urlscan.io logo urlscan.io
SecurityTrails logo

integralgroupeg.com Open in urlscan Pro
2a03:b0c0:1:e0::115:2001  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://gloyah.net/-67548VFWZ/4x2o?rndad=1044628135-1557909962
Effective URL: https://integralgroupeg.com/A/3/naverfile/naver.html
Submission: On June 03 via automatic, source phishtank
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 4 countries across 3 domains to perform 9 HTTP transactions. The main IP is 2a03:b0c0:1:e0::115:2001, located in London, United Kingdom and belongs to DIGITALOCEAN-ASN - DigitalOcean, LLC, US. The main domain is integralgroupeg.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on March 21st 2019. Valid for: 3 months.
This is the only time integralgroupeg.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Naver (Online)

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:30:... 13335 (CLOUDFLAR...)
5 2a03:b0c0:1:e... 14061 (DIGITALOC...)
3 125.209.226.239 23576 (NHN-AS-KR...)
1 203.104.163.21 23576 (NHN-AS-KR...)
9 3
Apex Domain
Subdomains		 Transfer
5 integralgroupeg.com
integralgroupeg.com
90 KB
4 naver.com
static.nid.naver.com
lcs.naver.com
84 KB
1 gloyah.net
gloyah.net
1 KB
9 3
Domain Requested by
5 integralgroupeg.com integralgroupeg.com
3 static.nid.naver.com integralgroupeg.com
1 lcs.naver.com integralgroupeg.com
1 gloyah.net 1 redirects
9 4

This site contains links to these domains. Also see Links.

Domain
nid.naver.com
www.naver.com
help.naver.com
software.naver.com
www.navercorp.com
Subject Issuer Validity Valid
integralgroupeg.com
cPanel, Inc. Certification Authority		 2019-03-21 -
2019-06-19		 3 months crt.sh
static.nid.naver.com
GeoTrust RSA CA 2018		 2019-01-30 -
2021-01-29		 2 years crt.sh
cc.naver.com
COMODO RSA Organization Validation Secure Server CA		 2018-11-20 -
2020-11-27		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://integralgroupeg.com/A/3/naverfile/naver.html
Frame ID: 7D1E861FB78849E7DDB3ED1375A86B79
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://gloyah.net/-67548VFWZ/4x2o?rndad=1044628135-1557909962 HTTP 302
    https://integralgroupeg.com/A/3/naverfile/naver.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Page Statistics

9
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

4
Subdomains

3
IPs

4
Countries

174 kB
Transfer

404 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://gloyah.net/-67548VFWZ/4x2o?rndad=1044628135-1557909962 HTTP 302
    https://integralgroupeg.com/A/3/naverfile/naver.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request naver.html
integralgroupeg.com/A/3/naverfile/
Redirect Chain
  • http://gloyah.net/-67548VFWZ/4x2o?rndad=1044628135-1557909962
  • https://integralgroupeg.com/A/3/naverfile/naver.html
12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://integralgroupeg.com/A/3/naverfile/naver.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:b0c0:1:e0::115:2001 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
9405eab53f754051a7d287c06c6dc5a524b8346d101dd904a0e34f0fa6b0afb8

Request headers

Host
integralgroupeg.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 03 Jun 2019 09:20:04 GMT
Server
Apache
Last-Modified
Fri, 10 May 2019 01:45:04 GMT
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
4166
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html

Redirect headers

Date
Mon, 03 Jun 2019 09:20:04 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=df33c46e4d4de22a10ddfb61e53e1e2841559553604; expires=Tue, 02-Jun-20 09:20:04 GMT; path=/; domain=.gloyah.net; HttpOnly FLYSESSID=a52d9ba4d45b3361f7ad118f6bc0b069f04063b2; path=/; HttpOnly yp1=93e3513102e303e12d9ee52c8ba938dc; expires=Tue, 04-Jun-2019 09:20:04 GMT; Max-Age=86400; path=/; domain=.gloyah.net yp2=a8d2e4a1eb7792c286a0def36314967e; expires=Tue, 04-Jun-2019 09:20:04 GMT; Max-Age=86400; path=/; domain=.gloyah.net yp3=2a014f8202a92; expires=Tue, 04-Jun-2019 09:20:04 GMT; Max-Age=86400; path=/; domain=.gloyah.net
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-cache, no-store, must-revalidate, max-age=0
Pragma
no-cache
X-Powered-By
adfly
Location
https://integralgroupeg.com/A/3/naverfile/naver.html
X-Turbo-Charged-By
LiteSpeed
Server
cloudflare
CF-RAY
4e1096cb6836d6e9-FRA
w_20180807.css
integralgroupeg.com/A/3/naverfile/img_files/ 		83 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://integralgroupeg.com/A/3/naverfile/img_files/w_20180807.css
Requested by
Host: integralgroupeg.com
URL: https://integralgroupeg.com/A/3/naverfile/naver.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:b0c0:1:e0::115:2001 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
2f218ea9f5b05aceeaace46b204aafdf9b63f342ebb7cb6a730c54526b2912e0

