fullzbofa.webcindario.com
Open in
urlscan Pro
5.57.226.202
Malicious Activity!
Public Scan
URL:
http://fullzbofa.webcindario.com/boa-phone/www/secure.bankofamerica.com/login/sign-in/signOnV2Screen.go/login/
Submission Tags: 6322421
Submission: On December 16 via api from NL
Submission Tags: 6322421
Submission: On December 16 via api from NL
Summary
This website contacted 17 IPs
in 5 countries
across 12 domains to perform 35 HTTP transactions.
The main IP is 5.57.226.202, located in
Madrid, Spain and
belongs to SERVIHOSTING-AS AireNetworks, ES.
The main domain is fullzbofa.webcindario.com.
This is the only time fullzbofa.webcindario.com was scanned on urlscan.io!
This is the only time fullzbofa.webcindario.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Bank of America (Banking)Domain & IP information
15
5.57.226.202
(Madrid, Spain)
ASN29119 (SERVIHOSTING-AS AireNetworks, ES)
ASN29119 (SERVIHOSTING-AS AireNetworks, ES)
| fullzbofa.webcindario.com |
1
2a00:1450:4001:816::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE - Google LLC, US)
ASN15169 (GOOGLE - Google LLC, US)
| pagead2.googlesyndication.com |
2
2606:4700:20::681a:dc8
(United States)
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
| hosting.miarroba.info |
1
2a00:1450:4001:808::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE - Google LLC, US)
ASN15169 (GOOGLE - Google LLC, US)
| www.googletagmanager.com |
1
2a00:1450:4001:808::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE - Google LLC, US)
ASN15169 (GOOGLE - Google LLC, US)
| adservice.google.de |
1
2a00:1450:4001:800::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE - Google LLC, US)
ASN15169 (GOOGLE - Google LLC, US)
| adservice.google.com |
1
2a00:1450:4001:81d::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE - Google LLC, US)
ASN15169 (GOOGLE - Google LLC, US)
| pagead2.googlesyndication.com |
1
34.232.21.42
(Ashburn, United States)
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-232-21-42.compute-1.amazonaws.com
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-232-21-42.compute-1.amazonaws.com
| aero.bankofamerica.com |
1
52.2.220.123
(Ashburn, United States)
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-2-220-123.compute-1.amazonaws.com
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-2-220-123.compute-1.amazonaws.com
| boss.bankofamerica.com |
1
18.214.122.84
(Ashburn, United States)
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-18-214-122-84.compute-1.amazonaws.com
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-18-214-122-84.compute-1.amazonaws.com
| dull.bankofamerica.com |
2
2a00:1450:4001:814::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE - Google LLC, US)
ASN15169 (GOOGLE - Google LLC, US)
| googleads.g.doubleclick.net |
1
34.253.69.115
(Dublin, Ireland)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-253-69-115.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-253-69-115.eu-west-1.compute.amazonaws.com
| des.smartclip.net |
5
2a00:1450:4001:808::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE - Google LLC, US)
ASN15169 (GOOGLE - Google LLC, US)
| www.google-analytics.com |
4
2a00:1450:400c:c00::9b
(Brussels, Belgium)
ASN15169 (GOOGLE - Google LLC, US)
ASN15169 (GOOGLE - Google LLC, US)
| stats.g.doubleclick.net |
4
2a00:1450:4001:825::2004
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE - Google LLC, US)
ASN15169 (GOOGLE - Google LLC, US)
| www.google.com |
4
2a00:1450:4001:825::2003
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE - Google LLC, US)
ASN15169 (GOOGLE - Google LLC, US)
| www.google.de |
1
2a00:1450:4001:825::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE - Google LLC, US)
ASN15169 (GOOGLE - Google LLC, US)
| www.googletagservices.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 15 |
webcindario.com
1 redirects
fullzbofa.webcindario.com |
286 KB |
| 6 |
doubleclick.net
4 redirects
googleads.g.doubleclick.net stats.g.doubleclick.net |
640 B |
| 5 |
google-analytics.com
4 redirects
www.google-analytics.com |
18 KB |
| 5 |
google.com
4 redirects
adservice.google.com www.google.com |
896 B |
| 5 |
google.de
adservice.google.de www.google.de |
607 B |
| 3 |
