mefotec.inatec.edu.ni
Open in
urlscan Pro
200.62.114.130
Malicious Activity!
Public Scan
URL:
http://mefotec.inatec.edu.ni/tmp/nb/33048ebf86d4924fbf8f215f183476c5/
Submission: On June 19 via automatic, source openphish
Submission: On June 19 via automatic, source openphish
Summary
This website contacted 3 IPs
in 3 countries
across 3 domains to perform 27 HTTP transactions.
The main IP is 200.62.114.130, located in
Managua, Nicaragua and
belongs to Telgua, GT.
The main domain is mefotec.inatec.edu.ni.
This is the only time mefotec.inatec.edu.ni was scanned on urlscan.io!
This is the only time mefotec.inatec.edu.ni was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: NAB Bank (Banking)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 24 | 200.62.114.130 200.62.114.130 | 14754 (Telgua) (Telgua) | |
| 1 | 2400:cb00:204... 2400:cb00:2048:1::6813:c066 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - CloudFlare) | |
| 2 | 2a00:1450:400... 2a00:1450:4001:819::200e | 15169 (GOOGLE) (GOOGLE - Google Inc.) | |
| 27 | 3 |
24
200.62.114.130
(Managua, Nicaragua)
ASN14754 (Telgua, GT)
PTR: 130-114-62-200.enitel.net.ni
ASN14754 (Telgua, GT)
PTR: 130-114-62-200.enitel.net.ni
| mefotec.inatec.edu.ni |
1
2400:cb00:2048:1::6813:c066
(United States)
ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)
ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)
| ajax.cloudflare.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 24 |
inatec.edu.ni
mefotec.inatec.edu.ni |
84 KB |
| 2 |
google-analytics.com
www.google-analytics.com |
16 KB |
| 1 |
cloudflare.com
ajax.cloudflare.com |
22 KB |
| 27 | 3 |
| Domain | Requested by | |
|---|---|---|
| 24 | mefotec.inatec.edu.ni |
mefotec.inatec.edu.ni
|
| 2 | www.google-analytics.com |
mefotec.inatec.edu.ni
|
| 1 | ajax.cloudflare.com |
mefotec.inatec.edu.ni
|
| 27 | 3 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.google-analytics.com Google Internet Authority G2 |
2017-06-07 - 2017-08-30 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://mefotec.inatec.edu.ni/tmp/nb/33048ebf86d4924fbf8f215f183476c5/
Frame ID: 14408.1
Requests: 27 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request 19- http://www.google-analytics.com/ga.js
- https://www.google-analytics.com/ga.js
- http://www.google-analytics.com/__utm.gif?utmwv=5.5.5&utms=1&utmn=920786670&utmhn=mefotec.inatec.edu.ni&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&u...
- https://www.google-analytics.com/__utm.gif?utmwv=5.5.5&utms=1&utmn=920786670&utmhn=mefotec.inatec.edu.ni&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&...
