP/1.1 Server 194.63.140.119 , Russian Federation, ASN50113 (SUPERSERVERSDATACENTER, RU), Reverse DNS Software nginx/1.12.2 / Resource Hash `390d21b471d2a4cd63ca6d0434b42939a473732debf4ce5adbacac52af5a4e9f` Request headers Referer http://k-oktyabr.ru/sinstall/images/emirates/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sat, 21 Dec 2019 12:37:04 GMT Last-Modified Wed, 18 Jul 2018 05:36:36 GMT Server nginx/1.12.2 ETag "56e021c-702-5713f7239f069" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 1794
GET H/1.1	200 OK	Button.css k-oktyabr.ru/sinstall/images/emirates/	4 KB 5 KB	138ms 124ms	Stylesheet text/css	194.63.140.119 SUPERSERVERSDATAC...
General Check archive.org Show headers Download Go to Full URL http://k-oktyabr.ru/sinstall/images/emirates/Button.css Requested by Host: k-oktyabr.ru URL: http://k-oktyabr.ru/sinstall/images/emirates/ Protocol HTTP/1.1 Server 194.63.140.119 , Russian Federation, ASN50113 (SUPERSERVERSDATACENTER, RU), Reverse DNS Software nginx/1.12.2 / Resource Hash `b19cbd41004448903bfe87169e69e3dae426d067d6803e80cf790fbd95c52211` Request headers Referer http://k-oktyabr.ru/sinstall/images/emirates/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sat, 21 Dec 2019 12:37:04 GMT Last-Modified Wed, 18 Jul 2018 05:36:36 GMT Server nginx/1.12.2 ETag "56e020c-114b-5713f72396b99" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 4427
GET H/1.1	200 OK	DropDownSelect.css k-oktyabr.ru/sinstall/images/emirates/	8 KB 8 KB	122ms 108ms	Stylesheet text/css	194.63.140.119 SUPERSERVERSDATAC...
General Check archive.org Show headers Download Go to Full URL http://k-oktyabr.ru/sinstall/images/emirates/DropDownSelect.css Requested by Host: k-oktyabr.ru URL: http://k-oktyabr.ru/sinstall/images/emirates/ Protocol HTTP/1.1 Server 194.63.140.119 , Russian Federation, ASN50113 (SUPERSERVERSDATACENTER, RU), Reverse DNS Software nginx/1.12.2 / Resource Hash `5720a88b6ca21a29baad9f91418ebcda58ad8fc3fb7b4525e8c72ab638e7b5f8` Request headers Referer http://k-oktyabr.ru/sinstall/images/emirates/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sat, 21 Dec 2019 12:37:04 GMT Last-Modified Wed, 18 Jul 2018 05:36:36 GMT Server nginx/1.12.2 ETag "56e021e-1e8f-5713f7239f451" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 7823
GET H/1.1	200 OK	index_1.html Show response k-oktyabr.ru/sinstall/images/emirates/ Frame F4B4	144 B 409 B	126ms 67ms	Document text/html	194.63.140.119 SUPERSERVERSDATAC...
General Check archive.org Show headers Download Go to Full URL http://k-oktyabr.ru/sinstall/images/emirates/index_1.html Requested by Host: k-oktyabr.ru URL: http://k-oktyabr.ru/sinstall/images/emirates/ Protocol HTTP/1.1 Server 194.63.140.119 , Russian Federation, ASN50113 (SUPERSERVERSDATACENTER, RU), Reverse DNS Software nginx/1.12.2 / Resource Hash `7ad7c5f2a4f8e75a322bcc9e2e4430b6841be4fd266c15e959455a2958eb2a4b` Request headers Host k-oktyabr.ru Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Referer http://k-oktyabr.ru/sinstall/images/emirates/ Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://k-oktyabr.ru/sinstall/images/emirates/ Response headers Server nginx/1.12.2 Date Sat, 21 Dec 2019 12:37:04 GMT Content-Type text/html; charset=UTF-8 Content-Length 144 Connection keep-alive Last-Modified Wed, 18 Jul 2018 05:36:36 GMT ETag "56e0225-90-5713f7239f451" Accept-Ranges bytes
GET H/1.1	200 OK	background.png k-oktyabr.ru/sinstall/images/emirates/	194 KB 194 KB	129ms 67ms	Image image/png	194.63.140.119 SUPERSERVERSDATAC...
General Check archive.org Show headers Download Go to Show image Full URL http://k-oktyabr.ru/sinstall/images/emirates/background.png Requested by Host: k-oktyabr.ru URL: http://k-oktyabr.ru/sinstall/images/emirates/ Protocol HTTP/1.1 Server 194.63.140.119 , Russian Federation, ASN50113 (SUPERSERVERSDATACENTER, RU), Reverse DNS Software nginx/1.12.2 / Resource Hash `e4574f72bcc0faf097629446e330891af258fa805dd5fff4e893e8676fb4b190` Request headers Referer http://k-oktyabr.ru/sinstall/images/emirates/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sat, 21 Dec 2019 12:37:04 GMT Last-Modified Wed, 18 Jul 2018 05:36:36 GMT Server nginx/1.12.2 ETag "56e020b-308a6-5713f72396b99" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 198822
GET H/1.1	200 OK	mail.jpg k-oktyabr.ru/sinstall/images/emirates/	2 KB 2 KB	62ms 61ms	Image image/jpeg	194.63.140.119 SUPERSERVERSDATAC...
General Check archive.org Show headers Download Go to Show image Full URL http://k-oktyabr.ru/sinstall/images/emirates/mail.jpg Requested by Host: k-oktyabr.ru URL: http://k-oktyabr.ru/sinstall/images/emirates/ Protocol HTTP/1.1 Server 194.63.140.119 , Russian Federation, ASN50113 (SUPERSERVERSDATACENTER, RU), Reverse DNS Software nginx/1.12.2 / Resource Hash `b26e0b522fcb9c25f854e4717d6021dd3701b3718a098c0bd2597b159b13a370` Request headers Referer http://k-oktyabr.ru/sinstall/images/emirates/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sat, 21 Dec 2019 12:37:04 GMT Last-Modified Wed, 18 Jul 2018 05:36:36 GMT Server nginx/1.12.2 ETag "56e0227-78f-5713f7239f451" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 1935
GET H/1.1	200 OK	greyband.jpg k-oktyabr.ru/sinstall/images/emirates/	458 B 710 B	69ms 63ms	Image image/jpeg	194.63.140.119 SUPERSERVERSDATAC...
General Check archive.org Show headers Download Go to Show image Full URL http://k-oktyabr.ru/sinstall/images/emirates/greyband.jpg Requested by Host: k-oktyabr.ru URL: http://k-oktyabr.ru/sinstall/images/emirates/ Protocol HTTP/1.1 Server 194.63.140.119 , Russian Federation, ASN50113 (SUPERSERVERSDATACENTER, RU), Reverse DNS Software nginx/1.12.2 / Resource Hash `032d7b335e262e88896a199e92afeb10330cdb4296b6aa2027a68218de500444` Request headers Referer http://k-oktyabr.ru/sinstall/images/emirates/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sat, 21 Dec 2019 12:37:04 GMT Last-Modified Wed, 18 Jul 2018 05:36:36 GMT Server nginx/1.12.2 ETag "56e0223-1ca-5713f7239f451" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 458
GET		info.png scrapbook:download:error:https://acm2.eim.ae/iwc_static/c11n/allDomain/layout/images/	0 0

