theambassadorsofhope.com Open in urlscan Pro
149.56.45.150 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.technocity.lk/images/menu/menu/
Effective URL:
http://theambassadorsofhope.com/wp-includes/css/log/
Submission: On December 09 via manual (December 9th 2017, 6:57:42 pm UTC) from US

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 17 HTTP transactions. The main IP is 149.56.45.150, located in Montréal, Canada and belongs to OVH, FR. The main domain is theambassadorsofhope.com.

This is the only time theambassadorsofhope.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: PayPal (Financial)

Domain & IP information

	IP Address	AS Autonomous System
1	108.61.130.114 108.61.130.114	20473 (AS-CHOOPA) (AS-CHOOPA - Choopa)
15	149.56.45.150 149.56.45.150	16276 (OVH) (OVH)
1	67.21.94.5 67.21.94.5	46844 (ST-BGP) (ST-BGP - Sharktech)
17	3

1 108.61.130.114 (Matawan, United States)

ASN20473 (AS-CHOOPA - Choopa, LLC, US)
PTR: ds20.extentions.net

www.technocity.lk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 149.56.45.150 (Montréal, Canada)

ASN16276 (OVH, FR)
PTR: 150.ip-149-56-45.net

theambassadorsofhope.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.21.94.5 (Chicago, United States)

ASN46844 (ST-BGP - Sharktech, US)

cazanova-store.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	theambassadorsofhope.com theambassadorsofhope.com	271 KB
1	cazanova-store.info cazanova-store.info	2 KB
1	technocity.lk www.technocity.lk
17	3

	Domain	Requested by
15	theambassadorsofhope.com	theambassadorsofhope.com
1	cazanova-store.info	theambassadorsofhope.com
1	www.technocity.lk
17	3

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://theambassadorsofhope.com/wp-includes/css/log/
Frame ID: (BB59E3E3590C2495D126E754FA73E569)
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.technocity.lk/images/menu/menu/ Page URL
http://theambassadorsofhope.com/wp-includes/css/log/ Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

jQuery Mobile (Mobile Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /jquery\.mobile(?:-([\d.]+rc\d))?.*\.js(?:\?ver=([\d.]+))?/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js/i
script /jquery\.mobile(?:-([\d.]+rc\d))?.*\.js(?:\?ver=([\d.]+))?/i

