b-integral.eu Open in urlscan Pro
139.162.160.9 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ethiopayments.com/wp-content/uploads/r/?id=h121cb1cd,42468d24,4246f816
Effective URL:
https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/login.php
Submission: On May 12 via manual (May 12th 2019, 6:04:56 am UTC) from US

Summary HTTP 25 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 25 HTTP transactions. The main IP is 139.162.160.9, located in Frankfurt am Main, Germany and belongs to LINODE-AP Linode, LLC, US. The main domain is b-integral.eu.
TLS certificate: Issued by cPanel, Inc. Certification Authority on March 25th 2019. Valid for: 3 months.

This is the only time b-integral.eu was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: NAB Bank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1	173.254.28.46 173.254.28.46	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1 - Unified Layer)
1 22	139.162.160.9 139.162.160.9	63949 (LINODE-AP...) (LINODE-AP Linode)
25	3

1 173.254.28.46 (Provo, United States)

ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US)
PTR: just46.justhost.com

ethiopayments.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 139.162.160.9 (Frankfurt am Main, Germany) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: kgcolaw.com

b-integral.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	b-integral.eu 1 redirects b-integral.eu	276 KB
1	ethiopayments.com ethiopayments.com	243 B
25	2

	Domain	Requested by
22	b-integral.eu	1 redirects b-integral.eu
1	ethiopayments.com
25	2

This site contains no links.

Subject Issuer	Validity	Valid
ethiopayments.com Let's Encrypt Authority X3	`2019-05-03` - `2019-08-01`	3 months	crt.sh
b-integral.eu cPanel, Inc. Certification Authority	`2019-03-25` - `2019-06-23`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/login.php
Frame ID: 5C05753CEC0D443B0EF4F038DBC67781
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://ethiopayments.com/wp-content/uploads/r/?id=h121cb1cd,42468d24,4246f816 Page URL
https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/ HTTP 302
https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/login.php Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

