pt.levonatravel.com
Open in
urlscan Pro
2606:4700:3033::ac43:cf37
Malicious Activity!
Public Scan
Submission: On November 15 via automatic, source openphish — Scanned from DE
Summary
TLS certificate: Issued by E1 on October 14th 2022. Valid for: 3 months.
This is the only time pt.levonatravel.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Bank of America (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
16 | 2606:4700:303... 2606:4700:3033::ac43:cf37 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
16 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
levonatravel.com
pt.levonatravel.com |
529 KB |
16 | 1 |
Domain | Requested by | |
---|---|---|
16 | pt.levonatravel.com |
pt.levonatravel.com
|
16 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
secure.bankofamerica.com |
www.bankofamerica.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.levonatravel.com E1 |
2022-10-14 - 2023-01-12 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://pt.levonatravel.com/wp-admin/maint/BoaT/web/login.php?web/auth/LogIn?/BoaF=
Frame ID: F5455D579A3C0C5D19F2677C1D4F0F9F
Requests: 16 HTTP requests in this frame
11 Outgoing links
These are links going to different origins than the main page.
Title: En español
Search URL Search Domain Scan URL
Title: Forgot your Password?
Search URL Search Domain Scan URL
Title: {storeLinkText}
Search URL Search Domain Scan URL
Title: Learn about your Banking by Phone options ��
Search URL Search Domain Scan URL
Title: Problem logging in?
Search URL Search Domain Scan URL
Title: Enroll now for online Banking
Search URL Search Domain Scan URL
Title: Learn more about Online Banking
Search URL Search Domain Scan URL
Title: Service Agreement
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: Security
Search URL Search Domain Scan URL
Title: Equal Housing Lender
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
login.php
pt.levonatravel.com/wp-admin/maint/BoaT/web/ |
26 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vipaa-v4-jawr.css
pt.levonatravel.com/wp-admin/maint/BoaT/web/assets/css/ |
541 KB 70 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BofA_rgb.png
pt.levonatravel.com/wp-admin/maint/BoaT/web/assets/img/ |
38 KB 39 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
locktop.png
pt.levonatravel.com/wp-admin/maint/BoaT/web/assets/img/ |
49 KB 49 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mobile_llama.png
pt.levonatravel.com/wp-admin/maint/BoaT/web/assets/img/ |
19 KB 19 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3.png
pt.levonatravel.com/wp-admin/maint/BoaT/web/assets/img/ |
612 B 909 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
house.png
pt.levonatravel.com/wp-admin/maint/BoaT/web/assets/img/ |
49 KB 49 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vipaa-v4-jawr-print.css
pt.levonatravel.com/wp-admin/maint/BoaT/web/assets/css/ |
10 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aps-mobile-products-icon-sprite-dev.png
pt.levonatravel.com/content/images/ContextualSiteGraphics/Instructional/en_US/ |
49 KB 49 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fsd-secure-esp-sprite.png
pt.levonatravel.com/pa/components/modules/header-module/2.8/graphic/ |
49 KB 49 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cnx-regular.woff
pt.levonatravel.com/pa/global-assets/1.0/font/cnx-regular/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
help-qm-fsd.png
pt.levonatravel.com/pa/global-assets/1.0/graphic/ |
49 KB 49 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sign-in-sprite.png
pt.levonatravel.com/pa/global-assets/1.0/graphic/ |
49 KB 49 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gfootb-static-sprite.png
pt.levonatravel.com/pa/components/modules/global-footer-module/2.5/graphic/ |
49 KB 49 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gfoot-home-icon.png
pt.levonatravel.com/pa/components/modules/global-footer-module/2.5/graphic/ |
49 KB 49 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cnx-regular.ttf
pt.levonatravel.com/pa/global-assets/1.0/font/cnx-regular/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Bank of America (Banking)1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 00 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
10 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
pt.levonatravel.com
2606:4700:3033::ac43:cf37
2c08ce5b7ce910949b5f333e2950349d2062920a83d91dd65085bc694a346c6f
2f0ac0559a948fa017a8ecdb5bddf7ac54033e8aa1eb91ff7df93243c690f0d1
30652cee5990b3b76f6cbf6f26362be9254dd62b4c6e6003c1127d1484573787
4a21555e806c6a7b33c08d737f9f338dada9775decdf436e3ce0e726fc441ba5
5c1906e72cc8e2e712fa4a3f3d3408a52685dfd0679a5bb97681ca97ea601fc0
6bb1d4b1b719488b9812d1fb67b41b03857eec8f4e0a4d46a8066574037d817a
f26f8a5893922c691ded7869a70c3adbd5d99edc14beee31a813e1506b7a23ee