urlscan.io logo urlscan.io
SecurityTrails logo

online-stx-uat1c.cashpro.bankofamerica.com Open in urlscan Pro
23.212.208.173  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://cponline-spx-uat1c-vip.cashpro.bankofamerica.com/
Effective URL: https://online-stx-uat1c.cashpro.bankofamerica.com/PHXcms/public/content/cashproonline/html/CashProOnline/SystemMaintenance/SiteDown.html
Submission Tags: @phishunt_io
Submission: On November 01 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 1 domains to perform 7 HTTP transactions. The main IP is 23.212.208.173, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is online-stx-uat1c.cashpro.bankofamerica.com.
TLS certificate: Issued by Entrust Certification Authority - L1M on May 17th 2024. Valid for: a year.
This is the only time online-stx-uat1c.cashpro.bankofamerica.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 171.162.85.118 19886 (BOFABROKE...)
2 7 23.212.208.173 16625 (AKAMAI-AS)
2 2.19.184.206 20940 (AKAMAI-ASN1)
7 2
Domain Requested by
7 online-stx-uat1c.cashpro.bankofamerica.com 2 redirects online-stx-uat1c.cashpro.bankofamerica.com
2 online-uat1a.cashpro.bankofamerica.com online-stx-uat1c.cashpro.bankofamerica.com
1 cponline-spx-uat1c-vip.cashpro.bankofamerica.com 1 redirects
7 3

This site contains no links.

Subject Issuer Validity Valid
cashproonlinestatic-preprod.bankofamerica.com
Entrust Certification Authority - L1M		 2024-05-17 -
2025-05-17		 a year crt.sh

This page contains 1 frames:

Primary Page: https://online-stx-uat1c.cashpro.bankofamerica.com/PHXcms/public/content/cashproonline/html/CashProOnline/SystemMaintenance/SiteDown.html
Frame ID: DB03D8C32B74F71108F9396910107529
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

SiteDown

Page URL History Show full URLs

  1. https://cponline-spx-uat1c-vip.cashpro.bankofamerica.com/ HTTP 302
    https://online-stx-uat1c.cashpro.bankofamerica.com/PHXcms/public/content/cashproonline/html/CashProOnline/SystemMaintenance/Sit... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Page Statistics

7
Requests

71 %
HTTPS

0 %
IPv6

1
Domains

3
Subdomains

2
IPs

2
Countries

46 kB
Transfer

208 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cponline-spx-uat1c-vip.cashpro.bankofamerica.com/ HTTP 302
    https://online-stx-uat1c.cashpro.bankofamerica.com/PHXcms/public/content/cashproonline/html/CashProOnline/SystemMaintenance/SiteDown.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://online-stx-uat1c.cashpro.bankofamerica.com/PHXcms/global/bootstrap.css HTTP 307
  • https://online-uat1a.cashpro.bankofamerica.com/PHXcms/global/bootstrap.css
Request Chain 5
  • https://online-stx-uat1c.cashpro.bankofamerica.com/favicon.ico HTTP 307
  • https://online-uat1a.cashpro.bankofamerica.com/favicon.ico

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request SiteDown.html
online-stx-uat1c.cashpro.bankofamerica.com/PHXcms/public/content/cashproonline/html/CashProOnline/SystemMaintenance/
Redirect Chain
  • https://cponline-spx-uat1c-vip.cashpro.bankofamerica.com/
  • https://online-stx-uat1c.cashpro.bankofamerica.com/PHXcms/public/content/cashproonline/html/CashProOnline/SystemMaintenance/SiteDown.html
28 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://online-stx-uat1c.cashpro.bankofamerica.com/PHXcms/public/content/cashproonline/html/CashProOnline/SystemMaintenance/SiteDown.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.212.208.173 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-208-173.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
6f8983662844e064f54947ada70cc5b5fd01172965dcbc5fd1fa94b09790f00d
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1347
Content-Type
text/html
Date
Fri, 01 Nov 2024 05:14:06 GMT
ETag
"2f0dcb711ea45992c557293268cb332f:1730232019.822578"
Last-Modified
Tue, 29 Oct 2024 20:00:19 GMT
Server
AkamaiNetStorage
Strict-Transport-Security
max-age=86400
Vary
Accept-Encoding

