www.tuffo.com Open in urlscan Pro
64.71.34.21 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.tuffo.com/jItHyeuJHR/sco-logon.php?ondesk=samy_consulting@hotmail.com&sub=325515
Submission: On July 11 via automatic, source openphish (July 11th 2017, 9:32:28 pm UTC)

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 16 HTTP transactions. The main IP is 64.71.34.21, located in Chicago, United States and belongs to HOSTWAY-1 - Hostway Corporation, US. The main domain is www.tuffo.com.

This is the only time www.tuffo.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Scotiabank (Banking)

Domain & IP information

	IP Address		AS Autonomous System
16	64.71.34.21 64.71.34.21		20401 (HOSTWAY-1) (HOSTWAY-1 - Hostway Corporation)
16	1

16 64.71.34.21 (Chicago, United States)

ASN20401 (HOSTWAY-1 - Hostway Corporation, US)

www.tuffo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	tuffo.com www.tuffo.com	456 KB
16	1

	Domain	Requested by
16	www.tuffo.com	www.tuffo.com
16	1

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://www.tuffo.com/jItHyeuJHR/sco-logon.php?ondesk=samy_consulting@hotmail.com&sub=325515
Frame ID: 15725.1
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Scotiabank Online Banking Services

Page Statistics

16
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

456 kB
Transfer

460 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request sco-logon.php Show response www.tuffo.com/jItHyeuJHR/	10 KB 10 KB	608ms 296ms	Document text/html	64.71.34.21 Hostway Corporation
General Check archive.org Show headers Download Go to Full URL http://www.tuffo.com/jItHyeuJHR/sco-logon.php?ondesk=samy_consulting@hotmail.com&sub=325515 Protocol HTTP/1.1 Server 64.71.34.21 Chicago, United States, ASN20401 (HOSTWAY-1 - Hostway Corporation, US), Reverse DNS Software Apache / PHP/5.4.45-0+deb7u8 Resource Hash `6949a30560315c4ca3b6a8676a1aa16f39c71c9a2d38d8e170bbbf90ba9851fa` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Tue, 11 Jul 2017 21:32:16 GMT Server Apache Connection Keep-Alive X-Powered-By PHP/5.4.45-0+deb7u8 Transfer-Encoding chunked Keep-Alive timeout=5, max=256 Content-Type text/html
GET H/1.1	200 OK	goload.css www.tuffo.com/jItHyeuJHR/fpch/	364 KB 364 KB	108ms 108ms	Stylesheet text/css	64.71.34.21 Hostway Corporation
General Check archive.org Show headers Download Go to Full URL http://www.tuffo.com/jItHyeuJHR/fpch/goload.css Requested by Host: www.tuffo.com URL: http://www.tuffo.com/jItHyeuJHR/sco-logon.php?ondesk=samy_consulting@hotmail.com&sub=325515 Protocol HTTP/1.1 Server 64.71.34.21 Chicago, United States, ASN20401 (HOSTWAY-1 - Hostway Corporation, US), Reverse DNS Software Apache / Resource Hash `99064dd4aaf8576c3898b4c2320866d462659f1f9aa1983a111461bffe75e51c` Request headers Referer http://www.tuffo.com/jItHyeuJHR/sco-logon.php?ondesk=samy_consulting@hotmail.com&sub=325515 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Tue, 11 Jul 2017 21:32:16 GMT Last-Modified Tue, 11 Jul 2017 13:48:31 GMT Server Apache ETag "5b1be-5540af473972b" Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=256 Content-Length 373182
GET H/1.1	200 OK	jq.css www.tuffo.com/jItHyeuJHR/fpch/	10 KB 10 KB	108ms 105ms	Stylesheet text/css	64.71.34.21 Hostway Corporation
General Check archive.org Show headers Download Go to Full URL http://www.tuffo.com/jItHyeuJHR/fpch/jq.css Requested by Host: www.tuffo.com URL: http://www.tuffo.com/jItHyeuJHR/sco-logon.php?ondesk=samy_consulting@hotmail.com&sub=325515 Protocol HTTP/1.1 Server 64.71.34.21 Chicago, United States, ASN20401 (HOSTWAY-1 - Hostway Corporation, US), Reverse DNS Software Apache / Resource Hash `c09554113429e9ea86e6390b1134e5b21d1d35d107044cd0e3fe3c04c981eb68` Request headers Referer http://www.tuffo.com/jItHyeuJHR/sco-logon.php?ondesk=samy_consulting@hotmail.com&sub=325515 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Tue, 11 Jul 2017 21:32:16 GMT Last-Modified Tue, 11 Jul 2017 13:48:31 GMT Server Apache ETag "2708-5540af473c60b" Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=255 Content-Length 9992
GET H/1.1	200 OK	h2.css www.tuffo.com/jItHyeuJHR/fpch/	111 B 111 B	206ms 106ms	Stylesheet text/css	64.71.34.21 Hostway Corporation
