capetownrelief.com Open in urlscan Pro
35.177.76.153 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bankofamerica-d.live/
Effective URL:
https://capetownrelief.com/boa-login/index.php
Submission: On October 21 via automatic, source certstream-suspicious (October 21st 2019, 3:02:58 pm UTC)

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 16 HTTP transactions. The main IP is 35.177.76.153, located in London, United Kingdom and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is capetownrelief.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on October 20th 2019. Valid for: 3 months.

This is the only time capetownrelief.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Bank of America (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 1	35.160.246.24 35.160.246.24	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 17	35.177.76.153 35.177.76.153	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
16	1

1 35.160.246.24 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-160-246-24.us-west-2.compute.amazonaws.com

bankofamerica-d.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 35.177.76.153 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-177-76-153.eu-west-2.compute.amazonaws.com

capetownrelief.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	capetownrelief.com 1 redirects capetownrelief.com	524 KB
1	bankofamerica-d.live 1 redirects bankofamerica-d.live	240 B
16	2

	Domain	Requested by
17	capetownrelief.com	1 redirects capetownrelief.com
1	bankofamerica-d.live	1 redirects
16	2

This site contains no links.

Subject Issuer	Validity	Valid
capetownrelief.com cPanel, Inc. Certification Authority	`2019-10-20` - `2020-01-18`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://capetownrelief.com/boa-login/index.php
Frame ID: BEAA7F7C314FBB65DBD32FC62375FC6B
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://bankofamerica-d.live/ HTTP 307
https://capetownrelief.com/boa-login/dir.php HTTP 302
https://capetownrelief.com/boa-login/index.php Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

