dcfbndoc.com Open in urlscan Pro
46.249.38.158 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://dcfbndoc.com/b/online/bankofamerica.htm?f34b7e65eb5da5de6f89a190a4ee99bc&onlinebanking/online-banking.go
Submission: On June 13 via automatic, source phishtank (June 13th 2018, 5:14:11 pm UTC)

Summary HTTP 12 Redirects Links 67 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 12 HTTP transactions. The main IP is 46.249.38.158, located in Netherlands and belongs to HOSTKEY-AS, NL. The main domain is dcfbndoc.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on May 18th 2018. Valid for: 3 months.

This is the only time dcfbndoc.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Bank of America (Banking)

Domain & IP information

	IP Address		AS Autonomous System
12	46.249.38.158 46.249.38.158		57043 (HOSTKEY-AS) (HOSTKEY-AS)
12	1

12 46.249.38.158 (Netherlands)

ASN57043 (HOSTKEY-AS, NL)
PTR: hawkeye7.steeldns.com

dcfbndoc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	dcfbndoc.com dcfbndoc.com	148 KB
12	1

	Domain	Requested by
12	dcfbndoc.com	dcfbndoc.com
12	1

This site contains links to these domains. Also see Links.

Domain
www.bankofamerica.com
corp.bankofamerica.com
about.bankofamerica.com
locators.bankofamerica.com
secure.bankofamerica.com
www.merrilledge.com
www.fs.ustrust.com
privacyassist.bankofamerica.com
promotions.bankofamerica.com
www.totalmerrill.com
www.ustrust.com
www0.bankofamerica.com
www.bettermoneyhabits.com
consumer.bankofamerica.com
message.bankofamerica.com
careers.bankofamerica.com

Subject Issuer	Validity	Valid
dcfbndoc.com Let's Encrypt Authority X3	`2018-05-18` - `2018-08-16`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://dcfbndoc.com/b/online/bankofamerica.htm?f34b7e65eb5da5de6f89a190a4ee99bc&onlinebanking/online-banking.go
Frame ID: 1CA5A91CCEF8BE4E81C9DFDC1026E4BF
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

12
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

148 kB
Transfer

222 kB
Size

0
Cookies

67 Outgoing links

These are links going to different origins than the main page.

URL: https://www.bankofamerica.com/
Title: Personal

Search URL Search Domain Scan URL

URL: https://www.bankofamerica.com/smallbusiness/
Title: Small Business

Search URL Search Domain Scan URL

URL: https://www.bankofamerica.com/planning/investment.go
Title: Wealth Management

Search URL Search Domain Scan URL

URL: http://corp.bankofamerica.com/business/bi/home
Title: Businesses & Institutions

Search URL Search Domain Scan URL

URL: http://about.bankofamerica.com/
Title: About Us

Search URL Search Domain Scan URL

URL: http://locators.bankofamerica.com/locator/locator/LocatorAction.do
Title: Locations

Search URL Search Domain Scan URL

URL: https://www.bankofamerica.com/contactus/contactus.go
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.bankofamerica.com/help/overview.go
Title: Help

Search URL Search Domain Scan URL

URL: https://www.bankofamerica.com/homepage/overview.go?request_locale=es_US
Title: En español

Search URL Search Domain Scan URL

URL: https://secure.bankofamerica.com/login/enroll/entry/olbEnroll.go?reason=model_enroll
Title: Enroll

Search URL Search Domain Scan URL

URL: https://www.bankofamerica.com/homepage/passcode-help.go
Title: Where do I enter my Passcode?

Search URL Search Domain Scan URL

URL: https://secure.bankofamerica.com/login/reset/entry/resetIDScreen.go
Title: Forgot or need help with your ID?

Search URL Search Domain Scan URL

URL: https://secure.bankofamerica.com/login/reset/entry/resetPasscodeScreen.go
Title: Forgot your Passcode?