bankofamerica.com
aero.bankofamerica.com boss.bankofamerica.com dull.bankofamerica.com |
3 KB |
| 2 |
miarroba.info
hosting.miarroba.info |
1011 B |
| 2 |
googlesyndication.com
pagead2.googlesyndication.com |
122 KB |
| 1 |
googletagservices.com
www.googletagservices.com |
29 KB |
| 1 |
sunmediaads.com
img.sunmediaads.com play.sunmediaads.com Failed |
29 KB |
| 1 |
smartclip.net
des.smartclip.net |
510 B |
| 1 |
googletagmanager.com
www.googletagmanager.com |
20 KB |
| 35 | 12 |
| Domain | Requested by | |
|---|---|---|
| 15 | fullzbofa.webcindario.com |
1 redirects
fullzbofa.webcindario.com
|
| 5 | www.google-analytics.com |
4 redirects
www.googletagmanager.com
|
| 4 | www.google.de |
fullzbofa.webcindario.com
|
| 4 | www.google.com | 4 redirects |
| 4 | stats.g.doubleclick.net | 4 redirects |
| 2 | googleads.g.doubleclick.net |
pagead2.googlesyndication.com
|
| 2 | hosting.miarroba.info |
fullzbofa.webcindario.com
|
| 2 | pagead2.googlesyndication.com |
fullzbofa.webcindario.com
pagead2.googlesyndication.com |
| 1 | www.googletagservices.com |
pagead2.googlesyndication.com
|
| 1 | img.sunmediaads.com |
fullzbofa.webcindario.com
|
| 1 | des.smartclip.net |
fullzbofa.webcindario.com
|
| 1 | dull.bankofamerica.com |
fullzbofa.webcindario.com
|
| 1 | boss.bankofamerica.com |
fullzbofa.webcindario.com
|
| 1 | aero.bankofamerica.com |
fullzbofa.webcindario.com
|
| 1 | adservice.google.com |
pagead2.googlesyndication.com
|
| 1 | adservice.google.de |
pagead2.googlesyndication.com
|
| 1 | www.googletagmanager.com |
fullzbofa.webcindario.com
|
| 0 | play.sunmediaads.com Failed |
img.sunmediaads.com
|
| 35 | 18 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| secure.bankofamerica.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2019-11-03 - 2020-10-09 |
a year | crt.sh |
| *.google-analytics.com GTS CA 1O1 |
2019-11-13 - 2020-02-05 |
3 months | crt.sh |
| *.google.com GTS CA 1O1 |
2019-11-13 - 2020-02-05 |
3 months | crt.sh |
| *.g.doubleclick.net GTS CA 1O1 |
2019-11-13 - 2020-02-05 |
3 months | crt.sh |
| leadzuin.com Sectigo RSA Domain Validation Secure Server CA |
2019-05-20 - 2020-06-18 |
a year | crt.sh |
| www.google.de GTS CA 1O1 |
2019-11-13 - 2020-02-05 |
3 months | crt.sh |
This page contains 4 frames:
Primary Page:
http://fullzbofa.webcindario.com/boa-phone/www/secure.bankofamerica.com/login/sign-in/signOnV2Screen.go/login/
Frame ID: BF71F6034AED446419583D3186B416E9
Requests: 32 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20191205/r20190131/zrt_lookup.html
Frame ID: 911F7E0A00EC856ADF3F355CAC331251
Requests: 1 HTTP requests in this frame
Frame:
http://hosting.miarroba.info/607f6b0b381bbc1f64fa027d62891072_cookie.php
Frame ID: 2362F7010D145186DA95CB193F15AFFE
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7294310421616689&output=html&adk=1812271804&adf=3025194257&lmt=1576479681&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C30%3A1081344%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Ffullzbofa.webcindario.com%2Fboa-phone%2Fwww%2Fsecure.bankofamerica.com%2Flogin%2Fsign-in%2FsignOnV2Screen.go%2Flogin%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1576479680739&bpp=237&bdt=46&fdt=352&idt=352&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=8107077260537&frm=20&pv=2&ga_vid=799788970.1576479681&ga_sid=1576479681&ga_hid=27300713&ga_fc=0&iag=0&icsg=2343567152&dssz=36&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065126&oid=3&pvsid=231731701648727&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=0&uci=a!0&fsb=1&dtd=364
Frame ID: 246D27ACAA2F6EFA4D3D61C78307F11A
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://fullzbofa.webcindario.com/boa-phone/www/secure.bankofamerica.com/login/sign-in/signOnV2Screen.go/login
HTTP 301
http://fullzbofa.webcindario.com/boa-phone/www/secure.bankofamerica.com/login/sign-in/signOnV2Screen.go/login/ Page URL
Detected technologies
Nginx
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Google AdSense
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /googlesyndication\.com\//i
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
URL: https://secure.bankofamerica.com/login/reset/entry/forgotPwdScreen.go
Title: Forgot your Passcode?