Page Statistics

17
Requests

0 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

273 kB
Transfer

295 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.technocity.lk/images/menu/menu/ Page URL
http://theambassadorsofhope.com/wp-includes/css/log/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ Show response www.technocity.lk/images/menu/menu/	665 B 0	311ms 93ms	Document text/html	108.61.130.114 Choopa
General Check archive.org Show headers Download Go to Full URL http://www.technocity.lk/images/menu/menu/ Protocol HTTP/1.1 Server 108.61.130.114 Matawan, United States, ASN20473 (AS-CHOOPA - Choopa, LLC, US), Reverse DNS ds20.extentions.net Software Apache / Resource Hash `54b1443653510af51b5299ed54e08d119ba3eecdfaf8e6f2292462967702ed14` Request headers Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Connection keep-alive Accept-Encoding gzip, deflate Host www.technocity.lk Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Date Sat, 09 Dec 2017 18:57:31 GMT Last-Modified Sat, 09 Dec 2017 14:19:42 GMT Server Apache Content-Type text/html Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=1, max=30 Content-Length 665
GET H/1.1	200 OK	Primary Request Cookie set / Show response theambassadorsofhope.com/wp-includes/css/log/	10 KB 0	561ms 422ms	Document text/html	149.56.45.150 OVH
General Check archive.org Show headers Download Go to Full URL http://theambassadorsofhope.com/wp-includes/css/log/ Protocol HTTP/1.1 Server 149.56.45.150 Montréal, Canada, ASN16276 (OVH, FR), Reverse DNS 150.ip-149-56-45.net Software Apache / PHP/5.5.33 Resource Hash `e9bc5c68b4c2906d7f410f36d03b3557b782fb893210fd802ea28a0e05aa2458` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host theambassadorsofhope.com Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Referer http://www.technocity.lk/images/menu/menu/ Connection keep-alive Cache-Control no-cache Upgrade-Insecure-Requests 1 Referer http://www.technocity.lk/images/menu/menu/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Pragma no-cache Date Sat, 09 Dec 2017 18:57:30 GMT Server Apache X-Powered-By PHP/5.5.33 Transfer-Encoding chunked Content-Type text/html Set-Cookie PHPSESSID=830a8ce261ad7db5d93ee9beba3d5dc0; path=/ Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection close Expires Thu, 19 Nov 1981 08:52:00 GMT
GET H/1.1	200 OK	fonts.css theambassadorsofhope.com/wp-includes/css/log/css/	2 KB 2 KB	365ms 270ms	Stylesheet text/css	149.56.45.150 OVH
General Check archive.org Show headers Download Go to Full URL http://theambassadorsofhope.com/wp-includes/css/log/css/fonts.css Requested by Host: theambassadorsofhope.com URL: http://theambassadorsofhope.com/wp-includes/css/log/ Protocol HTTP/1.1 Server 149.56.45.150 Montréal, Canada, ASN16276 (OVH, FR), Reverse DNS 150.ip-149-56-45.net Software Apache / Resource Hash `98be9e18dbd98746dbf8bcaebac1c4b274885e8c659f2b81de0b76d48bb1edc4` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host theambassadorsofhope.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept text/css,/;q=0.1 Referer http://theambassadorsofhope.com/wp-includes/css/log/ Cookie PHPSESSID=830a8ce261ad7db5d93ee9beba3d5dc0 Connection keep-alive Cache-Control no-cache Referer http://theambassadorsofhope.com/wp-includes/css/log/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Date Sat, 09 Dec 2017 18:57:31 GMT Last-Modified Tue, 13 Sep 2016 15:29:32 GMT Server Apache Connection close Accept-Ranges bytes Content-Length 1852 Content-Type text/css
GET H/1.1	200 OK	tpl.css theambassadorsofhope.com/wp-includes/css/log/css/	8 KB 8 KB	357ms 262ms	Stylesheet text/css	149.56.45.150 OVH