Search URL Search Domain Scan URL

URL: https://www.merrilledge.com/m/pages/home.aspx
Title: Online Investing

Search URL Search Domain Scan URL

URL: https://www.fs.ustrust.com/login/login.aspx?sgt=1
Title: U.S. Trust Account Access

Search URL Search Domain Scan URL

URL: https://privacyassist.bankofamerica.com/Pages/English/In_Activation.asp
Title: Privacy Assist®

Search URL Search Domain Scan URL

URL: http://www.bankofamerica.com/weblinking/?referredby=futurescholar
Title: Future Scholar

Search URL Search Domain Scan URL

URL: https://www.bankofamerica.com/privacy/Control.do?body=privacysecur_onlin
Title: Online privacy noticeYour saved Online ID allows us to personalize your experience. Learn how we collect and use information.

Search URL Search Domain Scan URL

URL: https://www.bankofamerica.com/deposits/checking/checking-accounts.go
Title: Checking

Search URL Search Domain Scan URL

URL: https://www.bankofamerica.com/deposits/savings/savings-accounts.go
Title: Savings

Search URL Search Domain Scan URL

URL: https://www.bankofamerica.com/deposits/bank-cds/cd-accounts.go
Title: CDs

Search URL Search Domain Scan URL

URL: https://www.bankofamerica.com/credit-cards/overview.go
Title: Credit Cards

Search URL Search Domain Scan URL

URL: https://www.bankofamerica.com/student-banking/overview.go
Title: Student Banking

Search URL Search Domain Scan URL

URL: https://www.bankofamerica.com/onlinebanking/online-banking.go
Title: Online Banking

Search URL Search Domain Scan URL

URL: https://www.bankofamerica.com/online-banking/mobile.go
Title: Mobile & Text Banking

Search URL Search Domain Scan URL

URL: https://www.bankofamerica.com/sitemap/personal.go
Title: More Banking Products

Search URL Search Domain Scan URL

URL: https://www.bankofamerica.com/platinumprivileges.go
Title: Platinum Privileges® A higher level ofservice and rewards

Search URL Search Domain Scan URL

URL: http://promotions.bankofamerica.com/deals/
Title: BankAmeriDeals® Choose cash back deals andget cash put into your account

Search URL Search Domain Scan URL

URL: https://www.bankofamerica.com/credit-cards/customized-offers/find-customized-offer.go?subchannel=ECENHN
Title: Prequalified Credit Cards Safe. Secure. Check now for prequalified offers customized for you

Search URL Search Domain Scan URL

URL: https://www.bankofamerica.com/home-loans/mortgage/overview.go
Title: Mortgage

Search URL Search Domain Scan URL

URL: https://www.bankofamerica.com/home-loans/refinance/overview.go
Title: Refinance

Search URL Search Domain Scan URL

URL: https://www.bankofamerica.com/home-loans/home-equity-loans/overview.go
Title: Home Equity

Search URL Search Domain Scan URL

URL: https://www.bankofamerica.com/vehicle-loans/auto-loans/auto-loans-financing.go
Title: Auto Loans

Search URL Search Domain Scan URL

URL: http://www.merrilledge.com/self-directed-investing?src_cd=BAC1
Title: Merrill Edge Self-Directed Investing

Search URL Search Domain Scan URL

URL: https://www.merrilledge.com/merrill-edge-advisory-center?src_cd=BAC1
Title: Merrill Edge Advisory Center

Search URL Search Domain Scan URL

URL: http://www.totalmerrill.com/TotalMerrill/pages/home.aspx
Title: Merrill Lynch Wealth Management

Search URL Search Domain Scan URL

URL: http://www.ustrust.com/ust/pages/index.aspx
Title: U.S. Trust Private Wealth Management

Search URL Search Domain Scan URL

URL: http://www.merrilledge.com/retirement/ira
Title: IRAs

Search URL Search Domain Scan URL

URL: https://www0.bankofamerica.com/insurance/property-and-auto/homeowners-and-condo/overview.go
Title: Homeowners & Condo Insurance

