proudafrica.info Open in urlscan Pro
193.42.156.33 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/
Submission: On July 19 via automatic, source openphish (July 19th 2017, 3:29:29 am UTC)

Summary HTTP 16 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 16 HTTP transactions. The main IP is 193.42.156.33, located in Ukraine and belongs to AS7SKYHOST, UA. The main domain is proudafrica.info.

This is the only time proudafrica.info was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Bank of America (Banking)

Domain & IP information

	IP Address		AS Autonomous System
16	193.42.156.33 193.42.156.33		198889 (AS7SKYHOST) (AS7SKYHOST)
16	1

16 193.42.156.33 (Ukraine)

ASN198889 (AS7SKYHOST, UA)
PTR: sky33.7skyhost.com

proudafrica.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	proudafrica.info proudafrica.info	415 KB
16	1

	Domain	Requested by
16	proudafrica.info	proudafrica.info
16	1

This site contains links to these domains. Also see Links.

Domain
www.bankofamerica.com

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/
Frame ID: 16994.1
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

16
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

415 kB
Transfer

1066 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.bankofamerica.com/privacy/
Title: Privacy & Security

Search URL Search Domain Scan URL

URL: http://www.bankofamerica.com/help/equalhousing_popup.cfm
Title: Equal Housing Lender

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/
Redirect Chain

http://proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go
http://proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/

4 KB
2 KB

36ms
36ms

Document
text/html

193.42.156.33
AS7SKYHOST

General

Check archive.org

Show headers Download Go to

Full URL

http://proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/

Protocol

HTTP/1.1

Server

193.42.156.33 , Ukraine, ASN198889 (AS7SKYHOST, UA),

Reverse DNS

sky33.7skyhost.com

Software

nginx /

Resource Hash

24c412e3a49774719c19d4758a5db210ed4e217e88af4f278a0831b9973af2d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Wed, 19 Jul 2017 03:29:18 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 Apr 2014 06:29:10 GMT
Server: nginx
Vary: Accept-Encoding
X-Nginx-Cache-Status: BYPASS
Transfer-Encoding: chunked
X-Server-Powered-By: Engintron
Connection: keep-alive
Content-Type: text/html
X-XSS-Protection: 1; mode=block

Redirect headers

Date: Wed, 19 Jul 2017 03:29:18 GMT
X-Content-Type-Options: nosniff
Server: nginx
X-Nginx-Cache-Status: BYPASS
Location: http://proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/
X-Server-Powered-By: Engintron
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 292
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK global-jawr.css
proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/scripts/ 68 KB
12 KB 37ms
37ms Stylesheet
text/css 193.42.156.33
AS7SKYHOST

General

Check archive.org

Show headers Download Go to

Full URL

http://proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/scripts/global-jawr.css

Requested by

Host: proudafrica.info
URL: http://proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/

Protocol

HTTP/1.1

Server

193.42.156.33 , Ukraine, ASN198889 (AS7SKYHOST, UA),

Reverse DNS

sky33.7skyhost.com

Software

nginx /

Resource Hash

be4f0fe9c997f42d8a0112057b4d73fa273e8d200e4594fa5ee330b3eeec146a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma: public
Date: Wed, 19 Jul 2017 03:29:18 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 20 Sep 2013 22:43:42 GMT
Server: nginx
Vary: Accept-Encoding, Accept-Encoding
X-Nginx-Cache-Status: HIT
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
X-Server-Powered-By: Engintron
Connection: keep-alive
Content-Type: text/css
X-XSS-Protection: 1; mode=block
Expires: Fri, 18 Aug 2017 03:29:18 GMT

GET
H/1.1 200
OK vipaa-jawr.css
proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/scripts/ 172 KB
23 KB 75ms
40ms Stylesheet
text/css 193.42.156.33
AS7SKYHOST

General

Check archive.org

Show headers Download Go to

Full URL

http://proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/scripts/vipaa-jawr.css

Requested by

Host: proudafrica.info
URL: http://proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/