Title: Forgot your Passcode?
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://fullzbofa.webcindario.com/boa-phone/www/secure.bankofamerica.com/login/sign-in/signOnV2Screen.go/login
HTTP 301
http://fullzbofa.webcindario.com/boa-phone/www/secure.bankofamerica.com/login/sign-in/signOnV2Screen.go/login/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 27- https://www.google-analytics.com/r/collect?v=1&_v=j79&a=27300713&t=pageview&_s=1&dl=http%3A%2F%2Ffullzbofa.webcindario.com%2Fboa-phone%2Fwww%2Fsecure.bankofamerica.com%2Flogin%2Fsign-in%2FsignOnV2Screen.go%2Flogin%2F&ul=en-us&de=UTF-8&dt=Bank%20of%20America%20%7C%20Online%20Banking%20%7C%20Sign%20In%20%7C%20Online%20ID&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABC~&jid=1535094428&gjid=1814710893&cid=799788970.1576479681&tid=UA-597118-7&_gid=445925782.1576479681&_r=1>m=2wgc61T2VG59&z=755579801 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-597118-7&cid=799788970.1576479681&jid=1535094428&_gid=445925782.1576479681&gjid=1814710893&_v=j79&z=755579801 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-597118-7&cid=799788970.1576479681&jid=1535094428&_v=j79&z=755579801 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-597118-7&cid=799788970.1576479681&jid=1535094428&_v=j79&z=755579801&slf_rd=1&random=1325724675
- https://www.google-analytics.com/r/collect?v=1&_v=j79&a=27300713&t=pageview&_s=1&dl=http%3A%2F%2Ffullzbofa.webcindario.com%2Fboa-phone%2Fwww%2Fsecure.bankofamerica.com%2Flogin%2Fsign-in%2FsignOnV2Screen.go%2Flogin%2F&ul=en-us&de=UTF-8&dt=Bank%20of%20America%20%7C%20Online%20Banking%20%7C%20Sign%20In%20%7C%20Online%20ID&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAAABC~&jid=838737677&gjid=1744634740&cid=799788970.1576479681&tid=UA-597118-1&_gid=445925782.1576479681&_r=1>m=2wgc61T2VG59&z=1797018408 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-597118-1&cid=799788970.1576479681&jid=838737677&_gid=445925782.1576479681&gjid=1744634740&_v=j79&z=1797018408 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-597118-1&cid=799788970.1576479681&jid=838737677&_v=j79&z=1797018408 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-597118-1&cid=799788970.1576479681&jid=838737677&_v=j79&z=1797018408&slf_rd=1&random=4131042435
- https://www.google-analytics.com/r/collect?v=1&_v=j79&a=27300713&t=timing&_s=2&dl=http%3A%2F%2Ffullzbofa.webcindario.com%2Fboa-phone%2Fwww%2Fsecure.bankofamerica.com%2Flogin%2Fsign-in%2FsignOnV2Screen.go%2Flogin%2F&ul=en-us&de=UTF-8&dt=Bank%20of%20America%20%7C%20Online%20Banking%20%7C%20Sign%20In%20%7C%20Online%20ID&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1707&pdt=0&dns=0&rrt=118&srt=219&tcp=0&dit=659&clt=659&_gst=645&_gbt=724&_cst=344&_cbt=642&_u=YEDAAAABC~&jid=1219226785&gjid=703067965&cid=799788970.1576479681&tid=UA-597118-7&_gid=445925782.1576479681&_r=1>m=2wgc61T2VG59&z=1871382512 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-597118-7&cid=799788970.1576479681&jid=1219226785&_gid=445925782.1576479681&gjid=703067965&_v=j79&z=1871382512 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-597118-7&cid=799788970.1576479681&jid=1219226785&_v=j79&z=1871382512 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-597118-7&cid=799788970.1576479681&jid=1219226785&_v=j79&z=1871382512&slf_rd=1&random=1105104203
- https://www.google-analytics.com/r/collect?v=1&_v=j79&a=27300713&t=timing&_s=2&dl=http%3A%2F%2Ffullzbofa.webcindario.com%2Fboa-phone%2Fwww%2Fsecure.bankofamerica.com%2Flogin%2Fsign-in%2FsignOnV2Screen.go%2Flogin%2F&ul=en-us&de=UTF-8&dt=Bank%20of%20America%20%7C%20Online%20Banking%20%7C%20Sign%20In%20%7C%20Online%20ID&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1707&pdt=0&dns=0&rrt=118&srt=219&tcp=0&dit=659&clt=659&_gst=645&_gbt=724&_cst=344&_cbt=642&_u=YEDAAAABC~&jid=1872398621&gjid=2131770226&cid=799788970.1576479681&tid=UA-597118-1&_gid=445925782.1576479681&_r=1>m=2wgc61T2VG59&z=579625504 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-597118-1&cid=799788970.1576479681&jid=1872398621&_gid=445925782.1576479681&gjid=2131770226&_v=j79&z=579625504 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-597118-1&cid=799788970.1576479681&jid=1872398621&_v=j79&z=579625504 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-597118-1&cid=799788970.1576479681&jid=1872398621&_v=j79&z=579625504&slf_rd=1&random=1004641171
