pathospitals.com Open in urlscan Pro
2606:4700:3035::6815:b4a Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://pathospitals.com/wp-admin/user/schwab_policy/home/login.php
Submission Tags: 7377670
Submission: On December 09 via api (December 9th 2021, 2:15:50 am UTC) from US — Scanned from DE

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 12 HTTP transactions. The main IP is 2606:4700:3035::6815:b4a, located in United States and belongs to CLOUDFLARENET, US. The main domain is pathospitals.com.

This is the only time pathospitals.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Charles Schwab (Financial)

Domain & IP information

	IP Address		AS Autonomous System
12	2606:4700:303... 2606:4700:3035::6815:b4a		13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	1

12 2606:4700:3035::6815:b4a (United States)

ASN13335 (CLOUDFLARENET, US)

pathospitals.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	pathospitals.com pathospitals.com	318 KB
12	1

	Domain	Requested by
12	pathospitals.com	pathospitals.com
12	1

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://pathospitals.com/wp-admin/user/schwab_policy/home/login.php
Frame ID: EDA34242FE22E7E959B5644B7C17A369
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Log In

Page Statistics

12
Requests

0 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

318 kB
Transfer

312 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request login.php Show response pathospitals.com/wp-admin/user/schwab_policy/home/	5 KB 2 KB	265ms 250ms	Document text/html	2606:4700:3035::6815:b4a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://pathospitals.com/wp-admin/user/schwab_policy/home/login.php Protocol HTTP/1.1 Server 2606:4700:3035::6815:b4a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.3.30 Resource Hash `7349025b6d3620041538e1355ee4b8ddb664da69b8f24067738926340b3c77dd` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Date Thu, 09 Dec 2021 02:15:45 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive x-powered-by PHP/7.3.30 vary Accept-Encoding CF-Cache-Status DYNAMIC Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=auVE6zmWPl665%2By%2FI%2FOXw9hNbgxoQQSl5VfOf29YNVtU09jsbBqnjwtrYhwEno3Ih%2FWHVxZLmUC4fEgNFDeXdAtYW4WtpW83Ju4btrf7wx3n30uQ6xazFoOHYFmXSrTLeXI4EUoP1JZvfdGhjyh%2F"}],"group":"cf-nel","max_age":604800} NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare CF-RAY 6baaba3f1f5883a6-MXP Content-Encoding gzip alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H/1.1	200 OK	w1.png pathospitals.com/wp-admin/user/schwab_policy/home/images/	6 KB 7 KB	230ms 230ms	Image image/png	2606:4700:3035::6815:b4a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://pathospitals.com/wp-admin/user/schwab_policy/home/images/w1.png Requested by Host: pathospitals.com URL: http://pathospitals.com/wp-admin/user/schwab_policy/home/login.php Protocol HTTP/1.1 Server 2606:4700:3035::6815:b4a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5f5615debca103a7b17df3e42563e24937decbfffec54432d244413fdf8a578c` Request headers Accept-Language de-DE,de;q=0.9 Referer http://pathospitals.com/wp-admin/user/schwab_policy/home/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 09 Dec 2021 02:15:46 GMT CF-Cache-Status MISS last-modified Thu, 25 Nov 2021 18:26:30 GMT Server cloudflare etag "3fc5ebe-1713-5d1a11d006cf6" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yCKGftMDmW0rATgM4Eqa78Kfu0BKUh2DgPWZxzP1annywuT9UdBbfGI5D6z7bxHyHNDXMQTiWN%2FnJDgHnffbtwLldGPvrOeQ4Hbf7IPyQbXlp3FVWIv3ZwBtgwiLbBoDHKnlUneBJHqpRUgpQT6t"}],"group":"cf-nel","max_age":604800} Content-Type image/png Cache-Control max-age=14400 NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive Accept-Ranges bytes CF-RAY 6baaba40a89783a6-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Content-Length 5907