Protocol

HTTP/1.1

Server

193.42.156.33 , Ukraine, ASN198889 (AS7SKYHOST, UA),

Reverse DNS

sky33.7skyhost.com

Software

nginx /

Resource Hash

290882d5b9b63c8ff0715ed941c604d7c9b264abe5712cc5b5f3113ed2111e17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma: public
Date: Wed, 19 Jul 2017 03:29:18 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 20 Sep 2013 22:43:44 GMT
Server: nginx
Vary: Accept-Encoding, Accept-Encoding
X-Nginx-Cache-Status: HIT
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
X-Server-Powered-By: Engintron
Connection: keep-alive
Content-Type: text/css
X-XSS-Protection: 1; mode=block
Expires: Fri, 18 Aug 2017 03:29:18 GMT

GET
H/1.1 200
OK global-jawr.js Show response
proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/scripts/ 251 KB
68 KB 76ms
40ms Script
application/javascript 193.42.156.33
AS7SKYHOST

General

Check archive.org

Show headers Download Go to

Full URL

http://proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/scripts/global-jawr.js

Requested by

Host: proudafrica.info
URL: http://proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/

Protocol

HTTP/1.1

Server

193.42.156.33 , Ukraine, ASN198889 (AS7SKYHOST, UA),

Reverse DNS

sky33.7skyhost.com

Software

nginx /

Resource Hash

0757632d803e09eb6486178e57bee3505a8b8301fb392279bb577981340545e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma: public
Date: Wed, 19 Jul 2017 03:29:18 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 20 Sep 2013 22:43:42 GMT
Server: nginx
Vary: Accept-Encoding, Accept-Encoding
X-Nginx-Cache-Status: HIT
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
X-Server-Powered-By: Engintron
Connection: keep-alive
Content-Type: application/javascript
X-XSS-Protection: 1; mode=block
Expires: Fri, 18 Aug 2017 03:29:18 GMT

GET
H/1.1 200
OK vipaa-jawr.js Show response
proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/scripts/ 316 KB
55 KB 87ms
52ms Script
application/javascript 193.42.156.33
AS7SKYHOST

General

Check archive.org

Show headers Download Go to

Full URL

http://proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/scripts/vipaa-jawr.js

Requested by

Host: proudafrica.info
URL: http://proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/

Protocol

HTTP/1.1

Server

193.42.156.33 , Ukraine, ASN198889 (AS7SKYHOST, UA),

Reverse DNS

sky33.7skyhost.com

Software

nginx /

Resource Hash

4435ce4a5ddb37f871e6bbd0a8d6ab644309399b34e99beef18df18b88f1fdef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma: public
Date: Wed, 19 Jul 2017 03:29:18 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 20 Sep 2013 22:43:44 GMT
Server: nginx
Vary: Accept-Encoding, Accept-Encoding
X-Nginx-Cache-Status: REVALIDATED
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
X-Server-Powered-By: Engintron
Connection: keep-alive
Content-Type: application/javascript
X-XSS-Protection: 1; mode=block
Expires: Fri, 18 Aug 2017 03:29:18 GMT

GET
H/1.1 200
OK bac_reg_logo_tmp_250X69.gif
proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/img/ 4 KB
4 KB 36ms
36ms Image
image/gif 193.42.156.33
AS7SKYHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/img/bac_reg_logo_tmp_250X69.gif

Requested by

Host: proudafrica.info
URL: http://proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/

Protocol

HTTP/1.1

Server

193.42.156.33 , Ukraine, ASN198889 (AS7SKYHOST, UA),

Reverse DNS

sky33.7skyhost.com

Software

nginx /

Resource Hash

4a4cda257496d1a736af8485e6362e45d9883ed5b6bf83ea2d18c4148328abdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma: public
Date: Wed, 19 Jul 2017 03:29:18 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 20 Sep 2013 22:43:28 GMT
Server: nginx
Vary: Accept-Encoding
X-Nginx-Cache-Status: REVALIDATED
Cache-Control: max-age=5184000
X-Server-Powered-By: Engintron
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 3596
X-XSS-Protection: 1; mode=block
Expires: Sun, 17 Sep 2017 03:29:18 GMT

GET
H/1.1 200
OK Processing2.gif
proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/img/ 166 KB
166 KB 36ms
36ms Image
image/gif 193.42.156.33
AS7SKYHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/img/Processing2.gif

Requested by

Host: proudafrica.info
URL: http://proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/