Search URL Search Domain Scan URL

URL: https://www0.bankofamerica.com/insurance/property-and-auto/renters/overview.go
Title: Renters Insurance

Search URL Search Domain Scan URL

URL: https://www0.bankofamerica.com/insurance/life-and-health/health/overview.go
Title: Health Savings Accounts

Search URL Search Domain Scan URL

URL: https://www0.bankofamerica.com/insurance/protection/overview.go
Title: More Protection Options

Search URL Search Domain Scan URL

URL: https://www.bankofamerica.com/financial-education/budgeting-saving.go
Title: Budgeting & Saving

Search URL Search Domain Scan URL

URL: https://www.bankofamerica.com/financial-education/managing-credit.go
Title: Managing Credit

Search URL Search Domain Scan URL

URL: https://www.bankofamerica.com/financial-education/home-buying.go
Title: Home Buying

Search URL Search Domain Scan URL

URL: https://www.bankofamerica.com/financial-education/investing-retirement.go
Title: Investing & Retirement

Search URL Search Domain Scan URL

URL: https://www.bankofamerica.com/financial-education/privacy-security.go
Title: Privacy & Security

Search URL Search Domain Scan URL

URL: http://www.bettermoneyhabits.com/
Title: BetterMoneyHabits.comVideos and tips to bettermanage your financial life.

Search URL Search Domain Scan URL

URL: https://consumer.bankofamerica.com/USCCapp/Ctl/entry?sc=VABRJC&cm_sp=Cons-CC-_-Card-Rewards-_-CCW4CHEA_hm_cr-redbar_arc00c23-s.jpg
Title:

Search URL Search Domain Scan URL

URL: https://www.bankofamerica.com/privacy/online-privacy-notice.go#advertising-on-our-sites
Title: opt out of relationship based or online behavioral advertising on our Sites

Search URL Search Domain Scan URL

URL: https://www.bankofamerica.com/privacy/online-privacy-notice.go
Title: Bank of America Online Privacy Notice

Search URL Search Domain Scan URL

URL: http://www.merrilledge.com/promos/695?cm_sp=GWM-SelfDirectedBrokerage-_-DDT-_-G2T1C12K_me_sc_%246.95_arrwc84l_ecs.gif
Title:

Search URL Search Domain Scan URL

URL: https://consumer.bankofamerica.com/USCCapp/Ctl/entry?sc=VABRHO&cm_sp=Cons-CC-_-Card-Rewards-_-CCW4C2EB_sc_bbrq3-champion_are40fc3_s.gif
Title:

Search URL Search Domain Scan URL

URL: http://about.bankofamerica.com/en-us/partnering-locally/tyga.html?cm_sp=EBZ-Corp_SocialResponsibility-_-CorporateSocialResponsibility-_-EIT1C33H_sc_tyga_are78d21_s.gif
Title:

Search URL Search Domain Scan URL

URL: http://locators.bankofamerica.com/locator/locator/
Title: More search options

Search URL Search Domain Scan URL

URL: https://consumer.bankofamerica.com/USCCapp/Ctl/entry?sc=VABXXM
Title: Learn more about the BankAmericard Travel Rewards® card ››

Search URL Search Domain Scan URL

URL: https://www.bankofamerica.com/deposits/manage/faq-ordering-checks.go
Title: Order checks

Search URL Search Domain Scan URL

URL: https://www.bankofamerica.com/deposits/checking/debit-cards.go
Title: Order a debit card

Search URL Search Domain Scan URL

URL: https://www.bankofamerica.com/foreigncurrency/index.action
Title: Order foreign currency

Search URL Search Domain Scan URL

URL: http://message.bankofamerica.com/PropertyClaims
Title: Find out how to submit a property claim »

Search URL Search Domain Scan URL

URL: https://www.bankofamerica.com/banking-information/assistance/credit-cards/credit-cards-assistance-overview.go
Title: Learn about ways we can help you manage credit card or unsecured personal loan debt »