GET H/1.1	200 OK	w2.png pathospitals.com/wp-admin/user/schwab_policy/home/images/	8 KB 9 KB	243ms 236ms	Image image/png	2606:4700:3035::6815:b4a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://pathospitals.com/wp-admin/user/schwab_policy/home/images/w2.png Requested by Host: pathospitals.com URL: http://pathospitals.com/wp-admin/user/schwab_policy/home/login.php Protocol HTTP/1.1 Server 2606:4700:3035::6815:b4a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `21b31ff9cea1ad56c36e49ae2b8b9bac27e46d80d79539a3c2c11b328c971b72` Request headers Accept-Language de-DE,de;q=0.9 Referer http://pathospitals.com/wp-admin/user/schwab_policy/home/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 09 Dec 2021 02:15:46 GMT CF-Cache-Status MISS last-modified Thu, 25 Nov 2021 18:26:30 GMT Server cloudflare etag "3fc5eb6-1f66-5d1a11d0026a6" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=12Q4DUKUgnA6T%2B%2BzZokUIpKX14rDkFWNXkGVj91cxp85bZwTHiXQDH454S2WVv0LDvXLmtXIFXRy%2FHH9GRiic3IbMuy1ut2A%2BtXllqJDHfhQB7yKIEu2FWZzvdelE%2BhZcO2daLaeiqRLOsy5RAOi"}],"group":"cf-nel","max_age":604800} Content-Type image/png Cache-Control max-age=14400 NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive Accept-Ranges bytes CF-RAY 6baaba40cd063761-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Content-Length 8038
GET H/1.1	200 OK	w3.png pathospitals.com/wp-admin/user/schwab_policy/home/images/	548 B 1 KB	243ms 237ms	Image image/png	2606:4700:3035::6815:b4a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://pathospitals.com/wp-admin/user/schwab_policy/home/images/w3.png Requested by Host: pathospitals.com URL: http://pathospitals.com/wp-admin/user/schwab_policy/home/login.php Protocol HTTP/1.1 Server 2606:4700:3035::6815:b4a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c3e192a2276a337351a8702a6684e4f1280d6dd432428a11b9e12783db9f521f` Request headers Accept-Language de-DE,de;q=0.9 Referer http://pathospitals.com/wp-admin/user/schwab_policy/home/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 09 Dec 2021 02:15:46 GMT CF-Cache-Status MISS last-modified Thu, 25 Nov 2021 18:26:30 GMT Server cloudflare etag "3fc5eb3-224-5d1a11d000b4e" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8XJTAEQ24PVgKN0K7P6kCGUP8GsGkp%2BMjVWhBPfGp1Hlu5J61YLXWWuul1AydpjIE90s%2B7Ha6okXEfjeKGeJhJV36Z8cjaNm%2BEwdzYWkkSXGpIDWRFcK0PS%2Bu5I9gKzC3ARjtyqaXIHSR3WlY641"}],"group":"cf-nel","max_age":604800} Content-Type image/png Cache-Control max-age=14400 NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive Accept-Ranges bytes CF-RAY 6baaba40cac0f917-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Content-Length 548
GET H/1.1	200 OK	w4.png pathospitals.com/wp-admin/user/schwab_policy/home/images/	17 KB 17 KB	24ms 18ms	Image image/png	2606:4700:3035::6815:b4a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://pathospitals.com/wp-admin/user/schwab_policy/home/images/w4.png Requested by Host: pathospitals.com URL: http://pathospitals.com/wp-admin/user/schwab_policy/home/login.php Protocol HTTP/1.1 Server 2606:4700:3035::6815:b4a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c2ece77bbb4d73cc6a4b18cbb7809360d1fbc99c1e2ff5578ef77a270b9929b1` Request headers Accept-Language de-DE,de;q=0.9 Referer http://pathospitals.com/wp-admin/user/schwab_policy/home/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 09 Dec 2021 02:15:46 GMT CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 2869 Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Content-Length 17017 last-modified Thu, 25 Nov 2021 18:26:30 GMT Server cloudflare etag "3fc5eaf-4279-5d1a11cffe056" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0l31puRZBfFCrhcPr5HbmmLxJ1GcYPOSBLn4kvPFoUiyP2jLtZ1wpcoQuYXB9caBMF5GQhR9MQxYPYZMyam2DbPrQBp4afFPi5y7rawfkGntBk0LNKDukuENIuJqDaOESg4vffoAUrcHQvQsHIEG"}],"group":"cf-nel","max_age":604800} Content-Type image/png Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 6baaba40bf724eb0-FRA
GET H/1.1	200 OK	w8.png pathospitals.com/wp-admin/user/schwab_policy/home/images/	67 KB 68 KB	442ms 436ms	Image image/png	2606:4700:3035::6815:b4a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://pathospitals.com/wp-admin/user/schwab_policy/home/images/w8.png Requested by Host: pathospitals.com URL: http://pathospitals.com/wp-admin/user/schwab_policy/home/login.php Protocol HTTP/1.1 Server 2606:4700:3035::6815:b4a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `006ef294fee1bdeaeb702b5b9fa608567d78a778bb89022da0716a387b40cf96` Request headers Accept-Language de-DE,de;q=0.9 Referer http://pathospitals.com/wp-admin/user/schwab_policy/home/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 09 Dec 2021 02:15:46 GMT CF-Cache-Status MISS last-modified Thu, 25 Nov 2021 18:26:30 GMT Server cloudflare etag "3fc5eb0-10d79-5d1a11cffec0e" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gXgWPeSAIMxktyfkVxURJN8Uyet7s%2FYksGw4Fd2mQkkKacOMYmJ6oD2EoQxcMWWOyqzZbClSLhxgs4H6rKYSU7z%2F4G6kLXW%2BW0bF3GX5Nlut1LKnvL9trlEhdHL1VObDOeTosWcLG8NONJ%2FqrEay"}],"group":"cf-nel","max_age":604800} Content-Type image/png Cache-Control max-age=14400 NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive Accept-Ranges bytes CF-RAY 6baaba40cd7c83b2-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Content-Length 68985