27 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
/
mefotec.inatec.edu.ni/tmp/nb/33048ebf86d4924fbf8f215f183476c5/ |
40 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ga.js
mefotec.inatec.edu.ni/tmp/nb/33048ebf86d4924fbf8f215f183476c5/NAB%20%20%20Credit%20your%20account%20with%20$75%20AUD%20bonus_fichiers/ |
40 KB 16 KB |
Script
text/x-js |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cloudflare.js
mefotec.inatec.edu.ni/tmp/nb/33048ebf86d4924fbf8f215f183476c5/NAB%20%20%20Credit%20your%20account%20with%20$75%20AUD%20bonus_fichiers/ |
48 KB 17 KB |
Script
text/x-js |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
rocket.js
mefotec.inatec.edu.ni/tmp/nb/33048ebf86d4924fbf8f215f183476c5/NAB%20%20%20Credit%20your%20account%20with%20$75%20AUD%20bonus_fichiers/ |
83 KB 25 KB |
Script
text/x-js |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ContentStyle.css
mefotec.inatec.edu.ni/tmp/nb/33048ebf86d4924fbf8f215f183476c5/NAB%20%20%20Credit%20your%20account%20with%20$75%20AUD%20bonus_fichiers/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
LayoutStyle2.css
mefotec.inatec.edu.ni/tmp/nb/33048ebf86d4924fbf8f215f183476c5/NAB%20%20%20Credit%20your%20account%20with%20$75%20AUD%20bonus_fichiers/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ProgressBar.css
mefotec.inatec.edu.ni/tmp/nb/33048ebf86d4924fbf8f215f183476c5/NAB%20%20%20Credit%20your%20account%20with%20$75%20AUD%20bonus_fichiers/ |
361 B 214 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sIFR-screen.css
mefotec.inatec.edu.ni/tmp/nb/33048ebf86d4924fbf8f215f183476c5/NAB%20%20%20Credit%20your%20account%20with%20$75%20AUD%20bonus_fichiers/ |
289 B 191 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
common.js
mefotec.inatec.edu.ni/tmp/nb/33048ebf86d4924fbf8f215f183476c5/NAB%20%20%20Credit%20your%20account%20with%20$75%20AUD%20bonus_fichiers/ |
3 KB 901 B |
Script
text/x-js |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
validator.js
mefotec.inatec.edu.ni/tmp/nb/33048ebf86d4924fbf8f215f183476c5/NAB%20%20%20Credit%20your%20account%20with%20$75%20AUD%20bonus_fichiers/ |
6 KB 1 KB |
Script
text/x-js |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
nabLogo.gif
mefotec.inatec.edu.ni/tmp/nb/33048ebf86d4924fbf8f215f183476c5/NAB%20%20%20Credit%20your%20account%20with%20$75%20AUD%20bonus_fichiers/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
osid.jpg
mefotec.inatec.edu.ni/tmp/nb/33048ebf86d4924fbf8f215f183476c5/NAB%20%20%20Credit%20your%20account%20with%20$75%20AUD%20bonus_fichiers/ |
5 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
next_button.gif
mefotec.inatec.edu.ni/tmp/nb/33048ebf86d4924fbf8f215f183476c5/NAB%20%20%20Credit%20your%20account%20with%20$75%20AUD%20bonus_fichiers/ |
348 B 341 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dcs_003.gif
mefotec.inatec.edu.ni/tmp/nb/33048ebf86d4924fbf8f215f183476c5/NAB%20%20%20Credit%20your%20account%20with%20$75%20AUD%20bonus_fichiers/ |
43 B 43 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dcs_002.gif
mefotec.inatec.edu.ni/tmp/nb/33048ebf86d4924fbf8f215f183476c5/NAB%20%20%20Credit%20your%20account%20with%20$75%20AUD%20bonus_fichiers/ |
43 B 43 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dcs.gif
mefotec.inatec.edu.ni/tmp/nb/33048ebf86d4924fbf8f215f183476c5/NAB%20%20%20Credit%20your%20account%20with%20$75%20AUD%20bonus_fichiers/ |
43 B 43 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cloudflare.min.js
ajax.cloudflare.com/cdn-cgi/nexp/dokv=97fb4d042e/ |
60 KB 22 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
LayoutStyle2-print.css
mefotec.inatec.edu.ni/tmp/nb/33048ebf86d4924fbf8f215f183476c5/NAB%20%20%20Credit%20your%20account%20with%20$75%20AUD%20bonus_fichiers/ |
540 B 332 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