Protocol

HTTP/1.1

Server

193.42.156.33 , Ukraine, ASN198889 (AS7SKYHOST, UA),

Reverse DNS

sky33.7skyhost.com

Software

nginx /

Resource Hash

d78dcdd7c107f5f8956cf1c855330cd8da1801d703951cc04166e72bd9e7b0e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma: public
Date: Wed, 19 Jul 2017 03:29:18 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 20 Sep 2013 22:43:38 GMT
Server: nginx
Vary: Accept-Encoding
X-Nginx-Cache-Status: REVALIDATED
Cache-Control: max-age=5184000
X-Server-Powered-By: Engintron
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 169523
X-XSS-Protection: 1; mode=block
Expires: Sun, 17 Sep 2017 03:29:18 GMT

GET
H/1.1 200
OK icon_equal_housing_lender.gif
proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/img/ 1 KB
1 KB 36ms
36ms Image
image/gif 193.42.156.33
AS7SKYHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/img/icon_equal_housing_lender.gif

Requested by

Host: proudafrica.info
URL: http://proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/

Protocol

HTTP/1.1

Server

193.42.156.33 , Ukraine, ASN198889 (AS7SKYHOST, UA),

Reverse DNS

sky33.7skyhost.com

Software

nginx /

Resource Hash

839be331936443a8f2f038ec6a0e735e4eb9567fab49caf276e2e0fc82aeb831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma: public
Date: Wed, 19 Jul 2017 03:29:18 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 20 Sep 2013 22:43:36 GMT
Server: nginx
Vary: Accept-Encoding
X-Nginx-Cache-Status: REVALIDATED
Cache-Control: max-age=5184000
X-Server-Powered-By: Engintron
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 1157
X-XSS-Protection: 1; mode=block
Expires: Sun, 17 Sep 2017 03:29:18 GMT

GET
H/1.1 200
OK layout-bground.png
proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/img/ 2 KB
2 KB 36ms
36ms Image
image/png 193.42.156.33
AS7SKYHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/img/layout-bground.png

Requested by

Host: proudafrica.info
URL: http://proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/scripts/global-jawr.js

Protocol

HTTP/1.1

Server

193.42.156.33 , Ukraine, ASN198889 (AS7SKYHOST, UA),

Reverse DNS

sky33.7skyhost.com

Software

nginx /

Resource Hash

e0d8bf7c19af877090095f30d3281342aa31a497346f93d949938f4d7d0c327d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/scripts/vipaa-jawr.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma: public
Date: Wed, 19 Jul 2017 03:29:18 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 20 Sep 2013 22:43:36 GMT
Server: nginx
Vary: Accept-Encoding
X-Nginx-Cache-Status: REVALIDATED
Cache-Control: max-age=5184000
X-Server-Powered-By: Engintron
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 2071
X-XSS-Protection: 1; mode=block
Expires: Sun, 17 Sep 2017 03:29:18 GMT

GET
H/1.1 200
OK flex-bg.png
proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/img/ 30 KB
30 KB 36ms
36ms Image
image/png 193.42.156.33
AS7SKYHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/img/flex-bg.png

Requested by

Host: proudafrica.info
URL: http://proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/scripts/global-jawr.js

Protocol

HTTP/1.1

Server

193.42.156.33 , Ukraine, ASN198889 (AS7SKYHOST, UA),

Reverse DNS

sky33.7skyhost.com

Software

nginx /

Resource Hash

14ada5247b07dfdc89df163c8bae66b836072779409c9b6fc7c9cf95381efb96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/scripts/vipaa-jawr.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma: public
Date: Wed, 19 Jul 2017 03:29:18 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 20 Sep 2013 22:43:30 GMT
Server: nginx
Vary: Accept-Encoding
X-Nginx-Cache-Status: REVALIDATED
Cache-Control: max-age=5184000
X-Server-Powered-By: Engintron
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 31065
X-XSS-Protection: 1; mode=block
Expires: Sun, 17 Sep 2017 03:29:18 GMT

GET
H/1.1 200
OK fsd-secure-esp-sprite.png
proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/img/ 473 B
473 B 72ms
36ms Image
image/png 193.42.156.33
AS7SKYHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/img/fsd-secure-esp-sprite.png