Search URL Search Domain Scan URL

URL: https://www.bankofamerica.com/online-banking/service-agreement.go
Title: Online Banking Service Agreement

Search URL Search Domain Scan URL

URL: https://www.bankofamerica.com/accessiblebanking/overview.go
Title: Accessible Banking

Search URL Search Domain Scan URL

URL: http://careers.bankofamerica.com/careershome.aspx
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.bankofamerica.com/privacy/overview.go
Title: Privacy & Security

Search URL Search Domain Scan URL

URL: http://www.bankofamerica.com/weblinking/?referredby=sipc
Title: SIPC

Search URL Search Domain Scan URL

URL: https://www.bankofamerica.com/help/equalhousing_popup.go
Title: Equal Housing Lender

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request bankofamerica.htm Show response
dcfbndoc.com/b/online/ 63 KB
14 KB 148ms
58ms Document
text/html 46.249.38.158
HOSTKEY-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dcfbndoc.com/b/online/bankofamerica.htm?f34b7e65eb5da5de6f89a190a4ee99bc&onlinebanking/online-banking.go

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

46.249.38.158 , Netherlands, ASN57043 (HOSTKEY-AS, NL),

Reverse DNS

hawkeye7.steeldns.com

Software

nginx /

Resource Hash

e5394ffe3bca300ab2bdb1f63eb33da09c8ff7b2d3c83495dcc88d897cc52474

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: dcfbndoc.com
:scheme: https
:path: /b/online/bankofamerica.htm?f34b7e65eb5da5de6f89a190a4ee99bc&onlinebanking/online-banking.go
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 1CA5A91CCEF8BE4E81C9DFDC1026E4BF

Response headers

status: 200
server: nginx
date: Wed, 13 Jun 2018 17:14:01 GMT
content-type: text/html
vary: Accept-Encoding
last-modified: Mon, 30 Jan 2017 05:57:38 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-cache-status: EXPIRED
x-server-powered-by: Engintron
content-encoding: gzip

GET
H2 404 pbi-homepagetaggingjawr.js
dcfbndoc.com/b/online/files/ 0
0 23ms
21ms Script
text/html 46.249.38.158
HOSTKEY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dcfbndoc.com/b/online/files/pbi-homepagetaggingjawr.js
Requested by: Host: dcfbndoc.com
URL: https://dcfbndoc.com/b/online/bankofamerica.htm?f34b7e65eb5da5de6f89a190a4ee99bc&onlinebanking/online-banking.go
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.249.38.158 , Netherlands, ASN57043 (HOSTKEY-AS, NL),
Reverse DNS: hawkeye7.steeldns.com
Software: nginx /
Resource Hash

Request headers

:path: /b/online/files/pbi-homepagetaggingjawr.js
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: */*
cache-control: no-cache
:authority: dcfbndoc.com
referer: https://dcfbndoc.com/b/online/bankofamerica.htm?f34b7e65eb5da5de6f89a190a4ee99bc&onlinebanking/online-banking.go
:scheme: https
:method: GET
Referer: https://dcfbndoc.com/b/online/bankofamerica.htm?f34b7e65eb5da5de6f89a190a4ee99bc&onlinebanking/online-banking.go
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

status: 404
date: Wed, 13 Jun 2018 17:14:01 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1

GET
H2 200 pbi-homepagejawr.css
dcfbndoc.com/b/online/files/ 33 KB
7 KB 17ms
15ms Stylesheet
text/css 46.249.38.158
HOSTKEY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dcfbndoc.com/b/online/files/pbi-homepagejawr.css
Requested by: Host: dcfbndoc.com
URL: https://dcfbndoc.com/b/online/bankofamerica.htm?f34b7e65eb5da5de6f89a190a4ee99bc&onlinebanking/online-banking.go
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.249.38.158 , Netherlands, ASN57043 (HOSTKEY-AS, NL),
Reverse DNS: hawkeye7.steeldns.com
Software: nginx /
Resource Hash: 7d7892e9e929d130087595900ef45570317894a8b018e91cafe58febabc93c1d

