kam-net.ci
Open in
urlscan Pro
51.77.197.178
Malicious Activity!
Public Scan
Submission Tags: 6691321
Submission: On July 23 via api from US
Summary
This is the only time kam-net.ci was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: IRS (Government)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 51.77.197.178 51.77.197.178 | 16276 (OVH) (OVH) | |
8 | 154.0.166.162 154.0.166.162 | 37611 (Afrihost) (Afrihost) | |
4 | 2600:1400:d:2... 2600:1400:d:2b9::f50 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
14 | 4 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
clydesdale.co.za
www.clydesdale.co.za |
1 KB |
4 |
irs.gov
www.irs.gov |
13 KB |
1 |
kam-net.ci
kam-net.ci |
13 KB |
14 | 3 |
Domain | Requested by | |
---|---|---|
8 | www.clydesdale.co.za |
kam-net.ci
|
4 | www.irs.gov |
kam-net.ci
|
1 | kam-net.ci | |
14 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.irs.gov Entrust Certification Authority - L1K |
2018-06-22 - 2020-09-21 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
http://kam-net.ci/1738312771/956060147/home.php
Frame ID: 1C54F6F9D212C146916FFABE6A2C446B
Requests: 14 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
home.php
kam-net.ci/1738312771/956060147/ |
107 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
css_je8KC1UEDsjd6_RlaWBiGU29p8rI7s4XsSuP-SC43VQ94b2.css
www.clydesdale.co.za/wp-content/plugins/buddypress/bp-friends/classes/pub/css/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
css_N62s3jZPvxyvhHYcrpckPXcpSMd1W93dPv75j_GVs6c94b2.css
www.clydesdale.co.za/wp-content/plugins/buddypress/bp-friends/classes/pub/css/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
stylez.css
www.clydesdale.co.za/wp-content/plugins/buddypress/bp-friends/classes/pub/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.css
www.clydesdale.co.za/wp-content/plugins/buddypress/bp-friends/classes/pub/css/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.jpg
www.clydesdale.co.za/wp-content/plugins/buddypress/bp-friends/classes/pub/css/ |
0 306 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
IRS-Logo.svg
www.irs.gov/themes/custom/pup_base/ |
14 KB 6 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-print.svg
www.irs.gov/themes/custom/pup_irs/images/ |
5 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
proceed.jpg
www.clydesdale.co.za/wp-content/plugins/buddypress/bp-friends/classes/pub/css/ |
0 306 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
irs_horiz-01.svg
www.irs.gov/themes/custom/pup_base/images/ |
5 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
irs_horiz_logo.svg
www.irs.gov/pub/ |
10 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg_refund.png
www.clydesdale.co.za/wp-content/plugins/buddypress/bp-friends/classes/pub/css/ |
0 305 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
proceed.jpg
www.clydesdale.co.za/wp-content/plugins/buddypress/bp-friends/classes/pub/css/ |
0 305 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
proceed.jpg
www.clydesdale.co.za/wp-content/plugins/buddypress/bp-friends/classes/pub/css/ |
0 305 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.clydesdale.co.za
- URL
- http://www.clydesdale.co.za/wp-content/plugins/buddypress/bp-friends/classes/pub/css/stylez.css
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: IRS (Government)1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| change0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
kam-net.ci
www.clydesdale.co.za
www.irs.gov
www.clydesdale.co.za
154.0.166.162
2600:1400:d:2b9::f50
51.77.197.178
3536108234988f9febfce80ca86c2fd44acc995593240c0e9e30399f46b27087
445a9f83f49690558673623dea37d847ac47bac7bb3b4032ff45e2ddbb8b1939
479648e7377a076e81875f41d82ac6b831c910e25ca85f8a2076110d09876184
66466573e4c2cffdc636e13e76758dcf83f0ce235083c2098ad471cf419481d8
7681e2233b40354b5f1e6d3b8322221bfc5db8e593a5ec9c2d48e08aac6a05f1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855