General Check archive.org Show headers Download Go to Full URL http://www.tuffo.com/jItHyeuJHR/fpch/h2.css Requested by Host: www.tuffo.com URL: http://www.tuffo.com/jItHyeuJHR/sco-logon.php?ondesk=samy_consulting@hotmail.com&sub=325515 Protocol HTTP/1.1 Server 64.71.34.21 Chicago, United States, ASN20401 (HOSTWAY-1 - Hostway Corporation, US), Reverse DNS Software Apache / Resource Hash `394c0a01807cd4bc1f625c4861728ec9830801ac90e6c0082fb3e52f792965d2` Request headers Referer http://www.tuffo.com/jItHyeuJHR/sco-logon.php?ondesk=samy_consulting@hotmail.com&sub=325515 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Tue, 11 Jul 2017 21:32:16 GMT Last-Modified Tue, 11 Jul 2017 13:48:31 GMT Server Apache ETag "6f-5540af473a6cb" Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=256 Content-Length 111
GET H/1.1	200 OK	scbggr.gif www.tuffo.com/jItHyeuJHR/fpch/	2 KB 2 KB	102ms 102ms	Image image/gif	64.71.34.21 Hostway Corporation
General Check archive.org Show headers Download Go to Show image Full URL http://www.tuffo.com/jItHyeuJHR/fpch/scbggr.gif Requested by Host: www.tuffo.com URL: http://www.tuffo.com/jItHyeuJHR/sco-logon.php?ondesk=samy_consulting@hotmail.com&sub=325515 Protocol HTTP/1.1 Server 64.71.34.21 Chicago, United States, ASN20401 (HOSTWAY-1 - Hostway Corporation, US), Reverse DNS Software Apache / Resource Hash `b48583bc5878d27332c6f751cfd7c9be9268330fb3f61d8af683ba0fa205f58a` Request headers Referer http://www.tuffo.com/jItHyeuJHR/sco-logon.php?ondesk=samy_consulting@hotmail.com&sub=325515 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Tue, 11 Jul 2017 21:32:16 GMT Last-Modified Tue, 11 Jul 2017 13:48:31 GMT Server Apache ETag "9f6-5540af473d5ab" Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=255 Content-Length 2550
GET H/1.1	200 OK	st.js Show response www.tuffo.com/jItHyeuJHR/fpch/	3 KB 3 KB	202ms 105ms	Script application/javascript	64.71.34.21 Hostway Corporation
General Check archive.org Show headers Download Go to Full URL http://www.tuffo.com/jItHyeuJHR/fpch/st.js Requested by Host: www.tuffo.com URL: http://www.tuffo.com/jItHyeuJHR/sco-logon.php?ondesk=samy_consulting@hotmail.com&sub=325515 Protocol HTTP/1.1 Server 64.71.34.21 Chicago, United States, ASN20401 (HOSTWAY-1 - Hostway Corporation, US), Reverse DNS Software Apache / Resource Hash `2ff2d19ec3666897eda0dcadec64ea39d1c92b052e011c839f61ae897eddc6fe` Request headers Referer http://www.tuffo.com/jItHyeuJHR/sco-logon.php?ondesk=samy_consulting@hotmail.com&sub=325515 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Tue, 11 Jul 2017 21:32:16 GMT Last-Modified Tue, 11 Jul 2017 13:48:31 GMT Server Apache ETag "a35-5540af473e54b" Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=256 Content-Length 2613
GET H/1.1	200 OK	icon_help.png www.tuffo.com/jItHyeuJHR/fpch/	643 B 643 B	101ms 101ms	Image image/png	64.71.34.21 Hostway Corporation
General Check archive.org Show headers Download Go to Show image Full URL http://www.tuffo.com/jItHyeuJHR/fpch/icon_help.png Requested by Host: www.tuffo.com URL: http://www.tuffo.com/jItHyeuJHR/sco-logon.php?ondesk=samy_consulting@hotmail.com&sub=325515 Protocol HTTP/1.1 Server 64.71.34.21 Chicago, United States, ASN20401 (HOSTWAY-1 - Hostway Corporation, US), Reverse DNS Software Apache / Resource Hash `408f07113d8d08430067b70f17a6b248ce774dbe7fbf5fefd9037ff517889fd5` Request headers Referer http://www.tuffo.com/jItHyeuJHR/sco-logon.php?ondesk=samy_consulting@hotmail.com&sub=325515 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Tue, 11 Jul 2017 21:32:16 GMT Last-Modified Tue, 11 Jul 2017 13:48:31 GMT Server Apache ETag "283-5540af473b66b" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=254 Content-Length 643
GET H/1.1	200 OK	icon_success.png www.tuffo.com/jItHyeuJHR/fpch/	711 B 711 B	101ms 101ms	Image image/png	64.71.34.21 Hostway Corporation
