municastilla.gob.pe Open in urlscan Pro
184.175.86.170 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://municastilla.gob.pe/biblioteca/slider/css/tmp/bofmerica/pin-security.php
Submission: On September 24 via api (September 24th 2020, 2:01:43 am UTC) from QA

Summary HTTP 20 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 20 HTTP transactions. The main IP is 184.175.86.170, located in St Louis, United States and belongs to CYBERCON, US. The main domain is municastilla.gob.pe.

This is the only time municastilla.gob.pe was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Bank of America (Banking)

Domain & IP information

	IP Address		AS Autonomous System
10	184.175.86.170 184.175.86.170		7393 (CYBERCON) (CYBERCON)
2	2606:4700:20:... 2606:4700:20::681a:cc8		13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.246.162.154 54.246.162.154		16509 (AMAZON-02) (AMAZON-02)
2	130.61.96.156 130.61.96.156		31898 (ORACLE-BM...) (ORACLE-BMC-31898)
20	5

10 184.175.86.170 (St Louis, United States)

ASN7393 (CYBERCON, US)
PTR: municastilla.hpservidor.com

municastilla.gob.pe	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:cc8 (United States)

ASN13335 (CLOUDFLARENET, US)

hosting.miarroba.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.246.162.154 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-162-154.eu-west-1.compute.amazonaws.com

des.smartclip.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.61.96.156 (Frankfurt am Main, Germany)

ASN31898 (ORACLE-BMC-31898, US)

cdn.smartclip-services.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	municastilla.gob.pe municastilla.gob.pe	659 KB
2	smartclip-services.com cdn.smartclip-services.com	22 KB
2	miarroba.info hosting.miarroba.info	977 B
1	smartclip.net des.smartclip.net	2 KB
0	bankofamerica.com Failed www.bankofamerica.com Failed
20	5

	Domain	Requested by
10	municastilla.gob.pe	municastilla.gob.pe
2	cdn.smartclip-services.com	des.smartclip.net cdn.smartclip-services.com
2	hosting.miarroba.info	municastilla.gob.pe
1	des.smartclip.net	municastilla.gob.pe
0	www.bankofamerica.com Failed	municastilla.gob.pe
20	5

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-16` - `2021-07-16`	a year	crt.sh
*.smartclip-services.com Sectigo RSA Domain Validation Secure Server CA	`2019-12-30` - `2021-12-29`	2 years	crt.sh

This page contains 2 frames:

Primary Page: http://municastilla.gob.pe/biblioteca/slider/css/tmp/bofmerica/pin-security.php
Frame ID: B7DDA78641B6073F7885B70CE9C214CB
Requests: 19 HTTP requests in this frame

Frame: http://hosting.miarroba.info/607f6b0b381bbc1f64fa027d62891072_cookie.php
Frame ID: B613193DA698D2745864AF1553927574
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

