urlscan.io logo urlscan.io
SecurityTrails logo

ib4b.co.za Open in urlscan Pro
154.0.167.88  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://lvisurl.us/G9y6Ms
Effective URL: http://ib4b.co.za/new/new/mydcu_services/login.php?cmd=login_submit&idtdNPbCMwYWLRNumCBe7z2fNzCDjbr4I2WhLcITE8EYGv...
Submission: On March 26 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 4 domains to perform 10 HTTP transactions. The main IP is 154.0.167.88, located in South Africa and belongs to Afrihost, ZA. The main domain is ib4b.co.za.
This is the only time ib4b.co.za was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DCU (Banking)

Domain & IP information

IP Address AS Autonomous System
1 1 206.189.125.60 14061 (DIGITALOC...)
8 154.0.167.88 37611 (Afrihost)
1 2a00:1450:400... 15169 (GOOGLE)
1 69.89.31.230 46606 (UNIFIEDLA...)
10 3
Apex Domain
Subdomains		 Transfer
8 ib4b.co.za
ib4b.co.za
952 KB
1 smallenvelop.com
smallenvelop.com
367 B
1 googleapis.com
ajax.googleapis.com
29 KB
1 lvisurl.us
lvisurl.us
1010 B
10 4
Domain Requested by
8 ib4b.co.za ib4b.co.za
1 smallenvelop.com ib4b.co.za
1 ajax.googleapis.com ib4b.co.za
1 lvisurl.us 1 redirects
10 4

This site contains no links.

Subject Issuer Validity Valid
*.googleapis.com
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh
smallenvelop.com
Let's Encrypt Authority X3		 2019-02-19 -
2019-05-20		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://ib4b.co.za/new/new/mydcu_services/login.php?cmd=login_submit&idtdNPbCMwYWLRNumCBe7z2fNzCDjbr4I2WhLcITE8EYGvTJgQ2nCxt6ypMuLQaXp7ugF51EitiqxUVKnV
Frame ID: E4DB1E226E2355976B215E246D6DC6E0
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://lvisurl.us/G9y6Ms HTTP 301
    http://ib4b.co.za/new/new/mydcu_services/ Page URL
  2. http://ib4b.co.za/new/new/mydcu_services/login.php?cmd=login_submit&idtdNPbCMwYWLRNumCBe7z2fNz... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

10
Requests

20 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

982 kB
Transfer

1034 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://lvisurl.us/G9y6Ms HTTP 301
    http://ib4b.co.za/new/new/mydcu_services/ Page URL
  2. http://ib4b.co.za/new/new/mydcu_services/login.php?cmd=login_submit&idtdNPbCMwYWLRNumCBe7z2fNzCDjbr4I2WhLcITE8EYGvTJgQ2nCxt6ypMuLQaXp7ugF51EitiqxUVKnV Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://lvisurl.us/G9y6Ms HTTP 301
  • http://ib4b.co.za/new/new/mydcu_services/

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set /
ib4b.co.za/new/new/mydcu_services/
Redirect Chain
  • http://lvisurl.us/G9y6Ms
  • http://ib4b.co.za/new/new/mydcu_services/
197 B
578 B 		Document
General
Check archive.org
Download Go to
Full URL
http://ib4b.co.za/new/new/mydcu_services/
Protocol
HTTP/1.1
Server
154.0.167.88 , South Africa, ASN37611 (Afrihost, ZA),
Reverse DNS
odiva.aserv.co.za
Software
Apache /
Resource Hash
3601d7f6449802f1b56d7c397ba894c22b5f1bddeddc4aaa9b3b03c79b41a67a

