ivatechtz.com Open in urlscan Pro
192.185.183.106  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response ivatechtz.com/	20 KB 8 KB	957ms 137ms	Document text/html	192.185.183.106 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://ivatechtz.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.183.106 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-185-183-106.unifiedlayer.com Software Apache / Resource Hash 6529bdf2db3ea3b6785a4aefe4a618748c495079ea45a8c64ab31044b0735f5a Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers last-modified Mon, 26 Apr 2021 09:45:56 GMT accept-ranges bytes vary Accept-Encoding content-encoding gzip content-length 7608 content-type text/html date Mon, 22 Nov 2021 20:11:53 GMT server Apache
GET H2	200	css www.visaprepaidprocessing.com/bundles/foundation/	2 KB 909 B	252ms 197ms	Stylesheet text/css	104.18.20.25 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.visaprepaidprocessing.com/bundles/foundation/css?v=TgYukCV0BSpb98GObtBe6i9KeBqBppGV5EzParDKRD01 Requested by Host: ivatechtz.com URL: https://ivatechtz.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 104.18.20.25 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9125b08d73099fe6cc8ec181f39edc63439b48442010ec2635791578f9e3b4ed Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer https://ivatechtz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 20:11:54 GMT content-encoding br cf-cache-status DYNAMIC last-modified Mon, 22 Nov 2021 20:11:54 GMT server cloudflare x-frame-options SAMEORIGIN x-opnet-transaction-trace a2_739fe118-8629-49b6-a811-fcf665f3b49d-16316-569397 vary User-Agent expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type text/css; charset=utf-8 cache-control public cf-ray 6b24cf3e6c2842fd-FRA expires Tue, 22 Nov 2022 20:11:54 GMT
GET H2	200	css www.visaprepaidprocessing.com/bundles/	290 KB 46 KB	279ms 225ms	Stylesheet text/css	104.18.20.25 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.visaprepaidprocessing.com/bundles/css?v=wAZASNxRNEHvELh5VVy5mcxHM2kaP7CFlrsQ-TKMrzc1 Requested by Host: ivatechtz.com URL: https://ivatechtz.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 104.18.20.25 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5f536ff6ac60737ced5a8e914b5b66981c6d747d98b462e745265965916004a8 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer https://ivatechtz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Mon, 22 Nov 2021 20:11:54 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare x-opnet-transaction-trace a2_be80d6b0-d488-404b-a048-07e9b1e3b825-8244-568847 x-frame-options SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type text/css; charset=utf-8 cache-control no-cache cf-ray 6b24cf3e6c2a42fd-FRA expires -1
GET H2	200	jquery Show response www.visaprepaidprocessing.com/bundles/	103 KB 38 KB	269ms 215ms	Script text/javascript	104.18.20.25 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.visaprepaidprocessing.com/bundles/jquery?v=Tr_v94xD5Y3yKB5v6IQ7RZbsJQVRT3NqKQFaw2TuoU41 Requested by Host: ivatechtz.com URL: https://ivatechtz.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 104.18.20.25 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bd5a980b909c066eaf41d0c88c8520859b9eadea5170fe318836f304f6c6c335 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer https://ivatechtz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 20:11:54 GMT content-encoding br cf-cache-status DYNAMIC last-modified Mon, 22 Nov 2021 20:11:54 GMT server cloudflare x-frame-options SAMEORIGIN x-opnet-transaction-trace a2_e6a957cf-e493-422b-9740-eb7a0fe0621b-1940-570211 vary User-Agent expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type text/javascript; charset=utf-8 cache-control public cf-ray 6b24cf3e6c2e42fd-FRA expires Tue, 22 Nov 2022 20:11:54 GMT
