www.proudafrica.info
Open in
urlscan Pro
193.42.156.33
Malicious Activity!
Public Scan
Submission: On July 20 via automatic, source openphish
Summary
This is the only time www.proudafrica.info was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Bank of America (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
8 | 193.42.156.33 193.42.156.33 | 198889 (AS7SKYHOST) (AS7SKYHOST) | |
1 | 134.249.116.78 134.249.116.78 | 15895 (KSNET-AS) (KSNET-AS) | |
1 | 69.42.65.45 69.42.65.45 | 27257 (WEBAIR-IN...) (WEBAIR-INTERNET - Webair Internet Development Company Inc.) | |
11 | 4 |
ASN15895 (KSNET-AS, UA)
PTR: 134-249-116-78.broadband.kyivstar.net
134.249.116.78 |
ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US)
www.cpm10.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
proudafrica.info
www.proudafrica.info |
331 KB |
1 |
cpm10.com
www.cpm10.com Failed |
105 B |
11 | 2 |
Domain | Requested by | |
---|---|---|
8 | www.proudafrica.info |
www.proudafrica.info
|
1 | www.cpm10.com |
134.249.116.78
|
11 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
terraclicks.com |
Subject Issuer | Validity | Valid |
---|
This page contains 2 frames:
Frame:
http://www.cpm10.com/watch?key=fe0a93971e993f059d7a78bf2fa5117a
Frame ID: 31424.1
Requests: 10 HTTP requests in this frame
Frame:
http://www.cpm10.com/watch?key=fe0a93971e993f059d7a78bf2fa5117a
Frame ID: 31437.1
Requests: 1 HTTP requests in this frame
1 Outgoing links
These are links going to different origins than the main page.
Title: Anonymous Proxy detected, click here.
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
www.proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/ |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
global-jawr.css
www.proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/scripts/ |
68 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vipaa-jawr.css
www.proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/scripts/ |
172 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
global-jawr.js
www.proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/scripts/ |
252 KB 68 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vipaa-jawr.js
www.proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/scripts/ |
316 KB 56 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bac_reg_logo_tmp_250X69.gif
www.proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/img/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Processing2.gif
www.proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/img/ |
166 KB 166 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_equal_housing_lender.gif
www.proudafrica.info/bank/secure.bankofamerica.com/login/sign-in/signOnScreen.go/img/ |
1 KB 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.js
134.249.116.78/ |
3 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
watch
www.cpm10.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
watch
www.cpm10.com/ Frame 3143 |
105 B 105 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.cpm10.com
- URL
- http://www.cpm10.com/watch?key=fe0a93971e993f059d7a78bf2fa5117a
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Bank of America (Banking)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
www.cpm10.com
www.proudafrica.info
www.cpm10.com
134.249.116.78
193.42.156.33
69.42.65.45
05b31dfbf6651b7e354261b974453412480d1ba96e38797aa05b6e74cea5638b
24c412e3a49774719c19d4758a5db210ed4e217e88af4f278a0831b9973af2d1
290882d5b9b63c8ff0715ed941c604d7c9b264abe5712cc5b5f3113ed2111e17
4a4cda257496d1a736af8485e6362e45d9883ed5b6bf83ea2d18c4148328abdb
839be331936443a8f2f038ec6a0e735e4eb9567fab49caf276e2e0fc82aeb831
a5811d2bc9fe7150040c34753882afb0599c19f319155d2da2b5e61fad2b0122
a81136a3f941e542c4351e65686312e2207162e867ed907cbd4109cdfb5668e7
be4f0fe9c997f42d8a0112057b4d73fa273e8d200e4594fa5ee330b3eeec146a
d78dcdd7c107f5f8956cf1c855330cd8da1801d703951cc04166e72bd9e7b0e4
f5ed40eb1e83d2ecd979f72840ea366da77e9142ada501c934fe1496950ea616