16
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

524 kB
Transfer

520 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bankofamerica-d.live/ HTTP 307
https://capetownrelief.com/boa-login/dir.php HTTP 302
https://capetownrelief.com/boa-login/index.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set index.php Show response capetownrelief.com/boa-login/ Redirect Chain https://bankofamerica-d.live/ https://capetownrelief.com/boa-login/dir.php https://capetownrelief.com/boa-login/index.php	8 KB 8 KB	41ms 40ms	Document text/html	35.177.76.153 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://capetownrelief.com/boa-login/index.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.177.76.153 London, United Kingdom, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-35-177-76-153.eu-west-2.compute.amazonaws.com Software Apache / Resource Hash `4a25e103d4e9e05ecc60b8b1e206df3323c35e83178386e1631a99646aa73eaa` Request headers Host capetownrelief.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Sec-Fetch-Site none Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Response headers Date Mon, 21 Oct 2019 15:02:42 GMT Server Apache Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate Pragma no-cache Set-Cookie PHPSESSID=9a3ef50853ea35515342f7ecc07a5ec1; path=/ Keep-Alive timeout=5, max=99 Connection Keep-Alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8 Redirect headers Date Mon, 21 Oct 2019 15:02:42 GMT Server Apache Location index.php Keep-Alive timeout=5, max=100 Connection Keep-Alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	bactouch.css capetownrelief.com/boa-login/style/	101 KB 101 KB	21ms 19ms	Stylesheet text/css	35.177.76.153 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://capetownrelief.com/boa-login/style/bactouch.css Requested by Host: capetownrelief.com URL: https://capetownrelief.com/boa-login/index.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.177.76.153 London, United Kingdom, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-35-177-76-153.eu-west-2.compute.amazonaws.com Software Apache / Resource Hash `bde4e74a5c3d7d06e5558fa425ff90ac46115940fe49ed242b858be4f71d1c20` Request headers Sec-Fetch-Mode no-cors Referer https://capetownrelief.com/boa-login/index.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 21 Oct 2019 15:02:43 GMT Last-Modified Fri, 08 Apr 2016 13:08:56 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 103449
GET H/1.1	200 OK	toolbar.css capetownrelief.com/boa-login/style/	4 KB 5 KB	21ms 19ms	Stylesheet text/css	35.177.76.153 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://capetownrelief.com/boa-login/style/toolbar.css Requested by Host: capetownrelief.com URL: https://capetownrelief.com/boa-login/index.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.177.76.153 London, United Kingdom, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-35-177-76-153.eu-west-2.compute.amazonaws.com Software Apache / Resource Hash `105296e66a93575f0da4c925e3207eb347c2dd552ec2bfb572070cea45998727` Request headers Sec-Fetch-Mode no-cors Referer https://capetownrelief.com/boa-login/index.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 21 Oct 2019 15:02:43 GMT Last-Modified Fri, 08 Apr 2016 13:08:56 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 4603
GET H/1.1	200 OK	bact_listview.css capetownrelief.com/boa-login/style/	48 KB 48 KB	41ms 19ms	Stylesheet text/css	35.177.76.153 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://capetownrelief.com/boa-login/style/bact_listview.css Requested by Host: capetownrelief.com URL: https://capetownrelief.com/boa-login/index.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.177.76.153 London, United Kingdom, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-35-177-76-153.eu-west-2.compute.amazonaws.com Software Apache / Resource Hash `478a4f916db4b66d59ecdcb9dac8a8628d19c72c09263c9547979e77846de4e1` Request headers Sec-Fetch-Mode no-cors Referer https://capetownrelief.com/boa-login/index.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 21 Oct 2019 15:02:43 GMT Last-Modified Fri, 08 Apr 2016 13:08:56 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 48902
GET H/1.1	200 OK	footer.css capetownrelief.com/boa-login/style/	851 B 1 KB	57ms 19ms	Stylesheet text/css	35.177.76.153 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://capetownrelief.com/boa-login/style/footer.css Requested by Host: capetownrelief.com URL: https://capetownrelief.com/boa-login/index.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.177.76.153 London, United Kingdom, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-35-177-76-153.eu-west-2.compute.amazonaws.com Software Apache / Resource Hash `b632fa1d4962522b6d07793c4f0a4d863bd520b122c5d10343a4004298d01592` Request headers Sec-Fetch-Mode no-cors Referer https://capetownrelief.com/boa-login/index.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 21 Oct 2019 15:02:43 GMT Last-Modified Fri, 08 Apr 2016 13:08:56 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 851
GET H/1.1	200 OK	slidemenu.css capetownrelief.com/boa-login/style/	10 KB 10 KB	58ms 19ms	Stylesheet text/css	35.177.76.153 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://capetownrelief.com/boa-login/style/slidemenu.css Requested by Host: capetownrelief.com URL: https://capetownrelief.com/boa-login/index.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.177.76.153 London, United Kingdom, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-35-177-76-153.eu-west-2.compute.amazonaws.com Software Apache / Resource Hash `723fca598d0ae1aae3ab72990d04c3b86bc6c18b754f1f58507d39367dd6757b` Request headers Sec-Fetch-Mode no-cors Referer https://capetownrelief.com/boa-login/index.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 21 Oct 2019 15:02:43 GMT Last-Modified Fri, 08 Apr 2016 13:08:56 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 10494
GET H/1.1	200 OK	jquery-1.11.1.min.js Show response capetownrelief.com/boa-login/script/	94 KB 94 KB	59ms 19ms	Script application/javascript	35.177.76.153 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://capetownrelief.com/boa-login/script/jquery-1.11.1.min.js Requested by Host: capetownrelief.com URL: https://capetownrelief.com/boa-login/index.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.177.76.153 London, United Kingdom, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-35-177-76-153.eu-west-2.compute.amazonaws.com Software Apache / Resource Hash `540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441` Request headers Sec-Fetch-Mode no-cors Referer https://capetownrelief.com/boa-login/index.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 21 Oct 2019 15:02:43 GMT Last-Modified Fri, 08 Apr 2016 13:08:56 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 95786
GET H/1.1	200 OK	mobileweb.js Show response capetownrelief.com/boa-login/script/	60 KB 60 KB	62ms 23ms	Script application/javascript	35.177.76.153 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://capetownrelief.com/boa-login/script/mobileweb.js Requested by Host: capetownrelief.com URL: https://capetownrelief.com/boa-login/index.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.177.76.153 London, United Kingdom, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-35-177-76-153.eu-west-2.compute.amazonaws.com Software Apache / Resource Hash `4ff3863b845ae1a49e8e6d574a19a0185bad6c9a7fa1b86f17de1f165fd8e74e` Request headers Sec-Fetch-Mode no-cors Referer https://capetownrelief.com/boa-login/index.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 21 Oct 2019 15:02:43 GMT Last-Modified Fri, 08 Apr 2016 13:08:56 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 60986