Redirect headers

Connection
Keep-Alive
Content-Length
0
Location
https://online-stx-uat1c.cashpro.bankofamerica.com/PHXcms/public/content/cashproonline/html/CashProOnline/SystemMaintenance/SiteDown.html
Server
BigIP
bootstrap.css
online-uat1a.cashpro.bankofamerica.com/PHXcms/global/
Redirect Chain
  • https://online-stx-uat1c.cashpro.bankofamerica.com/PHXcms/global/bootstrap.css
  • https://online-uat1a.cashpro.bankofamerica.com/PHXcms/global/bootstrap.css
157 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://online-uat1a.cashpro.bankofamerica.com/PHXcms/global/bootstrap.css
Requested by
Host: online-stx-uat1c.cashpro.bankofamerica.com
URL: https://online-stx-uat1c.cashpro.bankofamerica.com/PHXcms/public/content/cashproonline/html/CashProOnline/SystemMaintenance/SiteDown.html
Protocol
HTTP/1.1
Server
2.19.184.206 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-184-206.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://online-stx-uat1c.cashpro.bankofamerica.com/

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
x-dt-tracestate
6a516194-9b0df33f@dt
Content-Encoding
gzip
Connection
Keep-Alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
POST, GET, OPTIONS
Via
1.1 cpotsunami-uat1-mwweb.bankofamerica.com, 1.1 ah-1075918-001.sdi.ssc3.ext3.bankofamerica3.com
traceresponse
00-4b979c4cb56ddfe3e3ff596d456fd528-37f745c07866590c-01
Keep-Alive
timeout=5, max=512
Date
Fri, 01 Nov 2024 05:14:08 GMT
Origin-Agent-Cluster
?0
Content-Type
text/css
Vary
Accept-Encoding,Origin

Redirect headers

Strict-Transport-Security
max-age=86400
Location
https://online-uat1a.cashpro.bankofamerica.com/PHXcms/global/bootstrap.css
Content-Length
0
Date
Fri, 01 Nov 2024 05:14:07 GMT
Server
BigIP
Connection
keep-alive
cpo-splash-page.css
online-stx-uat1c.cashpro.bankofamerica.com/PHXcms/public/content/cashproonline/_assets/CPOSupportingFiles/css/common/ 		1 KB
652 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://online-stx-uat1c.cashpro.bankofamerica.com/PHXcms/public/content/cashproonline/_assets/CPOSupportingFiles/css/common/cpo-splash-page.css
Requested by
Host: online-stx-uat1c.cashpro.bankofamerica.com
URL: https://online-stx-uat1c.cashpro.bankofamerica.com/PHXcms/public/content/cashproonline/html/CashProOnline/SystemMaintenance/SiteDown.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.212.208.173 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-208-173.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
eed0d272567bd34892866780144b89c379c6fcce8eb44c41d91019d0ba5769ce
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://online-stx-uat1c.cashpro.bankofamerica.com/PHXcms/public/content/cashproonline/html/CashProOnline/SystemMaintenance/SiteDown.html

Response headers

Strict-Transport-Security
max-age=86400
Content-Encoding
gzip
ETag
"733ee7b8582612164a15b3cda95fd121:1730232018.730812"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
284
Date
Fri, 01 Nov 2024 05:14:07 GMT
Content-Type
text/css
Last-Modified
Tue, 29 Oct 2024 20:00:18 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Common_3.0.css
online-stx-uat1c.cashpro.bankofamerica.com/PHXcms/public/content/cashproonline/_assets/CPOSupportingFiles/css/common/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://online-stx-uat1c.cashpro.bankofamerica.com/PHXcms/public/content/cashproonline/_assets/CPOSupportingFiles/css/common/Common_3.0.css
Requested by
Host: online-stx-uat1c.cashpro.bankofamerica.com
URL: https://online-stx-uat1c.cashpro.bankofamerica.com/PHXcms/public/content/cashproonline/html/CashProOnline/SystemMaintenance/SiteDown.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.212.208.173 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-208-173.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
09fe8423b0ea0d580efcc542747c7fe190be20ca7048e733ed6fcf612bfc9513
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://online-stx-uat1c.cashpro.bankofamerica.com/PHXcms/public/content/cashproonline/html/CashProOnline/SystemMaintenance/SiteDown.html