25
Requests

88 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

276 kB
Transfer

305 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ethiopayments.com/wp-content/uploads/r/?id=h121cb1cd,42468d24,4246f816 Page URL
https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/ HTTP 302
https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/login.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ ethiopayments.com/wp-content/uploads/r/	133 B 243 B	859ms 389ms	Document text/html	173.254.28.46 Unified Layer
General Check archive.org Show headers Download Go to Full URL https://ethiopayments.com/wp-content/uploads/r/?id=h121cb1cd,42468d24,4246f816 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 173.254.28.46 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US), Reverse DNS just46.justhost.com Software nginx/1.14.1 / Resource Hash Request headers :method GET :authority ethiopayments.com :scheme https :path /wp-content/uploads/r/?id=h121cb1cd,42468d24,4246f816 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers status 200 server nginx/1.14.1 date Sun, 12 May 2019 06:04:41 GMT content-type text/html; charset=UTF-8 x-server-cache false content-encoding gzip
GET H/1.1	200 OK	Primary Request login.php Show response b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/ Redirect Chain https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/ https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/login.php	5 KB 2 KB	287ms 287ms	Document text/html	139.162.160.9 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.162.160.9 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS kgcolaw.com Software / Resource Hash `53090c09e2fd90f7ae4f88fdcf5295b5c72258ae08bcd26e07724accb57f9cbd` Request headers Host b-integral.eu Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Referer https://ethiopayments.com/wp-content/uploads/r/?id=h121cb1cd,42468d24,4246f816 Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://ethiopayments.com/wp-content/uploads/r/?id=h121cb1cd,42468d24,4246f816 Response headers Date Sun, 12 May 2019 06:04:41 GMT Content-Type text/html; charset=UTF-8 Content-Encoding gzip Vary Accept-Encoding X-Varnish 9658755 Age 0 X-Cache MISS Accept-Ranges bytes Transfer-Encoding chunked Connection keep-alive Redirect headers Date Sun, 12 May 2019 06:04:41 GMT Location login.php Content-Type text/html; charset=UTF-8 Content-Encoding gzip Vary Accept-Encoding X-Varnish 9658753 Age 0 X-Cache MISS Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	cck.js Show response b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/filles/	432 B 576 B	58ms 57ms	Script application/javascript	139.162.160.9 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/filles/cck.js Requested by Host: b-integral.eu URL: https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.162.160.9 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS kgcolaw.com Software / Resource Hash `7edf6e3f957185192d8ccc80f8d018159377c9010b0a9739d992d83d6ecf0354` Request headers Referer https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/login.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Sun, 12 May 2019 06:04:42 GMT Content-Encoding gzip Last-Modified Wed, 08 May 2019 23:47:22 GMT Age 0 ETag W/"1ae195-1b0-58868f46e315c" Vary Accept-Encoding X-Cache MISS X-Varnish 9658757 Connection keep-alive Accept-Ranges bytes Content-Type application/javascript Content-Length 243
GET H/1.1	200 OK	vl.js Show response b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/filles/	10 KB 2 KB	363ms 259ms	Script application/javascript	139.162.160.9 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/filles/vl.js Requested by Host: b-integral.eu URL: https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.162.160.9 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS kgcolaw.com Software / Resource Hash `a8713a131510b9078b735d4925f6ec092c040cb27d13f80ff8f5d997fc8b1b6f` Request headers Referer https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/login.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Sun, 12 May 2019 06:04:42 GMT Content-Encoding gzip Last-Modified Wed, 08 May 2019 23:47:22 GMT Age 0 ETag W/"1ae1ab-28fd-58868f46e392c" Vary Accept-Encoding X-Cache MISS X-Varnish 11799423 Connection keep-alive Accept-Ranges bytes Content-Type application/javascript Content-Length 2027
GET H/1.1	200 OK	reset.css b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/filles/	607 B 694 B	113ms 55ms	Stylesheet text/css	139.162.160.9 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/filles/reset.css Requested by Host: b-integral.eu URL: https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.162.160.9 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS kgcolaw.com Software / Resource Hash `1e61ffdfeb77f256dee30dd9b345b360df85c67bace0dc5092ee0afdc44d3e05` Request headers Referer https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/login.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Sun, 12 May 2019 06:04:42 GMT Content-Encoding gzip Last-Modified Wed, 08 May 2019 23:47:22 GMT Age 0 ETag W/"1ae1a8-25f-58868f46e392c" Vary Accept-Encoding X-Cache MISS X-Varnish 9658759 Connection keep-alive Accept-Ranges bytes Content-Type text/css Content-Length 375
GET H/1.1	200 OK	_template-styles.css b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/filles/	20 KB 5 KB	340ms 236ms	Stylesheet text/css	139.162.160.9 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/filles/_template-styles.css Requested by Host: b-integral.eu URL: https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.162.160.9 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS kgcolaw.com Software / Resource Hash `23d1ffde970514024a2b3994a5508d96e357c3b27b1c073086138f7ffc84a891` Request headers Referer https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/login.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Sun, 12 May 2019 06:04:42 GMT Content-Encoding gzip Last-Modified Wed, 08 May 2019 23:47:22 GMT Age 0 ETag W/"1aee87-5082-58868f46e392c" Vary Accept-Encoding X-Cache MISS X-Varnish 10044302 Transfer-Encoding chunked Connection keep-alive Accept-Ranges bytes Content-Type text/css
GET H/1.1	200 OK	_ibRedesign-styles.css b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/filles/	6 KB 2 KB	341ms 237ms	Stylesheet text/css	139.162.160.9 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/filles/_ibRedesign-styles.css Requested by Host: b-integral.eu URL: https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.162.160.9 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS kgcolaw.com Software / Resource Hash `9b52e2fc66c284c625e4a36d1129bce581dbf3aa03dd6fde41bcadd7ffbd8993` Request headers Referer https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/login.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Sun, 12 May 2019 06:04:42 GMT Content-Encoding gzip Last-Modified Wed, 08 May 2019 23:47:22 GMT Age 0 ETag W/"1aee86-1712-58868f46e392c" Vary Accept-Encoding X-Cache MISS X-Varnish 10372075 Connection keep-alive Accept-Ranges bytes Content-Type text/css Content-Length 1604
