ycms.technorama.pk Open in urlscan Pro
104.21.19.159 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ycms.technorama.pk/BOA/Login.php
Submission: On March 22 via api (March 22nd 2023, 10:03:19 pm UTC) from JP — Scanned from JP

Summary HTTP 6 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 6 HTTP transactions. The main IP is 104.21.19.159, located in and belongs to CLOUDFLARENET, US. The main domain is ycms.technorama.pk.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 16th 2022. Valid for: a year.

This is the only time ycms.technorama.pk was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online) Bank of America (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 6	104.21.19.159 104.21.19.159	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.57.101 104.16.57.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	3

6 104.21.19.159 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ycms.technorama.pk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.57.101 (None, )

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	technorama.pk 1 redirects ycms.technorama.pk	370 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 899	6 KB
6	2

	Domain	Requested by
6	ycms.technorama.pk	1 redirects ycms.technorama.pk static.cloudflareinsights.com
1	static.cloudflareinsights.com	ycms.technorama.pk
6	2

This site contains links to these domains. Also see Links.

Domain
secure.bankofamerica.com
www.bankofamerica.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-16` - `2023-06-16`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://ycms.technorama.pk/BOA/Login.php
Frame ID: 3E97121C2D01E7FD25FCDB91532B5374
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bank of America | Online Banking | Log In | Online ID

Page URL History Show full URLs

https://ycms.technorama.pk/BOA/Login.php Page URL
https://ycms.technorama.pk/cdn-cgi/phish-bypass?atok=kmGMkWgbTtOBc6cpDgoMxIfe_uRhCxRU6C.bWdYv_rU-167952... HTTP 301
https://ycms.technorama.pk/BOA/Login.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Page Statistics

6
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

458 kB
Transfer

1171 kB
Size

1
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://secure.bankofamerica.com/login/languageToggle.go?request_locale=es_US
Title: En español

Search URL Search Domain Scan URL

URL: https://secure.bankofamerica.com/login/sign-in/%7BstoreLink%7D
Title: {storeLinkText}

Search URL Search Domain Scan URL

URL: https://www.bankofamerica.com/online-banking/mobile-banking-apps.go
Title: Learn about your Banking by Phone options ››

Search URL Search Domain Scan URL

URL: https://secure.bankofamerica.com/login/reset/entry/forgotIDPwdScreen.go
Title: Forgot ID/Password?

Search URL Search Domain Scan URL

URL: https://www.bankofamerica.com/customer-service/contact-us/bank-of-america-login-issues/
Title: Problem logging in?

Search URL Search Domain Scan URL

URL: https://secure.bankofamerica.com/login/enroll/entry/olbEnroll.go?reason=model_enroll
Title: Enroll now for online Banking

Search URL Search Domain Scan URL

URL: https://www.bankofamerica.com/onlinebanking/learning-center.go
Title: Learn more about Online Banking

Search URL Search Domain Scan URL

URL: https://www.bankofamerica.com/online-banking/service-agreement.go
Title: Service Agreement

Search URL Search Domain Scan URL

URL: https://www.bankofamerica.com/security-center/privacy-overview/
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.bankofamerica.com/security-center/overview/
Title: Security

Search URL Search Domain Scan URL

URL: https://www.bankofamerica.com/help/equalhousing-popup/
Title: Equal Housing Lender

