spectrum-consultancy.com Open in urlscan Pro
158.106.131.138 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://privatechef.me/wp-content/plugins/add-to-any/languages/reding/intel.htm
Effective URL:
https://spectrum-consultancy.com/wp-content/plugins/add-to-any/icons/home/bin/boas/home/login.php?cmd=login_submit&id=34913918ba2...
Submission: On October 31 via manual (October 31st 2018, 5:31:22 pm UTC) from US

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 8 HTTP transactions. The main IP is 158.106.131.138, located in Dallas, United States and belongs to PRIVATESYSTEMS - PrivateSystems Networks, US. The main domain is spectrum-consultancy.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on October 26th 2018. Valid for: 3 months.

This is the only time spectrum-consultancy.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Bank of America (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1	64.91.241.0 64.91.241.0	32244 (LIQUIDWEB) (LIQUIDWEB - Liquid Web)
3 9	158.106.131.138 158.106.131.138	63410 (PRIVATESY...) (PRIVATESYSTEMS - PrivateSystems Networks)
1 2	64.15.159.71 64.15.159.71	32613 (IWEB-AS) (IWEB-AS - iWeb Technologies Inc.)
8	3

1 64.91.241.0 (Lansing, United States)

ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US)
PTR: host.swiftcms.com

privatechef.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 158.106.131.138 (Dallas, United States) 3 redirects

ASN63410 (PRIVATESYSTEMS - PrivateSystems Networks, US)
PTR: host.hostspectrum.net

spectrum-consultancy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.15.159.71 (Montréal, Canada) 1 redirects

ASN32613 (IWEB-AS - iWeb Technologies Inc., CA)
PTR: vps71.canfone.com

www.focusstudios.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	spectrum-consultancy.com 3 redirects spectrum-consultancy.com	49 KB
2	focusstudios.ca 1 redirects www.focusstudios.ca	2 KB
1	privatechef.me privatechef.me	368 B
8	3

	Domain	Requested by
9	spectrum-consultancy.com	3 redirects spectrum-consultancy.com
2	www.focusstudios.ca	1 redirects spectrum-consultancy.com
1	privatechef.me
8	3

This site contains no links.

Subject Issuer	Validity	Valid
privatechef.me cPanel, Inc. Certification Authority	`2018-09-06` - `2018-12-05`	3 months	crt.sh
spectrum-consultancy.com cPanel, Inc. Certification Authority	`2018-10-26` - `2019-01-24`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://spectrum-consultancy.com/wp-content/plugins/add-to-any/icons/home/bin/boas/home/login.php?cmd=login_submit&id=34913918ba2b18cbf8c741661b91299534913918ba2b18cbf8c741661b912995&session=34913918ba2b18cbf8c741661b91299534913918ba2b18cbf8c741661b912995
Frame ID: E19397009320EA4978B639D413DD79B1
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://privatechef.me/wp-content/plugins/add-to-any/languages/reding/intel.htm Page URL
https://spectrum-consultancy.com/wp-content/plugins/add-to-any/icons/home/bin/boas HTTP 301
https://spectrum-consultancy.com/wp-content/plugins/add-to-any/icons/home/bin/boas/ Page URL
https://spectrum-consultancy.com/wp-content/plugins/add-to-any/icons/home/bin/boas/home?verified.com-signon42... HTTP 301
https://spectrum-consultancy.com/wp-content/plugins/add-to-any/icons/home/bin/boas/home/?verified.com-signon4... HTTP 302
https://spectrum-consultancy.com/wp-content/plugins/add-to-any/icons/home/bin/boas/home/login.php?cmd=login_s... Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Page Statistics