GET H/1.1	200 OK	logo_nab.png b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/filles/	5 KB 5 KB	348ms 244ms	Image image/png	139.162.160.9 LINODE-AP Linode
General Check archive.org Show headers Download Go to Show image Full URL https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/filles/logo_nab.png Requested by Host: b-integral.eu URL: https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.162.160.9 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS kgcolaw.com Software / Resource Hash `c8b5c36b604b175f0c6be6b98f40c5b82c05b0a76aadd383a61b0f4fe0b3d264` Request headers Referer https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/login.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Sun, 12 May 2019 06:04:42 GMT Last-Modified Wed, 08 May 2019 23:47:22 GMT Age 0 ETag "1ae19d-134f-58868f46e3544" X-Cache MISS X-Varnish 11119826 Connection keep-alive Accept-Ranges bytes Content-Type image/png Content-Length 4943
GET H/1.1	200 OK	button.png b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/filles/	49 KB 50 KB	322ms 276ms	Image image/png	139.162.160.9 LINODE-AP Linode
General Check archive.org Show headers Download Go to Show image Full URL https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/filles/button.png Requested by Host: b-integral.eu URL: https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.162.160.9 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS kgcolaw.com Software / Resource Hash `ce01691bc9c3e2e199ae1ba0fa3b33d0df34e201e76f4a7193efc9169b7deab3` Request headers Referer https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/login.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Sun, 12 May 2019 06:04:42 GMT Last-Modified Wed, 08 May 2019 23:47:22 GMT Age 0 ETag "1ae194-c4ee-58868f46e315c" X-Cache MISS X-Varnish 11897558 Connection keep-alive Accept-Ranges bytes Content-Type image/png Content-Length 50414
GET H/1.1	200 OK	b4nn3r.png b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/filles/	102 KB 102 KB	355ms 355ms	Image image/png	139.162.160.9 LINODE-AP Linode
General Check archive.org Show headers Download Go to Show image Full URL https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/filles/b4nn3r.png Requested by Host: b-integral.eu URL: https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.162.160.9 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS kgcolaw.com Software / Resource Hash `9d5ff6dcd6c6d828f05f2530d1da29bf75d142b28a37c0435c742c708765a151` Request headers Referer https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/login.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Sun, 12 May 2019 06:04:42 GMT Last-Modified Wed, 08 May 2019 23:47:22 GMT Age 0 ETag "1ae18f-197d1-58868f46e315c" X-Cache MISS X-Varnish 11119828 Connection keep-alive Accept-Ranges bytes Content-Type image/png Content-Length 104401
GET H/1.1	200 OK	NAB_Defence.gif b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/filles/	3 KB 3 KB	351ms 351ms	Image image/gif	139.162.160.9 LINODE-AP Linode
General Check archive.org Show headers Download Go to Show image Full URL https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/filles/NAB_Defence.gif Requested by Host: b-integral.eu URL: https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.162.160.9 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS kgcolaw.com Software / Resource Hash `c4d9a3125d8ae44072e64b39bacde45a74d6157c5d8b7e965b9a919739338e84` Request headers Referer https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/login.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Sun, 12 May 2019 06:04:42 GMT Last-Modified Wed, 08 May 2019 23:47:22 GMT Age 0 ETag "1ae1a3-ab5-58868f46e392c" X-Cache MISS X-Varnish 11799425 Connection keep-alive Accept-Ranges bytes Content-Type image/gif Content-Length 2741
GET H/1.1	404 Not Found	gr_arrow-1.png b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/filles/	4 KB 4 KB	5197ms 5197ms	Image text/html	139.162.160.9 LINODE-AP Linode
General Check archive.org Show headers Download Go to Show image Full URL https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/filles/gr_arrow-1.png Requested by Host: b-integral.eu URL: https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.162.160.9 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS kgcolaw.com Software / Resource Hash `e93b075aa5e5f7834531dd18d0f379d45f4a27e0875dfb3e9024f3138e7cd3db` Request headers Referer https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/filles/_ibRedesign-styles.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Sun, 12 May 2019 06:04:42 GMT Age 0 Vary Accept-Encoding X-Cache MISS X-Varnish 10044304 Cache-Control no-cache, must-revalidate, max-age=0 Transfer-Encoding chunked Connection keep-alive Content-Type text/html; charset=UTF-8 Expires Wed, 11 Jan 1984 05:00:00 GMT
GET H/1.1	404 Not Found	bg_banner-2.jpg b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/filles/	16 KB 16 KB	5724ms 5724ms	Image text/html	139.162.160.9 LINODE-AP Linode
General Check archive.org Show headers Download Go to Show image Full URL https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/filles/bg_banner-2.jpg Requested by Host: b-integral.eu URL: https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.162.160.9 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS kgcolaw.com Software / Resource Hash `8e863fe3417d39e96093df45a09b9f06a5100c04ed34b9590ed0034f711d2927` Request headers Referer https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/filles/_ibRedesign-styles.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Sun, 12 May 2019 06:04:42 GMT Age 0 Vary Accept-Encoding X-Cache MISS X-Varnish 10372077 Cache-Control no-cache, must-revalidate, max-age=0 Transfer-Encoding chunked Connection keep-alive Content-Type text/html; charset=UTF-8 Expires Wed, 11 Jan 1984 05:00:00 GMT
GET H/1.1	404 Not Found	bg_input_user.gif b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/images/login/	20 KB 20 KB	3347ms 3346ms	Image text/html	139.162.160.9 LINODE-AP Linode
General Check archive.org Show headers Download Go to Show image Full URL https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/images/login/bg_input_user.gif Requested by Host: b-integral.eu URL: https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.162.160.9 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS kgcolaw.com Software / Resource Hash `fea038ac47225b5e477abe103cb31f3f319018d31bea650c671cc86945208b77` Request headers Referer https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/filles/_ibRedesign-styles.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Sun, 12 May 2019 06:04:42 GMT Age 0 Vary Accept-Encoding X-Cache MISS X-Varnish 10301404 Cache-Control no-cache, must-revalidate, max-age=0 Transfer-Encoding chunked Connection keep-alive Content-Type text/html; charset=UTF-8 Expires Wed, 11 Jan 1984 05:00:00 GMT
GET		ico_sprite.gif b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/filles/	0 0