GET H/1.1	200 OK	w9.png pathospitals.com/wp-admin/user/schwab_policy/home/images/	50 KB 51 KB	50ms 44ms	Image image/png	2606:4700:3035::6815:b4a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://pathospitals.com/wp-admin/user/schwab_policy/home/images/w9.png Requested by Host: pathospitals.com URL: http://pathospitals.com/wp-admin/user/schwab_policy/home/login.php Protocol HTTP/1.1 Server 2606:4700:3035::6815:b4a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6359c24246479b81cb4e98d84c0145b0a9761d44ade5264f97f7bbfe064730cf` Request headers Accept-Language de-DE,de;q=0.9 Referer http://pathospitals.com/wp-admin/user/schwab_policy/home/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 09 Dec 2021 02:15:46 GMT CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 2869 Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Content-Length 50919 last-modified Thu, 25 Nov 2021 18:26:30 GMT Server cloudflare etag "3fc5eb9-c6e7-5d1a11d0041fe" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DgJHAWIV4T%2FHVp0sFukJ1zRQtBtURTvYntD%2FyPE3VFf9Raor5i3FwC2LdJIDhzHDfW8aV50EWUmfwUXGSfAsq4fO2hSEyW796a9rCb8Thjg88DrXydIIYUtIEUN50MMHVhD9PxRH6ExhM4mwuikb"}],"group":"cf-nel","max_age":604800} Content-Type image/png Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 6baaba40be342b71-FRA
GET H/1.1	200 OK	w10.png pathospitals.com/wp-admin/user/schwab_policy/home/images/	120 KB 121 KB	65ms 13ms	Image image/png	2606:4700:3035::6815:b4a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://pathospitals.com/wp-admin/user/schwab_policy/home/images/w10.png Requested by Host: pathospitals.com URL: http://pathospitals.com/wp-admin/user/schwab_policy/home/login.php Protocol HTTP/1.1 Server 2606:4700:3035::6815:b4a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4673e95fb7ad51a18a47c2addb269d87c57e40dd7c2ad9f1f563ff73518b135d` Request headers Accept-Language de-DE,de;q=0.9 Referer http://pathospitals.com/wp-admin/user/schwab_policy/home/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 09 Dec 2021 02:15:46 GMT CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 2869 Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Content-Length 122886 last-modified Thu, 25 Nov 2021 18:26:30 GMT Server cloudflare etag "3fc5eab-1e006-5d1a11cffb55e" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sDK6xZfxvnrsJBZ3xs927eYddepTZ%2BsRwcA9BTEEaIcueqT%2BvJXECDnCK4pAVnPVTa2N2XHaA6XSIUldYIYuh412o9%2BZ3bLXXUobG%2FO89jlstQElSI%2Fq%2FpWaWpAnl%2FXrJwKY2qpUEebqdNzI7x5P"}],"group":"cf-nel","max_age":604800} Content-Type image/png Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 6baaba410fc24eb0-FRA
GET H/1.1	200 OK	w5.png pathospitals.com/wp-admin/user/schwab_policy/home/images/	36 KB 37 KB	33ms 11ms	Image image/png	2606:4700:3035::6815:b4a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://pathospitals.com/wp-admin/user/schwab_policy/home/images/w5.png Requested by Host: pathospitals.com URL: http://pathospitals.com/wp-admin/user/schwab_policy/home/login.php Protocol HTTP/1.1 Server 2606:4700:3035::6815:b4a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `22e0b813814e4e07cc4f71579e6412d9d0fba484b980335ecace8cbf249257b0` Request headers Accept-Language de-DE,de;q=0.9 Referer http://pathospitals.com/wp-admin/user/schwab_policy/home/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 09 Dec 2021 02:15:46 GMT CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 2869 Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Content-Length 36567 last-modified Thu, 25 Nov 2021 18:26:30 GMT Server cloudflare etag "3fc5eba-8ed7-5d1a11d00519e" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XemEG1zpsjHCqfr4%2FpGvbgSSXiZUTG5YSWWZVRcHER11DWKPCKSaCeq6G8UcDJR86hCjQNqAd4JEzcgNweCbL0CLvr4cVC1dHcJfdNtLQBqAXPgEb5vnGB8BruRZz80QzSR0yf2%2F3AdG%2B269l3pU"}],"group":"cf-nel","max_age":604800} Content-Type image/png Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 6baaba40df8d4eb0-FRA