General Check archive.org Show headers Download Go to Show image Full URL http://www.tuffo.com/jItHyeuJHR/fpch/icon_success.png Requested by Host: www.tuffo.com URL: http://www.tuffo.com/jItHyeuJHR/sco-logon.php?ondesk=samy_consulting@hotmail.com&sub=325515 Protocol HTTP/1.1 Server 64.71.34.21 Chicago, United States, ASN20401 (HOSTWAY-1 - Hostway Corporation, US), Reverse DNS Software Apache / Resource Hash `a95fbdabc8d66f969f2e7c05e92b757dcc436c432c69eb4b45192aa68d90c9fd` Request headers Referer http://www.tuffo.com/jItHyeuJHR/sco-logon.php?ondesk=samy_consulting@hotmail.com&sub=325515 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Tue, 11 Jul 2017 21:32:17 GMT Last-Modified Tue, 11 Jul 2017 13:48:31 GMT Server Apache ETag "2c7-5540af473b66b" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=253 Content-Length 711
GET H/1.1	200 OK	ad-itrade-loginleft-en.png www.tuffo.com/jItHyeuJHR/fpch/	27 KB 27 KB	102ms 101ms	Image image/png	64.71.34.21 Hostway Corporation
General Check archive.org Show headers Download Go to Show image Full URL http://www.tuffo.com/jItHyeuJHR/fpch/ad-itrade-loginleft-en.png Requested by Host: www.tuffo.com URL: http://www.tuffo.com/jItHyeuJHR/sco-logon.php?ondesk=samy_consulting@hotmail.com&sub=325515 Protocol HTTP/1.1 Server 64.71.34.21 Chicago, United States, ASN20401 (HOSTWAY-1 - Hostway Corporation, US), Reverse DNS Software Apache / Resource Hash `3b3a8a756ab1fc7c3b760ee93322c83abaab587bd3c03b3b29b0e5214197d1ef` Request headers Referer http://www.tuffo.com/jItHyeuJHR/sco-logon.php?ondesk=samy_consulting@hotmail.com&sub=325515 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Tue, 11 Jul 2017 21:32:17 GMT Last-Modified Tue, 11 Jul 2017 13:48:31 GMT Server Apache ETag "6c70-5540af473684b" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=255 Content-Length 27760
GET H/1.1	200 OK	ad-visa_checkout_pizza-loginright-en.png www.tuffo.com/jItHyeuJHR/fpch/	30 KB 30 KB	101ms 101ms	Image image/png	64.71.34.21 Hostway Corporation
General Check archive.org Show headers Download Go to Show image Full URL http://www.tuffo.com/jItHyeuJHR/fpch/ad-visa_checkout_pizza-loginright-en.png Requested by Host: www.tuffo.com URL: http://www.tuffo.com/jItHyeuJHR/sco-logon.php?ondesk=samy_consulting@hotmail.com&sub=325515 Protocol HTTP/1.1 Server 64.71.34.21 Chicago, United States, ASN20401 (HOSTWAY-1 - Hostway Corporation, US), Reverse DNS Software Apache / Resource Hash `3121c48b8e42f8ccb899f6905c8c2da8e52a98ab1a24857a9f13e6f2d185635d` Request headers Referer http://www.tuffo.com/jItHyeuJHR/sco-logon.php?ondesk=samy_consulting@hotmail.com&sub=325515 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Tue, 11 Jul 2017 21:32:17 GMT Last-Modified Tue, 11 Jul 2017 13:48:31 GMT Server Apache ETag "7635-5540af473684b" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=255 Content-Length 30261
GET H/1.1	200 OK	nav-bg.png www.tuffo.com/jItHyeuJHR/fpch/	3 KB 3 KB	102ms 102ms	Image image/png	64.71.34.21 Hostway Corporation
General Check archive.org Show headers Download Go to Show image Full URL http://www.tuffo.com/jItHyeuJHR/fpch/nav-bg.png Requested by Host: www.tuffo.com URL: http://www.tuffo.com/jItHyeuJHR/sco-logon.php?ondesk=samy_consulting@hotmail.com&sub=325515 Protocol HTTP/1.1 Server 64.71.34.21 Chicago, United States, ASN20401 (HOSTWAY-1 - Hostway Corporation, US), Reverse DNS Software Apache / Resource Hash `2290c1d1c885e7ffc5213c5f84fa864552c3640e35b5bfb45140d9f4356a6093` Request headers Referer http://www.tuffo.com/jItHyeuJHR/fpch/goload.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Tue, 11 Jul 2017 21:32:17 GMT Last-Modified Tue, 11 Jul 2017 13:48:31 GMT Server Apache ETag "b3c-5540af473d5ab" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=252 Content-Length 2876
GET H/1.1	200 OK	scotiabank-group.gif www.tuffo.com/jItHyeuJHR/fpch/	3 KB 3 KB	102ms 102ms	Image image/gif	64.71.34.21 Hostway Corporation
General Check archive.org Show headers Download Go to Show image Full URL http://www.tuffo.com/jItHyeuJHR/fpch/scotiabank-group.gif Requested by Host: www.tuffo.com URL: http://www.tuffo.com/jItHyeuJHR/sco-logon.php?ondesk=samy_consulting@hotmail.com&sub=325515 Protocol HTTP/1.1 Server 64.71.34.21 Chicago, United States, ASN20401 (HOSTWAY-1 - Hostway Corporation, US), Reverse DNS Software Apache / Resource Hash `4320b7969df049d2ac843edc9d3b5611a6fee6802bde8bcfd97d1cbbafb7b45e` Request headers Referer http://www.tuffo.com/jItHyeuJHR/fpch/goload.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Tue, 11 Jul 2017 21:32:17 GMT Last-Modified Tue, 11 Jul 2017 13:48:31 GMT Server Apache ETag "b18-5540af473e54b" Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=254 Content-Length 2840