8
Requests

88 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

50 kB
Transfer

47 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://privatechef.me/wp-content/plugins/add-to-any/languages/reding/intel.htm Page URL
https://spectrum-consultancy.com/wp-content/plugins/add-to-any/icons/home/bin/boas HTTP 301
https://spectrum-consultancy.com/wp-content/plugins/add-to-any/icons/home/bin/boas/ Page URL
https://spectrum-consultancy.com/wp-content/plugins/add-to-any/icons/home/bin/boas/home?verified.com-signon423637cf847c61cf5a7290579af54101 HTTP 301
https://spectrum-consultancy.com/wp-content/plugins/add-to-any/icons/home/bin/boas/home/?verified.com-signon423637cf847c61cf5a7290579af54101 HTTP 302
https://spectrum-consultancy.com/wp-content/plugins/add-to-any/icons/home/bin/boas/home/login.php?cmd=login_submit&id=34913918ba2b18cbf8c741661b91299534913918ba2b18cbf8c741661b912995&session=34913918ba2b18cbf8c741661b91299534913918ba2b18cbf8c741661b912995 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://spectrum-consultancy.com/wp-content/plugins/add-to-any/icons/home/bin/boas HTTP 301
https://spectrum-consultancy.com/wp-content/plugins/add-to-any/icons/home/bin/boas/

Request Chain 6

http://www.focusstudios.ca/wp-includes/tmp/allmystats/visiteur.php?testpage HTTP 302
http://www.focusstudios.ca/wp-includes/tmp/allmystats/index.php