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ycms.technorama.pk/BOA/Login.php Page URL
https://ycms.technorama.pk/cdn-cgi/phish-bypass?atok=kmGMkWgbTtOBc6cpDgoMxIfe_uRhCxRU6C.bWdYv_rU-1679522586-0-%2FBOA%2FLogin.php HTTP 301
https://ycms.technorama.pk/BOA/Login.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Login.php Show response
ycms.technorama.pk/BOA/ 4 KB
2 KB 384ms
29ms Document
text/html 104.21.19.159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ycms.technorama.pk/BOA/Login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.19.159 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d83c2edbbf2d5a64f9316b3e8881e5a614235fa9ad0a0689e6bd646ade40700f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cf-ray: 7ac1b904fffd1a04-KIX
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 22 Mar 2023 22:03:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zskl8CDzxGHOzqPjxAQjMdS%2Bum%2FhT38gWGE2hJnxTZA8P%2BLGbYGwP%2Fx4Q9HApaJCkRMyVUlk8HcmYIPpABS8tQ2iYnUSvhVoF%2FUAYvLiipbmgxPopLQVHRlSWwWboYSJKV3VSjU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 cf.errors.css
ycms.technorama.pk/cdn-cgi/styles/ 24 KB
5 KB 56ms
56ms Stylesheet
text/css 104.21.19.159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ycms.technorama.pk/cdn-cgi/styles/cf.errors.css

Requested by

Host: ycms.technorama.pk
URL: https://ycms.technorama.pk/BOA/Login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.19.159 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1103290e25ebda2712abe344a87facbac00ddaba712729be9fe5feef807bf91b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ycms.technorama.pk/BOA/Login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 22:03:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 17 Mar 2023 11:52:04 GMT
server: cloudflare
etag: W/"64145464-5e44"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200, public
cf-ray: 7ac1b90558391a04-KIX
expires: Thu, 23 Mar 2023 00:03:06 GMT

GET
H2 200 icon-exclamation.png
ycms.technorama.pk/cdn-cgi/images/ 452 B
541 B 20ms
20ms Image
image/png 104.21.19.159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ycms.technorama.pk/cdn-cgi/images/icon-exclamation.png?1376755637

Requested by

Host: ycms.technorama.pk
URL: https://ycms.technorama.pk/cdn-cgi/styles/cf.errors.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.19.159 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ycms.technorama.pk/cdn-cgi/styles/cf.errors.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 22:03:06 GMT
x-content-type-options: nosniff
last-modified: Fri, 17 Mar 2023 11:52:04 GMT
server: cloudflare
etag: "64145464-1c4"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 7ac1b90588551a04-KIX
content-length: 452
expires: Thu, 23 Mar 2023 00:03:06 GMT

GET
H2

200

Primary Request Login.php Show response
ycms.technorama.pk/BOA/
Redirect Chain

https://ycms.technorama.pk/cdn-cgi/phish-bypass?atok=kmGMkWgbTtOBc6cpDgoMxIfe_uRhCxRU6C.bWdYv_rU-1679522586-0-%2FBOA%2FLogin.php
https://ycms.technorama.pk/BOA/Login.php

936 KB
362 KB

836ms
836ms

Document
text/html

104.21.19.159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ycms.technorama.pk/BOA/Login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.19.159 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.33

Resource Hash

6ae13d099222005824eaba4f5f55c13a99ee473f24d9e4396dc2edeb07abb4c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ycms.technorama.pk/BOA/Login.php
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7ac1b9227fb61a04-KIX
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 22 Mar 2023 22:03:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wpxuGcMHTIxJQ737JNAaeTIjBsN5AgZg1lcM5f7BWdBkV2E5vegPLdqePdv8CLY1K%2FYOiwCvlX7J%2B9%2Bu4%2Fy1lAyqcGtMco0X1aXjRx7lkWVq3exr6iMF8GGC8UbAy1biR0yW1zU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed
x-xss-protection: 1; mode=block

Redirect headers

cache-control: private, no-cache
cf-ray: 7ac1b921df311a04-KIX
content-length: 167
content-type: text/html
date: Wed, 22 Mar 2023 22:03:11 GMT
location: https://ycms.technorama.pk/BOA/Login.php
server: cloudflare
x-content-type-options: nosniff
x-frame-options: DENY

GET
DATA 200
OK truncated
/ 38 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 30652cee5990b3b76f6cbf6f26362be9254dd62b4c6e6003c1127d1484573787

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 19 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6bb1d4b1b719488b9812d1fb67b41b03857eec8f4e0a4d46a8066574037d817a