35 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
/
fullzbofa.webcindario.com/boa-phone/www/secure.bankofamerica.com/login/sign-in/signOnV2Screen.go/login/ Redirect Chain
|
38 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
104 KB 38 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
vipaa-v2-jawr.css
fullzbofa.webcindario.com/boa-phone/www/secure.bankofamerica.com/login/sign-in/signOnV2Screen.go/login/index_files/ |
220 KB 34 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
vipaa-v2-jawr.js
fullzbofa.webcindario.com/boa-phone/www/secure.bankofamerica.com/login/sign-in/signOnV2Screen.go/login/index_files/ |
783 KB 196 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cc.go
fullzbofa.webcindario.com/boa-phone/www/secure.bankofamerica.com/login/sign-in/signOnV2Screen.go/login/index_files/ |
31 KB 13 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
g8C
fullzbofa.webcindario.com/boa-phone/www/secure.bankofamerica.com/login/sign-in/signOnV2Screen.go/login/index_files/ |
137 B 411 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
g8C_002
fullzbofa.webcindario.com/boa-phone/www/secure.bankofamerica.com/login/sign-in/signOnV2Screen.go/login/index_files/ |
137 B 413 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
head1.png
fullzbofa.webcindario.com/boa-phone/www/secure.bankofamerica.com/login/sign-in/signOnV2Screen.go/login/index_files/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ad.png
fullzbofa.webcindario.com/boa-phone/www/secure.bankofamerica.com/login/sign-in/signOnV2Screen.go/login/index_files/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
head.png
fullzbofa.webcindario.com/boa-phone/www/secure.bankofamerica.com/login/sign-in/signOnV2Screen.go/login/index_files/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
hosting.miarroba.info/ |
1 KB 1011 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
www.googletagmanager.com/ |
53 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
vipaa-v2-jawr-print.css
fullzbofa.webcindario.com/boa-phone/www/secure.bankofamerica.com/login/sign-in/signOnV2Screen.go/login/index_files/ |
302 B 600 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
integrator.js
adservice.google.de/adsid/ |
109 B 171 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
integrator.js
adservice.google.com/adsid/ |
109 B 171 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/ |
225 KB 85 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
I3n.js
aero.bankofamerica.com/30306/ |
571 B 911 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
a8e.js
boss.bankofamerica.com/30306/ |
571 B 911 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
y9h.js
dull.bankofamerica.com/boaa/ |
571 B 911 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20191205/r20190131/ Frame 911F |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sign-in-sprite.png
fullzbofa.webcindario.com/pa/global-assets/1.0/graphic/ |
5 KB 5 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cnx-regular.woff
fullzbofa.webcindario.com/pa/global-assets/1.0/font/cnx-regular/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ads
des.smartclip.net/ |
20 B 510 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
43 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
 Cookie set
607f6b0b381bbc1f64fa027d62891072_cookie.php
hosting.miarroba.info/ Frame 2362 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
lz_loader.js
img.sunmediaads.com/ads/ |
95 KB 29 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cc.go
fullzbofa.webcindario.com/login/sign-in/ |