Response headers

Strict-Transport-Security
max-age=86400
Content-Encoding
gzip
ETag
"e1f0e287c9a60832133bf8ae81b8006d:1730232018.235647"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1072
Date
Fri, 01 Nov 2024 05:14:07 GMT
Content-Type
text/css
Last-Modified
Tue, 29 Oct 2024 20:00:18 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
bootstrapOverride.js
online-stx-uat1c.cashpro.bankofamerica.com/PHXcms/public/content/cashproonline/_assets/CPOSupportingFiles/js/ 		114 B
500 B 		Script
General
Check archive.org
Download Go to
Full URL
https://online-stx-uat1c.cashpro.bankofamerica.com/PHXcms/public/content/cashproonline/_assets/CPOSupportingFiles/js/bootstrapOverride.js
Requested by
Host: online-stx-uat1c.cashpro.bankofamerica.com
URL: https://online-stx-uat1c.cashpro.bankofamerica.com/PHXcms/public/content/cashproonline/html/CashProOnline/SystemMaintenance/SiteDown.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.212.208.173 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-208-173.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
10a2b0baaec6d1b47aa80687a69887f06766c8e2198de1b1ea432a40a55059e9
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://online-stx-uat1c.cashpro.bankofamerica.com/PHXcms/public/content/cashproonline/html/CashProOnline/SystemMaintenance/SiteDown.html

Response headers

Strict-Transport-Security
max-age=86400
Content-Encoding
gzip
ETag
"179d323e14eb98eefd751cb8a77d0ee3:1730232019.184379"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
116
Date
Fri, 01 Nov 2024 05:14:07 GMT
Content-Type
application/x-javascript
Last-Modified
Tue, 29 Oct 2024 20:00:19 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Bofa_primary.png
online-stx-uat1c.cashpro.bankofamerica.com/PHXcms/public/content/cashproonline/_assets/CPOSupportingFiles/images/Rebrand/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://online-stx-uat1c.cashpro.bankofamerica.com/PHXcms/public/content/cashproonline/_assets/CPOSupportingFiles/images/Rebrand/Bofa_primary.png
Requested by
Host: online-stx-uat1c.cashpro.bankofamerica.com
URL: https://online-stx-uat1c.cashpro.bankofamerica.com/PHXcms/public/content/cashproonline/html/CashProOnline/SystemMaintenance/SiteDown.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.212.208.173 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-208-173.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
8782c6e8b9f307c1ba246e3429e59fc9a34e7ff1fe40c091bfd94844229b53ce
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://online-stx-uat1c.cashpro.bankofamerica.com/PHXcms/public/content/cashproonline/html/CashProOnline/SystemMaintenance/SiteDown.html

Response headers

Strict-Transport-Security
max-age=86400
ETag
"33a43daf0903147aeee636605402e518:1726533407.052906"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16532
Date
Fri, 01 Nov 2024 05:14:07 GMT
Content-Type
image/png
Last-Modified
Tue, 17 Sep 2024 00:36:47 GMT
Server
AkamaiNetStorage
favicon.ico
online-uat1a.cashpro.bankofamerica.com/
Redirect Chain
  • https://online-stx-uat1c.cashpro.bankofamerica.com/favicon.ico
  • https://online-uat1a.cashpro.bankofamerica.com/favicon.ico
1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://online-uat1a.cashpro.bankofamerica.com/favicon.ico
Protocol
HTTP/1.1
Server
2.19.184.206 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-184-206.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1776ec2d36cfe2cab1aeffeb1d8d8eb4ccc53014fb6948c8ab46673df08bd7c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://online-stx-uat1c.cashpro.bankofamerica.com/

Response headers

Upgrade
h2,h2c
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
ETag
"47e-59e7b4fa4a9fa-gzip"
Connection
Upgrade, Keep-Alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
POST, GET, OPTIONS
Accept-Ranges
bytes
Content-Length
429
Keep-Alive
timeout=5, max=512
Date
Fri, 01 Nov 2024 05:14:09 GMT
Origin-Agent-Cluster
?0
Last-Modified
Thu, 13 Feb 2020 20:55:37 GMT
Vary
Accept-Encoding,Origin
Content-Type
image/x-icon

Redirect headers

Strict-Transport-Security
max-age=86400
Location
https://online-uat1a.cashpro.bankofamerica.com/favicon.ico
Content-Length
0
Date
Fri, 01 Nov 2024 05:14:09 GMT
Server
BigIP
Connection
keep-alive

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| sheet

2 Cookies

Domain/Path Name / Value
.cashpro.bankofamerica.com/ Name: CPRID_UAT1
Value: XA11
.bankofamerica.com/ Name: TS0183a928
Value: 01d005e4adc86a9ac738002910e878580c0483f70b1ed92ddbc5202213b901fe809d1ee6a98ab222c703d9099d047ddf645463edec

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=86400