GET H/1.1	200 OK	w6.png pathospitals.com/wp-admin/user/schwab_policy/home/images/	2 KB 3 KB	51ms 12ms	Image image/png	2606:4700:3035::6815:b4a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://pathospitals.com/wp-admin/user/schwab_policy/home/images/w6.png Requested by Host: pathospitals.com URL: http://pathospitals.com/wp-admin/user/schwab_policy/home/login.php Protocol HTTP/1.1 Server 2606:4700:3035::6815:b4a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `cc267e39af2d5135c985b97645d22844b7b0114d987fe4d9a72cc6b7eef474ff` Request headers Accept-Language de-DE,de;q=0.9 Referer http://pathospitals.com/wp-admin/user/schwab_policy/home/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 09 Dec 2021 02:15:46 GMT CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 2869 Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Content-Length 2115 last-modified Thu, 25 Nov 2021 18:26:30 GMT Server cloudflare etag "3fc5eae-843-5d1a11cffd886" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cz3AjM0XC2pQRX1shEfNfrpQsiLtppEsELIhZpEmO0gMWwEUrrm93Uh2k7B%2By%2BRiBF6EkiDmA555LJcpmYxONb4w0%2F7NeSxTYHtcjo1JmGZmWm%2BXm5JAa7Rt78n8AuzLTu21e%2FwjjK%2F%2BVOCEeNjc"}],"group":"cf-nel","max_age":604800} Content-Type image/png Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 6baaba40ffac4eb0-FRA
GET H/1.1	200 OK	w7.png pathospitals.com/wp-admin/user/schwab_policy/home/images/	822 B 2 KB	84ms 12ms	Image image/png	2606:4700:3035::6815:b4a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://pathospitals.com/wp-admin/user/schwab_policy/home/images/w7.png Requested by Host: pathospitals.com URL: http://pathospitals.com/wp-admin/user/schwab_policy/home/login.php Protocol HTTP/1.1 Server 2606:4700:3035::6815:b4a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3141d73f4bd394efcfb9f8984b0dc24f5e5519bfc662fbdf7b0913c105c5ccfc` Request headers Accept-Language de-DE,de;q=0.9 Referer http://pathospitals.com/wp-admin/user/schwab_policy/home/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 09 Dec 2021 02:15:46 GMT CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 2869 Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Content-Length 822 last-modified Thu, 25 Nov 2021 18:26:30 GMT Server cloudflare etag "3fc5ebb-336-5d1a11d00596e" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s4vrpgdN1O11GU9vgxPU9R86h1cDmo2e5ur0SOEUKHHIXJrIRpha%2Fd9cI2kKbAIn4%2BJz%2FupSWjQegOQuhcT%2FYJn48z6hKJbrYKEnfYdlY%2BGcG9pCtmkhDg7h47ArbiNwEj%2F4ChN9A9UN%2BeDlzDQe"}],"group":"cf-nel","max_age":604800} Content-Type image/png Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 6baaba412e962b71-FRA
GET H/1.1	200 OK	logni.png pathospitals.com/wp-admin/user/schwab_policy/home/images/	888 B 2 KB	71ms 16ms	Image image/png	2606:4700:3035::6815:b4a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://pathospitals.com/wp-admin/user/schwab_policy/home/images/logni.png Requested by Host: pathospitals.com URL: http://pathospitals.com/wp-admin/user/schwab_policy/home/login.php Protocol HTTP/1.1 Server 2606:4700:3035::6815:b4a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `bef2bc49fba65882c6b5394276011efee732f406455eb1221feb24a434cb0e16` Request headers Accept-Language de-DE,de;q=0.9 Referer http://pathospitals.com/wp-admin/user/schwab_policy/home/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 09 Dec 2021 02:15:46 GMT CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 2869 Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Content-Length 888 last-modified Thu, 25 Nov 2021 18:26:30 GMT Server cloudflare etag "3fc5ebf-378-5d1a11d0078ae" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rw464vCjaiOD8LC2U81hGYnkLD3lduK4FL72rdsutwb1l%2B4BFus7AjTeXKhquWKZLW6YzNoVjza57T9xMqcHZwF17oDUZFSyagWFXfLTacQqkuvjBRzdWAhQRCyBSBzYChNt6eEKoKxzgL6vrpF%2F"}],"group":"cf-nel","max_age":604800} Content-Type image/png Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 6baaba410e852b71-FRA

