omakela.net Open in urlscan Pro
50.6.160.161 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://omakela.net/SA/6455efc/Login.php
Submission: On October 04 via api (October 4th 2024, 8:07:49 am UTC) from US — Scanned from DE

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 13 HTTP transactions. The main IP is 50.6.160.161, located in United States and belongs to NETWORK-SOLUTIONS-HOSTING, US. The main domain is omakela.net.
TLS certificate: Issued by R11 on October 3rd 2024. Valid for: 3 months.

This is the only time omakela.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Säästöpankki (Banking)

Domain & IP information

	IP Address		AS Autonomous System
13	50.6.160.161 50.6.160.161		19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING)
13	1

13 50.6.160.161 (United States)

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: 50-6-160-161.unifiedlayer.com

omakela.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	omakela.net omakela.net	494 KB
13	1

	Domain	Requested by
13	omakela.net	omakela.net
13	1

This site contains no links.

Subject Issuer	Validity	Valid
omakela.net.gwf.dbv.temporary.site R11	`2024-10-03` - `2025-01-01`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://omakela.net/SA/6455efc/Login.php
Frame ID: 48E1F666C526AF025DCA0A45B48FF055
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Kirjaudu Säästöpankin verkkopankkiin / Logga in i Sparbankens nätbank

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

494 kB
Transfer

684 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request Login.php Show response omakela.net/SA/6455efc/	11 KB 4 KB	416ms 114ms	Document text/html	50.6.160.161 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://omakela.net/SA/6455efc/Login.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.6.160.161 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 50-6-160-161.unifiedlayer.com Software Apache / Resource Hash `3ee4624b5ce30a4ca5720cf03809165487d702a25477c4705f373bb1da8f5acb` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers content-encoding gzip content-length 4059 content-type text/html; charset=UTF-8 date Fri, 04 Oct 2024 08:07:44 GMT server Apache vary Accept-Encoding
GET H2	200	sp_private.min.css omakela.net/SA/6455efc/style/	243 KB 62 KB	431ms 431ms	Stylesheet text/css	50.6.160.161 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://omakela.net/SA/6455efc/style/sp_private.min.css Requested by Host: omakela.net URL: https://omakela.net/SA/6455efc/Login.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.6.160.161 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 50-6-160-161.unifiedlayer.com Software Apache / Resource Hash `27eb0a8345f067cb08dae72d8a1f02c8f0d22fcfdace6a33b4e3c3112f5b7759` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Referer https://omakela.net/SA/6455efc/Login.php Response headers accept-ranges bytes content-encoding gzip date Fri, 04 Oct 2024 08:07:44 GMT last-modified Fri, 04 Oct 2024 07:29:28 GMT vary Accept-Encoding server Apache content-type text/css
GET H2	200	image.png omakela.net/SA/6455efc/style/	14 KB 14 KB	110ms 109ms	Image image/png	50.6.160.161 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Show image Full URL https://omakela.net/SA/6455efc/style/image.png Requested by Host: omakela.net URL: https://omakela.net/SA/6455efc/Login.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.6.160.161 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 50-6-160-161.unifiedlayer.com Software Apache / Resource Hash `84e3fb667af0953e19e5cd538786e7c6fb238717bcec384c9c30601a401a7e80` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Referer https://omakela.net/SA/6455efc/Login.php Response headers accept-ranges bytes content-length 14024 date Fri, 04 Oct 2024 08:07:44 GMT last-modified Fri, 04 Oct 2024 07:29:28 GMT content-type image/png server Apache
GET H2	200	ima.png omakela.net/SA/6455efc/style/	140 KB 140 KB	217ms 217ms	Image image/png	50.6.160.161 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Show image Full URL https://omakela.net/SA/6455efc/style/ima.png Requested by Host: omakela.net URL: https://omakela.net/SA/6455efc/Login.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.6.160.161 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 50-6-160-161.unifiedlayer.com Software Apache / Resource Hash `9dfeea3fee5705871ebeaf0464f71fb0be49a2ee6227e7e849665ad7c0604840` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Referer https://omakela.net/SA/6455efc/Login.php Response headers accept-ranges bytes content-length 143656 date Fri, 04 Oct 2024 08:07:44 GMT last-modified Fri, 04 Oct 2024 07:29:28 GMT content-type image/png server Apache
GET H2	200	print.css omakela.net/SA/6455efc/style/	4 KB 1 KB	405ms 404ms	Stylesheet text/css	50.6.160.161 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://omakela.net/SA/6455efc/style/print.css Requested by Host: omakela.net URL: https://omakela.net/SA/6455efc/Login.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.6.160.161 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 50-6-160-161.unifiedlayer.com Software Apache / Resource Hash `84afa1be21426d18272f37aeb2285f86d0b3fba389412f5ba0dc0b2347d0fe2c` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Referer https://omakela.net/SA/6455efc/Login.php Response headers content-encoding gzip accept-ranges bytes content-length 1414 date Fri, 04 Oct 2024 08:07:44 GMT last-modified Fri, 04 Oct 2024 07:29:28 GMT vary Accept-Encoding server Apache content-type text/css
GET H2	200	sp_sininen_tausta.png omakela.net/SA/6455efc/style//	211 KB 211 KB	112ms 112ms	Image image/png	50.6.160.161 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Show image Full URL https://omakela.net/SA/6455efc/style//sp_sininen_tausta.png Requested by Host: omakela.net URL: https://omakela.net/SA/6455efc/style/sp_private.min.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.6.160.161 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 50-6-160-161.unifiedlayer.com Software Apache / Resource Hash `abfd8de945b3ccfcb7459ee221441693326558025c8b04ae7f5f42a37d9de0e1` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Referer https://omakela.net/SA/6455efc/style/sp_private.min.css Response headers accept-ranges bytes content-length 215950 date Fri, 04 Oct 2024 08:07:45 GMT last-modified Fri, 04 Oct 2024 07:29:28 GMT content-type image/png server Apache