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	intel.htm Show response privatechef.me/wp-content/plugins/add-to-any/languages/reding/	126 B 368 B	409ms 132ms	Document text/html	64.91.241.0 Liquid Web
General Check archive.org Show headers Download Go to Full URL https://privatechef.me/wp-content/plugins/add-to-any/languages/reding/intel.htm Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 64.91.241.0 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US), Reverse DNS host.swiftcms.com Software Apache / Resource Hash `90ce2cc10e2eb1e82bc422849dc8e08873ac084d85edda4303eee7c88ab9a731` Request headers Host privatechef.me Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 31 Oct 2018 17:31:13 GMT Server Apache Last-Modified Wed, 31 Oct 2018 01:22:14 GMT Accept-Ranges bytes Content-Length 126 Keep-Alive timeout=5, max=100 Connection Keep-Alive Content-Type text/html
GET H/1.1	200 OK	/ spectrum-consultancy.com/wp-content/plugins/add-to-any/icons/home/bin/boas/ Redirect Chain https://spectrum-consultancy.com/wp-content/plugins/add-to-any/icons/home/bin/boas https://spectrum-consultancy.com/wp-content/plugins/add-to-any/icons/home/bin/boas/	287 B 501 B	142ms 141ms	Document text/html	158.106.131.138 PrivateSystems Ne...
General Check archive.org Show headers Download Go to Full URL https://spectrum-consultancy.com/wp-content/plugins/add-to-any/icons/home/bin/boas/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 158.106.131.138 Dallas, United States, ASN63410 (PRIVATESYSTEMS - PrivateSystems Networks, US), Reverse DNS host.hostspectrum.net Software Apache / PHP/5.6.18 Resource Hash Request headers Host spectrum-consultancy.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Referer https://privatechef.me/wp-content/plugins/add-to-any/languages/reding/intel.htm Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://privatechef.me/wp-content/plugins/add-to-any/languages/reding/intel.htm Response headers Date Wed, 31 Oct 2018 17:31:13 GMT Server Apache X-Powered-By PHP/5.6.18 Content-Length 287 Keep-Alive timeout=5, max=99 Connection Keep-Alive Content-Type text/html; charset=UTF-8 Redirect headers Date Wed, 31 Oct 2018 17:31:13 GMT Server Apache Location https://spectrum-consultancy.com/wp-content/plugins/add-to-any/icons/home/bin/boas/ Content-Length 291 Keep-Alive timeout=5, max=100 Connection Keep-Alive Content-Type text/html; charset=iso-8859-1
GET H/1.1	200 OK	Primary Request login.php Show response spectrum-consultancy.com/wp-content/plugins/add-to-any/icons/home/bin/boas/home/ Redirect Chain https://spectrum-consultancy.com/wp-content/plugins/add-to-any/icons/home/bin/boas/home?verified.com-signon423637cf847c61cf5a7290579af54101 https://spectrum-consultancy.com/wp-content/plugins/add-to-any/icons/home/bin/boas/home/?verified.com-signon423637cf847c61cf5a7290579af54101 https://spectrum-consultancy.com/wp-content/plugins/add-to-any/icons/home/bin/boas/home/login.php?cmd=login_submit&id=34913918ba2b18cbf8c741661b91299534913918ba2b18cbf8c741661b912995&session=349139...	2 KB 2 KB	142ms 142ms	Document text/html	158.106.131.138 PrivateSystems Ne...
General Check archive.org Show headers Download Go to Full URL https://spectrum-consultancy.com/wp-content/plugins/add-to-any/icons/home/bin/boas/home/login.php?cmd=login_submit&id=34913918ba2b18cbf8c741661b91299534913918ba2b18cbf8c741661b912995&session=34913918ba2b18cbf8c741661b91299534913918ba2b18cbf8c741661b912995 Requested by Host: spectrum-consultancy.com URL: https://spectrum-consultancy.com/wp-content/plugins/add-to-any/icons/home/bin/boas/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 158.106.131.138 Dallas, United States, ASN63410 (PRIVATESYSTEMS - PrivateSystems Networks, US), Reverse DNS host.hostspectrum.net Software Apache / PHP/5.6.18 Resource Hash `cbdf03864f4e7b6622b34a5f3077417e59e89c4d9dcb7d41bc89eb110980f660` Request headers Host spectrum-consultancy.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Referer https://spectrum-consultancy.com/wp-content/plugins/add-to-any/icons/home/bin/boas/ Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://spectrum-consultancy.com/wp-content/plugins/add-to-any/icons/home/bin/boas/ Response headers Date Wed, 31 Oct 2018 17:31:14 GMT Server Apache X-Powered-By PHP/5.6.18 Content-Length 2115 Keep-Alive timeout=5, max=96 Connection Keep-Alive Content-Type text/html; charset=UTF-8 Redirect headers Date Wed, 31 Oct 2018 17:31:13 GMT Server Apache X-Powered-By PHP/5.6.18 location login.php?cmd=login_submit&id=34913918ba2b18cbf8c741661b91299534913918ba2b18cbf8c741661b912995&session=34913918ba2b18cbf8c741661b91299534913918ba2b18cbf8c741661b912995 Content-Length 0 Keep-Alive timeout=5, max=97 Connection Keep-Alive Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	head.PNG spectrum-consultancy.com/wp-content/plugins/add-to-any/icons/home/bin/boas/home/images/	7 KB 7 KB	140ms 138ms	Image image/png	158.106.131.138 PrivateSystems Ne...