Request headers

Host
ib4b.co.za
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 26 Mar 2019 04:49:17 GMT
Server
Apache
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Set-Cookie
PHPSESSID=25c6fff9bc6f9d8341927ae1587f94ae; path=/
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Tue, 26 Mar 2019 04:49:18 GMT
Server
Apache/2.4.18 (Ubuntu)
Cache-Control
no-cache
Location
http://ib4b.co.za/new/new/mydcu_services/
Set-Cookie
XSRF-TOKEN=eyJpdiI6IkNzT2FTV2NaU2Y4a1FrNDhma3BFeXc9PSIsInZhbHVlIjoiQzczOFIzeGpRU3QxNFdjMzNQd2VveUJ5cmtOOEtqZlhjb0ttems4Vm1peFU4bUdKOWI5V2Y3dHJaNEFyYXYzUE1GeFhHTUlvcE10V1hNSXN4UDZiQ1E9PSIsIm1hYyI6IjYxOTY0YTgwZjA1YzU1ZDFlNmM4Nzc4YjZlZWVkMGYwZGI3NjhhYWQzY2Y5ODMxZDM5YTY3Y2M2OWY3YTNiN2MifQ%3D%3D; expires=Tue, 26-Mar-2019 06:49:18 GMT; Max-Age=7200; path=/ laravel_session=eyJpdiI6Im9uRFM0a2FwdjA4aWpjVDZpTFwveEpRPT0iLCJ2YWx1ZSI6IlRcL2FOcWJqaURNbVZXbjg0ajJPWTRNblpKZnhFdkxudUkyNXRRcnlNXC9jTFhQNzZ3aE13d2xKNWhuOWNadk5jOWY4RVpJMW1zMklJK09HR2FWVzFJXC9RPT0iLCJtYWMiOiI2YmJjZWJkYTk4MTMxNGQ5YTQ4Zjk5OWNlMjc3MWM2ODMwMjMyMTk5NTQxNTBiMzYyOTljYjMzZGM4ZTViZDVmIn0%3D; expires=Tue, 26-Mar-2019 06:49:18 GMT; Max-Age=7200; path=/; HttpOnly
Content-Length
408
Connection
close
Content-Type
text/html; charset=UTF-8
Primary Request login.php
ib4b.co.za/new/new/mydcu_services/ 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ib4b.co.za/new/new/mydcu_services/login.php?cmd=login_submit&idtdNPbCMwYWLRNumCBe7z2fNzCDjbr4I2WhLcITE8EYGvTJgQ2nCxt6ypMuLQaXp7ugF51EitiqxUVKnV
Requested by
Host: ib4b.co.za
URL: http://ib4b.co.za/new/new/mydcu_services/
Protocol
HTTP/1.1
Server
154.0.167.88 , South Africa, ASN37611 (Afrihost, ZA),
Reverse DNS
odiva.aserv.co.za
Software
Apache /
Resource Hash
1aef1e3e92e2d172e45f33eede887510391f03bb56c63caee90cd03705c4c425

Request headers

Host
ib4b.co.za
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://ib4b.co.za/new/new/mydcu_services/
Accept-Encoding
gzip, deflate
Cookie
PHPSESSID=25c6fff9bc6f9d8341927ae1587f94ae
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://ib4b.co.za/new/new/mydcu_services/

Response headers

Date
Tue, 26 Mar 2019 04:49:17 GMT
Server
Apache
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: ib4b.co.za
URL: http://ib4b.co.za/new/new/mydcu_services/login.php?cmd=login_submit&idtdNPbCMwYWLRNumCBe7z2fNzCDjbr4I2WhLcITE8EYGvTJgQ2nCxt6ypMuLQaXp7ugF51EitiqxUVKnV
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:806::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://ib4b.co.za/new/new/mydcu_services/login.php?cmd=login_submit&idtdNPbCMwYWLRNumCBe7z2fNzCDjbr4I2WhLcITE8EYGvTJgQ2nCxt6ypMuLQaXp7ugF51EitiqxUVKnV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 09 Mar 2019 03:36:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1473168
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
30028
x-xss-protection
1; mode=block
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Mar 2020 03:36:31 GMT
c1.png
ib4b.co.za/new/new/mydcu_services/images/ 		478 KB
478 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ib4b.co.za/new/new/mydcu_services/images/c1.png
Requested by
Host: ib4b.co.za
URL: http://ib4b.co.za/new/new/mydcu_services/login.php?cmd=login_submit&idtdNPbCMwYWLRNumCBe7z2fNzCDjbr4I2WhLcITE8EYGvTJgQ2nCxt6ypMuLQaXp7ugF51EitiqxUVKnV
Protocol
HTTP/1.1
Server
154.0.167.88 , South Africa, ASN37611 (Afrihost, ZA),
Reverse DNS
odiva.aserv.co.za
Software
Apache /
Resource Hash
79f33189a2bac0db827fe1caf3748c0977e690a37bcebf12bed397e4c7a84fa4

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
ib4b.co.za
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://ib4b.co.za/new/new/mydcu_services/login.php?cmd=login_submit&idtdNPbCMwYWLRNumCBe7z2fNzCDjbr4I2WhLcITE8EYGvTJgQ2nCxt6ypMuLQaXp7ugF51EitiqxUVKnV
Cookie
PHPSESSID=25c6fff9bc6f9d8341927ae1587f94ae
Connection
keep-alive
Cache-Control
no-cache
Referer
http://ib4b.co.za/new/new/mydcu_services/login.php?cmd=login_submit&idtdNPbCMwYWLRNumCBe7z2fNzCDjbr4I2WhLcITE8EYGvTJgQ2nCxt6ypMuLQaXp7ugF51EitiqxUVKnV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 26 Mar 2019 04:49:18 GMT
Last-Modified
Sat, 19 Jan 2019 03:59:04 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
489592
c2.png
ib4b.co.za/new/new/mydcu_services/images/ 		366 KB
366 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ib4b.co.za/new/new/mydcu_services/images/c2.png
Requested by
Host: ib4b.co.za
URL: http://ib4b.co.za/new/new/mydcu_services/login.php?cmd=login_submit&idtdNPbCMwYWLRNumCBe7z2fNzCDjbr4I2WhLcITE8EYGvTJgQ2nCxt6ypMuLQaXp7ugF51EitiqxUVKnV
Protocol
HTTP/1.1
Server
154.0.167.88 , South Africa, ASN37611 (Afrihost, ZA),
Reverse DNS
odiva.aserv.co.za
Software
Apache /
Resource Hash
6baa9636645bc56e3f1aaf724ab26ca5be95ef4eb6e9311099b38e83b085e745

