ee-verify-billing.net Open in urlscan Pro
162.213.251.151 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ee-verify-billing.net/
Effective URL:
http://ee-verify-billing.net/4909b903ad127ebe6a63cdfe2b132e73/login.php?cmd=_account-details&session=f4a4778ca4348ad4fa29c524...
Submission Tags: phishing malicious Search All
Submission: On February 04 via api (February 4th 2021, 12:53:59 pm UTC) from US

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 13 HTTP transactions. The main IP is 162.213.251.151, located in Los Angeles, United States and belongs to NAMECHEAP-NET, US. The main domain is ee-verify-billing.net.

This is the only time ee-verify-billing.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: PayPal (Financial)

Domain & IP information

	IP Address		AS Autonomous System
3 15	162.213.251.151 162.213.251.151		22612 (NAMECHEAP...) (NAMECHEAP-NET)
13	2

15 162.213.251.151 (Los Angeles, United States) 3 redirects

ASN22612 (NAMECHEAP-NET, US)
PTR: business90-5.web-hosting.com

ee-verify-billing.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	ee-verify-billing.net 3 redirects ee-verify-billing.net	63 KB
0	se3curity.com Failed binlist.se3curity.com Failed
13	2

	Domain	Requested by
15	ee-verify-billing.net	3 redirects ee-verify-billing.net
0	binlist.se3curity.com Failed	ee-verify-billing.net
13	2

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://ee-verify-billing.net/4909b903ad127ebe6a63cdfe2b132e73/login.php?cmd=_account-details&session=f4a4778ca4348ad4fa29c5243d3da9d6&dispatch=54e35983ca3b1d46c2a6650d1dde536e7278203d
Frame ID: 1BA1DD00803F1330018300A2CEC47EA5
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://ee-verify-billing.net/ HTTP 302
http://ee-verify-billing.net/4909b903ad127ebe6a63cdfe2b132e73 HTTP 301
http://ee-verify-billing.net/4909b903ad127ebe6a63cdfe2b132e73/ HTTP 302
http://ee-verify-billing.net/4909b903ad127ebe6a63cdfe2b132e73/login.php?cmd=_account-details&session=f4a4... Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

13
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

62 kB
Transfer

184 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ee-verify-billing.net/ HTTP 302
http://ee-verify-billing.net/4909b903ad127ebe6a63cdfe2b132e73 HTTP 301
http://ee-verify-billing.net/4909b903ad127ebe6a63cdfe2b132e73/ HTTP 302
http://ee-verify-billing.net/4909b903ad127ebe6a63cdfe2b132e73/login.php?cmd=_account-details&session=f4a4778ca4348ad4fa29c5243d3da9d6&dispatch=54e35983ca3b1d46c2a6650d1dde536e7278203d Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request login.php Show response
ee-verify-billing.net/4909b903ad127ebe6a63cdfe2b132e73/
Redirect Chain

http://ee-verify-billing.net/
http://ee-verify-billing.net/4909b903ad127ebe6a63cdfe2b132e73
http://ee-verify-billing.net/4909b903ad127ebe6a63cdfe2b132e73/
http://ee-verify-billing.net/4909b903ad127ebe6a63cdfe2b132e73/login.php?cmd=_account-details&session=f4a4778ca4348ad4fa29c5243d3da9d6&dispatch=54e35983ca3b1d46c2a6650d1dde536e7278203d

3 KB
1 KB

194ms
194ms

Document
text/html

162.213.251.151
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://ee-verify-billing.net/4909b903ad127ebe6a63cdfe2b132e73/login.php?cmd=_account-details&session=f4a4778ca4348ad4fa29c5243d3da9d6&dispatch=54e35983ca3b1d46c2a6650d1dde536e7278203d

Protocol

HTTP/1.1

Server

162.213.251.151 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business90-5.web-hosting.com

Software

Apache / PHP/7.2.34

Resource Hash

e3cc198586d26153fbcd0374cebb96bdf3f1d6196f7b11af921c297aa085e573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: ee-verify-billing.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 12:53:38 GMT
Server: Apache
X-Powered-By: PHP/7.2.34
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1002
Content-Type: text/html; charset=UTF-8
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload;
Referrer-Policy: no-referrer-when-downgrade