General Check archive.org Show headers Download Go to Show image Full URL https://spectrum-consultancy.com/wp-content/plugins/add-to-any/icons/home/bin/boas/home/images/head.PNG Requested by Host: spectrum-consultancy.com URL: https://spectrum-consultancy.com/wp-content/plugins/add-to-any/icons/home/bin/boas/home/login.php?cmd=login_submit&id=34913918ba2b18cbf8c741661b91299534913918ba2b18cbf8c741661b912995&session=34913918ba2b18cbf8c741661b91299534913918ba2b18cbf8c741661b912995 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 158.106.131.138 Dallas, United States, ASN63410 (PRIVATESYSTEMS - PrivateSystems Networks, US), Reverse DNS host.hostspectrum.net Software Apache / Resource Hash `650d88e015c6205811b305c79f02de1da144d778332090582e3ad05320b04bbe` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host spectrum-consultancy.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://spectrum-consultancy.com/wp-content/plugins/add-to-any/icons/home/bin/boas/home/login.php?cmd=login_submit&id=34913918ba2b18cbf8c741661b91299534913918ba2b18cbf8c741661b912995&session=34913918ba2b18cbf8c741661b91299534913918ba2b18cbf8c741661b912995 Connection keep-alive Cache-Control no-cache Referer https://spectrum-consultancy.com/wp-content/plugins/add-to-any/icons/home/bin/boas/home/login.php?cmd=login_submit&id=34913918ba2b18cbf8c741661b91299534913918ba2b18cbf8c741661b912995&session=34913918ba2b18cbf8c741661b91299534913918ba2b18cbf8c741661b912995 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 31 Oct 2018 17:31:14 GMT Last-Modified Wed, 31 Oct 2018 02:57:29 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=95 Content-Length 7150
GET H/1.1	200 OK	mid.PNG spectrum-consultancy.com/wp-content/plugins/add-to-any/icons/home/bin/boas/home/images/	26 KB 26 KB	283ms 143ms	Image image/png	158.106.131.138 PrivateSystems Ne...
General Check archive.org Show headers Download Go to Show image Full URL https://spectrum-consultancy.com/wp-content/plugins/add-to-any/icons/home/bin/boas/home/images/mid.PNG Requested by Host: spectrum-consultancy.com URL: https://spectrum-consultancy.com/wp-content/plugins/add-to-any/icons/home/bin/boas/home/login.php?cmd=login_submit&id=34913918ba2b18cbf8c741661b91299534913918ba2b18cbf8c741661b912995&session=34913918ba2b18cbf8c741661b91299534913918ba2b18cbf8c741661b912995 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 158.106.131.138 Dallas, United States, ASN63410 (PRIVATESYSTEMS - PrivateSystems Networks, US), Reverse DNS host.hostspectrum.net Software Apache / Resource Hash `b83dbda47cc721f4d4db418d509bfcac76e8210eda55ac8859481ff4fdca238e` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host spectrum-consultancy.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://spectrum-consultancy.com/wp-content/plugins/add-to-any/icons/home/bin/boas/home/login.php?cmd=login_submit&id=34913918ba2b18cbf8c741661b91299534913918ba2b18cbf8c741661b912995&session=34913918ba2b18cbf8c741661b91299534913918ba2b18cbf8c741661b912995 Connection keep-alive Cache-Control no-cache Referer https://spectrum-consultancy.com/wp-content/plugins/add-to-any/icons/home/bin/boas/home/login.php?cmd=login_submit&id=34913918ba2b18cbf8c741661b91299534913918ba2b18cbf8c741661b912995&session=34913918ba2b18cbf8c741661b91299534913918ba2b18cbf8c741661b912995 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 31 Oct 2018 17:31:14 GMT Last-Modified Wed, 31 Oct 2018 02:57:29 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=94 Content-Length 26301
GET H/1.1	200 OK	sign.PNG spectrum-consultancy.com/wp-content/plugins/add-to-any/icons/home/bin/boas/home/images/	1 KB 2 KB	284ms 144ms	Image image/png	158.106.131.138 PrivateSystems Ne...
General Check archive.org Show headers Download Go to Show image Full URL https://spectrum-consultancy.com/wp-content/plugins/add-to-any/icons/home/bin/boas/home/images/sign.PNG Requested by Host: spectrum-consultancy.com URL: https://spectrum-consultancy.com/wp-content/plugins/add-to-any/icons/home/bin/boas/home/login.php?cmd=login_submit&id=34913918ba2b18cbf8c741661b91299534913918ba2b18cbf8c741661b912995&session=34913918ba2b18cbf8c741661b91299534913918ba2b18cbf8c741661b912995 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 158.106.131.138 Dallas, United States, ASN63410 (PRIVATESYSTEMS - PrivateSystems Networks, US), Reverse DNS host.hostspectrum.net Software Apache / Resource Hash `3cec16ea73bbe034327f82196e04e91356106186ddb2a0c892fe144814036126` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host spectrum-consultancy.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://spectrum-consultancy.com/wp-content/plugins/add-to-any/icons/home/bin/boas/home/login.php?cmd=login_submit&id=34913918ba2b18cbf8c741661b91299534913918ba2b18cbf8c741661b912995&session=34913918ba2b18cbf8c741661b91299534913918ba2b18cbf8c741661b912995 Connection keep-alive Cache-Control no-cache Referer https://spectrum-consultancy.com/wp-content/plugins/add-to-any/icons/home/bin/boas/home/login.php?cmd=login_submit&id=34913918ba2b18cbf8c741661b91299534913918ba2b18cbf8c741661b912995&session=34913918ba2b18cbf8c741661b91299534913918ba2b18cbf8c741661b912995 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 31 Oct 2018 17:31:14 GMT Last-Modified Wed, 31 Oct 2018 02:57:29 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 1295