Request headers

:path: /b/online/files/pbi-homepagejawr.css
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: dcfbndoc.com
referer: https://dcfbndoc.com/b/online/bankofamerica.htm?f34b7e65eb5da5de6f89a190a4ee99bc&onlinebanking/online-banking.go
:scheme: https
:method: GET
Referer: https://dcfbndoc.com/b/online/bankofamerica.htm?f34b7e65eb5da5de6f89a190a4ee99bc&onlinebanking/online-banking.go
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma: public
date: Wed, 13 Jun 2018 17:14:01 GMT
content-encoding: gzip
last-modified: Fri, 04 Oct 2013 17:50:16 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=2592000
expires: Fri, 13 Jul 2018 17:14:01 GMT

GET
H2 200 bac_reg_logo_tmp_250X69.gif
dcfbndoc.com/b/online/files/ 4 KB
4 KB 23ms
21ms Image
image/gif 46.249.38.158
HOSTKEY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dcfbndoc.com/b/online/files/bac_reg_logo_tmp_250X69.gif
Requested by: Host: dcfbndoc.com
URL: https://dcfbndoc.com/b/online/bankofamerica.htm?f34b7e65eb5da5de6f89a190a4ee99bc&onlinebanking/online-banking.go
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.249.38.158 , Netherlands, ASN57043 (HOSTKEY-AS, NL),
Reverse DNS: hawkeye7.steeldns.com
Software: nginx /
Resource Hash: 0509ef5fb3dad7001f5095ebe63933dff0e0d113045e696ed16ff46ce5af8c72

Request headers

:path: /b/online/files/bac_reg_logo_tmp_250X69.gif
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: dcfbndoc.com
referer: https://dcfbndoc.com/b/online/bankofamerica.htm?f34b7e65eb5da5de6f89a190a4ee99bc&onlinebanking/online-banking.go
:scheme: https
:method: GET
Referer: https://dcfbndoc.com/b/online/bankofamerica.htm?f34b7e65eb5da5de6f89a190a4ee99bc&onlinebanking/online-banking.go
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma: public
date: Wed, 13 Jun 2018 17:14:01 GMT
last-modified: Thu, 03 Oct 2013 22:00:32 GMT
server: nginx
content-type: image/gif
status: 200
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 3596
expires: Sun, 12 Aug 2018 17:14:01 GMT

GET
H2 200 signin.jpg
dcfbndoc.com/b/online/ 2 KB
2 KB 32ms
30ms Image
image/jpeg 46.249.38.158
HOSTKEY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dcfbndoc.com/b/online/signin.jpg
Requested by: Host: dcfbndoc.com
URL: https://dcfbndoc.com/b/online/bankofamerica.htm?f34b7e65eb5da5de6f89a190a4ee99bc&onlinebanking/online-banking.go
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.249.38.158 , Netherlands, ASN57043 (HOSTKEY-AS, NL),
Reverse DNS: hawkeye7.steeldns.com
Software: nginx /
Resource Hash: 4a2e7bb59d0ba31124480f60544b843ae6cde428dc6512b63e5a9885ff3ee401

Request headers

:path: /b/online/signin.jpg
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: dcfbndoc.com
referer: https://dcfbndoc.com/b/online/bankofamerica.htm?f34b7e65eb5da5de6f89a190a4ee99bc&onlinebanking/online-banking.go
:scheme: https
:method: GET
Referer: https://dcfbndoc.com/b/online/bankofamerica.htm?f34b7e65eb5da5de6f89a190a4ee99bc&onlinebanking/online-banking.go
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma: public
date: Wed, 13 Jun 2018 17:14:01 GMT
last-modified: Sat, 02 Nov 2013 07:28:22 GMT
server: nginx
content-type: image/jpeg
status: 200
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 2043
expires: Sun, 12 Aug 2018 17:14:01 GMT