3 KB 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cnx-regular.ttf
fullzbofa.webcindario.com/pa/global-assets/1.0/font/cnx-regular/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame 246D |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
osd.js
www.googletagservices.com/activeview/js/current/ |
78 KB 29 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
zone.php
play.sunmediaads.com/red/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- play.sunmediaads.com
- URL
- https://play.sunmediaads.com/red/zone.php?code=HEZRL65RXYI2&a=&pubid=&lgid=2266844230.99965909016244
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Bank of America (Banking)379 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| dataLayer object| adsbygoogle string| boaVIPAAuseGzippedBundles string| boaVIPAAjawrEnabled string| dotcomURLPrefix string| pinRegexSwitch string| sbPinRegexSwitch string| newPwdStandardSwitch object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| boa function| windowSetup function| displayPopup function| boaLangSetup function| boaLocationReplace function| boaEqualHeight function| boaEqualWidth function| boaCenterAlign function| boaVerCheck function| boaTLUIFieldValidationError function| boaTLAddCustomEvent function| boaTLAddEvent object| dartTag function| dartFireOnClick function| dartFireOnClickWithoutNumParam function| dartFireOnClickSpecial function| boaOBORestricted function| asyncPrintCssInclude function| boaGetCookie function| boaSetCookie function| boaGetUrlParam object| selectBofa object| cfLoader object| boaBrowserDetect object| SessionTimeout object| XEngineWidgetFramework undefined| debug_g object| widgetActionArray_g object| widgetPageLocationArray_g object| widgetDivIdArray_g object| widgetDefaultContentArray_g undefined| callbackTimeoutId_g undefined| callbackJsonTimeoutId_g undefined| ranCallbackOnTimer_g undefined| callbackWidgetTimeoutId_g undefined| ranCallbackOnWidgetTimer_g number| receivedAdCounter_g undefined| ranWidgetCallbackOnTimer_g undefined| widgetCallbackTimeoutId_g undefined| widgetCallbackJsonTimeoutId_g string| snippetLoadImage function| callWidget function| sendJsonWidgetRequest function| callWidgetJSON function| callbackOnWidgetRequestTimeout function| widget_show function| clearTimeouts function| handleWidgetResponse function| sendJsonRequest function| widgetTimeoutCallBackFunction function| widgetErrorCallBackFunction function| displayDefaultContent function| handleResponse function| BofaJsHttp function| initializeTC function| callTouchClarity function| callbackOnTimeout function| callback function| intializeTCTimeOutContent function| fetchTouchClarityHtml function| convertToJSONString function| getAdditionalRequestParams function| trimValue function| debug function| boaMboxCreate function| createBOAOnClickBE function| createBOAImpressionBE function| createBOAImpression function| showTola function| renderTola function| getMVTparams function| logBusinessEvent function| jsonpCallback function| removejscssfile function| loadjscssfile function| loadAllCssJsFiles function| checkDuplicateCsJsFile function| findjscssfile function| setFlexLayoutFooterHeight object| flexLayoutFooterHeightOriginal number| flexLayoutCenterContentHeightOriginal object| $flexLayoutFooterDiv object| $flexLayoutFooterInner boolean| isIE boolean| isWin boolean| isOpera function| ControlVersion function| GetSwfVer function| DetectFlashVer function| AC_AddExtension function| AC_Generateobj function| AC_FL_RunContent function| AC_GetArgs number| requiredMajorVersion number| requiredMinorVersion number| requiredRevision string| src string| width string| height string| application string| bgcolor function| showWidget string| spwSafePassNonFlashUrl string| spwPageCode string| spwFormName string| spwDeviceIndex string| spwExpand string| spwDivId number| spwProgressBarEachPercent string| spwContainerID undefined| spwScriptNode undefined| spwLinkNode