20
Requests

15 %
HTTPS

25 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

684 kB
Transfer

741 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request pin-security.php Show response municastilla.gob.pe/biblioteca/slider/css/tmp/bofmerica/	19 KB 19 KB	491ms 346ms	Document text/html	184.175.86.170 CYBERCON
General Check archive.org Show headers Download Go to Full URL http://municastilla.gob.pe/biblioteca/slider/css/tmp/bofmerica/pin-security.php Protocol HTTP/1.1 Server 184.175.86.170 St Louis, United States, ASN7393 (CYBERCON, US), Reverse DNS municastilla.hpservidor.com Software Apache / Resource Hash `e134f6b779d02c94f5a928e2373df1a98d795f0aac6d37f9d7132c6d3f9391f4` Request headers Host municastilla.gob.pe Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 24 Sep 2020 02:01:12 GMT Server Apache Keep-Alive timeout=5, max=100 Connection Keep-Alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	404 Not Found	f.txt municastilla.gob.pe/biblioteca/slider/css/pagead2.googlesyndication.com/pagead/js/	0 0	240ms 225ms	Script text/html	184.175.86.170 CYBERCON
General Check archive.org Show headers Download Go to Full URL http://municastilla.gob.pe/biblioteca/slider/css/pagead2.googlesyndication.com/pagead/js/f.txt Requested by Host: municastilla.gob.pe URL: http://municastilla.gob.pe/biblioteca/slider/css/tmp/bofmerica/pin-security.php Protocol HTTP/1.1 Server 184.175.86.170 St Louis, United States, ASN7393 (CYBERCON, US), Reverse DNS municastilla.hpservidor.com Software Apache / Resource Hash Request headers Referer http://municastilla.gob.pe/biblioteca/slider/css/tmp/bofmerica/pin-security.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 24 Sep 2020 02:01:12 GMT Server Apache Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 613 Content-Type text/html
GET H/1.1	200 OK	vipaa-v4-jawr.css municastilla.gob.pe/biblioteca/slider/css/tmp/bofmerica/source/	448 KB 448 KB	237ms 222ms	Stylesheet text/css	184.175.86.170 CYBERCON
General Check archive.org Show headers Download Go to Full URL http://municastilla.gob.pe/biblioteca/slider/css/tmp/bofmerica/source/vipaa-v4-jawr.css Requested by Host: municastilla.gob.pe URL: http://municastilla.gob.pe/biblioteca/slider/css/tmp/bofmerica/pin-security.php Protocol HTTP/1.1 Server 184.175.86.170 St Louis, United States, ASN7393 (CYBERCON, US), Reverse DNS municastilla.hpservidor.com Software Apache / Resource Hash `b9e44bdbc016c6933f947fa4951e20b94d59ebefecd7a2ac09ef176a93387c7b` Request headers Referer http://municastilla.gob.pe/biblioteca/slider/css/tmp/bofmerica/pin-security.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 24 Sep 2020 02:01:12 GMT Last-Modified Fri, 18 Sep 2020 13:01:19 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 458763
GET H/1.1	200 OK	jquery.min.js Show response municastilla.gob.pe/biblioteca/slider/css/tmp/bofmerica/frostEdit/libs/jquery/3.4.1/	86 KB 86 KB	229ms 214ms	Script application/javascript	184.175.86.170 CYBERCON
General Check archive.org Show headers Download Go to Full URL http://municastilla.gob.pe/biblioteca/slider/css/tmp/bofmerica/frostEdit/libs/jquery/3.4.1/jquery.min.js Requested by Host: municastilla.gob.pe URL: http://municastilla.gob.pe/biblioteca/slider/css/tmp/bofmerica/pin-security.php Protocol HTTP/1.1 Server 184.175.86.170 St Louis, United States, ASN7393 (CYBERCON, US), Reverse DNS municastilla.hpservidor.com Software Apache / Resource Hash `0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a` Request headers Referer http://municastilla.gob.pe/biblioteca/slider/css/tmp/bofmerica/pin-security.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 24 Sep 2020 02:01:12 GMT Last-Modified Fri, 18 Sep 2020 13:01:19 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 88145
GET H/1.1	200 OK	BofA_rgb.png municastilla.gob.pe/biblioteca/slider/css/tmp/bofmerica/Images/	38 KB 39 KB	115ms 114ms	Image image/png	184.175.86.170 CYBERCON
General Check archive.org Show headers Download Go to Show image Full URL http://municastilla.gob.pe/biblioteca/slider/css/tmp/bofmerica/Images/BofA_rgb.png Requested by Host: municastilla.gob.pe URL: http://municastilla.gob.pe/biblioteca/slider/css/tmp/bofmerica/pin-security.php Protocol HTTP/1.1 Server 184.175.86.170 St Louis, United States, ASN7393 (CYBERCON, US), Reverse DNS municastilla.hpservidor.com Software Apache / Resource Hash `30652cee5990b3b76f6cbf6f26362be9254dd62b4c6e6003c1127d1484573787` Request headers Referer http://municastilla.gob.pe/biblioteca/slider/css/tmp/bofmerica/pin-security.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 24 Sep 2020 02:01:13 GMT Last-Modified Fri, 18 Sep 2020 13:01:19 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 39422