Redirect headers

Date: Thu, 04 Feb 2021 12:53:37 GMT
Server: Apache
X-Powered-By: PHP/7.2.34
location: login.php?cmd=_account-details&session=f4a4778ca4348ad4fa29c5243d3da9d6&dispatch=54e35983ca3b1d46c2a6650d1dde536e7278203d
Content-Length: 0
Content-Type: text/html; charset=UTF-8
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload;
Referrer-Policy: no-referrer-when-downgrade

GET
H/1.1 200
OK font-sans.css
ee-verify-billing.net/4909b903ad127ebe6a63cdfe2b132e73/file/ 1 KB
700 B 197ms
196ms Stylesheet
text/css 162.213.251.151
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://ee-verify-billing.net/4909b903ad127ebe6a63cdfe2b132e73/file/font-sans.css

Requested by

Host: ee-verify-billing.net
URL: http://ee-verify-billing.net/4909b903ad127ebe6a63cdfe2b132e73/login.php?cmd=_account-details&session=f4a4778ca4348ad4fa29c5243d3da9d6&dispatch=54e35983ca3b1d46c2a6650d1dde536e7278203d

Protocol

HTTP/1.1

Server

162.213.251.151 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business90-5.web-hosting.com

Software

Apache /

Resource Hash

6225da29bcb513ec7861eb54e621707ddb6edbd2eba6c3b2f855a4481125977a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ee-verify-billing.net/4909b903ad127ebe6a63cdfe2b132e73/login.php?cmd=_account-details&session=f4a4778ca4348ad4fa29c5243d3da9d6&dispatch=54e35983ca3b1d46c2a6650d1dde536e7278203d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 12:53:38 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 04 Feb 2021 12:53:37 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload;
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 254
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK template.css
ee-verify-billing.net/4909b903ad127ebe6a63cdfe2b132e73/file/ 8 KB
3 KB 381ms
356ms Stylesheet
text/css 162.213.251.151
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://ee-verify-billing.net/4909b903ad127ebe6a63cdfe2b132e73/file/template.css

Requested by

Protocol

HTTP/1.1

Server

162.213.251.151 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business90-5.web-hosting.com

Software

Apache /

Resource Hash

418a85116b236ea4569a647212068da8c1cb50ea4e53f0f0a750b40684c8cd08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ee-verify-billing.net/4909b903ad127ebe6a63cdfe2b132e73/login.php?cmd=_account-details&session=f4a4778ca4348ad4fa29c5243d3da9d6&dispatch=54e35983ca3b1d46c2a6650d1dde536e7278203d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 12:53:38 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 04 Feb 2021 12:53:37 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload;
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 2251
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK css.css
ee-verify-billing.net/4909b903ad127ebe6a63cdfe2b132e73/file/ 21 KB
5 KB 383ms
359ms Stylesheet
text/css 162.213.251.151
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://ee-verify-billing.net/4909b903ad127ebe6a63cdfe2b132e73/file/css.css

Requested by

Protocol

HTTP/1.1

Server

162.213.251.151 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business90-5.web-hosting.com

Software

Apache /

Resource Hash

1b37f34884926c6ed60337ec9e80263544312a9b1875b41be7ce21143996066e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ee-verify-billing.net/4909b903ad127ebe6a63cdfe2b132e73/login.php?cmd=_account-details&session=f4a4778ca4348ad4fa29c5243d3da9d6&dispatch=54e35983ca3b1d46c2a6650d1dde536e7278203d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 12:53:38 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 04 Feb 2021 12:53:37 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload;
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 4557
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK jquery.min.js Show response
ee-verify-billing.net/4909b903ad127ebe6a63cdfe2b132e73/file/ 84 KB
30 KB 386ms
362ms Script
application/javascript 162.213.251.151
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://ee-verify-billing.net/4909b903ad127ebe6a63cdfe2b132e73/file/jquery.min.js

Requested by

Protocol

HTTP/1.1

Server

162.213.251.151 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business90-5.web-hosting.com