Request headers

Referer
https://integralgroupeg.com/A/3/naverfile/naver.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 03 Jun 2019 09:20:04 GMT
Content-Encoding
gzip
Last-Modified
Fri, 10 May 2019 01:45:04 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
16306
common.all.js.download
integralgroupeg.com/A/3/naverfile/img_files/ 		51 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://integralgroupeg.com/A/3/naverfile/img_files/common.all.js.download
Requested by
Host: integralgroupeg.com
URL: https://integralgroupeg.com/A/3/naverfile/naver.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:b0c0:1:e0::115:2001 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
97185b24b80e7c9219be55147d6aaa861ca74841b74b0685987e000fe0fbc67e

Request headers

Referer
https://integralgroupeg.com/A/3/naverfile/naver.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 03 Jun 2019 09:20:04 GMT
Content-Encoding
gzip
Last-Modified
Fri, 10 May 2019 01:45:04 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
14258
common.util.js.download
integralgroupeg.com/A/3/naverfile/img_files/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://integralgroupeg.com/A/3/naverfile/img_files/common.util.js.download
Requested by
Host: integralgroupeg.com
URL: https://integralgroupeg.com/A/3/naverfile/naver.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:b0c0:1:e0::115:2001 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
3e2b95b114efc872c2d773e292620e20f26e61c2c9edd1a929d463a31501f10b

Request headers

Referer
https://integralgroupeg.com/A/3/naverfile/naver.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 03 Jun 2019 09:20:04 GMT
Content-Encoding
gzip
Last-Modified
Fri, 10 May 2019 01:45:04 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
6123
bvsd.1.1.0.min.js.download
integralgroupeg.com/A/3/naverfile/img_files/ 		156 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://integralgroupeg.com/A/3/naverfile/img_files/bvsd.1.1.0.min.js.download
Requested by
Host: integralgroupeg.com
URL: https://integralgroupeg.com/A/3/naverfile/naver.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:b0c0:1:e0::115:2001 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
5575efbb17ddd165382fd128a801a22ea12cc2e4c3374efec51e7bcb058c82cc

Request headers

Referer
https://integralgroupeg.com/A/3/naverfile/naver.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 03 Jun 2019 09:20:04 GMT
Content-Encoding
gzip
Last-Modified
Fri, 10 May 2019 01:45:04 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
50287
sp_u_skip.png
static.nid.naver.com/images/web/user/ 		967 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.nid.naver.com/images/web/user/sp_u_skip.png
Requested by
Host: integralgroupeg.com
URL: https://integralgroupeg.com/A/3/naverfile/naver.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
125.209.226.239 , Korea, Republic Of, ASN23576 (NHN-AS-KR NBP, KR),
Reverse DNS
Software
nginx /
Resource Hash
67bef5d26af42c5a7842ecd98bf3df205cf8de0270802b34a2380de4eb517d46

Request headers

Referer
https://integralgroupeg.com/A/3/naverfile/img_files/w_20180807.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 03 Jun 2019 09:20:05 GMT
Last-Modified
Mon, 11 Apr 2016 11:25:27 GMT
Server
nginx
ETag
"570b89a7-3c7"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
967
Expires
Thu, 31 Dec 2037 23:55:55 GMT
pc_sp_login_170424.png
static.nid.naver.com/images/ui/login/ 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.nid.naver.com/images/ui/login/pc_sp_login_170424.png
Requested by
Host: integralgroupeg.com
URL: https://integralgroupeg.com/A/3/naverfile/naver.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
125.209.226.239 , Korea, Republic Of, ASN23576 (NHN-AS-KR NBP, KR),
Reverse DNS
Software
nginx /
Resource Hash
7939c9cc4b5f045ee3dc78aeb268878e778b6d89debe138abc30c6f1a86c98fc

Request headers

Referer
https://integralgroupeg.com/A/3/naverfile/img_files/w_20180807.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 03 Jun 2019 09:20:05 GMT
Last-Modified
Fri, 28 Apr 2017 06:47:59 GMT
Server
nginx
ETag
"5902e59f-13ff8"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
81912
Expires
Thu, 31 Dec 2037 23:55:55 GMT
sel_arr_2x.gif
static.nid.naver.com/images/login/global/sns/desktop/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.nid.naver.com/images/login/global/sns/desktop/sel_arr_2x.gif
Requested by
Host: integralgroupeg.com
URL: https://integralgroupeg.com/A/3/naverfile/naver.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
125.209.226.239 , Korea, Republic Of, ASN23576 (NHN-AS-KR NBP, KR),
Reverse DNS
Software
nginx /
Resource Hash
21be6129d47f2ef87a6e867141936861e3dd063ae59903c668d360747b804d66