GET
H2 200 hm_cr-redbar_arc00c23-s.jpg
dcfbndoc.com/b/online/files/ 101 KB
102 KB 49ms
47ms Image
image/jpeg 46.249.38.158
HOSTKEY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dcfbndoc.com/b/online/files/hm_cr-redbar_arc00c23-s.jpg
Requested by: Host: dcfbndoc.com
URL: https://dcfbndoc.com/b/online/bankofamerica.htm?f34b7e65eb5da5de6f89a190a4ee99bc&onlinebanking/online-banking.go
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.249.38.158 , Netherlands, ASN57043 (HOSTKEY-AS, NL),
Reverse DNS: hawkeye7.steeldns.com
Software: nginx /
Resource Hash: 7aab82ae6f2ba3ba10e919c311432416141d19f9bf52820c4a51dd26211ea613

Request headers

:path: /b/online/files/hm_cr-redbar_arc00c23-s.jpg
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: dcfbndoc.com
referer: https://dcfbndoc.com/b/online/bankofamerica.htm?f34b7e65eb5da5de6f89a190a4ee99bc&onlinebanking/online-banking.go
:scheme: https
:method: GET
Referer: https://dcfbndoc.com/b/online/bankofamerica.htm?f34b7e65eb5da5de6f89a190a4ee99bc&onlinebanking/online-banking.go
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma: public
date: Wed, 13 Jun 2018 17:14:01 GMT
last-modified: Fri, 04 Oct 2013 17:50:16 GMT
server: nginx
content-type: image/jpeg
status: 200
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 103870
expires: Sun, 12 Aug 2018 17:14:01 GMT

GET
H2 200 me_sc_6.gif
dcfbndoc.com/b/online/files/ 5 KB
5 KB 156ms
154ms Image
image/gif 46.249.38.158
HOSTKEY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dcfbndoc.com/b/online/files/me_sc_6.gif
Requested by: Host: dcfbndoc.com
URL: https://dcfbndoc.com/b/online/bankofamerica.htm?f34b7e65eb5da5de6f89a190a4ee99bc&onlinebanking/online-banking.go
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.249.38.158 , Netherlands, ASN57043 (HOSTKEY-AS, NL),
Reverse DNS: hawkeye7.steeldns.com
Software: nginx /
Resource Hash: b49ee1551c59e3d8441dba8de6d7227a07112ab925651b0199c6e91904eb0cc9

Request headers

:path: /b/online/files/me_sc_6.gif
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: dcfbndoc.com
referer: https://dcfbndoc.com/b/online/bankofamerica.htm?f34b7e65eb5da5de6f89a190a4ee99bc&onlinebanking/online-banking.go
:scheme: https
:method: GET
Referer: https://dcfbndoc.com/b/online/bankofamerica.htm?f34b7e65eb5da5de6f89a190a4ee99bc&onlinebanking/online-banking.go
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma: public
date: Wed, 13 Jun 2018 17:14:01 GMT
last-modified: Fri, 04 Oct 2013 17:50:16 GMT
server: nginx
content-type: image/gif
status: 200
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 4920
expires: Sun, 12 Aug 2018 17:14:01 GMT

GET
H2 200 sc_bbrq3-champion_are40fc3_s.gif
dcfbndoc.com/b/online/files/ 7 KB
8 KB 156ms
155ms Image
image/gif 46.249.38.158
HOSTKEY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dcfbndoc.com/b/online/files/sc_bbrq3-champion_are40fc3_s.gif
Requested by: Host: dcfbndoc.com
URL: https://dcfbndoc.com/b/online/bankofamerica.htm?f34b7e65eb5da5de6f89a190a4ee99bc&onlinebanking/online-banking.go
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.249.38.158 , Netherlands, ASN57043 (HOSTKEY-AS, NL),
Reverse DNS: hawkeye7.steeldns.com
Software: nginx /
Resource Hash: 3a8339945421bb9f81ccb3ae1f128bf15b5d0620ef09bc845d8cd83f7d620fa7

