www.igatecs.com Open in urlscan Pro
107.150.32.221 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://leviteradio.com/S/sshh.html
Effective URL:
http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/
Submission: On April 04 via manual (April 4th 2019, 7:53:45 am UTC) from IE

Summary HTTP 18 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 18 HTTP transactions. The main IP is 107.150.32.221, located in Kansas City, United States and belongs to NOCIX - DataShack, LC, US. The main domain is www.igatecs.com.

This is the only time www.igatecs.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Barclays (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1	66.85.88.146 66.85.88.146	11403 (NYINTERNET) (NYINTERNET - NYI)
2 18	107.150.32.221 107.150.32.221	33387 (NOCIX) (NOCIX - DataShack)
1 2	192.186.220.3 192.186.220.3	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com)
18	3

1 66.85.88.146 (United States)

ASN11403 (NYINTERNET - NYI, US)
PTR: web07.coloip.net

leviteradio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 107.150.32.221 (Kansas City, United States) 2 redirects

ASN33387 (NOCIX - DataShack, LC, US)
PTR: spark4.salaciaserver.com

www.igatecs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.186.220.3 (Scottsdale, United States) 1 redirects

ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-192-186-220-3.ip.secureserver.net

csscheckbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.csscheckbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	igatecs.com 2 redirects www.igatecs.com	154 KB
2	csscheckbox.com 1 redirects csscheckbox.com www.csscheckbox.com	1 KB
1	leviteradio.com leviteradio.com	378 B
18	3

	Domain	Requested by
18	www.igatecs.com	2 redirects www.igatecs.com
1	www.csscheckbox.com	www.igatecs.com
1	csscheckbox.com	1 redirects
1	leviteradio.com
18	4

This site contains no links.

Subject Issuer	Validity	Valid
leviteradio.com cPanel, Inc. Certification Authority	`2019-04-04` - `2019-07-03`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/
Frame ID: 39B58108DE987FB51E9728F2366F4203
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://leviteradio.com/S/sshh.html Page URL
http://www.igatecs.com/bn/ HTTP 302
http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633 HTTP 301
http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/ Page URL

Detected technologies

Pure CSS (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+(?:([\d.])+\/)?pure(?:-min)?\.css/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Page Statistics

18
Requests

6 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

3
IPs

1
Countries

154 kB
Transfer

150 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://leviteradio.com/S/sshh.html Page URL
http://www.igatecs.com/bn/ HTTP 302
http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633 HTTP 301
http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

http://csscheckbox.com/checkboxes/u/csscheckbox_93d2ab7a059ff4af016e351e8a7ebdb0.png HTTP 301
http://www.csscheckbox.com/checkboxes/u/csscheckbox_93d2ab7a059ff4af016e351e8a7ebdb0.png