General Check archive.org Show headers Download Go to Full URL http://theambassadorsofhope.com/wp-includes/css/log/css/tpl.css Requested by Host: theambassadorsofhope.com URL: http://theambassadorsofhope.com/wp-includes/css/log/ Protocol HTTP/1.1 Server 149.56.45.150 Montréal, Canada, ASN16276 (OVH, FR), Reverse DNS 150.ip-149-56-45.net Software Apache / Resource Hash `c2e35bd240a2ad0e2e2e7b7cfd459a17645d051941ef0dd91561d6ef1127fe35` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host theambassadorsofhope.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept text/css,/;q=0.1 Referer http://theambassadorsofhope.com/wp-includes/css/log/ Cookie PHPSESSID=830a8ce261ad7db5d93ee9beba3d5dc0 Connection keep-alive Cache-Control no-cache Referer http://theambassadorsofhope.com/wp-includes/css/log/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Date Sat, 09 Dec 2017 18:57:31 GMT Last-Modified Tue, 20 Sep 2016 19:54:38 GMT Server Apache Connection close Accept-Ranges bytes Content-Length 7878 Content-Type text/css
GET H/1.1	200 OK	/ theambassadorsofhope.com/wp-includes/css/log/	43 KB 43 KB	372ms 276ms	Stylesheet text/css	149.56.45.150 OVH
General Check archive.org Show headers Download Go to Full URL http://theambassadorsofhope.com/wp-includes/css/log/?stl_css Requested by Host: theambassadorsofhope.com URL: http://theambassadorsofhope.com/wp-includes/css/log/ Protocol HTTP/1.1 Server 149.56.45.150 Montréal, Canada, ASN16276 (OVH, FR), Reverse DNS 150.ip-149-56-45.net Software Apache / PHP/5.5.33 Resource Hash `f1bf676645c5b78aa854881590fd828243464bd8969d8b6668a05a120859dd8e` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host theambassadorsofhope.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept text/css,/;q=0.1 Referer http://theambassadorsofhope.com/wp-includes/css/log/ Cookie PHPSESSID=830a8ce261ad7db5d93ee9beba3d5dc0 Connection keep-alive Cache-Control no-cache Referer http://theambassadorsofhope.com/wp-includes/css/log/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Pragma no-cache Date Sat, 09 Dec 2017 18:57:31 GMT Server Apache X-Powered-By PHP/5.5.33 Transfer-Encoding chunked Content-Type text/css Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection close Expires Thu, 19 Nov 1981 08:52:00 GMT
GET H/1.1	200 OK	jquery.min.js Show response theambassadorsofhope.com/wp-includes/css/log/js/	84 KB 84 KB	293ms 193ms	Script application/javascript	149.56.45.150 OVH
General Check archive.org Show headers Download Go to Full URL http://theambassadorsofhope.com/wp-includes/css/log/js/jquery.min.js Requested by Host: theambassadorsofhope.com URL: http://theambassadorsofhope.com/wp-includes/css/log/ Protocol HTTP/1.1 Server 149.56.45.150 Montréal, Canada, ASN16276 (OVH, FR), Reverse DNS 150.ip-149-56-45.net Software Apache / Resource Hash `8f95bcb9e3590a4ea4024e8e0730388f6a0eb4ac494e37286014738c61bca7b0` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host theambassadorsofhope.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept / Referer http://theambassadorsofhope.com/wp-includes/css/log/ Cookie PHPSESSID=830a8ce261ad7db5d93ee9beba3d5dc0 Connection keep-alive Cache-Control no-cache Referer http://theambassadorsofhope.com/wp-includes/css/log/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Date Sat, 09 Dec 2017 18:57:31 GMT Last-Modified Fri, 30 Jan 2015 16:58:26 GMT Server Apache Connection close Accept-Ranges bytes Content-Length 85880 Content-Type application/javascript
GET H/1.1	200 OK	jstz.min.js Show response theambassadorsofhope.com/wp-includes/css/log/js/	12 KB 12 KB	284ms 187ms	Script application/javascript	149.56.45.150 OVH
General Check archive.org Show headers Download Go to Full URL http://theambassadorsofhope.com/wp-includes/css/log/js/jstz.min.js Requested by Host: theambassadorsofhope.com URL: http://theambassadorsofhope.com/wp-includes/css/log/ Protocol HTTP/1.1 Server 149.56.45.150 Montréal, Canada, ASN16276 (OVH, FR), Reverse DNS 150.ip-149-56-45.net Software Apache / Resource Hash `4061658a40104af6acc8cdca88a582b3460571707b60f862b75d422f3d0fe877` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host theambassadorsofhope.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept / Referer http://theambassadorsofhope.com/wp-includes/css/log/ Cookie PHPSESSID=830a8ce261ad7db5d93ee9beba3d5dc0 Connection keep-alive Cache-Control no-cache Referer http://theambassadorsofhope.com/wp-includes/css/log/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Date Sat, 09 Dec 2017 18:57:31 GMT Last-Modified Sun, 28 Aug 2016 21:00:12 GMT Server Apache Connection close Accept-Ranges bytes Content-Length 12020 Content-Type application/javascript