GET H/1.1	200 OK	bg_vertical_dotted_line1.png www.tuffo.com/jItHyeuJHR/fpch/	77 B 77 B	103ms 103ms	Image image/png	64.71.34.21 Hostway Corporation
General Check archive.org Show headers Download Go to Show image Full URL http://www.tuffo.com/jItHyeuJHR/fpch/bg_vertical_dotted_line1.png Requested by Host: www.tuffo.com URL: http://www.tuffo.com/jItHyeuJHR/sco-logon.php?ondesk=samy_consulting@hotmail.com&sub=325515 Protocol HTTP/1.1 Server 64.71.34.21 Chicago, United States, ASN20401 (HOSTWAY-1 - Hostway Corporation, US), Reverse DNS Software Apache / Resource Hash `c6cbdb8e854f700eeb987e01ff817004ed07596e74675b628f1611fe91213369` Request headers Referer http://www.tuffo.com/jItHyeuJHR/fpch/goload.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Tue, 11 Jul 2017 21:32:17 GMT Last-Modified Tue, 11 Jul 2017 13:48:31 GMT Server Apache ETag "4d-5540af47377eb" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=256 Content-Length 77
GET H/1.1	200 OK	bg_signon.png www.tuffo.com/jItHyeuJHR/fpch/	121 B 121 B	204ms 102ms	Image image/png	64.71.34.21 Hostway Corporation
General Check archive.org Show headers Download Go to Show image Full URL http://www.tuffo.com/jItHyeuJHR/fpch/bg_signon.png Requested by Host: www.tuffo.com URL: http://www.tuffo.com/jItHyeuJHR/sco-logon.php?ondesk=samy_consulting@hotmail.com&sub=325515 Protocol HTTP/1.1 Server 64.71.34.21 Chicago, United States, ASN20401 (HOSTWAY-1 - Hostway Corporation, US), Reverse DNS Software Apache / Resource Hash `229def774e0909f6ae8d9938c0799f85f9f0d542f4026b68fb7d0d32a0df0ec3` Request headers Referer http://www.tuffo.com/jItHyeuJHR/fpch/goload.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Tue, 11 Jul 2017 21:32:17 GMT Last-Modified Tue, 11 Jul 2017 13:48:31 GMT Server Apache ETag "79-5540af473684b" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=251 Content-Length 121
GET H/1.1	200 OK	lock.png www.tuffo.com/jItHyeuJHR/fpch/	4 KB 4 KB	179ms 102ms	Image image/png	64.71.34.21 Hostway Corporation
General Check archive.org Show headers Download Go to Show image Full URL http://www.tuffo.com/jItHyeuJHR/fpch/lock.png Requested by Host: www.tuffo.com URL: http://www.tuffo.com/jItHyeuJHR/sco-logon.php?ondesk=samy_consulting@hotmail.com&sub=325515 Protocol HTTP/1.1 Server 64.71.34.21 Chicago, United States, ASN20401 (HOSTWAY-1 - Hostway Corporation, US), Reverse DNS Software Apache / Resource Hash `1dc148caf3ae416b653bfdcd9847da3642546e9683e164e2e0dc5c0aad6af87f` Request headers Referer http://www.tuffo.com/jItHyeuJHR/fpch/goload.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Tue, 11 Jul 2017 21:32:17 GMT Last-Modified Tue, 11 Jul 2017 13:48:31 GMT Server Apache ETag "e56-5540af473d5ab" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=254 Content-Length 3670
GET H/1.1	404 Not Found	download-trustee.png www.tuffo.com/jItHyeuJHR/images/marketing/banners/	4 KB 0	1194ms 1104ms	Image text/html	64.71.34.21 Hostway Corporation
General Check archive.org Show headers Download Go to Show image Full URL http://www.tuffo.com/jItHyeuJHR/images/marketing/banners/download-trustee.png Requested by Host: www.tuffo.com URL: http://www.tuffo.com/jItHyeuJHR/sco-logon.php?ondesk=samy_consulting@hotmail.com&sub=325515 Protocol HTTP/1.1 Server 64.71.34.21 Chicago, United States, ASN20401 (HOSTWAY-1 - Hostway Corporation, US), Reverse DNS Software Apache / PHP/5.4.45-0+deb7u8 Resource Hash `be09a7fa5c1e1b873d74aa4af16dffc3d35576798170a16cc1e6e741b0ce063b` Request headers Referer http://www.tuffo.com/jItHyeuJHR/fpch/goload.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Pragma no-cache Date Tue, 11 Jul 2017 21:32:17 GMT Server Apache X-Powered-By PHP/5.4.45-0+deb7u8 Transfer-Encoding chunked Content-Type text/html; charset=UTF-8 Cache-Control no-cache, must-revalidate, max-age=0 Connection Keep-Alive Link <http://www.tuffo.com/wp-json/>; rel="https://api.w.org/" Keep-Alive timeout=5, max=256 Expires Wed, 11 Jan 1984 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Scotiabank (Banking)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

