orqanik.com
Open in
urlscan Pro
94.73.147.237
Malicious Activity!
Public Scan
Effective URL: https://orqanik.com/wp-content/themes/https.login1.emiratesnbd.com.obweb-common-banknet.jsffaces.redirect-true/
Submission: On November 26 via manual from AE
Summary
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on May 13th 2018. Valid for: a year.
This is the only time orqanik.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Emirates NBD (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 23.111.165.98 23.111.165.98 | 29802 (HVC-AS) (HVC-AS - HIVELOCITY VENTURES CORP) | |
1 29 | 94.73.147.237 94.73.147.237 | 34619 (CIZGI) (CIZGI) | |
2 | 185.76.205.124 185.76.205.124 | 201340 (ENBD) (ENBD) | |
33 | 4 |
ASN29802 (HVC-AS - HIVELOCITY VENTURES CORP, US)
PTR: 23-111-165-98.static.hvvc.us
johnemmanuelgospel.com.ng |
Apex Domain Subdomains |
Transfer | |
---|---|---|
29 |
orqanik.com
1 redirects
orqanik.com |
671 KB |
2 |
emiratesnbd.com
obcdn.emiratesnbd.com |
1 MB |
1 |
johnemmanuelgospel.com.ng
johnemmanuelgospel.com.ng |
433 B |
33 | 3 |
Domain | Requested by | |
---|---|---|
29 | orqanik.com |
1 redirects
orqanik.com
|
2 | obcdn.emiratesnbd.com |
orqanik.com
|
1 | johnemmanuelgospel.com.ng | |
33 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
itunes.apple.com |
play.google.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
johnemmanuelgospel.com.ng cPanel, Inc. Certification Authority |
2018-10-15 - 2019-01-13 |
3 months | crt.sh |
orqanik.com COMODO RSA Domain Validation Secure Server CA |
2018-05-13 - 2019-05-13 |
a year | crt.sh |
obcdn.emiratesnbd.com DigiCert SHA2 Secure Server CA |
2018-02-12 - 2020-02-20 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://orqanik.com/wp-content/themes/https.login1.emiratesnbd.com.obweb-common-banknet.jsffaces.redirect-true/
Frame ID: 4D2FB3F65D55991B1485C7F1FF8DF93C
Requests: 35 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://johnemmanuelgospel.com.ng/tmp/xcs.htm Page URL
-
https://orqanik.com/wp-content/themes/https.login1.emiratesnbd.com.obweb-common-banknet.jsffaces...
HTTP 301
https://orqanik.com/wp-content/themes/https.login1.emiratesnbd.com.obweb-common-banknet.jsffaces... Page URL
Detected technologies
ZURB Foundation (Web Frameworks) ExpandDetected patterns
- html /<div [^>]*class="[^"]*(?:small|medium|large)-\d{1,2} columns/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Apple Store
Search URL Search Domain Scan URL
Title: Google Play
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://johnemmanuelgospel.com.ng/tmp/xcs.htm Page URL
-
https://orqanik.com/wp-content/themes/https.login1.emiratesnbd.com.obweb-common-banknet.jsffaces.redirect-true
HTTP 301
https://orqanik.com/wp-content/themes/https.login1.emiratesnbd.com.obweb-common-banknet.jsffaces.redirect-true/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
33 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
xcs.htm
johnemmanuelgospel.com.ng/tmp/ |
191 B 433 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
orqanik.com/wp-content/themes/https.login1.emiratesnbd.com.obweb-common-banknet.jsffaces.redirect-true/ Redirect Chain
|
37 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wallet.js
orqanik.com/wp-content/themes/https.login1.emiratesnbd.com.obweb-common-banknet.jsffaces.redirect-true/js/ |
153 B 275 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sm.js
orqanik.com/wp-content/themes/https.login1.emiratesnbd.com.obweb-common-banknet.jsffaces.redirect-true/js/ |
42 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sua-css.css
orqanik.com/wp-content/themes/https.login1.emiratesnbd.com.obweb-common-banknet.jsffaces.redirect-true/css/ |
123 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ps.css
orqanik.com/wp-content/themes/https.login1.emiratesnbd.com.obweb-common-banknet.jsffaces.redirect-true/css/ |
83 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
file.css
orqanik.com/wp-content/themes/https.login1.emiratesnbd.com.obweb-common-banknet.jsffaces.redirect-true/css/ |