18 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	sshh.html Show response leviteradio.com/S/	136 B 378 B	3363ms 85ms	Document text/html	66.85.88.146 NYI
General Check archive.org Show headers Download Go to Full URL https://leviteradio.com/S/sshh.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 66.85.88.146 , United States, ASN11403 (NYINTERNET - NYI, US), Reverse DNS web07.coloip.net Software Apache / Resource Hash `87c095623f316e7cecb7fd5628bdc05235bf8182d694c15a445770dcb4f8e765` Request headers Host leviteradio.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 04 Apr 2019 07:53:29 GMT Server Apache Last-Modified Wed, 03 Apr 2019 20:07:42 GMT Accept-Ranges bytes Content-Length 136 Keep-Alive timeout=5, max=100 Connection Keep-Alive Content-Type text/html
GET H/1.1	200 OK	Primary Request / Show response www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/ Redirect Chain http://www.igatecs.com/bn/ http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633 http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/	7 KB 7 KB	128ms 128ms	Document text/html	107.150.32.221 DataShack
General Check archive.org Show headers Download Go to Full URL http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/ Protocol HTTP/1.1 Server 107.150.32.221 Kansas City, United States, ASN33387 (NOCIX - DataShack, LC, US), Reverse DNS spark4.salaciaserver.com Software Apache / Resource Hash `cea349e0779d0aabee1c2aa84f96dab978bc66bd3a1dc77711bf69ab20be7ce0` Request headers Host www.igatecs.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 04 Apr 2019 07:53:19 GMT Server Apache Last-Modified Thu, 04 Apr 2019 07:53:19 GMT Accept-Ranges bytes Content-Length 6808 Keep-Alive timeout=5, max=98 Connection Keep-Alive Content-Type text/html Redirect headers Date Thu, 04 Apr 2019 07:53:19 GMT Server Apache Location http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/ Content-Length 267 Keep-Alive timeout=5, max=99 Connection Keep-Alive Content-Type text/html; charset=iso-8859-1
GET H/1.1	200 OK	pure-min.css www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/	17 KB 17 KB	124ms 121ms	Stylesheet text/css	107.150.32.221 DataShack
General Check archive.org Show headers Download Go to Full URL http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/pure-min.css Requested by Host: www.igatecs.com URL: http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/ Protocol HTTP/1.1 Server 107.150.32.221 Kansas City, United States, ASN33387 (NOCIX - DataShack, LC, US), Reverse DNS spark4.salaciaserver.com Software Apache / Resource Hash `255d6dfae2b0ab59f97774b8fe2a2c037e8550571af5299150cf8175ed71bac9` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.igatecs.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/css,/;q=0.1 Referer http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/ Connection keep-alive Cache-Control no-cache Referer http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 04 Apr 2019 07:53:19 GMT Last-Modified Thu, 04 Apr 2019 07:53:19 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 17296
GET H/1.1	200 OK	log.png www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/images/	22 KB 22 KB	133ms 131ms	Image image/png	107.150.32.221 DataShack
General Check archive.org Show headers Download Go to Show image Full URL http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/images/log.png Requested by Host: www.igatecs.com URL: http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/ Protocol HTTP/1.1 Server 107.150.32.221 Kansas City, United States, ASN33387 (NOCIX - DataShack, LC, US), Reverse DNS spark4.salaciaserver.com Software Apache / Resource Hash `005e031f7fc0fc76ededef96a4871b60b6b7d38faa0bb94e503c148c01a996ec` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.igatecs.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/ Connection keep-alive Cache-Control no-cache Referer http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 04 Apr 2019 07:53:19 GMT Last-Modified Thu, 04 Apr 2019 07:53:19 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 22780
GET H/1.1	200 OK	man.png www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/images/	2 KB 2 KB	362ms 121ms	Image image/png	107.150.32.221 DataShack
General Check archive.org Show headers Download Go to Show image Full URL http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/images/man.png Requested by Host: www.igatecs.com URL: http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/ Protocol HTTP/1.1 Server 107.150.32.221 Kansas City, United States, ASN33387 (NOCIX - DataShack, LC, US), Reverse DNS spark4.salaciaserver.com Software Apache / Resource Hash `d33e91017c8e151401817374e7db62234160cd1fe206ee0f29455f6522a35f0a` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.igatecs.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/ Connection keep-alive Cache-Control no-cache Referer http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 04 Apr 2019 07:53:20 GMT Last-Modified Thu, 04 Apr 2019 07:53:19 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 1923
GET H/1.1	200 OK	slide.png www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/images/	25 KB 25 KB	517ms 130ms	Image image/png	107.150.32.221 DataShack
General Check archive.org Show headers Download Go to Show image Full URL http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/images/slide.png Requested by Host: www.igatecs.com URL: http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/ Protocol HTTP/1.1 Server 107.150.32.221 Kansas City, United States, ASN33387 (NOCIX - DataShack, LC, US), Reverse DNS spark4.salaciaserver.com Software Apache / Resource Hash `17ff6aa6bf8e6c96d3a97504133e17d727347020a4da25fc557669a74c628b27` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.igatecs.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/ Connection keep-alive Cache-Control no-cache Referer http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 04 Apr 2019 07:53:20 GMT Last-Modified Thu, 04 Apr 2019 07:53:19 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 25165
GET H/1.1	200 OK	panel.png www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/images/	25 KB 25 KB	515ms 127ms	Image image/png	107.150.32.221 DataShack