Software

Apache /

Resource Hash

d6f859d58e6e6b7bbbc7758a97b408b1cb54787d7ae86eff349172ce4da205a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ee-verify-billing.net/4909b903ad127ebe6a63cdfe2b132e73/login.php?cmd=_account-details&session=f4a4778ca4348ad4fa29c5243d3da9d6&dispatch=54e35983ca3b1d46c2a6650d1dde536e7278203d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 12:53:38 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 04 Feb 2021 12:53:37 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload;
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 30047
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK jstz.min.js Show response
ee-verify-billing.net/4909b903ad127ebe6a63cdfe2b132e73/file/ 26 KB
5 KB 383ms
358ms Script
application/javascript 162.213.251.151
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://ee-verify-billing.net/4909b903ad127ebe6a63cdfe2b132e73/file/jstz.min.js

Requested by

Protocol

HTTP/1.1

Server

162.213.251.151 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business90-5.web-hosting.com

Software

Apache /

Resource Hash

739f819b70df6ddf832a38bca8b55abd9ccbc2de0ab444d2e9a23abadef1b92d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ee-verify-billing.net/4909b903ad127ebe6a63cdfe2b132e73/login.php?cmd=_account-details&session=f4a4778ca4348ad4fa29c5243d3da9d6&dispatch=54e35983ca3b1d46c2a6650d1dde536e7278203d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 12:53:38 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 04 Feb 2021 12:53:37 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload;
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 4709
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK jquery.mobile.custom.min.js Show response
ee-verify-billing.net/4909b903ad127ebe6a63cdfe2b132e73/file/ 35 KB
13 KB 384ms
359ms Script
application/javascript 162.213.251.151
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://ee-verify-billing.net/4909b903ad127ebe6a63cdfe2b132e73/file/jquery.mobile.custom.min.js

Requested by

Protocol

HTTP/1.1

Server

162.213.251.151 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business90-5.web-hosting.com

Software

Apache /

Resource Hash

264fe373615bcf15c32ae6df08a6a2bc8a0844b5928af69f9f2967da07e78200

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ee-verify-billing.net/4909b903ad127ebe6a63cdfe2b132e73/login.php?cmd=_account-details&session=f4a4778ca4348ad4fa29c5243d3da9d6&dispatch=54e35983ca3b1d46c2a6650d1dde536e7278203d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 12:53:38 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 04 Feb 2021 12:53:37 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload;
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 12587
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK jquery.browser.min.js Show response
ee-verify-billing.net/4909b903ad127ebe6a63cdfe2b132e73/file/ 3 KB
1 KB 388ms
191ms Script
application/javascript 162.213.251.151
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://ee-verify-billing.net/4909b903ad127ebe6a63cdfe2b132e73/file/jquery.browser.min.js

Requested by

Protocol

HTTP/1.1

Server

162.213.251.151 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business90-5.web-hosting.com

Software

Apache /

Resource Hash

d9829082e496712e896683c4c5055b927751a13b4678cc37ce0c8448e808b83a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ee-verify-billing.net/4909b903ad127ebe6a63cdfe2b132e73/login.php?cmd=_account-details&session=f4a4778ca4348ad4fa29c5243d3da9d6&dispatch=54e35983ca3b1d46c2a6650d1dde536e7278203d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 12:53:38 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 04 Feb 2021 12:53:37 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload;
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 949
X-Content-Type-Options: nosniff

GET
H/1.1 404
Not Found script.js
ee-verify-billing.net/4909b903ad127ebe6a63cdfe2b132e73/file/ 0
0 572ms
191ms Script
text/html 162.213.251.151
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://ee-verify-billing.net/4909b903ad127ebe6a63cdfe2b132e73/file/script.js

Requested by

Protocol

HTTP/1.1

Server

162.213.251.151 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business90-5.web-hosting.com

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ee-verify-billing.net/4909b903ad127ebe6a63cdfe2b132e73/login.php?cmd=_account-details&session=f4a4778ca4348ad4fa29c5243d3da9d6&dispatch=54e35983ca3b1d46c2a6650d1dde536e7278203d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 12:53:38 GMT
Referrer-Policy: no-referrer-when-downgrade
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=iso-8859-1
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload;
Content-Length: 315
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK logo.png
ee-verify-billing.net/4909b903ad127ebe6a63cdfe2b132e73/img/ 3 KB
3 KB 195ms
195ms Image
image/png 162.213.251.151
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://ee-verify-billing.net/4909b903ad127ebe6a63cdfe2b132e73/img/logo.png