Request headers

Referer
https://integralgroupeg.com/A/3/naverfile/img_files/w_20180807.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 03 Jun 2019 09:20:05 GMT
Last-Modified
Wed, 27 Jul 2016 07:09:12 GMT
Server
nginx
ETag
"57985e18-66a"
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1642
Expires
Thu, 31 Dec 2037 23:55:55 GMT
m
lcs.naver.com/ 		43 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lcs.naver.com/m?u=https%3A%2F%2Fintegralgroupeg.com%2FA%2F3%2Fnaverfile%2Fnaver.html&e=&i=&os=Linux%20x86_64&ln=en-US&sr=1600x1200&bw=1600&bh=1200&c=24&j=N&jv=1.8&k=Y&fv=&sl=&ct=&p=&EOU
Requested by
Host: integralgroupeg.com
URL: https://integralgroupeg.com/A/3/naverfile/naver.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
203.104.163.21 , Singapore, ASN23576 (NHN-AS-KR NBP, KR),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://integralgroupeg.com/A/3/naverfile/naver.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jun 2019 09:20:04 GMT
server
nginx
p3p
CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
status
200
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-type
image/gif
content-length
43
expires
Tue, 01 Jan 1980 09:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Naver (Online)

209 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| resizePopup function| viewKeyboard function| switchkeyboard function| switchlocale2 function| switchlocale function| normal function| onetime function| show function| hide function| _addEvent function| _addInputEvent function| addInputEvent function| addDeleteButtonEvent function| msieblur function| borderOn function| borderOff function| confirmSubmit function| encryptIdPw function| getKeyByRuntimeInclude function| clearErrorLayers function| keySplit function| getLenChar function| respSelect function| nclk function| nclk_clsnm function| nclk_chk function| nclk_if string| getkeyurl number| curtimecheck function| getKeysv2 function| getAjaxResult function| getXmlHttp function| getCookie function| savedLong function| ipCheckOff function| ipCheckOn function| setSmartLevel function| initSmartLevel function| ipCheck boolean| isshift boolean| userStrokes function| checkShiftUp function| checkShiftDown boolean| is_capslockon function| checkEnt function| capslockevt function| BigInteger function| nbi function| am1 function| am2 function| am3 function| int2char function| intAt function| bnpCopyTo function| bnpFromInt function| nbv function| bnpFromString function| bnpClamp function| bnToString function| bnNegate function| bnAbs function| bnCompareTo function| nbits function| bnBitLength function| bnpDLShiftTo function| bnpDRShiftTo function| bnpLShiftTo function| bnpRShiftTo function| bnpSubTo function| bnpMultiplyTo function| bnpSquareTo function| bnpDivRemTo function| bnMod function| Classic function| cConvert function| cRevert function| cReduce function| cMulTo function| cSqrTo function| bnpInvDigit function| Montgomery function| montConvert function| montRevert function| montReduce function| montSqrTo function| montMulTo function| bnpIsEven function| bnpExp function| bnModPowInt function| Arcfour function| ARC4init function| ARC4next function| prng_newstate function| rng_seed_int function| rng_seed_time function| rng_get_byte function| rng_get_bytes function| SecureRandom function| parseBigInt function| linebrk function| byte2Hex function| pkcs1pad2 function| RSAKey function| RSASetPublic function| RSADoPublic function| RSAEncrypt function| hex2b64 function| b64tohex function| b64toBA boolean| isIE boolean| isWin boolean| isOpera number| dbits number| canary boolean| j_lm number| BI_FP string| BI_RM object| BI_RC number| rr number| vv number| rng_psize undefined| rng_state object| rng_pool number| rng_pptr number| t undefined| z string| b64map string| b64pad boolean| lcs_isie boolean| lcs_isns boolean| lcs_isopera boolean| lcs_ismac object| lcs_add object| lcs_bc string| lcs_ver number| lcs_cnt object| keys object| keystr string| keyname string| evalue string| nvalue number| initEnc string| is_ipcheck undefined| enctp boolean| is_sid boolean| is_spw boolean| is_mid boolean| is_mpw undefined| browser number| nclkMaxDepth string| ccsrv string| nclkModule string| nsc string| g_pid string| g_sid object| nclkImg function| clickcr function| nclks function| nclks_clsnm function| nclks_chk function| nclks_if function| lcs_do function| lcs_do_gdid function| lcs_getBrowserCapa function| lcs_getOS function| lcs_getlanguage function| lcs_getScreen function| lcs_getWindowSize function| lcs_getColorDepth function| lcs_getJavaEnabled function| lcs_getCookieEnabled function| lcs_getConnectType function| lcs_getJavascriptVer function| lcs_getSwfVer function| lcs_getSLVersion function| lcs_getPlugIn string| disp_stat string| session_keys string| pc_keyboard_close string| pc_keyboard_open string| view_char string| view_symbol object| login_chk function| persist_usage boolean| view_onetimeusage function| viewOnetime number| smart_level function| nclks_select boolean| inSubmitProgress function| confirmSplitSubmit function| encryptIdPwSplit function| getKeyByRuntimeIncludeSplit object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| sofa object| porperties object| bvsd

0 Cookies