GET H/1.1	200 OK	buttonEnabled.png k-oktyabr.ru/sinstall/images/emirates/	120 B 370 B	58ms 58ms	Image image/png	194.63.140.119 SUPERSERVERSDATAC...
General Check archive.org Show headers Download Go to Show image Full URL http://k-oktyabr.ru/sinstall/images/emirates/buttonEnabled.png Requested by Host: k-oktyabr.ru URL: http://k-oktyabr.ru/sinstall/images/emirates/ Protocol HTTP/1.1 Server 194.63.140.119 , Russian Federation, ASN50113 (SUPERSERVERSDATACENTER, RU), Reverse DNS Software nginx/1.12.2 / Resource Hash `64f1cbe67c89a17b9eea56bc7f3152ea647d0e7ad86ae87f458ad64b447aede2` Request headers Referer http://k-oktyabr.ru/sinstall/images/emirates/Button.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sat, 21 Dec 2019 12:37:05 GMT Last-Modified Wed, 18 Jul 2018 05:36:36 GMT Server nginx/1.12.2 ETag "56e0216-78-5713f7239f069" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 120

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: scrapbook
URL: urn:scrapbook:download:error:https://acm2.eim.ae/iwc_static/c11n/allDomain/layout/images/info.png?3.0.0.0.1_015148

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Etisalat (Telecommunication)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

k-oktyabr.ru
scrapbook
scrapbook
194.63.140.119
032d7b335e262e88896a199e92afeb10330cdb4296b6aa2027a68218de500444
04e70ab858827b00014d117cbf1fd7d83521783f25c4a151f27ad6132ac97f3b
1aa40741103cc2ceb4542fbc06dbb3f1222600e85366e4f4efb4370af7878d68
1fab06deb73e4973a5af4f87e9d7bf33d200fa479674ab2bd6843818f3355147
390d21b471d2a4cd63ca6d0434b42939a473732debf4ce5adbacac52af5a4e9f
5720a88b6ca21a29baad9f91418ebcda58ad8fc3fb7b4525e8c72ab638e7b5f8
64f1cbe67c89a17b9eea56bc7f3152ea647d0e7ad86ae87f458ad64b447aede2
7ad7c5f2a4f8e75a322bcc9e2e4430b6841be4fd266c15e959455a2958eb2a4b
b19cbd41004448903bfe87169e69e3dae426d067d6803e80cf790fbd95c52211
b26e0b522fcb9c25f854e4717d6021dd3701b3718a098c0bd2597b159b13a370
e4574f72bcc0faf097629446e330891af258fa805dd5fff4e893e8676fb4b190
efcc24c74e46e1713b4a09274a3bf8cde8db3c3ae3c5b3f212f6a9f902bf59c8

k-oktyabr.ru Open in urlscan Pro 194.63.140.119 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

13 Requests

0 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

265 kBTransfer

262 kBSize

0 Cookies

0 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

2 JavaScript Global Variables

0 Cookies

Indicators

k-oktyabr.ru Open in urlscan Pro
194.63.140.119 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

265 kB
Transfer

262 kB
Size

0
Cookies

13 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!