General Check archive.org Show headers Download Go to Show image Full URL http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/images/panel.png Requested by Host: www.igatecs.com URL: http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/ Protocol HTTP/1.1 Server 107.150.32.221 Kansas City, United States, ASN33387 (NOCIX - DataShack, LC, US), Reverse DNS spark4.salaciaserver.com Software Apache / Resource Hash `58c0efeb5f419f8677da9fd8d988f7733131ee16ac318f9085ab39be60403cdc` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.igatecs.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/ Connection keep-alive Cache-Control no-cache Referer http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 04 Apr 2019 07:53:20 GMT Last-Modified Thu, 04 Apr 2019 07:53:19 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 25128
GET H/1.1	200 OK	card.png www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/images/	1 KB 2 KB	611ms 123ms	Image image/png	107.150.32.221 DataShack
General Check archive.org Show headers Download Go to Show image Full URL http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/images/card.png Requested by Host: www.igatecs.com URL: http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/ Protocol HTTP/1.1 Server 107.150.32.221 Kansas City, United States, ASN33387 (NOCIX - DataShack, LC, US), Reverse DNS spark4.salaciaserver.com Software Apache / Resource Hash `1ad34ebf0849fb675ba794a4a1801bca978b6ee746c89630695c0393e5ecac4a` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.igatecs.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/ Connection keep-alive Cache-Control no-cache Referer http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 04 Apr 2019 07:53:20 GMT Last-Modified Thu, 04 Apr 2019 07:53:19 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=94 Content-Length 1456
GET H/1.1	200 OK	log2.png www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/images/	1 KB 1 KB	390ms 121ms	Image image/png	107.150.32.221 DataShack
General Check archive.org Show headers Download Go to Show image Full URL http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/images/log2.png Requested by Host: www.igatecs.com URL: http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/ Protocol HTTP/1.1 Server 107.150.32.221 Kansas City, United States, ASN33387 (NOCIX - DataShack, LC, US), Reverse DNS spark4.salaciaserver.com Software Apache / Resource Hash `0d1e43b8f1bce34f672c17d2f4c007a9cac526405ccc22147a34e3b5ddab62bb` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.igatecs.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/ Connection keep-alive Cache-Control no-cache Referer http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 04 Apr 2019 07:53:20 GMT Last-Modified Thu, 04 Apr 2019 07:53:19 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 1099
GET H/1.1	200 OK	forgot.png www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/images/	1 KB 2 KB	242ms 127ms	Image image/png	107.150.32.221 DataShack
General Check archive.org Show headers Download Go to Show image Full URL http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/images/forgot.png Requested by Host: www.igatecs.com URL: http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/ Protocol HTTP/1.1 Server 107.150.32.221 Kansas City, United States, ASN33387 (NOCIX - DataShack, LC, US), Reverse DNS spark4.salaciaserver.com Software Apache / Resource Hash `5a9b1de4dfcacd03d9940e61a191abbdaf7371d5f6ff250ec909c1f12dfe12e0` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.igatecs.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/ Connection keep-alive Cache-Control no-cache Referer http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 04 Apr 2019 07:53:20 GMT Last-Modified Thu, 04 Apr 2019 07:53:19 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=95 Content-Length 1371
GET H/1.1	200 OK	sawa.png www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/images/	646 B 887 B	275ms 135ms	Image image/png	107.150.32.221 DataShack
General Check archive.org Show headers Download Go to Show image Full URL http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/images/sawa.png Requested by Host: www.igatecs.com URL: http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/ Protocol HTTP/1.1 Server 107.150.32.221 Kansas City, United States, ASN33387 (NOCIX - DataShack, LC, US), Reverse DNS spark4.salaciaserver.com Software Apache / Resource Hash `4f0c9dc0db589d62dfdef59841f36ecffc70822de6773d12770a7326c566e23d` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.igatecs.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/ Connection keep-alive Cache-Control no-cache Referer http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 04 Apr 2019 07:53:20 GMT Last-Modified Thu, 04 Apr 2019 07:53:19 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 646
GET H/1.1	200 OK	sort.png www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/images/	2 KB 2 KB	141ms 124ms	Image image/png	107.150.32.221 DataShack
General Check archive.org Show headers Download Go to Show image Full URL http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/images/sort.png Requested by Host: www.igatecs.com URL: http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/ Protocol HTTP/1.1 Server 107.150.32.221 Kansas City, United States, ASN33387 (NOCIX - DataShack, LC, US), Reverse DNS spark4.salaciaserver.com Software Apache / Resource Hash `993634ba12d51499480d39a976f39c60f70d742fab84057e741f52c40b699785` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.igatecs.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/ Connection keep-alive Cache-Control no-cache Referer http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 04 Apr 2019 07:53:20 GMT Last-Modified Thu, 04 Apr 2019 07:53:19 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 2046
GET H/1.1	200 OK	footer.png www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/images/	33 KB 34 KB	145ms 130ms	Image image/png	107.150.32.221 DataShack