GET H/1.1	200 OK	jquery.mobile.custom.min.js Show response theambassadorsofhope.com/wp-includes/css/log/js/	35 KB 35 KB	295ms 198ms	Script application/javascript	149.56.45.150 OVH
General Check archive.org Show headers Download Go to Full URL http://theambassadorsofhope.com/wp-includes/css/log/js/jquery.mobile.custom.min.js Requested by Host: theambassadorsofhope.com URL: http://theambassadorsofhope.com/wp-includes/css/log/ Protocol HTTP/1.1 Server 149.56.45.150 Montréal, Canada, ASN16276 (OVH, FR), Reverse DNS 150.ip-149-56-45.net Software Apache / Resource Hash `264fe373615bcf15c32ae6df08a6a2bc8a0844b5928af69f9f2967da07e78200` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host theambassadorsofhope.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept / Referer http://theambassadorsofhope.com/wp-includes/css/log/ Cookie PHPSESSID=830a8ce261ad7db5d93ee9beba3d5dc0 Connection keep-alive Cache-Control no-cache Referer http://theambassadorsofhope.com/wp-includes/css/log/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Date Sat, 09 Dec 2017 18:57:31 GMT Last-Modified Thu, 18 Aug 2016 19:37:06 GMT Server Apache Connection close Accept-Ranges bytes Content-Length 36140 Content-Type application/javascript
GET H/1.1	200 OK	jquery.browser.min.js Show response theambassadorsofhope.com/wp-includes/css/log/js/	2 KB 2 KB	705ms 351ms	Script application/javascript	149.56.45.150 OVH
General Check archive.org Show headers Download Go to Full URL http://theambassadorsofhope.com/wp-includes/css/log/js/jquery.browser.min.js Requested by Host: theambassadorsofhope.com URL: http://theambassadorsofhope.com/wp-includes/css/log/ Protocol HTTP/1.1 Server 149.56.45.150 Montréal, Canada, ASN16276 (OVH, FR), Reverse DNS 150.ip-149-56-45.net Software Apache / Resource Hash `beabd80773a4dc7327ac6864d464aac8c38538a3183d8fb049dbb07472dde32d` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host theambassadorsofhope.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept / Referer http://theambassadorsofhope.com/wp-includes/css/log/ Cookie PHPSESSID=830a8ce261ad7db5d93ee9beba3d5dc0 Connection keep-alive Cache-Control no-cache Referer http://theambassadorsofhope.com/wp-includes/css/log/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Date Sat, 09 Dec 2017 18:57:31 GMT Last-Modified Thu, 18 Aug 2016 19:36:02 GMT Server Apache Connection close Accept-Ranges bytes Content-Length 2234 Content-Type application/javascript
GET H/1.1	200 OK	serial.js Show response cazanova-store.info/	2 KB 2 KB	318ms 159ms	Script application/javascript	67.21.94.5 Sharktech
General Check archive.org Show headers Download Go to Full URL http://cazanova-store.info/serial.js?_=1512845852288 Requested by Host: theambassadorsofhope.com URL: http://theambassadorsofhope.com/wp-includes/css/log/js/jquery.min.js Protocol HTTP/1.1 Server 67.21.94.5 Chicago, United States, ASN46844 (ST-BGP - Sharktech, US), Reverse DNS Software Apache / Resource Hash `fe6d45d3874fe2bc51aeefcc75f98539d2a2054e00fb51ea2aaecaa95e732cb9` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host cazanova-store.info User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept / Referer http://theambassadorsofhope.com/wp-includes/css/log/ Connection keep-alive Cache-Control no-cache Referer http://theambassadorsofhope.com/wp-includes/css/log/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Date Sat, 09 Dec 2017 18:57:32 GMT Last-Modified Wed, 08 Nov 2017 10:48:18 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 2144
GET H/1.1	200 OK	login.php Show response theambassadorsofhope.com/wp-includes/css/log/	5 KB 6 KB	299ms 202ms	XHR text/html	149.56.45.150 OVH