GET H2	200	preventEarlyClickCss www.visaprepaidprocessing.com/bundles/	45 B 592 B	232ms 178ms	Stylesheet text/css	104.18.20.25 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.visaprepaidprocessing.com/bundles/preventEarlyClickCss?v=AjE3qz4xe4LPPh9UwnSuF7YqcFXF2UG5PMA-GpfTe5c1 Requested by Host: ivatechtz.com URL: https://ivatechtz.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 104.18.20.25 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 42a0994f945e96989c7b09cd6d4c08fced929ce73f63396a83b3f071720c3c49 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer https://ivatechtz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 20:11:54 GMT vary User-Agent cf-cache-status DYNAMIC last-modified Mon, 22 Nov 2021 20:11:54 GMT server cloudflare x-opnet-transaction-trace a2_b142bee1-e93a-4170-a015-74e9c530b1ea-16764-569161 x-frame-options SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type text/css; charset=utf-8 cache-control public cf-ray 6b24cf3e6c2d42fd-FRA content-length 45 expires Tue, 22 Nov 2022 20:11:54 GMT
GET H2	200	preventEarlyClick Show response www.visaprepaidprocessing.com/bundles/	271 B 239 B	243ms 189ms	Script text/javascript	104.18.20.25 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.visaprepaidprocessing.com/bundles/preventEarlyClick?v=_tY9qfNRb06Wa6fRNKeUMAHJINRnx8zdLPgzo1HCObs1 Requested by Host: ivatechtz.com URL: https://ivatechtz.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 104.18.20.25 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8332e9865442439990cc3f27b3e8a38c9b3bd5f548af382ae4fea0968181b4ff Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer https://ivatechtz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 20:11:54 GMT content-encoding br cf-cache-status DYNAMIC last-modified Mon, 22 Nov 2021 20:11:54 GMT server cloudflare x-frame-options SAMEORIGIN x-opnet-transaction-trace a2_be80d6b0-d488-404b-a048-07e9b1e3b825-8244-568846 vary User-Agent expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type text/javascript; charset=utf-8 cache-control public cf-ray 6b24cf3e6c3142fd-FRA expires Tue, 22 Nov 2022 20:11:54 GMT
GET H2	200	foundation Show response www.visaprepaidprocessing.com/bundles/	96 KB 26 KB	241ms 187ms	Script text/javascript	104.18.20.25 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.visaprepaidprocessing.com/bundles/foundation?v=ESYLxt5uuRKe3D3XbWrIbHO5roVJALwvUU4gNQI5B-01 Requested by Host: ivatechtz.com URL: https://ivatechtz.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 104.18.20.25 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8cdb11e45e5feb9caf122ce4ef454511465310d3d81f09fe29b34e9948677a8c Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer https://ivatechtz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 20:11:54 GMT content-encoding br cf-cache-status DYNAMIC last-modified Mon, 22 Nov 2021 20:11:54 GMT server cloudflare x-frame-options SAMEORIGIN x-opnet-transaction-trace a2_042d29e5-60c0-419b-bd35-9bc8eecb7034-13128-566071 vary User-Agent expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type text/javascript; charset=utf-8 cache-control public cf-ray 6b24cf3e6c3942fd-FRA expires Tue, 22 Nov 2022 20:11:54 GMT
GET H2	200	modernizr Show response www.visaprepaidprocessing.com/bundles/	11 KB 5 KB	290ms 236ms	Script text/javascript	104.18.20.25 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.visaprepaidprocessing.com/bundles/modernizr?v=inCVuEFe6J4Q07A0AcRsbJic_UE5MwpRMNGcOtk94TE1 Requested by Host: ivatechtz.com URL: https://ivatechtz.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 104.18.20.25 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9e83216908224ffbc39992a5e60f93ca21b8e2240ba28025ba679c4b70f7112d Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer https://ivatechtz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 20:11:54 GMT content-encoding br cf-cache-status DYNAMIC last-modified Mon, 22 Nov 2021 20:11:54 GMT server cloudflare x-frame-options SAMEORIGIN x-opnet-transaction-trace a2_dcb5b8df-5957-4e0a-acb8-060eaecebc73-11668-567788 vary User-Agent expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type text/javascript; charset=utf-8 cache-control public cf-ray 6b24cf3e6c3542fd-FRA expires Tue, 22 Nov 2022 20:11:54 GMT