GET H/1.1	200 OK	mobile_llama.png municastilla.gob.pe/biblioteca/slider/css/tmp/bofmerica/Images/	19 KB 19 KB	121ms 121ms	Image image/png	184.175.86.170 CYBERCON
General Check archive.org Show headers Download Go to Show image Full URL http://municastilla.gob.pe/biblioteca/slider/css/tmp/bofmerica/Images/mobile_llama.png Requested by Host: municastilla.gob.pe URL: http://municastilla.gob.pe/biblioteca/slider/css/tmp/bofmerica/pin-security.php Protocol HTTP/1.1 Server 184.175.86.170 St Louis, United States, ASN7393 (CYBERCON, US), Reverse DNS municastilla.hpservidor.com Software Apache / Resource Hash `6bb1d4b1b719488b9812d1fb67b41b03857eec8f4e0a4d46a8066574037d817a` Request headers Referer http://municastilla.gob.pe/biblioteca/slider/css/tmp/bofmerica/pin-security.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 24 Sep 2020 02:01:13 GMT Last-Modified Fri, 18 Sep 2020 13:01:19 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 19167
GET H/1.1	404 Not Found	gtm5445.html municastilla.gob.pe/biblioteca/slider/css/www.googletagmanager.com/	0 0	114ms 114ms	Script text/html	184.175.86.170 CYBERCON
General Check archive.org Show headers Download Go to Full URL http://municastilla.gob.pe/biblioteca/slider/css/www.googletagmanager.com/gtm5445.html?id=GTM-T2VG59 Requested by Host: municastilla.gob.pe URL: http://municastilla.gob.pe/biblioteca/slider/css/tmp/bofmerica/pin-security.php Protocol HTTP/1.1 Server 184.175.86.170 St Louis, United States, ASN7393 (CYBERCON, US), Reverse DNS municastilla.hpservidor.com Software Apache / Resource Hash Request headers Referer http://municastilla.gob.pe/biblioteca/slider/css/tmp/bofmerica/pin-security.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 24 Sep 2020 02:01:13 GMT Server Apache Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 613 Content-Type text/html
GET H/1.1	200 OK	vipaa-v4-jawr-print.css municastilla.gob.pe/biblioteca/slider/css/tmp/bofmerica/source/	10 KB 10 KB	122ms 121ms	Stylesheet text/css	184.175.86.170 CYBERCON
General Check archive.org Show headers Download Go to Full URL http://municastilla.gob.pe/biblioteca/slider/css/tmp/bofmerica/source/vipaa-v4-jawr-print.css Requested by Host: municastilla.gob.pe URL: http://municastilla.gob.pe/biblioteca/slider/css/tmp/bofmerica/pin-security.php Protocol HTTP/1.1 Server 184.175.86.170 St Louis, United States, ASN7393 (CYBERCON, US), Reverse DNS municastilla.hpservidor.com Software Apache / Resource Hash `892981e91f766052cef3c087111050bf8396443882602cadd36b5963fdcd37be` Request headers Referer http://municastilla.gob.pe/biblioteca/slider/css/tmp/bofmerica/pin-security.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 24 Sep 2020 02:01:13 GMT Last-Modified Fri, 18 Sep 2020 13:01:19 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 10013
GET H2	200	/ Show response hosting.miarroba.info/	1 KB 977 B	198ms 182ms	Script application/javascript	2606:4700:20::681a:cc8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hosting.miarroba.info/?__muid=44ea2e90b2cdfd7bc177e53c3e7e877db57d31de&h=1969761&t=1589472951&k=98231aabc225c56398d4caab3958b6a1 Requested by Host: municastilla.gob.pe URL: http://municastilla.gob.pe/biblioteca/slider/css/tmp/bofmerica/pin-security.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:cc8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b1129773eee1737538c8190a202438149cbd023c1cf50b994bb9298c466844c1` Request headers Referer http://municastilla.gob.pe/biblioteca/slider/css/tmp/bofmerica/pin-security.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers cf-ray 5d78ea902c392c56-FRA pragma no-cache date Thu, 24 Sep 2020 02:01:13 GMT content-encoding br cf-cache-status DYNAMIC last-modified Thu, 24 Sep 2020 02:01:13 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding p3p CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" status 200 cache-control no-cache content-type application/javascript; charset=iso-8859-1 cf-request-id 055f70ee1700002c5693a54200000001 expires Mon, 26 Jul 1997 05:00:00 GMT
GET		fsd-secure-esp-sprite.png www.bankofamerica.com/pa/components/modules/header-module/2.8/graphic/	0 0