Requested by

Host: proudafrica.info
URL: http://proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/scripts/global-jawr.js

Protocol

HTTP/1.1

Server

193.42.156.33 , Ukraine, ASN198889 (AS7SKYHOST, UA),

Reverse DNS

sky33.7skyhost.com

Software

nginx /

Resource Hash

8c37fb372596058d87dd9208541c49b020d0e840e4f3a5baa27d39be2dc70b01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/scripts/vipaa-jawr.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma: public
Date: Wed, 19 Jul 2017 03:29:18 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 20 Sep 2013 22:43:32 GMT
Server: nginx
Vary: Accept-Encoding
X-Nginx-Cache-Status: REVALIDATED
Cache-Control: max-age=5184000
X-Server-Powered-By: Engintron
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 473
X-XSS-Protection: 1; mode=block
Expires: Sun, 17 Sep 2017 03:29:18 GMT

GET
H/1.1 200
OK red-grad-bar.png
proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/img/ 47 KB
47 KB 72ms
36ms Image
image/png 193.42.156.33
AS7SKYHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/img/red-grad-bar.png

Requested by

Host: proudafrica.info
URL: http://proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/scripts/global-jawr.js

Protocol

HTTP/1.1

Server

193.42.156.33 , Ukraine, ASN198889 (AS7SKYHOST, UA),

Reverse DNS

sky33.7skyhost.com

Software

nginx /

Resource Hash

72db41777c46264d246d29f4e1059ce81b8645609815d661e04f421d42b5d454

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/scripts/vipaa-jawr.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma: public
Date: Wed, 19 Jul 2017 03:29:18 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 20 Sep 2013 22:43:38 GMT
Server: nginx
Vary: Accept-Encoding
X-Nginx-Cache-Status: REVALIDATED
Cache-Control: max-age=5184000
X-Server-Powered-By: Engintron
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 47645
X-XSS-Protection: 1; mode=block
Expires: Sun, 17 Sep 2017 03:29:18 GMT

GET
H/1.1 200
OK gfoot-bground.png
proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/img/ 129 B
129 B 64ms
36ms Image
image/png 193.42.156.33
AS7SKYHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/img/gfoot-bground.png

Requested by

Host: proudafrica.info
URL: http://proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/scripts/global-jawr.js

Protocol

HTTP/1.1

Server

193.42.156.33 , Ukraine, ASN198889 (AS7SKYHOST, UA),

Reverse DNS

sky33.7skyhost.com

Software

nginx /

Resource Hash

83a3eb7347268978bd8acb7a1294e8ddf3aaea255869db8393e577af309ea1c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/scripts/vipaa-jawr.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma: public
Date: Wed, 19 Jul 2017 03:29:18 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 20 Sep 2013 22:43:32 GMT
Server: nginx
Vary: Accept-Encoding
X-Nginx-Cache-Status: REVALIDATED
Cache-Control: max-age=5184000
X-Server-Powered-By: Engintron
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 129
X-XSS-Protection: 1; mode=block
Expires: Sun, 17 Sep 2017 03:29:18 GMT

GET
H/1.1 200
OK gfootb-static-sprite.png
proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/img/ 3 KB
3 KB 66ms
36ms Image
image/png 193.42.156.33
AS7SKYHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/img/gfootb-static-sprite.png

Requested by

Host: proudafrica.info
URL: http://proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/scripts/global-jawr.js

Protocol

HTTP/1.1

Server

193.42.156.33 , Ukraine, ASN198889 (AS7SKYHOST, UA),

Reverse DNS

sky33.7skyhost.com

Software

nginx /

Resource Hash

65dd0a55539d1495dc03f63f322c80df0e80142180142aaf95bda885982bbe10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/scripts/vipaa-jawr.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma: public
Date: Wed, 19 Jul 2017 03:29:18 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 20 Sep 2013 22:43:32 GMT
Server: nginx
Vary: Accept-Encoding
X-Nginx-Cache-Status: REVALIDATED
Cache-Control: max-age=5184000
X-Server-Powered-By: Engintron
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 3188
X-XSS-Protection: 1; mode=block
Expires: Sun, 17 Sep 2017 03:29:18 GMT