Request headers

:path: /b/online/files/sc_bbrq3-champion_are40fc3_s.gif
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: dcfbndoc.com
referer: https://dcfbndoc.com/b/online/bankofamerica.htm?f34b7e65eb5da5de6f89a190a4ee99bc&onlinebanking/online-banking.go
:scheme: https
:method: GET
Referer: https://dcfbndoc.com/b/online/bankofamerica.htm?f34b7e65eb5da5de6f89a190a4ee99bc&onlinebanking/online-banking.go
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma: public
date: Wed, 13 Jun 2018 17:14:01 GMT
last-modified: Fri, 04 Oct 2013 17:50:16 GMT
server: nginx
content-type: image/gif
status: 200
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 7562
expires: Sun, 12 Aug 2018 17:14:01 GMT

GET
H2 200 sc_tyga_are78d21_s.gif
dcfbndoc.com/b/online/files/ 6 KB
7 KB 156ms
155ms Image
image/gif 46.249.38.158
HOSTKEY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dcfbndoc.com/b/online/files/sc_tyga_are78d21_s.gif
Requested by: Host: dcfbndoc.com
URL: https://dcfbndoc.com/b/online/bankofamerica.htm?f34b7e65eb5da5de6f89a190a4ee99bc&onlinebanking/online-banking.go
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.249.38.158 , Netherlands, ASN57043 (HOSTKEY-AS, NL),
Reverse DNS: hawkeye7.steeldns.com
Software: nginx /
Resource Hash: 4d20c044cf4dcd4bc21bc6f51198912763e4448ab9b33e349ad3bb2c795a8063

Request headers

:path: /b/online/files/sc_tyga_are78d21_s.gif
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: dcfbndoc.com
referer: https://dcfbndoc.com/b/online/bankofamerica.htm?f34b7e65eb5da5de6f89a190a4ee99bc&onlinebanking/online-banking.go
:scheme: https
:method: GET
Referer: https://dcfbndoc.com/b/online/bankofamerica.htm?f34b7e65eb5da5de6f89a190a4ee99bc&onlinebanking/online-banking.go
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma: public
date: Wed, 13 Jun 2018 17:14:01 GMT
last-modified: Fri, 04 Oct 2013 17:50:16 GMT
server: nginx
content-type: image/gif
status: 200
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 6632
expires: Sun, 12 Aug 2018 17:14:01 GMT

GET
H2 404 pbi-homepagebottomjawr.js
dcfbndoc.com/b/online/files/ 0
0 156ms
155ms Script
text/html 46.249.38.158
HOSTKEY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dcfbndoc.com/b/online/files/pbi-homepagebottomjawr.js
Requested by: Host: dcfbndoc.com
URL: https://dcfbndoc.com/b/online/bankofamerica.htm?f34b7e65eb5da5de6f89a190a4ee99bc&onlinebanking/online-banking.go
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.249.38.158 , Netherlands, ASN57043 (HOSTKEY-AS, NL),
Reverse DNS: hawkeye7.steeldns.com
Software: nginx /
Resource Hash

Request headers

:path: /b/online/files/pbi-homepagebottomjawr.js
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: */*
cache-control: no-cache
:authority: dcfbndoc.com
referer: https://dcfbndoc.com/b/online/bankofamerica.htm?f34b7e65eb5da5de6f89a190a4ee99bc&onlinebanking/online-banking.go
:scheme: https
:method: GET
Referer: https://dcfbndoc.com/b/online/bankofamerica.htm?f34b7e65eb5da5de6f89a190a4ee99bc&onlinebanking/online-banking.go
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

status: 404
date: Wed, 13 Jun 2018 17:14:01 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1