GET		help-qm-fsd.png www.bankofamerica.com/pa/global-assets/1.0/graphic/	0 0

GET		sign-in-sprite.png www.bankofamerica.com/pa/global-assets/1.0/graphic/	0 0

GET		gfootb-static-sprite.png www.bankofamerica.com/pa/components/modules/global-footer-module/2.5/graphic/	0 0

GET		gfoot-home-icon.png www.bankofamerica.com/pa/components/modules/global-footer-module/2.5/graphic/	0 0

GET H/1.1	200 OK	cnx-regular.woff municastilla.gob.pe/biblioteca/slider/css/tmp/bofmerica/source/	37 KB 38 KB	122ms 121ms	Font font/woff	184.175.86.170 CYBERCON
General Check archive.org Show headers Download Go to Full URL http://municastilla.gob.pe/biblioteca/slider/css/tmp/bofmerica/source/cnx-regular.woff Requested by Host: municastilla.gob.pe URL: http://municastilla.gob.pe/biblioteca/slider/css/tmp/bofmerica/pin-security.php Protocol HTTP/1.1 Server 184.175.86.170 St Louis, United States, ASN7393 (CYBERCON, US), Reverse DNS municastilla.hpservidor.com Software Apache / Resource Hash `1c1b1ebfcdafd18df832e97201c689f62c2667791ce18a2c08a8fc3002884957` Request headers Origin http://municastilla.gob.pe Referer http://municastilla.gob.pe/biblioteca/slider/css/tmp/bofmerica/pin-security.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 24 Sep 2020 02:01:13 GMT Last-Modified Fri, 18 Sep 2020 13:01:19 GMT Server Apache Content-Type font/woff Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 38220
GET H/1.1	200	ads Show response des.smartclip.net/	3 KB 2 KB	74ms 53ms	Script application/javascript	54.246.162.154 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://des.smartclip.net/ads?type=dyn&plc=75133&elementId=44ea2e90b2cdfd7bc177e53c3e7e877db57d31de&sz=400x320&rnd=97497257 Requested by Host: municastilla.gob.pe URL: http://municastilla.gob.pe/biblioteca/slider/css/tmp/bofmerica/pin-security.php Protocol HTTP/1.1 Server 54.246.162.154 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-246-162-154.eu-west-1.compute.amazonaws.com Software nginx/1.17.6 / Resource Hash `8c16a2d5f893c3f69a74780b4379dc473e403f2a51af889f6650db9fd90a018e` Request headers Referer http://municastilla.gob.pe/biblioteca/slider/css/tmp/bofmerica/pin-security.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 24 Sep 2020 02:01:13 GMT Content-Encoding gzip Sc-Supply-Network 999999 Vary Accept-Encoding P3P CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Sc-Uuid 58eff03b-6d4d-4080-822b-c83d8e91d8a0 Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Credentials true Content-Type application/javascript; charset=utf-8 Sc-Device-Type PC Server nginx/1.17.6
GET H/1.1	404 Not Found	lz_loaderad05.js municastilla.gob.pe/biblioteca/slider/css/img.sunmediaads.com/ads/	0 0	232ms 218ms	Script text/html	184.175.86.170 CYBERCON
General Check archive.org Show headers Download Go to Full URL http://municastilla.gob.pe/biblioteca/slider/css/img.sunmediaads.com/ads/lz_loaderad05.js?ver=1.4 Requested by Host: municastilla.gob.pe URL: http://municastilla.gob.pe/biblioteca/slider/css/tmp/bofmerica/pin-security.php Protocol HTTP/1.1 Server 184.175.86.170 St Louis, United States, ASN7393 (CYBERCON, US), Reverse DNS municastilla.hpservidor.com Software Apache / Resource Hash Request headers Referer http://municastilla.gob.pe/biblioteca/slider/css/tmp/bofmerica/pin-security.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 24 Sep 2020 02:01:13 GMT Server Apache Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 613 Content-Type text/html