GET		gr_bg_btn01.gif b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/filles/	0 0

GET H/1.1	404 Not Found	gr_dot-1.gif b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/images/login/	20 KB 20 KB	9026ms 3847ms	Image text/html	139.162.160.9 LINODE-AP Linode
General Check archive.org Show headers Download Go to Show image Full URL https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/images/login/gr_dot-1.gif Requested by Host: b-integral.eu URL: https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.162.160.9 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS kgcolaw.com Software / Resource Hash `fea038ac47225b5e477abe103cb31f3f319018d31bea650c671cc86945208b77` Request headers Referer https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/filles/_template-styles.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Sun, 12 May 2019 06:04:49 GMT Age 0 Vary Accept-Encoding X-Cache MISS X-Varnish 10044306 Cache-Control no-cache, must-revalidate, max-age=0 Transfer-Encoding chunked Connection keep-alive Content-Type text/html; charset=UTF-8 Expires Wed, 11 Jan 1984 05:00:00 GMT
GET H/1.1	404 Not Found	footer-icon-facebook.png b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/filles/	20 KB 20 KB	8838ms 3132ms	Image text/html	139.162.160.9 LINODE-AP Linode
General Check archive.org Show headers Download Go to Show image Full URL https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/filles/footer-icon-facebook.png Requested by Host: b-integral.eu URL: https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.162.160.9 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS kgcolaw.com Software / Resource Hash `fea038ac47225b5e477abe103cb31f3f319018d31bea650c671cc86945208b77` Request headers Referer https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/filles/_ibRedesign-styles.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Sun, 12 May 2019 06:04:48 GMT Age 0 Vary Accept-Encoding X-Cache MISS X-Varnish 10372079 Cache-Control no-cache, must-revalidate, max-age=0 Transfer-Encoding chunked Connection keep-alive Content-Type text/html; charset=UTF-8 Expires Wed, 11 Jan 1984 05:00:00 GMT
GET		footer-icon-twitter.png b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/filles/	0 0