General Check archive.org Show headers Download Go to Full URL http://theambassadorsofhope.com/wp-includes/css/log/login.php Requested by Host: theambassadorsofhope.com URL: http://theambassadorsofhope.com/wp-includes/css/log/js/jquery.min.js Protocol HTTP/1.1 Server 149.56.45.150 Montréal, Canada, ASN16276 (OVH, FR), Reverse DNS 150.ip-149-56-45.net Software Apache / PHP/5.5.33 Resource Hash `b8b6811063a0370f2cffac57d07c64cd404c1b674f5595516c32fbb1035aa8c1` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host theambassadorsofhope.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept text/html, /; q=0.01 Referer http://theambassadorsofhope.com/wp-includes/css/log/ X-Requested-With XMLHttpRequest Cookie PHPSESSID=830a8ce261ad7db5d93ee9beba3d5dc0 Connection keep-alive Cache-Control no-cache Accept text/html, /; q=0.01 Referer http://theambassadorsofhope.com/wp-includes/css/log/ X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Date Sat, 09 Dec 2017 18:57:32 GMT Server Apache Connection close X-Powered-By PHP/5.5.33 Transfer-Encoding chunked Content-Type text/html
GET H/1.1	200 OK	script.js Show response theambassadorsofhope.com/wp-includes/css/log/js/	12 KB 0	236ms 141ms	XHR application/javascript	149.56.45.150 OVH
General Check archive.org Show headers Download Go to Full URL http://theambassadorsofhope.com/wp-includes/css/log/js/script.js?_=1512845852289 Requested by Host: theambassadorsofhope.com URL: http://theambassadorsofhope.com/wp-includes/css/log/js/jquery.min.js Protocol HTTP/1.1 Server 149.56.45.150 Montréal, Canada, ASN16276 (OVH, FR), Reverse DNS 150.ip-149-56-45.net Software Apache / Resource Hash `e206399a5f712e08f45eea6d658cd3ec70adb15fd0aa3dbe32720ca2fe2dad91` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host theambassadorsofhope.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, /; q=0.01 Referer http://theambassadorsofhope.com/wp-includes/css/log/ X-Requested-With XMLHttpRequest Cookie PHPSESSID=830a8ce261ad7db5d93ee9beba3d5dc0 Connection keep-alive Cache-Control no-cache Accept text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, /; q=0.01 Referer http://theambassadorsofhope.com/wp-includes/css/log/ X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Date Sat, 09 Dec 2017 18:57:32 GMT Last-Modified Mon, 30 Jan 2017 16:55:18 GMT Server Apache Connection close Accept-Ranges bytes Content-Length 11789 Content-Type application/javascript
POST H/1.1	200 OK	visit.php Show response theambassadorsofhope.com/wp-includes/css/log/inc/	0 0	358ms 256ms	XHR text/html	149.56.45.150 OVH
General Check archive.org Show headers Download Go to Full URL http://theambassadorsofhope.com/wp-includes/css/log/inc/visit.php Requested by Host: theambassadorsofhope.com URL: http://theambassadorsofhope.com/wp-includes/css/log/js/jquery.min.js Protocol HTTP/1.1 Server 149.56.45.150 Montréal, Canada, ASN16276 (OVH, FR), Reverse DNS 150.ip-149-56-45.net Software Apache / PHP/5.5.33 Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Pragma no-cache Origin http://theambassadorsofhope.com Accept-Encoding gzip, deflate Host theambassadorsofhope.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Accept / Cache-Control no-cache X-Requested-With XMLHttpRequest Cookie PHPSESSID=830a8ce261ad7db5d93ee9beba3d5dc0 Connection keep-alive Referer http://theambassadorsofhope.com/wp-includes/css/log/ Content-Length 77 Accept / Referer http://theambassadorsofhope.com/wp-includes/css/log/ Origin http://theambassadorsofhope.com X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Sat, 09 Dec 2017 18:57:33 GMT Server Apache Connection close X-Powered-By PHP/5.5.33 Content-Length 0 Content-Type text/html
GET H/1.1	200 OK	logo0.svg theambassadorsofhope.com/wp-includes/css/log/img/	5 KB 5 KB	294ms 196ms	Image image/svg+xml	149.56.45.150 OVH