GET H/1.1	200 OK	jquery.maskedinput.min.js Show response capetownrelief.com/boa-login/script/	4 KB 4 KB	76ms 19ms	Script application/javascript	35.177.76.153 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://capetownrelief.com/boa-login/script/jquery.maskedinput.min.js Requested by Host: capetownrelief.com URL: https://capetownrelief.com/boa-login/index.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.177.76.153 London, United Kingdom, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-35-177-76-153.eu-west-2.compute.amazonaws.com Software Apache / Resource Hash `fb82877818fa23c8c028053cc5744c5d7947faca82bd50a82b918016499bfb62` Request headers Sec-Fetch-Mode no-cors Referer https://capetownrelief.com/boa-login/index.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 21 Oct 2019 15:02:43 GMT Last-Modified Fri, 08 Apr 2016 13:08:56 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 4324
GET H/1.1	200 OK	prv.png capetownrelief.com/boa-login/img/	60 KB 60 KB	19ms 19ms	Image image/png	35.177.76.153 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://capetownrelief.com/boa-login/img/prv.png Requested by Host: capetownrelief.com URL: https://capetownrelief.com/boa-login/index.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.177.76.153 London, United Kingdom, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-35-177-76-153.eu-west-2.compute.amazonaws.com Software Apache / Resource Hash `ed832ecc86f186321cd22b5d2c1ceb7845c52e69fba47801fdbe50c04eafb0ad` Request headers Sec-Fetch-Mode no-cors Referer https://capetownrelief.com/boa-login/index.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 21 Oct 2019 15:02:43 GMT Last-Modified Fri, 08 Apr 2016 13:08:52 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 61166
GET H/1.1	200 OK	eq.png capetownrelief.com/boa-login/img/	59 KB 60 KB	23ms 18ms	Image image/png	35.177.76.153 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://capetownrelief.com/boa-login/img/eq.png Requested by Host: capetownrelief.com URL: https://capetownrelief.com/boa-login/index.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.177.76.153 London, United Kingdom, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-35-177-76-153.eu-west-2.compute.amazonaws.com Software Apache / Resource Hash `c7c2fa48bcc272c726218fc9edfd91d7258c8b7b1a47c874d29355c40a8c4a7e` Request headers Sec-Fetch-Mode no-cors Referer https://capetownrelief.com/boa-login/index.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 21 Oct 2019 15:02:43 GMT Last-Modified Fri, 08 Apr 2016 13:08:52 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 60869
GET H/1.1	200 OK	cpr.png capetownrelief.com/boa-login/img/	64 KB 64 KB	20ms 19ms	Image image/png	35.177.76.153 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://capetownrelief.com/boa-login/img/cpr.png Requested by Host: capetownrelief.com URL: https://capetownrelief.com/boa-login/index.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.177.76.153 London, United Kingdom, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-35-177-76-153.eu-west-2.compute.amazonaws.com Software Apache / Resource Hash `b4062fee456a8a45f649606b87ff0c5557f4c8018b39924dc4c3064fe6064447` Request headers Sec-Fetch-Mode no-cors Referer https://capetownrelief.com/boa-login/index.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 21 Oct 2019 15:02:43 GMT Last-Modified Fri, 08 Apr 2016 13:08:52 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 65193
GET H/1.1	200 OK	header.png capetownrelief.com/boa-login/img/	5 KB 5 KB	21ms 20ms	Image image/png	35.177.76.153 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://capetownrelief.com/boa-login/img/header.png Requested by Host: capetownrelief.com URL: https://capetownrelief.com/boa-login/index.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.177.76.153 London, United Kingdom, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-35-177-76-153.eu-west-2.compute.amazonaws.com Software Apache / Resource Hash `b23046e43a658d66847d3fb771a26e1673ab267b77427eab293f537de496f7e2` Request headers Sec-Fetch-Mode no-cors Referer https://capetownrelief.com/boa-login/style/toolbar.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 21 Oct 2019 15:02:43 GMT Last-Modified Fri, 08 Apr 2016 13:08:52 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 4843
GET H/1.1	200 OK	message.png capetownrelief.com/boa-login/img/	1 KB 1 KB	20ms 19ms	Image image/png	35.177.76.153 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://capetownrelief.com/boa-login/img/message.png Requested by Host: capetownrelief.com URL: https://capetownrelief.com/boa-login/index.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.177.76.153 London, United Kingdom, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-35-177-76-153.eu-west-2.compute.amazonaws.com Software Apache / Resource Hash `d45d9a7cacfbeaf2796ec624e328354c3cde35f00518bd5a690429bcefa223dc` Request headers Sec-Fetch-Mode no-cors Referer https://capetownrelief.com/boa-login/style/bactouch.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 21 Oct 2019 15:02:43 GMT Last-Modified Fri, 08 Apr 2016 13:08:52 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 1184
GET H/1.1	404 Not Found	close.png capetownrelief.com/boa-login/img/	315 B 315 B	21ms 20ms	Image text/html	35.177.76.153 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://capetownrelief.com/boa-login/img/close.png Requested by Host: capetownrelief.com URL: https://capetownrelief.com/boa-login/index.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.177.76.153 London, United Kingdom, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-35-177-76-153.eu-west-2.compute.amazonaws.com Software Apache / Resource Hash `d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3` Request headers Sec-Fetch-Mode no-cors Referer https://capetownrelief.com/boa-login/style/bactouch.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 21 Oct 2019 15:02:43 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=98 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	200 OK	sprite_input.png capetownrelief.com/boa-login/img/	2 KB 2 KB	20ms 20ms	Image image/png	35.177.76.153 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://capetownrelief.com/boa-login/img/sprite_input.png Requested by Host: capetownrelief.com URL: https://capetownrelief.com/boa-login/index.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.177.76.153 London, United Kingdom, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-35-177-76-153.eu-west-2.compute.amazonaws.com Software Apache / Resource Hash `d1b09a34d6ffa1569b70e6f4f9ad6ec35ee0dd0d9c6342de44fabfee6ef107ce` Request headers Sec-Fetch-Mode no-cors Referer https://capetownrelief.com/boa-login/style/bactouch.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 21 Oct 2019 15:02:43 GMT Last-Modified Fri, 08 Apr 2016 13:08:52 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 1956