www.tuffo.com
64.71.34.21
1dc148caf3ae416b653bfdcd9847da3642546e9683e164e2e0dc5c0aad6af87f
2290c1d1c885e7ffc5213c5f84fa864552c3640e35b5bfb45140d9f4356a6093
229def774e0909f6ae8d9938c0799f85f9f0d542f4026b68fb7d0d32a0df0ec3
2ff2d19ec3666897eda0dcadec64ea39d1c92b052e011c839f61ae897eddc6fe
3121c48b8e42f8ccb899f6905c8c2da8e52a98ab1a24857a9f13e6f2d185635d
394c0a01807cd4bc1f625c4861728ec9830801ac90e6c0082fb3e52f792965d2
3b3a8a756ab1fc7c3b760ee93322c83abaab587bd3c03b3b29b0e5214197d1ef
408f07113d8d08430067b70f17a6b248ce774dbe7fbf5fefd9037ff517889fd5
4320b7969df049d2ac843edc9d3b5611a6fee6802bde8bcfd97d1cbbafb7b45e
6949a30560315c4ca3b6a8676a1aa16f39c71c9a2d38d8e170bbbf90ba9851fa
99064dd4aaf8576c3898b4c2320866d462659f1f9aa1983a111461bffe75e51c
a95fbdabc8d66f969f2e7c05e92b757dcc436c432c69eb4b45192aa68d90c9fd
b48583bc5878d27332c6f751cfd7c9be9268330fb3f61d8af683ba0fa205f58a
be09a7fa5c1e1b873d74aa4af16dffc3d35576798170a16cc1e6e741b0ce063b
c09554113429e9ea86e6390b1134e5b21d1d35d107044cd0e3fe3c04c981eb68
c6cbdb8e854f700eeb987e01ff817004ed07596e74675b628f1611fe91213369

www.tuffo.com Open in urlscan Pro 64.71.34.21 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

16 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

456 kBTransfer

460 kBSize

0 Cookies

0 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

0 Cookies

Indicators

www.tuffo.com Open in urlscan Pro
64.71.34.21 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

456 kB
Transfer

460 kB
Size

0
Cookies

16 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!