GET H/1.1	200 OK	end.PNG spectrum-consultancy.com/wp-content/plugins/add-to-any/icons/home/bin/boas/home/images/	10 KB 11 KB	423ms 138ms	Image image/png	158.106.131.138 PrivateSystems Ne...
General Check archive.org Show headers Download Go to Show image Full URL https://spectrum-consultancy.com/wp-content/plugins/add-to-any/icons/home/bin/boas/home/images/end.PNG Requested by Host: spectrum-consultancy.com URL: https://spectrum-consultancy.com/wp-content/plugins/add-to-any/icons/home/bin/boas/home/login.php?cmd=login_submit&id=34913918ba2b18cbf8c741661b91299534913918ba2b18cbf8c741661b912995&session=34913918ba2b18cbf8c741661b91299534913918ba2b18cbf8c741661b912995 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 158.106.131.138 Dallas, United States, ASN63410 (PRIVATESYSTEMS - PrivateSystems Networks, US), Reverse DNS host.hostspectrum.net Software Apache / Resource Hash `79adacbf1542465c9544b0c51e6c230b52830eec15e61468658228711f540986` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host spectrum-consultancy.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://spectrum-consultancy.com/wp-content/plugins/add-to-any/icons/home/bin/boas/home/login.php?cmd=login_submit&id=34913918ba2b18cbf8c741661b91299534913918ba2b18cbf8c741661b912995&session=34913918ba2b18cbf8c741661b91299534913918ba2b18cbf8c741661b912995 Connection keep-alive Cache-Control no-cache Referer https://spectrum-consultancy.com/wp-content/plugins/add-to-any/icons/home/bin/boas/home/login.php?cmd=login_submit&id=34913918ba2b18cbf8c741661b91299534913918ba2b18cbf8c741661b912995&session=34913918ba2b18cbf8c741661b91299534913918ba2b18cbf8c741661b912995 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 31 Oct 2018 17:31:14 GMT Last-Modified Wed, 31 Oct 2018 02:57:29 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 10632
GET H/1.1	200 OK	index.php www.focusstudios.ca/wp-includes/tmp/allmystats/ Redirect Chain http://www.focusstudios.ca/wp-includes/tmp/allmystats/visiteur.php?testpage http://www.focusstudios.ca/wp-includes/tmp/allmystats/index.php	0 2 KB	412ms 412ms	Image text/html	64.15.159.71 iWeb Technologies...
General Check archive.org Show headers Download Go to Show image Full URL http://www.focusstudios.ca/wp-includes/tmp/allmystats/index.php Requested by Host: spectrum-consultancy.com URL: https://spectrum-consultancy.com/wp-content/plugins/add-to-any/icons/home/bin/boas/home/login.php?cmd=login_submit&id=34913918ba2b18cbf8c741661b91299534913918ba2b18cbf8c741661b912995&session=34913918ba2b18cbf8c741661b91299534913918ba2b18cbf8c741661b912995 Protocol HTTP/1.1 Server 64.15.159.71 Montréal, Canada, ASN32613 (IWEB-AS - iWeb Technologies Inc., CA), Reverse DNS vps71.canfone.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Pragma no-cache Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Content-Type text/html; charset=utf-8 Redirect headers Date Wed, 31 Oct 2018 17:31:14 GMT Via 1.1 varnish X-Cacheable YES Server Advanced Hosting by http://www.unixy.net/advanced-hosting/varnish-nginx-cpanel/ age 0 X-Powered-By PHP/5.5.30 X-Cache MISS Content-Type text/html Location index.php X-Varnish 1221347131 Connection keep-alive Accept-Ranges bytes Content-Length 237

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Bank of America (Banking)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| unhideBody

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

privatechef.me
spectrum-consultancy.com
www.focusstudios.ca
158.106.131.138
64.15.159.71
64.91.241.0
3cec16ea73bbe034327f82196e04e91356106186ddb2a0c892fe144814036126
650d88e015c6205811b305c79f02de1da144d778332090582e3ad05320b04bbe
79adacbf1542465c9544b0c51e6c230b52830eec15e61468658228711f540986
90ce2cc10e2eb1e82bc422849dc8e08873ac084d85edda4303eee7c88ab9a731
b83dbda47cc721f4d4db418d509bfcac76e8210eda55ac8859481ff4fdca238e
cbdf03864f4e7b6622b34a5f3077417e59e89c4d9dcb7d41bc89eb110980f660
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

spectrum-consultancy.com Open in urlscan Pro 158.106.131.138 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

8 Requests

88 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

50 kBTransfer

47 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

1 JavaScript Global Variables

0 Cookies

Indicators

spectrum-consultancy.com Open in urlscan Pro
158.106.131.138 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

88 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

50 kB
Transfer

47 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!