General Check archive.org Show headers Download Go to Show image Full URL http://theambassadorsofhope.com/wp-includes/css/log/img/logo0.svg Protocol HTTP/1.1 Server 149.56.45.150 Montréal, Canada, ASN16276 (OVH, FR), Reverse DNS 150.ip-149-56-45.net Software Apache / Resource Hash `b3cc50b9e94bbecaaeb1079b64b8ca50616d1732824964c1cc2c5422627a0ec5` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host theambassadorsofhope.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://theambassadorsofhope.com/wp-includes/css/log/?stl_css Cookie PHPSESSID=830a8ce261ad7db5d93ee9beba3d5dc0 Connection keep-alive Cache-Control no-cache Referer http://theambassadorsofhope.com/wp-includes/css/log/?stl_css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Date Sat, 09 Dec 2017 18:57:33 GMT Last-Modified Wed, 06 Jul 2016 17:18:42 GMT Server Apache Connection close Accept-Ranges bytes Content-Length 4945 Content-Type image/svg+xml
GET H/1.1	200 OK	error_icon.png theambassadorsofhope.com/wp-includes/css/log/img/	809 B 809 B	285ms 181ms	Image image/png	149.56.45.150 OVH
General Check archive.org Show headers Download Go to Show image Full URL http://theambassadorsofhope.com/wp-includes/css/log/img/error_icon.png Protocol HTTP/1.1 Server 149.56.45.150 Montréal, Canada, ASN16276 (OVH, FR), Reverse DNS 150.ip-149-56-45.net Software Apache / Resource Hash `5789d40d0824ee59ad95601cd34f0fb4d93bdc5a65f5fd93d8ed713373acfb93` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host theambassadorsofhope.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://theambassadorsofhope.com/wp-includes/css/log/?stl_css Cookie PHPSESSID=830a8ce261ad7db5d93ee9beba3d5dc0 Connection keep-alive Cache-Control no-cache Referer http://theambassadorsofhope.com/wp-includes/css/log/?stl_css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Date Sat, 09 Dec 2017 18:57:33 GMT Last-Modified Wed, 06 Jul 2016 17:14:18 GMT Server Apache Connection close Accept-Ranges bytes Content-Length 809 Content-Type image/png
GET H/1.1	200 OK	PayPalSansBig-Regular.woff2 theambassadorsofhope.com/wp-includes/css/log/font/	38 KB 38 KB	284ms 190ms	Font application/octet-stream	149.56.45.150 OVH
General Check archive.org Show headers Download Go to Full URL http://theambassadorsofhope.com/wp-includes/css/log/font/PayPalSansBig-Regular.woff2 Protocol HTTP/1.1 Server 149.56.45.150 Montréal, Canada, ASN16276 (OVH, FR), Reverse DNS 150.ip-149-56-45.net Software Apache / Resource Hash `2351bbc39303736cd3a670db10427adc13c256dd6b639f0545bfd104947d3427` Request headers Pragma no-cache Origin http://theambassadorsofhope.com Accept-Encoding gzip, deflate Host theambassadorsofhope.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept / Referer http://theambassadorsofhope.com/wp-includes/css/log/css/fonts.css Cookie PHPSESSID=830a8ce261ad7db5d93ee9beba3d5dc0 Connection keep-alive Cache-Control no-cache User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Referer http://theambassadorsofhope.com/wp-includes/css/log/css/fonts.css Origin http://theambassadorsofhope.com Response headers Date Sat, 09 Dec 2017 18:57:33 GMT Last-Modified Wed, 08 Jun 2016 16:50:06 GMT Server Apache Connection close Accept-Ranges bytes Content-Length 39021
GET H/1.1	200 OK	PayPalSansSmall-Regular.woff2 theambassadorsofhope.com/wp-includes/css/log/font/	36 KB 36 KB	290ms 202ms	Font application/octet-stream	149.56.45.150 OVH
General Check archive.org Show headers Download Go to Full URL http://theambassadorsofhope.com/wp-includes/css/log/font/PayPalSansSmall-Regular.woff2 Protocol HTTP/1.1 Server 149.56.45.150 Montréal, Canada, ASN16276 (OVH, FR), Reverse DNS 150.ip-149-56-45.net Software Apache / Resource Hash `fbc9938e7f80cc983bbdfe777b736364fec34f493d20a81f84b5c67b6bc0c24e` Request headers Pragma no-cache Origin http://theambassadorsofhope.com Accept-Encoding gzip, deflate Host theambassadorsofhope.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept / Referer http://theambassadorsofhope.com/wp-includes/css/log/css/fonts.css Cookie PHPSESSID=830a8ce261ad7db5d93ee9beba3d5dc0 Connection keep-alive Cache-Control no-cache User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Referer http://theambassadorsofhope.com/wp-includes/css/log/css/fonts.css Origin http://theambassadorsofhope.com Response headers Date Sat, 09 Dec 2017 18:57:33 GMT Last-Modified Wed, 08 Jun 2016 16:50:06 GMT Server Apache Connection close Accept-Ranges bytes Content-Length 37186