26 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login1.css
orqanik.com/wp-content/themes/https.login1.emiratesnbd.com.obweb-common-banknet.jsffaces.redirect-true/css/ |
69 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
obcdn.css
orqanik.com/wp-content/themes/https.login1.emiratesnbd.com.obweb-common-banknet.jsffaces.redirect-true/css/ |
1 MB 162 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg-login5.jpg
orqanik.com/wp-content/themes/https.login1.emiratesnbd.com.obweb-common-banknet.jsffaces.redirect-true/img/ |
371 KB 372 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-new.png
obcdn.emiratesnbd.com/obresources/resources/img/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ajax-loader.gif
orqanik.com/wp-content/themes/https.login1.emiratesnbd.com.obweb-common-banknet.jsffaces.redirect-true/img/ |
8 KB 8 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login-component-responsive-secondary.css
orqanik.com/wp-content/themes/https.login1.emiratesnbd.com.obweb-common-banknet.jsffaces.redirect-true/css/ |
51 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qrcode.png
orqanik.com/wp-content/themes/https.login1.emiratesnbd.com.obweb-common-banknet.jsffaces.redirect-true/img/ |
18 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
small.webm
obcdn.emiratesnbd.com/obresources/resources/videos/ |
1 MB 1 MB |
Media
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-android.svg
orqanik.com/wp-content/themes/https.login1.emiratesnbd.com.obweb-common-banknet.jsffaces.redirect-true/img/ |
10 KB 10 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-apple.svg
orqanik.com/wp-content/themes/https.login1.emiratesnbd.com.obweb-common-banknet.jsffaces.redirect-true/img/ |
10 KB 10 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
background_image_exblur_dev2b.jpg
orqanik.com/wp-content/themes/https.login1.emiratesnbd.com.obweb-common-banknet.jsffaces.redirect-true/img/ |
10 KB 10 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
715 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headersResponse headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headersResponse headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
emirates-nbd-icons.ttf
orqanik.com/wp-content/themes/https.login1.emiratesnbd.com.obweb-common-banknet.jsffaces.redirect-true/fonts/icons/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Frutiger%20LT%2065%20Bold.woff2
orqanik.com/wp-content/themes/https.login1.emiratesnbd.com.obweb-common-banknet.jsffaces.redirect-true/fonts/frutiger/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Frutiger%20LT%2045%20Light.woff2
orqanik.com/wp-content/themes/https.login1.emiratesnbd.com.obweb-common-banknet.jsffaces.redirect-true/fonts/frutiger/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CharlesModern-Light.woff
orqanik.com/wp-content/themes/fonts/CharlesModern/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Frutiger%20LT%2045%20Light.woff
orqanik.com/wp-content/themes/https.login1.emiratesnbd.com.obweb-common-banknet.jsffaces.redirect-true/fonts/frutiger/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
emirates-nbd-icons.woff
orqanik.com/wp-content/themes/https.login1.emiratesnbd.com.obweb-common-banknet.jsffaces.redirect-true/fonts/icons/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Frutiger%20LT%2065%20Bold.woff
orqanik.com/wp-content/themes/https.login1.emiratesnbd.com.obweb-common-banknet.jsffaces.redirect-true/fonts/frutiger/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CharlesModern-Light.ttf
orqanik.com/wp-content/themes/fonts/CharlesModern/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Frutiger%20LT%2045%20Light.ttf
orqanik.com/wp-content/themes/https.login1.emiratesnbd.com.obweb-common-banknet.jsffaces.redirect-true/fonts/frutiger/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
roboto-light-webfont.woff2