General Check archive.org Show headers Download Go to Show image Full URL http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/images/footer.png Requested by Host: www.igatecs.com URL: http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/ Protocol HTTP/1.1 Server 107.150.32.221 Kansas City, United States, ASN33387 (NOCIX - DataShack, LC, US), Reverse DNS spark4.salaciaserver.com Software Apache / Resource Hash `7736d1d9c51a8888b6620378b9591d253369c805c370152c860d377e35d595db` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.igatecs.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/ Connection keep-alive Cache-Control no-cache Referer http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 04 Apr 2019 07:53:20 GMT Last-Modified Thu, 04 Apr 2019 07:53:19 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 34194
GET H/1.1	200 OK	sextstep.png www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/images/	1015 B 1 KB	262ms 123ms	Image image/png	107.150.32.221 DataShack
General Check archive.org Show headers Download Go to Show image Full URL http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/images/sextstep.png Requested by Host: www.igatecs.com URL: http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/ Protocol HTTP/1.1 Server 107.150.32.221 Kansas City, United States, ASN33387 (NOCIX - DataShack, LC, US), Reverse DNS spark4.salaciaserver.com Software Apache / Resource Hash `1efc70d4bac79f3e041bc14cf8ce091b01fa25a84bb2249c3e5428f31d26b65e` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.igatecs.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/ Connection keep-alive Cache-Control no-cache Referer http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 04 Apr 2019 07:53:20 GMT Last-Modified Thu, 04 Apr 2019 07:53:19 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 1015
GET H/1.1	200 OK	safe.png www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/images/	1 KB 1 KB	141ms 129ms	Image image/png	107.150.32.221 DataShack
General Check archive.org Show headers Download Go to Show image Full URL http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/images/safe.png Requested by Host: www.igatecs.com URL: http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/ Protocol HTTP/1.1 Server 107.150.32.221 Kansas City, United States, ASN33387 (NOCIX - DataShack, LC, US), Reverse DNS spark4.salaciaserver.com Software Apache / Resource Hash `a0e7398b256537973f0e8484d3ba887716ecdadc8e77adf3ae6c7ac4e467e4a0` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.igatecs.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/ Connection keep-alive Cache-Control no-cache Referer http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 04 Apr 2019 07:53:20 GMT Last-Modified Thu, 04 Apr 2019 07:53:19 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 1031
GET H/1.1	200 OK	co.png www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/images/	7 KB 7 KB	142ms 125ms	Image image/png	107.150.32.221 DataShack
General Check archive.org Show headers Download Go to Show image Full URL http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/images/co.png Requested by Host: www.igatecs.com URL: http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/ Protocol HTTP/1.1 Server 107.150.32.221 Kansas City, United States, ASN33387 (NOCIX - DataShack, LC, US), Reverse DNS spark4.salaciaserver.com Software Apache / Resource Hash `0ca6861953c97fa23fd9268181c14f5a2f5d33f6e53bbca592e247daa0f00213` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.igatecs.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/ Connection keep-alive Cache-Control no-cache Referer http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 04 Apr 2019 07:53:20 GMT Last-Modified Thu, 04 Apr 2019 07:53:19 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 7414
GET H/1.1	200 OK	pi.png www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/images/	3 KB 4 KB	139ms 122ms	Image image/png	107.150.32.221 DataShack
General Check archive.org Show headers Download Go to Show image Full URL http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/images/pi.png Requested by Host: www.igatecs.com URL: http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/ Protocol HTTP/1.1 Server 107.150.32.221 Kansas City, United States, ASN33387 (NOCIX - DataShack, LC, US), Reverse DNS spark4.salaciaserver.com Software Apache / Resource Hash `0b024b8ba14bee1913b4111a52e5e9888e7a9acba2072373d75afe87e6aa9eb0` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.igatecs.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/ Connection keep-alive Cache-Control no-cache Referer http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 04 Apr 2019 07:53:20 GMT Last-Modified Thu, 04 Apr 2019 07:53:19 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 3403
GET H/1.1	200 OK	csscheckbox_93d2ab7a059ff4af016e351e8a7ebdb0.png www.csscheckbox.com/checkboxes/u/ Redirect Chain http://csscheckbox.com/checkboxes/u/csscheckbox_93d2ab7a059ff4af016e351e8a7ebdb0.png http://www.csscheckbox.com/checkboxes/u/csscheckbox_93d2ab7a059ff4af016e351e8a7ebdb0.png	555 B 849 B	388ms 177ms	Image image/png	192.186.220.3 GoDaddy.com
General Check archive.org Show headers Download Go to Show image Full URL http://www.csscheckbox.com/checkboxes/u/csscheckbox_93d2ab7a059ff4af016e351e8a7ebdb0.png Requested by Host: www.igatecs.com URL: http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/ Protocol HTTP/1.1 Server 192.186.220.3 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US), Reverse DNS ip-192-186-220-3.ip.secureserver.net Software Apache / Resource Hash `7bbd6ed494dfb8e90a702db9bb01fbc69a17e1fea1822e2bda78f4dc43efc5ea` Request headers Referer http://www.igatecs.com/bn/7514b8a5b8dc62c1a51f1a4461a4e633/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 04 Apr 2019 07:53:31 GMT Last-Modified Sun, 12 Jun 2016 21:10:30 GMT Server Apache ETag "9b48c74-22b-5351b33a1bc4c" Upgrade h2,h2c Connection Upgrade, Keep-Alive Accept-Ranges bytes Content-Type image/png Keep-Alive timeout=5 Content-Length 555 Redirect headers Location http://www.csscheckbox.com/checkboxes/u/csscheckbox_93d2ab7a059ff4af016e351e8a7ebdb0.png Date Thu, 04 Apr 2019 07:53:31 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5 Content-Length 296 Content-Type text/html; charset=iso-8859-1