POST H/1.1	200 OK	Cookie set 607f6b0b381bbc1f64fa027d62891072_cookie.php hosting.miarroba.info/ Frame B613	0 0	96ms 90ms	Document text/html	2606:4700:20::681a:cc8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://hosting.miarroba.info/607f6b0b381bbc1f64fa027d62891072_cookie.php Requested by Host: municastilla.gob.pe URL: http://municastilla.gob.pe/biblioteca/slider/css/tmp/bofmerica/pin-security.php Protocol HTTP/1.1 Server 2606:4700:20::681a:cc8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Host hosting.miarroba.info Connection keep-alive Content-Length 162 Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 Origin http://municastilla.gob.pe Content-Type application/x-www-form-urlencoded User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://municastilla.gob.pe/biblioteca/slider/css/tmp/bofmerica/pin-security.php Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 Origin http://municastilla.gob.pe Content-Type application/x-www-form-urlencoded User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://municastilla.gob.pe/biblioteca/slider/css/tmp/bofmerica/pin-security.php Response headers Date Thu, 24 Sep 2020 02:01:13 GMT Content-Type text/html; charset=iso-8859-1 Transfer-Encoding chunked Connection keep-alive Set-Cookie __cfduid=dee4e1c84643456b5396714febb7aa6111600912873; expires=Sat, 24-Oct-20 02:01:13 GMT; path=/; domain=.miarroba.info; HttpOnly; SameSite=Lax __weslvu=1600912873; expires=Thu, 24-Sep-2020 03:01:13 GMT; Max-Age=3600; path=/; domain=hosting.miarroba.info Vary Accept-Encoding CF-Cache-Status DYNAMIC cf-request-id 055f70efa500001f29f2a5b200000001 Server cloudflare CF-RAY 5d78ea92a8421f29-FRA Content-Encoding gzip
GET H/1.1	200 OK	ava.js Show response cdn.smartclip-services.com/v1/Storage-a482323/smartclip-services/ava/	77 KB 20 KB	142ms 28ms	Script application/javascript	130.61.96.156 ORACLE-BMC-31898
General Check archive.org Show headers Download Go to Full URL https://cdn.smartclip-services.com/v1/Storage-a482323/smartclip-services/ava/ava.js Requested by Host: des.smartclip.net URL: http://des.smartclip.net/ads?type=dyn&plc=75133&elementId=44ea2e90b2cdfd7bc177e53c3e7e877db57d31de&sz=400x320&rnd=97497257 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 130.61.96.156 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US), Reverse DNS Software / Resource Hash `1096870fd03a4c60ecc4cd976a62a9895d729c9aab335a2bb8039c9d6e54c65e` Request headers Referer http://municastilla.gob.pe/biblioteca/slider/css/tmp/bofmerica/pin-security.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma public Date Thu, 24 Sep 2020 02:01:13 GMT Content-Encoding gzip Last-Modified Thu, 10 Sep 2020 13:01:18 GMT ETag W/"5f5a239e-13448" Transfer-Encoding chunked Content-Type application/javascript Cache-Control max-age=259200, public Connection keep-alive Expires Sun, 27 Sep 2020 02:01:13 GMT
GET H/1.1	200 OK	miarroba.js Show response cdn.smartclip-services.com/v1/Storage-a482323/smartclip-services/ava/config/	2 KB 2 KB	26ms 25ms	Script application/javascript	130.61.96.156 ORACLE-BMC-31898
General Check archive.org Show headers Download Go to Full URL https://cdn.smartclip-services.com/v1/Storage-a482323/smartclip-services/ava/config/miarroba.js Requested by Host: cdn.smartclip-services.com URL: https://cdn.smartclip-services.com/v1/Storage-a482323/smartclip-services/ava/ava.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 130.61.96.156 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US), Reverse DNS Software / Resource Hash `5ca135a11dd328f28a83a60625f8644eaf40ebbe43b29e364f88d947bfd21c71` Request headers Referer http://municastilla.gob.pe/biblioteca/slider/css/tmp/bofmerica/pin-security.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 24 Sep 2020 02:01:13 GMT Last-Modified Fri, 18 Sep 2020 09:24:13 GMT ETag "5f647cbd-730" Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Expose-Headers Content-Length,Content-Range Cache-Control max-age=86400 Connection keep-alive Accept-Ranges bytes Access-Control-Allow-Headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range Content-Length 1840 Expires Fri, 25 Sep 2020 02:01:13 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.bankofamerica.com
URL: https://www.bankofamerica.com/pa/components/modules/header-module/2.8/graphic/fsd-secure-esp-sprite.png