GET
H2 404 hp-static-sprite-v2.png
dcfbndoc.com/pa/global-assets/1.0/graphic/homepage/ 378 B
378 B 124ms
119ms Image
text/html 46.249.38.158
HOSTKEY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dcfbndoc.com/pa/global-assets/1.0/graphic/homepage/hp-static-sprite-v2.png
Requested by: Host: dcfbndoc.com
URL: https://dcfbndoc.com/b/online/bankofamerica.htm?f34b7e65eb5da5de6f89a190a4ee99bc&onlinebanking/online-banking.go
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.249.38.158 , Netherlands, ASN57043 (HOSTKEY-AS, NL),
Reverse DNS: hawkeye7.steeldns.com
Software: nginx /
Resource Hash: 4d168069a9378b602e3e13860264beed5e49bc38a991ce898ee315fc4cca683e

Request headers

:path: /pa/global-assets/1.0/graphic/homepage/hp-static-sprite-v2.png
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: dcfbndoc.com
referer: https://dcfbndoc.com/b/online/files/pbi-homepagejawr.css
:scheme: https
:method: GET
Referer: https://dcfbndoc.com/b/online/files/pbi-homepagejawr.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

status: 404
date: Wed, 13 Jun 2018 17:14:01 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1

GET
H2 404 oo_icon.gif
dcfbndoc.com/pa/global-assets/1.0/graphic/ 357 B
357 B 19ms
16ms Image
text/html 46.249.38.158
HOSTKEY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dcfbndoc.com/pa/global-assets/1.0/graphic/oo_icon.gif
Requested by: Host: dcfbndoc.com
URL: https://dcfbndoc.com/b/online/bankofamerica.htm?f34b7e65eb5da5de6f89a190a4ee99bc&onlinebanking/online-banking.go
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.249.38.158 , Netherlands, ASN57043 (HOSTKEY-AS, NL),
Reverse DNS: hawkeye7.steeldns.com
Software: nginx /
Resource Hash: 5233b62e09301e62fb141b7e954005aa2ec837fb1fb0a952dd5757091a429cce

Request headers

:path: /pa/global-assets/1.0/graphic/oo_icon.gif
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: dcfbndoc.com
referer: https://dcfbndoc.com/b/online/files/pbi-homepagejawr.css
:scheme: https
:method: GET
Referer: https://dcfbndoc.com/b/online/files/pbi-homepagejawr.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

status: 404
date: Wed, 13 Jun 2018 17:14:01 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Bank of America (Banking)

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dcfbndoc.com
46.249.38.158
0509ef5fb3dad7001f5095ebe63933dff0e0d113045e696ed16ff46ce5af8c72
3a8339945421bb9f81ccb3ae1f128bf15b5d0620ef09bc845d8cd83f7d620fa7
4a2e7bb59d0ba31124480f60544b843ae6cde428dc6512b63e5a9885ff3ee401
4d168069a9378b602e3e13860264beed5e49bc38a991ce898ee315fc4cca683e
4d20c044cf4dcd4bc21bc6f51198912763e4448ab9b33e349ad3bb2c795a8063
5233b62e09301e62fb141b7e954005aa2ec837fb1fb0a952dd5757091a429cce
7aab82ae6f2ba3ba10e919c311432416141d19f9bf52820c4a51dd26211ea613
7d7892e9e929d130087595900ef45570317894a8b018e91cafe58febabc93c1d
b49ee1551c59e3d8441dba8de6d7227a07112ab925651b0199c6e91904eb0cc9
e5394ffe3bca300ab2bdb1f63eb33da09c8ff7b2d3c83495dcc88d897cc52474

dcfbndoc.com Open in urlscan Pro 46.249.38.158 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

12 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

148 kBTransfer

222 kBSize

0 Cookies

67 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

22 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

dcfbndoc.com Open in urlscan Pro
46.249.38.158 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

148 kB
Transfer

222 kB
Size

0
Cookies

12 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!