GET
H/1.1 200
OK form_input_help_top.png
proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/img/ 969 B
969 B 36ms
36ms Image
image/png 193.42.156.33
AS7SKYHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/img/form_input_help_top.png

Requested by

Host: proudafrica.info
URL: http://proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/scripts/global-jawr.js

Protocol

HTTP/1.1

Server

193.42.156.33 , Ukraine, ASN198889 (AS7SKYHOST, UA),

Reverse DNS

sky33.7skyhost.com

Software

nginx /

Resource Hash

8976fc0e09489a76dfc8c633dad1101636afa9d6c9b39a0a6c3693c12bc52b21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/scripts/global-jawr.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma: public
Date: Wed, 19 Jul 2017 03:29:18 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 20 Sep 2013 22:43:32 GMT
Server: nginx
Vary: Accept-Encoding
X-Nginx-Cache-Status: REVALIDATED
Cache-Control: max-age=5184000
X-Server-Powered-By: Engintron
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 969
X-XSS-Protection: 1; mode=block
Expires: Sun, 17 Sep 2017 03:29:18 GMT

GET
H/1.1 200
OK form_input_help_bottom.png
proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/img/ 1 KB
1 KB 36ms
36ms Image
image/png 193.42.156.33
AS7SKYHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/img/form_input_help_bottom.png

Requested by

Host: proudafrica.info
URL: http://proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/scripts/global-jawr.js

Protocol

HTTP/1.1

Server

193.42.156.33 , Ukraine, ASN198889 (AS7SKYHOST, UA),

Reverse DNS

sky33.7skyhost.com

Software

nginx /

Resource Hash

5300eeb3f22273b0d399acffaf58c3272920360551cfbeb9c8796b2aa56ca5db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/scripts/global-jawr.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma: public
Date: Wed, 19 Jul 2017 03:29:18 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 20 Sep 2013 22:43:32 GMT
Server: nginx
Vary: Accept-Encoding
X-Nginx-Cache-Status: REVALIDATED
Cache-Control: max-age=5184000
X-Server-Powered-By: Engintron
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 1501
X-XSS-Protection: 1; mode=block
Expires: Sun, 17 Sep 2017 03:29:18 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Bank of America (Banking)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

proudafrica.info
193.42.156.33
0757632d803e09eb6486178e57bee3505a8b8301fb392279bb577981340545e4
14ada5247b07dfdc89df163c8bae66b836072779409c9b6fc7c9cf95381efb96
24c412e3a49774719c19d4758a5db210ed4e217e88af4f278a0831b9973af2d1
290882d5b9b63c8ff0715ed941c604d7c9b264abe5712cc5b5f3113ed2111e17
4435ce4a5ddb37f871e6bbd0a8d6ab644309399b34e99beef18df18b88f1fdef
4a4cda257496d1a736af8485e6362e45d9883ed5b6bf83ea2d18c4148328abdb
5300eeb3f22273b0d399acffaf58c3272920360551cfbeb9c8796b2aa56ca5db
65dd0a55539d1495dc03f63f322c80df0e80142180142aaf95bda885982bbe10
72db41777c46264d246d29f4e1059ce81b8645609815d661e04f421d42b5d454
839be331936443a8f2f038ec6a0e735e4eb9567fab49caf276e2e0fc82aeb831
83a3eb7347268978bd8acb7a1294e8ddf3aaea255869db8393e577af309ea1c9
8976fc0e09489a76dfc8c633dad1101636afa9d6c9b39a0a6c3693c12bc52b21
8c37fb372596058d87dd9208541c49b020d0e840e4f3a5baa27d39be2dc70b01
be4f0fe9c997f42d8a0112057b4d73fa273e8d200e4594fa5ee330b3eeec146a
d78dcdd7c107f5f8956cf1c855330cd8da1801d703951cc04166e72bd9e7b0e4
e0d8bf7c19af877090095f30d3281342aa31a497346f93d949938f4d7d0c327d

proudafrica.info Open in urlscan Pro 193.42.156.33 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

16 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

415 kBTransfer

1066 kBSize

0 Cookies

2 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

proudafrica.info Open in urlscan Pro
193.42.156.33 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

415 kB
Transfer

1066 kB
Size

0
Cookies

16 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!