function| showNonFlashWidget object| spwProgressBar function| isBrowserIE function| isBrowserOpera function| getVersionString function| isExternalInterfaceCompatible function| isWidgetCompatible function| isSitekeyWidgetCompatible undefined| otpAjaxRequest string| otpContainerID undefined| otpScriptNode undefined| otpLinkNode number| otpChildIndex string| acwServiceURL object| otpInitSettings function| showOTPWidget undefined| openSumState undefined| openSumStateUrl undefined| openState function| summaryWidgetLoaded function| setSummaryWidgetState function| generateKey function| encrypt function| decrypt function| encryptA function| decryptA function| asyncEncryptField object| JSEncryptExports function| JSEncrypt object| CryptoJS string| $errorMessageContent string| SEP string| PAIR function| PM_FP_activeXDetect function| PM_FP_stripIllegalChars function| PM_FP_stripFullPath object| PM_FP_BrowserDetect function| PM_FP_FingerPrint function| Hashtable function| IE_FingerPrint function| Mozilla_FingerPrint function| Opera_FingerPrint function| add_deviceprint function| PM_FP_urlEncode function| encode_deviceprint function| decode_deviceprint function| post_deviceprint function| post_deviceprint_sk function| getBrowserType function| addPassMarkFlash2 string| mboxCopyright object| TNT number| mboxVersion object| mboxFactories object| mboxFactoryDefault function| xCr function| mboxCreate function| uboxCreate function| enterOnlineIDFormSubmit object| $quickHelpBoaLangObj string| alertWidgetlanguage function| sc_device_sort_asc function| sc_device_sort_desc string| csrfTokenHiddenValue string| corsSettings boolean| $scIsIE boolean| corsSupported boolean| usePost string| savedOIDHtml string| newOnlineID boolean| offsetFlag function| callToeach function| detectCors function| scRequestJSONPPOST function| scRequestJSONP function| jsonpRequestCallBack function| securityCenterChangeId function| securityCenterChangePwd function| clickChangeId function| clickChangePwd function| securityCenterDisplayQandA function| securityCenterValidateQandA function| securityCenterConfirmQandA function| clearSavedId function| editSecurityPreference function| oncloseFunc function| u2fmodalClose function| offsetTooltips object| u2f object| $sideWellHelpBoaLangObj string| questionValue boolean| duplicateExists number| lpfielderror number| ppwNonBlankFieldCount string| ppwNextButtonADAText string| ppwSpanishErrorText undefined| currentErrorElement object| eCLO function| validatePPWForm function| validateState function| updateNextButtonState function| trim function| resetPPWErrorBubble function| ppwAttachSubmitHandlers function| ppwError function| showError string| modalskwContainerID function| setupModalValidation string| isModalOpen object| EmbedVideoPlayerUtil function| printSecurityTipsPDF object| setupInterstitialModal function| $ function| jQuery object| boaGlobalData object| boaBrowserObject object| jQuery191026875754319346057 object| AuthHub object| KJUR object| Hex object| Base64 function| ASN1 function| applyFixPatches object| input function| mboxUrlBuilder function| mboxStandardFetcher function| mboxAjaxFetcher function| mboxMap function| mboxFactory function| mboxSignaler function| mboxList function| mboxLocatorDefault function| mboxLocatorNode function| mboxDefine function| mboxUpdate function| mbox function| mboxOfferContent function| mboxOfferAjax function| mboxOfferDefault function| mboxCookieManager function| mboxSession function| mboxPC function| mboxGetPageParameter function| mboxSetCookie function| mboxGetCookie function| mboxCookiePageDomain function| mboxShiftArray function| mboxGenerateId function| mboxScreenHeight function| mboxScreenWidth function| mboxBrowserWidth function| mboxBrowserHeight function| mboxBrowserTimeOffset function| mboxScreenColorDepth function| mboxVizTargetUrl boolean| smartBanner object| OOo function| getSCookie function| get_SessionIdString object| boaPageDataJS