GET H2	200	Visa Show response www.visaprepaidprocessing.com/bundles/	17 KB 5 KB	284ms 231ms	Script text/javascript	104.18.20.25 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.visaprepaidprocessing.com/bundles/Visa?v=rUNK_oTTYSu18b4lzz-WjfK-hwZTByYX4dFKT1IJ9Ig1 Requested by Host: ivatechtz.com URL: https://ivatechtz.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 104.18.20.25 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8af0b75aa4d5abd389018745e38b4d13e471e8de137696bb705b7e23371c5211 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer https://ivatechtz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Mon, 22 Nov 2021 20:11:54 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare x-opnet-transaction-trace a2_be80d6b0-d488-404b-a048-07e9b1e3b825-8244-568848 x-frame-options SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type text/javascript; charset=utf-8 cache-control no-cache cf-ray 6b24cf3e6c3442fd-FRA expires -1
GET H2	200	dps Show response www.visaprepaidprocessing.com/bundles/Visa/	9 KB 3 KB	268ms 214ms	Script text/javascript	104.18.20.25 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.visaprepaidprocessing.com/bundles/Visa/dps?v=ZyC0R9t8h7ubYILI4r8E1AyotfynRxjE2DnI-eHH54Q1 Requested by Host: ivatechtz.com URL: https://ivatechtz.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 104.18.20.25 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cf5b381a36797698b3b4a23090a14ebd63b4d2478f31be04d0bcbfd53d421b87 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer https://ivatechtz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 20:11:54 GMT content-encoding br cf-cache-status DYNAMIC last-modified Mon, 22 Nov 2021 20:11:54 GMT server cloudflare x-frame-options SAMEORIGIN x-opnet-transaction-trace a2_1012f53b-5a5d-486a-8d28-a2a6034a9d50-9368-569698 vary User-Agent expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type text/javascript; charset=utf-8 cache-control public cf-ray 6b24cf3e6c3742fd-FRA expires Tue, 22 Nov 2022 20:11:54 GMT
GET H2	404	site.css ivatechtz.com/content/PRC384/CP384-T03-019/_Styles/	0 0	497ms 497ms	Stylesheet text/html	192.185.183.106 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://ivatechtz.com/content/PRC384/CP384-T03-019/_Styles/site.css Requested by Host: ivatechtz.com URL: https://ivatechtz.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.183.106 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-185-183-106.unifiedlayer.com Software Apache / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://ivatechtz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 20:11:53 GMT content-encoding gzip server Apache vary Accept-Encoding content-type text/html; charset=UTF-8 cache-control no-cache, must-revalidate, max-age=0 link <https://ivatechtz.com/wp-json/>; rel="https://api.w.org/" expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	logo.PNG ivatechtz.com/file/	8 KB 8 KB	151ms 151ms	Image image/png	192.185.183.106 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://ivatechtz.com/file/logo.PNG Requested by Host: ivatechtz.com URL: https://ivatechtz.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.183.106 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-185-183-106.unifiedlayer.com Software Apache / Resource Hash ad62eb85667532488d032273c196c7ea1c10e0897223c4b66cd38b8c5e5215a4 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ivatechtz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 20:11:54 GMT last-modified Sun, 25 Apr 2021 16:04:40 GMT server Apache accept-ranges bytes content-length 7719 content-type image/png