GET H/1.1	404 Not Found	footer-icon-gplus.gif b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/filles/	20 KB 20 KB	8535ms 5206ms	Image text/html	139.162.160.9 LINODE-AP Linode
General Check archive.org Show headers Download Go to Show image Full URL https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/filles/footer-icon-gplus.gif Requested by Host: b-integral.eu URL: https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.162.160.9 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS kgcolaw.com Software / Resource Hash `fea038ac47225b5e477abe103cb31f3f319018d31bea650c671cc86945208b77` Request headers Referer https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/filles/_ibRedesign-styles.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Sun, 12 May 2019 06:04:45 GMT Age 0 Vary Accept-Encoding X-Cache MISS X-Varnish 10301406 Cache-Control no-cache, must-revalidate, max-age=0 Transfer-Encoding chunked Connection keep-alive Content-Type text/html; charset=UTF-8 Expires Wed, 11 Jan 1984 05:00:00 GMT
GET H/1.1	404 Not Found	footer-icon-youtube.png b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/filles/	4 KB 4 KB	5164ms 4822ms	Image text/html	139.162.160.9 LINODE-AP Linode
General Check archive.org Show headers Download Go to Show image Full URL https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/filles/footer-icon-youtube.png Requested by Host: b-integral.eu URL: https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.162.160.9 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS kgcolaw.com Software / Resource Hash `e93b075aa5e5f7834531dd18d0f379d45f4a27e0875dfb3e9024f3138e7cd3db` Request headers Referer https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/filles/_ibRedesign-styles.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Sun, 12 May 2019 06:04:42 GMT Age 0 Vary Accept-Encoding X-Cache MISS X-Varnish 11119830 Cache-Control no-cache, must-revalidate, max-age=0 Transfer-Encoding chunked Connection keep-alive Content-Type text/html; charset=UTF-8 Expires Wed, 11 Jan 1984 05:00:00 GMT
GET H/1.1	404 Not Found	corpid-l-webfont.woff b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/webfonts/	0 0	2827ms 2810ms	Font text/html	139.162.160.9 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/webfonts/corpid-l-webfont.woff Requested by Host: b-integral.eu URL: https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.162.160.9 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS kgcolaw.com Software / Resource Hash Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/filles/_template-styles.css Origin https://b-integral.eu Response headers Date Sun, 12 May 2019 06:04:42 GMT Content-Encoding gzip Age 0 Vary Accept-Encoding X-Cache MISS X-Varnish 11897560 Cache-Control no-cache, must-revalidate, max-age=0 Transfer-Encoding chunked Connection keep-alive Content-Type text/html; charset=UTF-8 Expires Wed, 11 Jan 1984 05:00:00 GMT
GET H/1.1	404 Not Found	corpid-b-webfont.woff b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/webfonts/	0 0	3518ms 3175ms	Font text/html	139.162.160.9 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/webfonts/corpid-b-webfont.woff Requested by Host: b-integral.eu URL: https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.162.160.9 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS kgcolaw.com Software / Resource Hash Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/filles/_template-styles.css Origin https://b-integral.eu Response headers Date Sun, 12 May 2019 06:04:42 GMT Content-Encoding gzip Age 0 Vary Accept-Encoding X-Cache MISS X-Varnish 11799427 Cache-Control no-cache, must-revalidate, max-age=0 Transfer-Encoding chunked Connection keep-alive Content-Type text/html; charset=UTF-8 Expires Wed, 11 Jan 1984 05:00:00 GMT
GET H/1.1	404 Not Found	corpid-l-webfont.ttf b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/webfonts/	0 0	4057ms 3959ms	Font text/html	139.162.160.9 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/webfonts/corpid-l-webfont.ttf Requested by Host: b-integral.eu URL: https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.162.160.9 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS kgcolaw.com Software / Resource Hash Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/filles/_template-styles.css Origin https://b-integral.eu Response headers Date Sun, 12 May 2019 06:04:45 GMT Content-Encoding gzip Age 0 Vary Accept-Encoding X-Cache MISS X-Varnish 10477925 Cache-Control no-cache, must-revalidate, max-age=0 Transfer-Encoding chunked Connection keep-alive Content-Type text/html; charset=UTF-8 Expires Wed, 11 Jan 1984 05:00:00 GMT
GET H/1.1	404 Not Found	corpid-b-webfont.ttf b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/webfonts/	0 0	4725ms 4606ms	Font text/html	139.162.160.9 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/webfonts/corpid-b-webfont.ttf Requested by Host: b-integral.eu URL: https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.162.160.9 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS kgcolaw.com Software / Resource Hash Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/filles/_template-styles.css Origin https://b-integral.eu Response headers Date Sun, 12 May 2019 06:04:46 GMT Content-Encoding gzip Age 0 Vary Accept-Encoding X-Cache MISS X-Varnish 11732498 Cache-Control no-cache, must-revalidate, max-age=0 Transfer-Encoding chunked Connection keep-alive Content-Type text/html; charset=UTF-8 Expires Wed, 11 Jan 1984 05:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: b-integral.eu
URL: https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/filles/ico_sprite.gif