Requested by

Protocol

HTTP/1.1

Server

162.213.251.151 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business90-5.web-hosting.com

Software

Apache /

Resource Hash

82928cdbc4d65102f84bbeed6331cbb00d48a29639663ba48e8690f84092a3a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ee-verify-billing.net/4909b903ad127ebe6a63cdfe2b132e73/login.php?cmd=_account-details&session=f4a4778ca4348ad4fa29c5243d3da9d6&dispatch=54e35983ca3b1d46c2a6650d1dde536e7278203d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 12:53:38 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 04 Feb 2021 12:53:37 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload;
Accept-Ranges: bytes
Content-Length: 2939
X-Content-Type-Options: nosniff

GET title.png
binlist.se3curity.com/images/ 0
0

GET
H/1.1 404
Not Found PayPalSansBig-Regular.woff2
ee-verify-billing.net/4909b903ad127ebe6a63cdfe2b132e73/font/ 0
0 192ms
191ms Font
text/html 162.213.251.151
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://ee-verify-billing.net/4909b903ad127ebe6a63cdfe2b132e73/font/PayPalSansBig-Regular.woff2

Requested by

Host: ee-verify-billing.net
URL: http://ee-verify-billing.net/4909b903ad127ebe6a63cdfe2b132e73/file/font-sans.css

Protocol

HTTP/1.1

Server

162.213.251.151 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business90-5.web-hosting.com

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: http://ee-verify-billing.net
Referer: http://ee-verify-billing.net/4909b903ad127ebe6a63cdfe2b132e73/file/font-sans.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 12:53:38 GMT
Referrer-Policy: no-referrer-when-downgrade
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=iso-8859-1
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload;
Content-Length: 315
X-Content-Type-Options: nosniff

GET
H/1.1 404
Not Found PayPalSansBig-Regular.woff
ee-verify-billing.net/4909b903ad127ebe6a63cdfe2b132e73/font/ 0
0 195ms
194ms Font
text/html 162.213.251.151
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://ee-verify-billing.net/4909b903ad127ebe6a63cdfe2b132e73/font/PayPalSansBig-Regular.woff

Requested by

Host: ee-verify-billing.net
URL: http://ee-verify-billing.net/4909b903ad127ebe6a63cdfe2b132e73/file/font-sans.css

Protocol

HTTP/1.1

Server

162.213.251.151 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business90-5.web-hosting.com

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: http://ee-verify-billing.net
Referer: http://ee-verify-billing.net/4909b903ad127ebe6a63cdfe2b132e73/file/font-sans.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 12:53:39 GMT
Referrer-Policy: no-referrer-when-downgrade
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=iso-8859-1
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload;
Content-Length: 315
X-Content-Type-Options: nosniff

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: binlist.se3curity.com
URL: http://binlist.se3curity.com/images/title.png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: PayPal (Financial)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

binlist.se3curity.com
ee-verify-billing.net
binlist.se3curity.com
162.213.251.151
1b37f34884926c6ed60337ec9e80263544312a9b1875b41be7ce21143996066e
264fe373615bcf15c32ae6df08a6a2bc8a0844b5928af69f9f2967da07e78200
418a85116b236ea4569a647212068da8c1cb50ea4e53f0f0a750b40684c8cd08
6225da29bcb513ec7861eb54e621707ddb6edbd2eba6c3b2f855a4481125977a
739f819b70df6ddf832a38bca8b55abd9ccbc2de0ab444d2e9a23abadef1b92d
82928cdbc4d65102f84bbeed6331cbb00d48a29639663ba48e8690f84092a3a5
d6f859d58e6e6b7bbbc7758a97b408b1cb54787d7ae86eff349172ce4da205a8
d9829082e496712e896683c4c5055b927751a13b4678cc37ce0c8448e808b83a
e3cc198586d26153fbcd0374cebb96bdf3f1d6196f7b11af921c297aa085e573

ee-verify-billing.net Open in urlscan Pro 162.213.251.151 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

0 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

62 kBTransfer

184 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

7 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

ee-verify-billing.net Open in urlscan Pro
162.213.251.151 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

62 kB
Transfer

184 kB
Size

0
Cookies

13 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!