GET H2	404	logo.png ivatechtz.com/file/	64 KB 64 KB	499ms 499ms	Image text/html	192.185.183.106 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://ivatechtz.com/file/logo.png Requested by Host: ivatechtz.com URL: https://ivatechtz.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.183.106 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-185-183-106.unifiedlayer.com Software Apache / Resource Hash f236168a372f59144fc3b3c6fcdf7d5b5786c25d6d1b4289d96189a4e73bbd66 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ivatechtz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 20:11:54 GMT content-encoding gzip server Apache vary Accept-Encoding content-type text/html; charset=UTF-8 cache-control no-cache, must-revalidate, max-age=0 link <https://ivatechtz.com/wp-json/>; rel="https://api.w.org/" expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	EmailLogo.png ivatechtz.com/file/	4 KB 4 KB	132ms 131ms	Image image/png	192.185.183.106 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://ivatechtz.com/file/EmailLogo.png Requested by Host: ivatechtz.com URL: https://ivatechtz.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.183.106 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-185-183-106.unifiedlayer.com Software Apache / Resource Hash db86fe978fad3c304c1c8b6ab1f65f409c16137076caec52fdfba3a18fbeebdb Request headers Accept-Language de-DE,de;q=0.9 Referer https://ivatechtz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 20:11:54 GMT last-modified Fri, 28 Aug 2020 07:15:22 GMT server Apache accept-ranges bytes content-length 3908 content-type image/png
GET H2	200	print www.visaprepaidprocessing.com/bundles/css/	2 KB 652 B	169ms 169ms	Stylesheet text/css	104.18.20.25 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.visaprepaidprocessing.com/bundles/css/print?v=JPgM1hk5e3sLqXHZFVWtkkRA7MMTcH6t30yiIk5dBDo1 Requested by Host: ivatechtz.com URL: https://ivatechtz.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 104.18.20.25 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5e2aabe93299c82250d8d6952e7eec0d120c95b45ddc24175f187dd530543205 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer https://ivatechtz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Mon, 22 Nov 2021 20:11:54 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare x-opnet-transaction-trace a2_042d29e5-60c0-419b-bd35-9bc8eecb7034-13128-566072 x-frame-options SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type text/css; charset=utf-8 cache-control no-cache cf-ray 6b24cf4028e542fd-FRA expires -1
GET H2	404	gtm5445.html ivatechtz.com/www.googletagmanager.com/	0 0	599ms 596ms	Script text/html	192.185.183.106 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://ivatechtz.com/www.googletagmanager.com/gtm5445.html?id=GTM-55MPT9 Requested by Host: ivatechtz.com URL: https://ivatechtz.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.183.106 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-185-183-106.unifiedlayer.com Software Apache / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://ivatechtz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 20:11:54 GMT content-encoding gzip server Apache vary Accept-Encoding content-type text/html; charset=UTF-8 cache-control no-cache, must-revalidate, max-age=0 link <https://ivatechtz.com/wp-json/>; rel="https://api.w.org/" expires Wed, 11 Jan 1984 05:00:00 GMT
GET		fontawesome-webfont.woff www.visaprepaidprocessing.com/Content/_Fonts/	0 0
GET H2	200	/ Show response ivatechtz.com/	20 KB 8 KB	144ms 144ms	Script text/html	192.185.183.106 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://ivatechtz.com/ Requested by Host: ivatechtz.com URL: https://ivatechtz.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.183.106 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-185-183-106.unifiedlayer.com Software Apache / Resource Hash 6529bdf2db3ea3b6785a4aefe4a618748c495079ea45a8c64ab31044b0735f5a Request headers Accept-Language de-DE,de;q=0.9 Referer https://ivatechtz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 20:11:54 GMT content-encoding gzip last-modified Mon, 26 Apr 2021 09:45:56 GMT server Apache vary Accept-Encoding content-type text/html accept-ranges bytes content-length 7608
GET		fontawesome-webfont.ttf www.visaprepaidprocessing.com/Content/_Fonts/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.visaprepaidprocessing.com