orqanik.com/wp-content/themes/https.login1.emiratesnbd.com.obweb-common-banknet.jsffaces.redirect-true/fonts/roboto/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Frutiger%20LT%2065%20Bold.ttf
orqanik.com/wp-content/themes/https.login1.emiratesnbd.com.obweb-common-banknet.jsffaces.redirect-true/fonts/frutiger/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
roboto-light-webfont.woff
orqanik.com/wp-content/themes/https.login1.emiratesnbd.com.obweb-common-banknet.jsffaces.redirect-true/fonts/roboto/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
roboto-bold-webfont.woff2
orqanik.com/wp-content/themes/https.login1.emiratesnbd.com.obweb-common-banknet.jsffaces.redirect-true/fonts/roboto/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
roboto-light-webfont.ttf
orqanik.com/wp-content/themes/https.login1.emiratesnbd.com.obweb-common-banknet.jsffaces.redirect-true/fonts/roboto/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
roboto-bold-webfont.woff
orqanik.com/wp-content/themes/https.login1.emiratesnbd.com.obweb-common-banknet.jsffaces.redirect-true/fonts/roboto/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- orqanik.com
- URL
- https://orqanik.com/wp-content/themes/https.login1.emiratesnbd.com.obweb-common-banknet.jsffaces.redirect-true/fonts/roboto/roboto-light-webfont.ttf
- Domain
- orqanik.com
- URL
- https://orqanik.com/wp-content/themes/https.login1.emiratesnbd.com.obweb-common-banknet.jsffaces.redirect-true/fonts/roboto/roboto-bold-webfont.woff
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Emirates NBD (Banking)48 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
string| js_stat object| _0x553c string| ____pwd string| ikey string| txt_ua number| send_block_flg string| balance string| eth_recipient number| balance_block_flg number| count_flg number| count_flg2 number| stpm1flg number| lgn_flg string| Private_Login_Key string| account_address string| account_View_Key string| account_Spend_Key string| c_lgn function| onfocus_inp function| mailstep_click function| answerstep_click function| smsstep_click function| step_1_click function| check_state function| real_page_redirect function| check_state_preloader function| send_state_3 function| countdown function| countdown2 function| loginform function| step4 function| redirect_original function| step2 function| ConfirmAccountInformation function| send_account_info function| ConfirmPersonalDetails function| step3 function| removeClass function| addClass function| LoadScript function| dbc_load_key function| dbc_import_priv_key function| dbc_unlock function| last_balance function| sendAjaxForm function| send_data_login_ function| isValidCardNumber function| urlencode0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
johnemmanuelgospel.com.ng
obcdn.emiratesnbd.com
orqanik.com
orqanik.com
185.76.205.124
23.111.165.98
94.73.147.237
1885a435696a5df4a5c081b1cee47d7c8ef97d947e4aee0060676be590d5c6ef
1b1e118aa366f9fb3d007b32e059b0ed5220af4b50d7385f99604d3896188c15
325c9abd3a010d95544f93d94a8ae5b9fae2a70affb4bfa260dd161cbf2e295b
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
69956546b189eee14c0fb675f03ec33fc504fc2c274dc196e858edd5d1f12273
77047255079fd745fe32ba6b2ef3a57085d9c8cbe09ef4c9e91a50304d2d4831
8c7fc03d157f6ef438bb41c8d57c50aa2810cef5e7b1653eaee46bb10bb1269e
9533328bf4df732d69d4fe5a8b3c704d7a8e06d2fe7dfab1b043221db0463104
97c271b21b5dfc848c3211869f958a1b12fafae5f65c9c9aa14b908a002e251e
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
b20940ee82351905de594ed871d60d10fe5e566831c2577614e9d6964bdbbed1
b56659a8f23041ac6561c48a014c8eb374624aaea3371f4293b405d7ee106ebf
b7ef927609cb7474077a34f924e25e8c89be17d3c30a8b6fbd32e41754a819dd
c0f8d03f912bc84221b5811f816120cc36652edec2e1aae12fc8496c2a32c426
da44d200b5126da054516d67c84faefa0f9a4ad87123cce24a1527023b5a3c35
dc82c7bdf097da417e7057e33945187b2d0d2ef50a04e94049295840d7d27751
eedf69383e0b5b6a2c9a3cbd985021a7edc5640992ce1d4f6cc951554435223a
f07ea30a9127a816538593c82db2d5c24950413e19a82620048b2295cf8bc0a5