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 vb26e4fa9e5134444860be286fd8771851679335129114 Show response
static.cloudflareinsights.com/beacon.min.js/ 16 KB
6 KB 935ms
389ms Script
text/javascript 104.16.57.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vb26e4fa9e5134444860be286fd8771851679335129114
Requested by: Host: ycms.technorama.pk
URL: https://ycms.technorama.pk/BOA/Login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.57.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4ef73601a6552d55503bcbd9b6cd23fc0c33fa075f8efe724cddd4e3ee55542

Request headers

Referer: https://ycms.technorama.pk/
Origin: https://ycms.technorama.pk
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 22:03:14 GMT
content-encoding: gzip
last-modified: Mon, 20 Mar 2023 17:58:49 GMT
server: cloudflare
etag: W/2023.3.0
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7ac1b9387e1e0a42-KIX

GET
DATA 200
OK truncated
/ 473 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8c37fb372596058d87dd9208541c49b020d0e840e4f3a5baa27d39be2dc70b01

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e1ac56ae25629e508f729b799d563d71920902a4cb26cf3bb602beb3e368775e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 48 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca3205c6a4eecfd67ad990b62b10e19f601230a2a5b2791676089e82836763f4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 144 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a8bc6337547a246ef75d1ae66d7ec8a0ed6171c1ba49804a403124e27c8e8452

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 82 KB
82 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1172386e1cd9f7fd9d7646df035d93473bbbf19e1b325fc54d9c2aa76e5a7a80

Request headers

Referer
Origin: https://ycms.technorama.pk
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: application/font-woff

POST
H2 204 rum Show response
ycms.technorama.pk/cdn-cgi/ 0
167 B 117ms
117ms XHR
text/plain 104.21.19.159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ycms.technorama.pk/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vb26e4fa9e5134444860be286fd8771851679335129114

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.19.159 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://ycms.technorama.pk/BOA/Login.php
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
content-type: application/json

Response headers

date: Wed, 22 Mar 2023 22:03:15 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://ycms.technorama.pk
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7ac1b93af9271a04-KIX

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online) Bank of America (Banking)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.ycms.technorama.pk/	1970-01-20 10:33:28	Name: __cf_mw_byp Value: kmGMkWgbTtOBc6cpDgoMxIfe_uRhCxRU6C.bWdYv_rU-1679522586-0-/BOA/Login.php

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

static.cloudflareinsights.com
ycms.technorama.pk
104.16.57.101
104.21.19.159
1103290e25ebda2712abe344a87facbac00ddaba712729be9fe5feef807bf91b
1172386e1cd9f7fd9d7646df035d93473bbbf19e1b325fc54d9c2aa76e5a7a80
30652cee5990b3b76f6cbf6f26362be9254dd62b4c6e6003c1127d1484573787
6ae13d099222005824eaba4f5f55c13a99ee473f24d9e4396dc2edeb07abb4c7
6bb1d4b1b719488b9812d1fb67b41b03857eec8f4e0a4d46a8066574037d817a
8c37fb372596058d87dd9208541c49b020d0e840e4f3a5baa27d39be2dc70b01
a4ef73601a6552d55503bcbd9b6cd23fc0c33fa075f8efe724cddd4e3ee55542
a8bc6337547a246ef75d1ae66d7ec8a0ed6171c1ba49804a403124e27c8e8452
ca3205c6a4eecfd67ad990b62b10e19f601230a2a5b2791676089e82836763f4
d83c2edbbf2d5a64f9316b3e8881e5a614235fa9ad0a0689e6bd646ade40700f
e1ac56ae25629e508f729b799d563d71920902a4cb26cf3bb602beb3e368775e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016

ycms.technorama.pk Open in urlscan Pro 104.21.19.159 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

6 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

3 IPs

1 Countries

458 kBTransfer

1171 kBSize

1 Cookies

11 Outgoing links

Page URL History

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

5 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

ycms.technorama.pk Open in urlscan Pro
104.21.19.159 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

458 kB
Transfer

1171 kB
Size

1
Cookies

6 HTTP transactions
7 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!