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: PayPal (Financial)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			theambassadorsofhope.com/	1970-01-01 00:00:00	Name: PHPSESSID Value: 830a8ce261ad7db5d93ee9beba3d5dc0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	(Line 1) Message:

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cazanova-store.info
theambassadorsofhope.com
www.technocity.lk
108.61.130.114
149.56.45.150
67.21.94.5
2351bbc39303736cd3a670db10427adc13c256dd6b639f0545bfd104947d3427
264fe373615bcf15c32ae6df08a6a2bc8a0844b5928af69f9f2967da07e78200
4061658a40104af6acc8cdca88a582b3460571707b60f862b75d422f3d0fe877
54b1443653510af51b5299ed54e08d119ba3eecdfaf8e6f2292462967702ed14
5789d40d0824ee59ad95601cd34f0fb4d93bdc5a65f5fd93d8ed713373acfb93
8f95bcb9e3590a4ea4024e8e0730388f6a0eb4ac494e37286014738c61bca7b0
98be9e18dbd98746dbf8bcaebac1c4b274885e8c659f2b81de0b76d48bb1edc4
b3cc50b9e94bbecaaeb1079b64b8ca50616d1732824964c1cc2c5422627a0ec5
b8b6811063a0370f2cffac57d07c64cd404c1b674f5595516c32fbb1035aa8c1
beabd80773a4dc7327ac6864d464aac8c38538a3183d8fb049dbb07472dde32d
c2e35bd240a2ad0e2e2e7b7cfd459a17645d051941ef0dd91561d6ef1127fe35
e206399a5f712e08f45eea6d658cd3ec70adb15fd0aa3dbe32720ca2fe2dad91
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9bc5c68b4c2906d7f410f36d03b3557b782fb893210fd802ea28a0e05aa2458
f1bf676645c5b78aa854881590fd828243464bd8969d8b6668a05a120859dd8e
fbc9938e7f80cc983bbdfe777b736364fec34f493d20a81f84b5c67b6bc0c24e
fe6d45d3874fe2bc51aeefcc75f98539d2a2054e00fb51ea2aaecaa95e732cb9

theambassadorsofhope.com Open in urlscan Pro 149.56.45.150 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

17 Requests

0 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

273 kBTransfer

295 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

9 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

theambassadorsofhope.com Open in urlscan Pro
149.56.45.150 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

0 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

273 kB
Transfer

295 kB
Size

1
Cookies

17 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!