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Charles Schwab (Financial)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

pathospitals.com
2606:4700:3035::6815:b4a
006ef294fee1bdeaeb702b5b9fa608567d78a778bb89022da0716a387b40cf96
21b31ff9cea1ad56c36e49ae2b8b9bac27e46d80d79539a3c2c11b328c971b72
22e0b813814e4e07cc4f71579e6412d9d0fba484b980335ecace8cbf249257b0
3141d73f4bd394efcfb9f8984b0dc24f5e5519bfc662fbdf7b0913c105c5ccfc
4673e95fb7ad51a18a47c2addb269d87c57e40dd7c2ad9f1f563ff73518b135d
5f5615debca103a7b17df3e42563e24937decbfffec54432d244413fdf8a578c
6359c24246479b81cb4e98d84c0145b0a9761d44ade5264f97f7bbfe064730cf
7349025b6d3620041538e1355ee4b8ddb664da69b8f24067738926340b3c77dd
bef2bc49fba65882c6b5394276011efee732f406455eb1221feb24a434cb0e16
c2ece77bbb4d73cc6a4b18cbb7809360d1fbc99c1e2ff5578ef77a270b9929b1
c3e192a2276a337351a8702a6684e4f1280d6dd432428a11b9e12783db9f521f
cc267e39af2d5135c985b97645d22844b7b0114d987fe4d9a72cc6b7eef474ff

pathospitals.com Open in urlscan Pro 2606:4700:3035::6815:b4a Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

12 Requests

0 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

318 kBTransfer

312 kBSize

0 Cookies

0 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

4 JavaScript Global Variables

0 Cookies

Indicators

pathospitals.com Open in urlscan Pro
2606:4700:3035::6815:b4a Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

0 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

318 kB
Transfer

312 kB
Size

0
Cookies

12 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!