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
ib4b.co.za
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://ib4b.co.za/new/new/mydcu_services/login.php?cmd=login_submit&idtdNPbCMwYWLRNumCBe7z2fNzCDjbr4I2WhLcITE8EYGvTJgQ2nCxt6ypMuLQaXp7ugF51EitiqxUVKnV
Cookie
PHPSESSID=25c6fff9bc6f9d8341927ae1587f94ae
Connection
keep-alive
Cache-Control
no-cache
Referer
http://ib4b.co.za/new/new/mydcu_services/login.php?cmd=login_submit&idtdNPbCMwYWLRNumCBe7z2fNzCDjbr4I2WhLcITE8EYGvTJgQ2nCxt6ypMuLQaXp7ugF51EitiqxUVKnV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 26 Mar 2019 04:49:18 GMT
Last-Modified
Thu, 08 Nov 2018 12:47:02 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
374672
c3.png
ib4b.co.za/new/new/mydcu_services/images/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ib4b.co.za/new/new/mydcu_services/images/c3.png
Requested by
Host: ib4b.co.za
URL: http://ib4b.co.za/new/new/mydcu_services/login.php?cmd=login_submit&idtdNPbCMwYWLRNumCBe7z2fNzCDjbr4I2WhLcITE8EYGvTJgQ2nCxt6ypMuLQaXp7ugF51EitiqxUVKnV
Protocol
HTTP/1.1
Server
154.0.167.88 , South Africa, ASN37611 (Afrihost, ZA),
Reverse DNS
odiva.aserv.co.za
Software
Apache /
Resource Hash
a2a559373b1187fd99818424acb16514c5a7edd45ea3e892bedbde283f296d3d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
ib4b.co.za
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://ib4b.co.za/new/new/mydcu_services/login.php?cmd=login_submit&idtdNPbCMwYWLRNumCBe7z2fNzCDjbr4I2WhLcITE8EYGvTJgQ2nCxt6ypMuLQaXp7ugF51EitiqxUVKnV
Cookie
PHPSESSID=25c6fff9bc6f9d8341927ae1587f94ae
Connection
keep-alive
Cache-Control
no-cache
Referer
http://ib4b.co.za/new/new/mydcu_services/login.php?cmd=login_submit&idtdNPbCMwYWLRNumCBe7z2fNzCDjbr4I2WhLcITE8EYGvTJgQ2nCxt6ypMuLQaXp7ugF51EitiqxUVKnV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 26 Mar 2019 04:49:18 GMT
Last-Modified
Wed, 15 Aug 2018 10:21:50 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
37980
c4.png
ib4b.co.za/new/new/mydcu_services/images/ 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ib4b.co.za/new/new/mydcu_services/images/c4.png
Requested by
Host: ib4b.co.za
URL: http://ib4b.co.za/new/new/mydcu_services/login.php?cmd=login_submit&idtdNPbCMwYWLRNumCBe7z2fNzCDjbr4I2WhLcITE8EYGvTJgQ2nCxt6ypMuLQaXp7ugF51EitiqxUVKnV
Protocol
HTTP/1.1
Server
154.0.167.88 , South Africa, ASN37611 (Afrihost, ZA),
Reverse DNS
odiva.aserv.co.za
Software
Apache /
Resource Hash
472817838f3a31f9e621d8e5ea92f41de250d9198d1f5b375aeb05a750490957