Domain: b-integral.eu
URL: https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/filles/gr_bg_btn01.gif

Domain: b-integral.eu
URL: https://b-integral.eu/wp-content/themes/twentyseventeen/inc/updatebillinginfo/updatenab/filles/footer-icon-twitter.png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: NAB Bank (Banking)

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b-integral.eu
ethiopayments.com
b-integral.eu
139.162.160.9
173.254.28.46
1e61ffdfeb77f256dee30dd9b345b360df85c67bace0dc5092ee0afdc44d3e05
23d1ffde970514024a2b3994a5508d96e357c3b27b1c073086138f7ffc84a891
53090c09e2fd90f7ae4f88fdcf5295b5c72258ae08bcd26e07724accb57f9cbd
7edf6e3f957185192d8ccc80f8d018159377c9010b0a9739d992d83d6ecf0354
8e863fe3417d39e96093df45a09b9f06a5100c04ed34b9590ed0034f711d2927
9b52e2fc66c284c625e4a36d1129bce581dbf3aa03dd6fde41bcadd7ffbd8993
9d5ff6dcd6c6d828f05f2530d1da29bf75d142b28a37c0435c742c708765a151
a8713a131510b9078b735d4925f6ec092c040cb27d13f80ff8f5d997fc8b1b6f
c4d9a3125d8ae44072e64b39bacde45a74d6157c5d8b7e965b9a919739338e84
c8b5c36b604b175f0c6be6b98f40c5b82c05b0a76aadd383a61b0f4fe0b3d264
ce01691bc9c3e2e199ae1ba0fa3b33d0df34e201e76f4a7193efc9169b7deab3
e93b075aa5e5f7834531dd18d0f379d45f4a27e0875dfb3e9024f3138e7cd3db
fea038ac47225b5e477abe103cb31f3f319018d31bea650c671cc86945208b77

b-integral.eu Open in urlscan Pro 139.162.160.9 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

25 Requests

88 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

3 IPs

2 Countries

276 kBTransfer

305 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

26 JavaScript Global Variables

0 Cookies

Indicators

b-integral.eu Open in urlscan Pro
139.162.160.9 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

88 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

276 kB
Transfer

305 kB
Size

0
Cookies

25 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!