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Barclays (Banking)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| unhideBody

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

csscheckbox.com
leviteradio.com
www.csscheckbox.com
www.igatecs.com
107.150.32.221
192.186.220.3
66.85.88.146
005e031f7fc0fc76ededef96a4871b60b6b7d38faa0bb94e503c148c01a996ec
0b024b8ba14bee1913b4111a52e5e9888e7a9acba2072373d75afe87e6aa9eb0
0ca6861953c97fa23fd9268181c14f5a2f5d33f6e53bbca592e247daa0f00213
0d1e43b8f1bce34f672c17d2f4c007a9cac526405ccc22147a34e3b5ddab62bb
17ff6aa6bf8e6c96d3a97504133e17d727347020a4da25fc557669a74c628b27
1ad34ebf0849fb675ba794a4a1801bca978b6ee746c89630695c0393e5ecac4a
1efc70d4bac79f3e041bc14cf8ce091b01fa25a84bb2249c3e5428f31d26b65e
255d6dfae2b0ab59f97774b8fe2a2c037e8550571af5299150cf8175ed71bac9
4f0c9dc0db589d62dfdef59841f36ecffc70822de6773d12770a7326c566e23d
58c0efeb5f419f8677da9fd8d988f7733131ee16ac318f9085ab39be60403cdc
5a9b1de4dfcacd03d9940e61a191abbdaf7371d5f6ff250ec909c1f12dfe12e0
7736d1d9c51a8888b6620378b9591d253369c805c370152c860d377e35d595db
7bbd6ed494dfb8e90a702db9bb01fbc69a17e1fea1822e2bda78f4dc43efc5ea
87c095623f316e7cecb7fd5628bdc05235bf8182d694c15a445770dcb4f8e765
993634ba12d51499480d39a976f39c60f70d742fab84057e741f52c40b699785
a0e7398b256537973f0e8484d3ba887716ecdadc8e77adf3ae6c7ac4e467e4a0
cea349e0779d0aabee1c2aa84f96dab978bc66bd3a1dc77711bf69ab20be7ce0
d33e91017c8e151401817374e7db62234160cd1fe206ee0f29455f6522a35f0a

www.igatecs.com Open in urlscan Pro 107.150.32.221 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

18 Requests

6 %HTTPS

0 %IPv6

3 Domains

4 Subdomains

3 IPs

1 Countries

154 kBTransfer

150 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

4 JavaScript Global Variables

0 Cookies

Indicators

www.igatecs.com Open in urlscan Pro
107.150.32.221 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

6 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

3
IPs

1
Countries

154 kB
Transfer

150 kB
Size

0
Cookies

18 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!