URL

https://www.visaprepaidprocessing.com/Content/_Fonts/fontawesome-webfont.woff?v=4.0.3

Domain

www.visaprepaidprocessing.com

URL

https://www.visaprepaidprocessing.com/Content/_Fonts/fontawesome-webfont.ttf?v=4.0.3

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Bank of America (Banking)

117 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| CultureInfoSettings function| $ function| jQuery function| Globalize function| preventSubmit object| respond object| Foundation object| html5 object| Modernizr function| ChangeCulture function| initializeNavigationButtons function| setFormUrl function| showValidationSummary function| hideValidationSummary function| removeSuccessMessage function| removeWarningMessage function| setModalWindow function| startTrackingAccessToken function| startTrackingSession function| setAccessTokenTimer function| setSessionTimer function| renewAccessToken function| showSessionModal function| clearTimers function| showActionAndMsg function| showInitial function| showExtended function| closeExtended function| showExpired function| showExtensionError function| expireSession function| expireSessionAtServer function| extendSession function| blinkTitle function| stopBlinkingTitle function| visaModalCaller function| setModalHeight function| handleDecrease function| decreaseTop function| squeezScrollArea function| squeezModal function| handleIncrease function| expandModal function| expandScrollArea function| increaseTop function| setReveal function| bindCloseModalEvents function| setModalFocus function| externalLinkModalForm function| formatString object| isMobile function| scrollToFormTop boolean| windowFocused number| sessionTimeout undefined| timerIntervalId undefined| blinkIntervalId undefined| accessTokenTimer string| title object| sessionModal object| sessionAction string| sessionActionInitialText string| sessionActionInitialOnclick object| sessionCancel string| sessionCancelInitialText string| sessionCancelInitialOnclick object| sessionHeading object| sessionClock object| sessionMsg boolean| clickSessionCancel boolean| debugging undefined| sessionTimeoutTimer object| visaModal undefined| prevHeight undefined| initialScrollAreaHeight undefined| initialModalHeight undefined| window_height undefined| modal_height undefined| scrollAreaHeight number| minScrollAreaHeight number| maxScrollAreaHeight undefined| room undefined| scrollArea number| bottomMargin boolean| decreasing undefined| modal number| currentTop number| minTop number| maxTop function| GlobalAlert function| resizeHeader function| Fingerprint object| dataLayer string| sessionTimingoutHeading string| sessionExtendedHeading string| sessionHasExpired string| sessionExpiredByUser string| okButtonText string| closeButtonText boolean| trackSession string| sessionExpiresIn string| baseUrl string| mvcAction string| mvcController number| fingerprint string| token boolean| SimEnabled object| headers boolean| isAccessTokenRenewCheck number| accessTokenIntervalCall boolean| isVBAEnabled object| clientTimeRenewal number| targetRenewalThreshold boolean| requestIsRunning

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.visaprepaidprocessing.com/	1970-01-19 22:54:54	Name: __cflb Value: 0H28uxchcBYFcUJ7agzKikmQw5nqRP5Ht6mUBpBGXLg
			.visaprepaidprocessing.com/	1969-12-31 23:59:59	Name: __cfruid Value: dc93ca5117771beeb697132fe88d7781fe89ea46-1637611914
			ivatechtz.com/	1969-12-31 23:59:59	Name: vid Value: 1764835031

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ivatechtz.com/content/PRC384/CP384-T03-019/_Styles/site.css Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://ivatechtz.com/ Message: Access to font at 'https://www.visaprepaidprocessing.com/Content/_Fonts/fontawesome-webfont.woff?v=4.0.3' from origin 'https://ivatechtz.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.visaprepaidprocessing.com/Content/_Fonts/fontawesome-webfont.woff?v=4.0.3 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://ivatechtz.com/ Message: Access to font at 'https://www.visaprepaidprocessing.com/Content/_Fonts/fontawesome-webfont.ttf?v=4.0.3' from origin 'https://ivatechtz.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.visaprepaidprocessing.com/Content/_Fonts/fontawesome-webfont.ttf?v=4.0.3 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://ivatechtz.com/file/logo.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ivatechtz.com/www.googletagmanager.com/gtm5445.html?id=GTM-55MPT9 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ivatechtz.com
www.visaprepaidprocessing.com
www.visaprepaidprocessing.com
104.18.20.25
192.185.183.106
42a0994f945e96989c7b09cd6d4c08fced929ce73f63396a83b3f071720c3c49
5e2aabe93299c82250d8d6952e7eec0d120c95b45ddc24175f187dd530543205
5f536ff6ac60737ced5a8e914b5b66981c6d747d98b462e745265965916004a8
6529bdf2db3ea3b6785a4aefe4a618748c495079ea45a8c64ab31044b0735f5a
8332e9865442439990cc3f27b3e8a38c9b3bd5f548af382ae4fea0968181b4ff
8af0b75aa4d5abd389018745e38b4d13e471e8de137696bb705b7e23371c5211
8cdb11e45e5feb9caf122ce4ef454511465310d3d81f09fe29b34e9948677a8c
9125b08d73099fe6cc8ec181f39edc63439b48442010ec2635791578f9e3b4ed
9e83216908224ffbc39992a5e60f93ca21b8e2240ba28025ba679c4b70f7112d
ad62eb85667532488d032273c196c7ea1c10e0897223c4b66cd38b8c5e5215a4
bd5a980b909c066eaf41d0c88c8520859b9eadea5170fe318836f304f6c6c335
cf5b381a36797698b3b4a23090a14ebd63b4d2478f31be04d0bcbfd53d421b87
db86fe978fad3c304c1c8b6ab1f65f409c16137076caec52fdfba3a18fbeebdb
f236168a372f59144fc3b3c6fcdf7d5b5786c25d6d1b4289d96189a4e73bbd66