![](/screenshots/928cb571-095d-4636-b23b-e523137232a3.png)
www.divorcedmansite.com
Open in
urlscan Pro
192.99.210.160
Malicious Activity!
Public Scan
Submission Tags: 6242284
Submission: On October 16 via api from US
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on October 2nd 2019. Valid for: 3 months.
This is the only time www.divorcedmansite.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Bank of America (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 12 | 192.99.210.160 192.99.210.160 | 16276 (OVH) (OVH) | |
1 | 171.161.203.200 171.161.203.200 | 10794 (BANKAMERICA) (BANKAMERICA - Bank of America) | |
11 | 2 |
ASN10794 (BANKAMERICA - Bank of America, National Association, US)
secure.bankofamerica.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
divorcedmansite.com
2 redirects
www.divorcedmansite.com divorcedmansite.com |
832 KB |
1 |
bankofamerica.com
secure.bankofamerica.com |
140 KB |
11 | 2 |
Domain | Requested by | |
---|---|---|
10 | www.divorcedmansite.com |
2 redirects
www.divorcedmansite.com
|
2 | divorcedmansite.com |
www.divorcedmansite.com
|
1 | secure.bankofamerica.com |
www.divorcedmansite.com
|
11 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
promo.bankofamerica.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
divorcedmansite.com cPanel, Inc. Certification Authority |
2019-10-02 - 2019-12-31 |
3 months | crt.sh |
secure.bankofamerica.com Entrust Certification Authority - L1M |
2019-07-28 - 2020-07-25 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.divorcedmansite.com/wp-content/plugins/html/BofA/screnlog/Signon/update-information.html
Frame ID: 4DD70FA68691D17EC192288E2E80B1BF
Requests: 11 HTTP requests in this frame
1 Outgoing links
These are links going to different origins than the main page.
Title: Get the appĀ about Secure Mobile Banking
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 8- https://www.divorcedmansite.com/pa/components/bundles/gzip-compressed/xengine/VIPAA/6.0/style/vipaa-v4-jawr-print.css HTTP 301
- https://divorcedmansite.com/pa/components/bundles/gzip-compressed/xengine/VIPAA/6.0/style/vipaa-v4-jawr-print.css
- https://www.divorcedmansite.com/pa/components/modules-app/VIPAA/sc-vipaa-module/1.0/graphic/sc-sprite.png HTTP 301
- https://divorcedmansite.com/pa/components/modules-app/VIPAA/sc-vipaa-module/1.0/graphic/sc-sprite.png
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
update-information.html
www.divorcedmansite.com/wp-content/plugins/html/BofA/screnlog/Signon/ |
32 KB 32 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vipaa-v4-jawr.css
www.divorcedmansite.com/wp-content/plugins/html/BofA/screnlog/Signon/css/ |
444 KB 444 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
olb-header-module-FSD.css
secure.bankofamerica.com/pa/components/utilities/top-nav-util/1.19/style/ |
140 KB 140 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
car.png
www.divorcedmansite.com/wp-content/plugins/html/BofA/screnlog/Signon/media/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cc.png
www.divorcedmansite.com/wp-content/plugins/html/BofA/screnlog/Signon/media/ |
391 B 633 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sp.svg
www.divorcedmansite.com/wp-content/plugins/html/BofA/screnlog/Signon/img/ |
10 KB 10 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vid.png
www.divorcedmansite.com/wp-content/plugins/html/BofA/screnlog/Signon/img/ |
241 KB 241 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vidd.png
www.divorcedmansite.com/wp-content/plugins/html/BofA/screnlog/Signon/img/ |
72 KB 72 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hautt.png
www.divorcedmansite.com/wp-content/plugins/html/BofA/screnlog/Signon/img/ |
27 KB 27 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vipaa-v4-jawr-print.css
divorcedmansite.com/pa/components/bundles/gzip-compressed/xengine/VIPAA/6.0/style/ Redirect Chain
|
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sc-sprite.png
divorcedmansite.com/pa/components/modules-app/VIPAA/sc-vipaa-module/1.0/graphic/ Redirect Chain
|
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Bank of America (Banking)2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
divorcedmansite.com
secure.bankofamerica.com
www.divorcedmansite.com
171.161.203.200
192.99.210.160
007105535dd005369cdfe2f9002211b3235e98db07e1c6ea2a90e77cc003c765
12a7b5463ea8ae6a1f1527db0c9fd7d92bd5af9a87e946156fee44d6541891a1
1ca103079a6ae408c9b5fca83185499fa29f21c24ed80d3e58e7bc7df40e07f4
2a7a6205d2858f430cce6ecba2d5115bf23d1369b0219c377373fe234028dcc5
41854220bf44a968883222fec1fb803b8757a65848b96d137079ebed3f752cc9
51e53a40ca47551d8673311ffd2d25d64c727e2f139084b2e30dad194f229bd2
57c2c2f7a1e20f54d441a98960285c50b2d46c7f48c3fc596f374580cf4339c7
b4deeb1338768de67b35a261906157d8b50bbc3a4c201d4fe939304f2cc43a69
c770b05403ede2a973fc230db7c73bae486254573ad2ea80201946fafeeb4241
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855