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
ib4b.co.za
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://ib4b.co.za/new/new/mydcu_services/login.php?cmd=login_submit&idtdNPbCMwYWLRNumCBe7z2fNzCDjbr4I2WhLcITE8EYGvTJgQ2nCxt6ypMuLQaXp7ugF51EitiqxUVKnV
Cookie
PHPSESSID=25c6fff9bc6f9d8341927ae1587f94ae
Connection
keep-alive
Cache-Control
no-cache
Referer
http://ib4b.co.za/new/new/mydcu_services/login.php?cmd=login_submit&idtdNPbCMwYWLRNumCBe7z2fNzCDjbr4I2WhLcITE8EYGvTJgQ2nCxt6ypMuLQaXp7ugF51EitiqxUVKnV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 26 Mar 2019 04:49:18 GMT
Last-Modified
Wed, 15 Aug 2018 10:22:26 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
60752
gn.png
ib4b.co.za/new/new/mydcu_services/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ib4b.co.za/new/new/mydcu_services/images/gn.png
Requested by
Host: ib4b.co.za
URL: http://ib4b.co.za/new/new/mydcu_services/login.php?cmd=login_submit&idtdNPbCMwYWLRNumCBe7z2fNzCDjbr4I2WhLcITE8EYGvTJgQ2nCxt6ypMuLQaXp7ugF51EitiqxUVKnV
Protocol
HTTP/1.1
Server
154.0.167.88 , South Africa, ASN37611 (Afrihost, ZA),
Reverse DNS
odiva.aserv.co.za
Software
Apache /
Resource Hash
8a778932b792abe2ec58039f218bf0411b38bf24fbcd7b8b952b835eeec213ff

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
ib4b.co.za
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://ib4b.co.za/new/new/mydcu_services/login.php?cmd=login_submit&idtdNPbCMwYWLRNumCBe7z2fNzCDjbr4I2WhLcITE8EYGvTJgQ2nCxt6ypMuLQaXp7ugF51EitiqxUVKnV
Cookie
PHPSESSID=25c6fff9bc6f9d8341927ae1587f94ae
Connection
keep-alive
Cache-Control
no-cache
Referer
http://ib4b.co.za/new/new/mydcu_services/login.php?cmd=login_submit&idtdNPbCMwYWLRNumCBe7z2fNzCDjbr4I2WhLcITE8EYGvTJgQ2nCxt6ypMuLQaXp7ugF51EitiqxUVKnV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 26 Mar 2019 04:49:18 GMT
Last-Modified
Thu, 08 Nov 2018 12:36:44 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2551
c5.png
ib4b.co.za/new/new/mydcu_services/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ib4b.co.za/new/new/mydcu_services/images/c5.png
Requested by
Host: ib4b.co.za
URL: http://ib4b.co.za/new/new/mydcu_services/login.php?cmd=login_submit&idtdNPbCMwYWLRNumCBe7z2fNzCDjbr4I2WhLcITE8EYGvTJgQ2nCxt6ypMuLQaXp7ugF51EitiqxUVKnV
Protocol
HTTP/1.1
Server
154.0.167.88 , South Africa, ASN37611 (Afrihost, ZA),
Reverse DNS
odiva.aserv.co.za
Software
Apache /
Resource Hash
542a851bf6790433c2d963032b726618464909d452ba6d5a32f2ccb00e84bfb9

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
ib4b.co.za
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://ib4b.co.za/new/new/mydcu_services/login.php?cmd=login_submit&idtdNPbCMwYWLRNumCBe7z2fNzCDjbr4I2WhLcITE8EYGvTJgQ2nCxt6ypMuLQaXp7ugF51EitiqxUVKnV
Cookie
PHPSESSID=25c6fff9bc6f9d8341927ae1587f94ae
Connection
keep-alive
Cache-Control
no-cache
Referer
http://ib4b.co.za/new/new/mydcu_services/login.php?cmd=login_submit&idtdNPbCMwYWLRNumCBe7z2fNzCDjbr4I2WhLcITE8EYGvTJgQ2nCxt6ypMuLQaXp7ugF51EitiqxUVKnV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 26 Mar 2019 04:49:18 GMT
Last-Modified
Sat, 19 Jan 2019 03:55:40 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
3283
Preloader_11.gif
smallenvelop.com/wp-content/uploads/2014/08/ 		0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smallenvelop.com/wp-content/uploads/2014/08/Preloader_11.gif
Requested by
Host: ib4b.co.za
URL: http://ib4b.co.za/new/new/mydcu_services/login.php?cmd=login_submit&idtdNPbCMwYWLRNumCBe7z2fNzCDjbr4I2WhLcITE8EYGvTJgQ2nCxt6ypMuLQaXp7ugF51EitiqxUVKnV
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.89.31.230 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
box430.bluehost.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ib4b.co.za/new/new/mydcu_services/login.php?cmd=login_submit&idtdNPbCMwYWLRNumCBe7z2fNzCDjbr4I2WhLcITE8EYGvTJgQ2nCxt6ypMuLQaXp7ugF51EitiqxUVKnV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DCU (Banking)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| isNumberKey function| $ function| jQuery

1 Cookies

Domain/Path Name / Value
ib4b.co.za/ Name: PHPSESSID
Value: 25c6fff9bc6f9d8341927ae1587f94ae