Domain: www.bankofamerica.com
URL: https://www.bankofamerica.com/pa/global-assets/1.0/graphic/help-qm-fsd.png

Domain: www.bankofamerica.com
URL: https://www.bankofamerica.com/pa/global-assets/1.0/graphic/sign-in-sprite.png

Domain: www.bankofamerica.com
URL: https://www.bankofamerica.com/pa/components/modules/global-footer-module/2.5/graphic/gfootb-static-sprite.png

Domain: www.bankofamerica.com
URL: https://www.bankofamerica.com/pa/components/modules/global-footer-module/2.5/graphic/gfoot-home-icon.png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Bank of America (Banking)

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes object| dataLayer object| adsbygoogle function| $ function| jQuery function| HandleError function| ValidarFecha function| getCardType function| luhnCheck function| controltag object| s string| t object| lz_elem object| SmartIntxt object| SMCV object| bInfo function| SmxSender object| _smxSender function| logIfPlayerIsInView function| checkContainerWasInView function| getGuid function| generateGuid function| initializeLogging boolean| sc_ava string| sc_guid object| SmartAva object| SmartInphoto object| VideoManager function| getNetworkInfo function| recalculateScrollTimes boolean| __smxDataSent object| __smxLogData object| SC_QueryString object| Site_conf object| w

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.smartclip-services.com
des.smartclip.net
hosting.miarroba.info
municastilla.gob.pe
www.bankofamerica.com
www.bankofamerica.com
130.61.96.156
184.175.86.170
2606:4700:20::681a:cc8
54.246.162.154
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
1096870fd03a4c60ecc4cd976a62a9895d729c9aab335a2bb8039c9d6e54c65e
1c1b1ebfcdafd18df832e97201c689f62c2667791ce18a2c08a8fc3002884957
30652cee5990b3b76f6cbf6f26362be9254dd62b4c6e6003c1127d1484573787
5ca135a11dd328f28a83a60625f8644eaf40ebbe43b29e364f88d947bfd21c71
6bb1d4b1b719488b9812d1fb67b41b03857eec8f4e0a4d46a8066574037d817a
892981e91f766052cef3c087111050bf8396443882602cadd36b5963fdcd37be
8c16a2d5f893c3f69a74780b4379dc473e403f2a51af889f6650db9fd90a018e
b1129773eee1737538c8190a202438149cbd023c1cf50b994bb9298c466844c1
b9e44bdbc016c6933f947fa4951e20b94d59ebefecd7a2ac09ef176a93387c7b
e134f6b779d02c94f5a928e2373df1a98d795f0aac6d37f9d7132c6d3f9391f4