GET H2	200	DINWeb.woff omakela.net/SA/6455efc/style//	30 KB 30 KB	212ms 211ms	Font font/woff	50.6.160.161 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://omakela.net/SA/6455efc/style//DINWeb.woff Requested by Host: omakela.net URL: https://omakela.net/SA/6455efc/style/sp_private.min.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.6.160.161 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 50-6-160-161.unifiedlayer.com Software Apache / Resource Hash `d2fb59a64d9e550d348d6ca91a5344fac56f67fc6f165dda33df18ca5f61d74d` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Origin https://omakela.net Referer https://omakela.net/SA/6455efc/style/sp_private.min.css Response headers accept-ranges bytes content-length 30972 date Fri, 04 Oct 2024 08:07:45 GMT last-modified Fri, 04 Oct 2024 07:29:28 GMT content-type font/woff server Apache
GET H2	200	DINWeb-Bold.woff omakela.net/SA/6455efc/style//	30 KB 30 KB	112ms 112ms	Font font/woff	50.6.160.161 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://omakela.net/SA/6455efc/style//DINWeb-Bold.woff Requested by Host: omakela.net URL: https://omakela.net/SA/6455efc/style/sp_private.min.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.6.160.161 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 50-6-160-161.unifiedlayer.com Software Apache / Resource Hash `0148403b9fffa430bce6b46fc385936fe9b6697b51618ee1066a325cf0d7ae49` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Origin https://omakela.net Referer https://omakela.net/SA/6455efc/style/sp_private.min.css Response headers accept-ranges bytes content-length 30356 date Fri, 04 Oct 2024 08:07:45 GMT last-modified Fri, 04 Oct 2024 07:29:28 GMT content-type font/woff server Apache
GET H2	200	favicon.ico omakela.net/SA/6455efc/style/	2 KB 2 KB	110ms 110ms	Other image/x-icon	50.6.160.161 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://omakela.net/SA/6455efc/style/favicon.ico?4.4.2-20211124144056 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.6.160.161 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 50-6-160-161.unifiedlayer.com Software Apache / Resource Hash `bef85940a1df8fbf9fb1f054482fcd76c31f3394c7568c828c97f1488e63b875` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Referer https://omakela.net/SA/6455efc/Login.php Response headers cache-control max-age=604800 expires Fri, 11 Oct 2024 08:07:45 GMT accept-ranges bytes content-length 1574 date Fri, 04 Oct 2024 08:07:45 GMT last-modified Fri, 04 Oct 2024 07:29:28 GMT content-type image/x-icon server Apache
GET H2	200	Where_Page.php Show response omakela.net/SA/6455efc/Select/auto_system/	6 B 184 B	119ms 119ms	XHR text/html	50.6.160.161 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://omakela.net/SA/6455efc/Select/auto_system/Where_Page.php?Online=Login Requested by Host: omakela.net URL: https://omakela.net/SA/6455efc/Login.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.6.160.161 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 50-6-160-161.unifiedlayer.com Software Apache / Resource Hash `0d21bd52022ca7f7e97109d28d327da1e68cc0bedd9713b2dc2b49d3aa104392` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Referer https://omakela.net/SA/6455efc/Login.php Response headers cache-control no-store, no-cache, must-revalidate content-encoding gzip pragma no-cache expires Thu, 19 Nov 1981 08:52:00 GMT content-length 26 date Fri, 04 Oct 2024 08:07:46 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding server Apache
GET H2	200	Where_Page.php Show response omakela.net/SA/6455efc/Select/auto_system/	6 B 81 B	121ms 120ms	XHR text/html	50.6.160.161 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://omakela.net/SA/6455efc/Select/auto_system/Where_Page.php?Online=Login Requested by Host: omakela.net URL: https://omakela.net/SA/6455efc/Login.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.6.160.161 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 50-6-160-161.unifiedlayer.com Software Apache / Resource Hash `0d21bd52022ca7f7e97109d28d327da1e68cc0bedd9713b2dc2b49d3aa104392` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Referer https://omakela.net/SA/6455efc/Login.php Response headers cache-control no-store, no-cache, must-revalidate content-encoding gzip pragma no-cache expires Thu, 19 Nov 1981 08:52:00 GMT content-length 26 date Fri, 04 Oct 2024 08:07:47 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding server Apache
GET H2	200	Where_Page.php Show response omakela.net/SA/6455efc/Select/auto_system/	6 B 81 B	117ms 117ms	XHR text/html	50.6.160.161 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://omakela.net/SA/6455efc/Select/auto_system/Where_Page.php?Online=Login Requested by Host: omakela.net URL: https://omakela.net/SA/6455efc/Login.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.6.160.161 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 50-6-160-161.unifiedlayer.com Software Apache / Resource Hash `0d21bd52022ca7f7e97109d28d327da1e68cc0bedd9713b2dc2b49d3aa104392` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Referer https://omakela.net/SA/6455efc/Login.php Response headers cache-control no-store, no-cache, must-revalidate content-encoding gzip pragma no-cache expires Thu, 19 Nov 1981 08:52:00 GMT content-length 26 date Fri, 04 Oct 2024 08:07:48 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding server Apache
GET H2	200	Where_Page.php Show response omakela.net/SA/6455efc/Select/auto_system/	6 B 81 B	112ms 111ms	XHR text/html	50.6.160.161 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://omakela.net/SA/6455efc/Select/auto_system/Where_Page.php?Online=Login Requested by Host: omakela.net URL: https://omakela.net/SA/6455efc/Login.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.6.160.161 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 50-6-160-161.unifiedlayer.com Software Apache / Resource Hash `0d21bd52022ca7f7e97109d28d327da1e68cc0bedd9713b2dc2b49d3aa104392` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Referer https://omakela.net/SA/6455efc/Login.php Response headers cache-control no-store, no-cache, must-revalidate content-encoding gzip pragma no-cache expires Thu, 19 Nov 1981 08:52:00 GMT content-length 26 date Fri, 04 Oct 2024 08:07:49 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding server Apache