function| google_spfd object| google_sv_map object| google_t12n_vars object| theBody string| captureMouseEvents number| maxMouseEvents string| ccPath object| s string| t object| google_tag_manager string| GoogleAnalyticsObject function| mia_ga object| lz_elem object| $boaLangObj number| version object| $flexBottomRow object| $forgotModuleIdpwdSkin object| forgotIDPWdSkin object| _cc object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_jobrunner object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_iframe_oncopy boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| parser object| lz_ua function| _lz_console object| lz_console function| _lz_utils object| lz_utils object| dfcheck object| df_orientation_data object| df_motion_data object| pool undefined| current number| default_lz_max_time_fallback object| lz_fallback object| lz_ads number| lz_time_listener object| pila_ban function| fixtweakboxapp function| lz_loadads function| lz_loadscripts function| lz_loadfill function| lz_loadscr function| lz_callfallback function| lz_script_item function| lz_listener_dummy function| lz_listener_banner function| lz_fallback_banner function| lz_listener_sunmedia function| lz_fallback_sunmedia function| IW_carga function| UAParser boolean| scoreForce function| lz_touchend function| lz_touchstart function| lz_deviceorientation function| lz_MozOrientation function| lz_devicemotion number| lz_max_time_fallback function| htmlParser function| oldwrite function| oldwriteln function| IW_load string| lz_zone object| target2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .fullzbofa.webcindario.com/ | Name: _gat_UA-597118-1 Value: 1 |
|
| .fullzbofa.webcindario.com/ | Name: _gat_UA-597118-7 Value: 1 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
adservice.google.com
adservice.google.de
aero.bankofamerica.com
boss.bankofamerica.com
des.smartclip.net
dull.bankofamerica.com
fullzbofa.webcindario.com
googleads.g.doubleclick.net
hosting.miarroba.info
img.sunmediaads.com
pagead2.googlesyndication.com
play.sunmediaads.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
play.sunmediaads.com
18.214.122.84
2606:4700:20::681a:dc8
2a00:1450:4001:800::2002
2a00:1450:4001:808::2002
2a00:1450:4001:808::2008
2a00:1450:4001:808::200e
2a00:1450:4001:814::2002
2a00:1450:4001:816::2002
2a00:1450:4001:81d::2002
2a00:1450:4001:825::2002
2a00:1450:4001:825::2003
2a00:1450:4001:825::2004
2a00:1450:400c:c00::9b
34.232.21.42
34.253.69.115
5.57.226.202
52.2.220.123
89.255.250.53
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
1668a61a19770d58e07e49db114edb62da08da78dae62e9561a2aa28fec011a4
1a535a0aa24859c0a54bae6f0737dfacde698e89eabe751c48acf2ebc44ca4b4
20cdda5f0e51f5dac5693ffe15fb394528dd838e9887a785de1d02e3bb2a418f
22d2250aef3263243f34641f4931a89ee8ac9ff59385f606cd5b5685f2df39c7
2685d0b576e6b9b5690c3f92a7093f2a24194c410452288d97c54d19dcf30160
29a06514fc89213439d0c94e6c2a26ae62933bd0fe8a9df14abde1181dc9e30a
373188d84a5afe311e3678e5d677795aeb0a102a6ea12bad0554db5ea64cd224
49af7586695880ee250be9373bad5c52662f650aa955be98ba0a5559de7b5435
5d30e39309923dfbd5e04218cf454cdedd9c76933128252b05fe0813014d4537
63890326f558587b0840eb0a6e6377f1bf39264e015e568f4c2a03aefce3f929
71a7cb570398936fc89ca48429aeffed1943c5a85b5c842bc6b471e5049411ce
7285303c6f1bd19a091fb8046d1c43704c3f846461b957fe4198c3e051fce7eb
7f62fe98b4b9e54f60e6efc2e3c239f7e404cca0db5e3c3275962e4eceeb9503
8bbe02fcff294f44802bae257c5fe1ae87530305fc904c97a15c5880472bc1f0
a52f60ca64f15221189a4d9985642bead345a9fbf219cd484f78a89f9ba87388
a92da26410558ab128fe77a89117c48b5d49f62b637c138fe3d184e3a0d63df1
bd3207965d50b36e9a079e231f581ae84d8bcd074b626feb2d94b8b0ce5cc7b2
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dcc20632135c4c6ebe55389bee231f39e82454458ac4b76b9cb88e49894ff2eb
e4a323d5c609a59a54df8dba3281594d8ee2dec66e25ab9b3686cc5348e1ae7e
ec0653815e76fd4cf1c0b87b47deb2e61d7080d1d9215fecbb8530e06f22dd6b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629