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Bank of America (Banking)

105 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			capetownrelief.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 9a3ef50853ea35515342f7ecc07a5ec1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bankofamerica-d.live
capetownrelief.com
35.160.246.24
35.177.76.153
105296e66a93575f0da4c925e3207eb347c2dd552ec2bfb572070cea45998727
478a4f916db4b66d59ecdcb9dac8a8628d19c72c09263c9547979e77846de4e1
4a25e103d4e9e05ecc60b8b1e206df3323c35e83178386e1631a99646aa73eaa
4ff3863b845ae1a49e8e6d574a19a0185bad6c9a7fa1b86f17de1f165fd8e74e
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
723fca598d0ae1aae3ab72990d04c3b86bc6c18b754f1f58507d39367dd6757b
b23046e43a658d66847d3fb771a26e1673ab267b77427eab293f537de496f7e2
b4062fee456a8a45f649606b87ff0c5557f4c8018b39924dc4c3064fe6064447
b632fa1d4962522b6d07793c4f0a4d863bd520b122c5d10343a4004298d01592
bde4e74a5c3d7d06e5558fa425ff90ac46115940fe49ed242b858be4f71d1c20
c7c2fa48bcc272c726218fc9edfd91d7258c8b7b1a47c874d29355c40a8c4a7e
d1b09a34d6ffa1569b70e6f4f9ad6ec35ee0dd0d9c6342de44fabfee6ef107ce
d45d9a7cacfbeaf2796ec624e328354c3cde35f00518bd5a690429bcefa223dc
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
ed832ecc86f186321cd22b5d2c1ceb7845c52e69fba47801fdbe50c04eafb0ad
fb82877818fa23c8c028053cc5744c5d7947faca82bd50a82b918016499bfb62

capetownrelief.com Open in urlscan Pro 35.177.76.153 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

1 IPs

2 Countries

524 kBTransfer

520 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

105 JavaScript Global Variables

1 Cookies

Indicators

capetownrelief.com Open in urlscan Pro
35.177.76.153 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

524 kB
Transfer

520 kB
Size

1
Cookies

16 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!