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Säästöpankki (Banking)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			omakela.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: 34a64f25b52c4e71aaada8fbf57fff3d

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

omakela.net
50.6.160.161
0148403b9fffa430bce6b46fc385936fe9b6697b51618ee1066a325cf0d7ae49
0d21bd52022ca7f7e97109d28d327da1e68cc0bedd9713b2dc2b49d3aa104392
27eb0a8345f067cb08dae72d8a1f02c8f0d22fcfdace6a33b4e3c3112f5b7759
3ee4624b5ce30a4ca5720cf03809165487d702a25477c4705f373bb1da8f5acb
84afa1be21426d18272f37aeb2285f86d0b3fba389412f5ba0dc0b2347d0fe2c
84e3fb667af0953e19e5cd538786e7c6fb238717bcec384c9c30601a401a7e80
9dfeea3fee5705871ebeaf0464f71fb0be49a2ee6227e7e849665ad7c0604840
abfd8de945b3ccfcb7459ee221441693326558025c8b04ae7f5f42a37d9de0e1
bef85940a1df8fbf9fb1f054482fcd76c31f3394c7568c828c97f1488e63b875
d2fb59a64d9e550d348d6ca91a5344fac56f67fc6f165dda33df18ca5f61d74d

omakela.net Open in urlscan Pro 50.6.160.161 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

494 kBTransfer

684 kBSize

1 Cookies

0 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

1 Cookies

Indicators

omakela.net Open in urlscan Pro
50.6.160.161 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

494 kB
Transfer

684 kB
Size

1
Cookies

13 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!