LayoutStyle2-increased.css
mefotec.inatec.edu.ni/tmp/nb/33048ebf86d4924fbf8f215f183476c5/NAB%20%20%20Credit%20your%20account%20with%20$75%20AUD%20bonus_fichiers/ |
107 B 96 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sIFR-print.css
mefotec.inatec.edu.ni/tmp/nb/33048ebf86d4924fbf8f215f183476c5/NAB%20%20%20Credit%20your%20account%20with%20$75%20AUD%20bonus_fichiers/ |
263 B 166 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
ga.js
www.google-analytics.com/ Redirect Chain
|
42 KB 16 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
__utm.gif
www.google-analytics.com/ Redirect Chain
|
35 B 44 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
nab_calc_bg.gif
mefotec.inatec.edu.ni/tmp/nb/33048ebf86d4924fbf8f215f183476c5/images/ |
1 KB 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
banner_header.jpg
mefotec.inatec.edu.ni/tmp/nb/33048ebf86d4924fbf8f215f183476c5/images/ |
1 KB 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
LayoutStyle2.css
mefotec.inatec.edu.ni/tmp/nb/33048ebf86d4924fbf8f215f183476c5/NAB%20%20%20Credit%20your%20account%20with%20$75%20AUD%20bonus_fichiers/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ContentStyle.css
mefotec.inatec.edu.ni/tmp/nb/33048ebf86d4924fbf8f215f183476c5/NAB%20%20%20Credit%20your%20account%20with%20$75%20AUD%20bonus_fichiers/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ProgressBar.css
mefotec.inatec.edu.ni/tmp/nb/33048ebf86d4924fbf8f215f183476c5/NAB%20%20%20Credit%20your%20account%20with%20$75%20AUD%20bonus_fichiers/ |
361 B 214 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmu=q~){kind=link}
%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmu=q~){kind=link}
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: NAB Bank (Banking)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .mefotec.inatec.edu.ni/ | Name: __utmz Value: 97975171.1497834520.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none) |
|
| .mefotec.inatec.edu.ni/ | Name: __utmc Value: 97975171 |
|
| .mefotec.inatec.edu.ni/ | Name: __utmb Value: 97975171.1.10.1497834520 |
|
| .mefotec.inatec.edu.ni/ | Name: __utma Value: 97975171.142457508.1497834520.1497834520.1497834520.1 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.cloudflare.com
mefotec.inatec.edu.ni
www.google-analytics.com
200.62.114.130
2400:cb00:2048:1::6813:c066
2a00:1450:4001:819::200e
00f0fb1c133aba5871ac0cacc728b1a730f67b816083eda4f43b170456bdbc07
16e6ed25e6931ccca3cae1775e4bf670e5e1b5f5b175f79f91ff474c633a3b69
223743c9cbc7cb20d4487632083bfba2ee5aeb6ff177b1e61d21feadc40cb325
365a873340d0bd94cad9382b99a2b67ce30956f64d3fadf2181e6e7df124a122
370a188036cd1d069bf437093073742de1045a3416b553fb2fbd0dffd1b4a9df
37694eefc68351471a258bc23dc8084f9fbd0316ffe76ccdff3abcde06cd8875
3b19433d39aa4ca74186fd2dfab1f2590e158d1c4229fd2c211ee1d34c0b4c4a
4e2ed635abf0b2dcbac3ea04d16ccf58bb2195364d65b76190f03da0f43255c5
63b98a0c8568c08fd01a6946a147bca65eff26c8085f1ccb5330aafe0f0dcd15
6a03bac105ee6dbeb1ff3eb2c8045f968969ca173277b2705daeff8d11403734
6ac8bfafd1a11fe86ac11130323f1fa0f7946f825645e6e32a84142dc7ffd47e
6bed62234a60ffc8e141d638c077f2c07b23b4296d8ee55917234e1b5389d43c
76d3fcacfede8be24eb5247c6bb910479576fc04b0097973aa604d1f44f013d4
78c38fbbacea22b9ea0bb81fa0eea410788adaa14da353da0c350618206aa36b
7a0de04b124c14eca3d65d9b0383ce15591e3db10d16c03c7a198a928ffedbd8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
943cba859a93a12c599add9e4a7c145059b86a8b3cc53e13127a4a5d310bbf60
a01f249e88eb7ed260c7b6e42d6b3a7a946df6751042823a65a4ebbe6ec5ac72
d94cbaf56c435675bacc8d0220fb57a36d4874859a005a557d29386870fd346c
dd1cc92a1fbc3ec53b394d556219ecd3efbd034a519275e28b817ce2caa9fbad
e8a235f3588ac3b26259ff46f91cf1228e954e8307217fd66c2e95a872f47603
f96b45846d9bc2242285a1e273075a9c6787e33bbd5be76473e13ebb3b0e3de1