boaaplay.pages.dev
Open in
urlscan Pro
188.114.96.3
Malicious Activity!
Public Scan
Effective URL: https://boaaplay.pages.dev/
Submission: On December 04 via manual from US — Scanned from NL
Summary
TLS certificate: Issued by WE1 on October 31st 2024. Valid for: 3 months.
This is the only time boaaplay.pages.dev was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Bank of America (Banking) Generic Cloudflare (Online)Live information
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 7 | 188.114.96.3 188.114.96.3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
15 | 192.229.233.230 192.229.233.230 | 15133 (EDGECAST) (EDGECAST) | |
1 2 | 142.250.185.70 142.250.185.70 | 15169 (GOOGLE) (GOOGLE) | |
1 | 171.161.116.100 171.161.116.100 | 10794 (BANKAMERICA) (BANKAMERICA) | |
1 | 2606:4700:20:... 2606:4700:20::ac43:472d | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2606:4700::68... 2606:4700::6812:562a | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
32 | 7 |
ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net
1359940.fls.doubleclick.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
bac-assets.com
www1.bac-assets.com — Cisco Umbrella Rank: 414295 |
3 MB |
7 |
pages.dev
1 redirects
boaaplay.pages.dev |
84 KB |
2 |
cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 329 |
72 KB |
2 |
doubleclick.net
1 redirects
1359940.fls.doubleclick.net — Cisco Umbrella Rank: 59948 |
739 B |
1 |
1000logos.net
1000logos.net — Cisco Umbrella Rank: 109519 |
33 KB |
1 |
bankofamerica.com
www.bankofamerica.com — Cisco Umbrella Rank: 16234 |
10 KB |
32 | 6 |
Domain | Requested by | |
---|---|---|
15 | www1.bac-assets.com |
boaaplay.pages.dev
www1.bac-assets.com |
7 | boaaplay.pages.dev |
1 redirects
boaaplay.pages.dev
|
2 | cdn.cookielaw.org |
boaaplay.pages.dev
|
2 | 1359940.fls.doubleclick.net |
1 redirects
boaaplay.pages.dev
|
1 | 1000logos.net |
boaaplay.pages.dev
|
1 | www.bankofamerica.com |
boaaplay.pages.dev
|
32 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
boaaplay.pages.dev WE1 |
2024-10-31 - 2025-01-29 |
3 months | crt.sh |
www1.bac-assets.com Entrust Certification Authority - L1M |
2024-04-08 - 2025-05-08 |
a year | crt.sh |
*.doubleclick.net WR2 |
2024-10-21 - 2025-01-13 |
3 months | crt.sh |
www.bankofamerica.com Entrust Certification Authority - L1M |
2024-06-25 - 2025-07-25 |
a year | crt.sh |
1000logos.net WE1 |
2024-10-17 - 2025-01-15 |
3 months | crt.sh |
cookielaw.org WE1 |
2024-10-11 - 2025-01-09 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://boaaplay.pages.dev/
Frame ID: 11E3301D8D697266FA4A68E2708DBFD5
Requests: 31 HTTP requests in this frame
Frame:
https://1359940.fls.doubleclick.net/activityi;dc_pre=CIWY0N_RjooDFZi-_QcdEfkquA;src=1359940;type=check839;cat=2018_004;ord=1;num=1552013670894;gtm=2od6f0;auiddc=1598782156.1674729858;~oref=https%3A%2F%2Fwww.bankofamerica.com%2Fdeposits%2Fchecking%2Fadvantage-safebalance-banking-account%2Fbefore-you-apply%2F%3Fcm_sp%3DDEP-Checking-_-NotAssigned-_-DCTASZ6M01_SuperHighlights_G3CheckingUpdate122020_advaBankSHLCta
Frame ID: C8AA40A992CD2474483A9765F0D3B753
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Bank of AmericaPage URL History Show full URLs
-
http://boaaplay.pages.dev/
HTTP 307
https://boaaplay.pages.dev/ Page URL
-
https://boaaplay.pages.dev/cdn-cgi/phish-bypass?atok=pSX4YuWS0k26rNfmoeMIlqP6Ax2nN10PosRetN5U6so-173333...
HTTP 301
https://boaaplay.pages.dev/ Page URL
Detected technologies
WordPress (CMS) ExpandDetected patterns
- /wp-(?:content|includes)/
OneTrust (Cookie compliance) Expand
Detected patterns
- cdn\.cookielaw\.org
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://boaaplay.pages.dev/
HTTP 307
https://boaaplay.pages.dev/ Page URL
-
https://boaaplay.pages.dev/cdn-cgi/phish-bypass?atok=pSX4YuWS0k26rNfmoeMIlqP6Ax2nN10PosRetN5U6so-1733333300-0.0.1.1-%2F
HTTP 301
https://boaaplay.pages.dev/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://boaaplay.pages.dev/ HTTP 307
- https://boaaplay.pages.dev/
- https://1359940.fls.doubleclick.net/activityi;src=1359940;type=check839;cat=2018_004;ord=1;num=1552013670894;gtm=2od6f0;auiddc=1598782156.1674729858;~oref=https%3A%2F%2Fwww.bankofamerica.com%2Fdeposits%2Fchecking%2Fadvantage-safebalance-banking-account%2Fbefore-you-apply%2F%3Fcm_sp%3DDEP-Checking-_-NotAssigned-_-DCTASZ6M01_SuperHighlights_G3CheckingUpdate122020_advaBankSHLCta HTTP 302
- https://1359940.fls.doubleclick.net/activityi;dc_pre=CIWY0N_RjooDFZi-_QcdEfkquA;src=1359940;type=check839;cat=2018_004;ord=1;num=1552013670894;gtm=2od6f0;auiddc=1598782156.1674729858;~oref=https%3A%2F%2Fwww.bankofamerica.com%2Fdeposits%2Fchecking%2Fadvantage-safebalance-banking-account%2Fbefore-you-apply%2F%3Fcm_sp%3DDEP-Checking-_-NotAssigned-_-DCTASZ6M01_SuperHighlights_G3CheckingUpdate122020_advaBankSHLCta
32 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
/
boaaplay.pages.dev/ Redirect Chain
|
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cf.errors.css
boaaplay.pages.dev/cdn-cgi/styles/ |
23 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon-exclamation.png
boaaplay.pages.dev/cdn-cgi/images/ |
452 B 634 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
boaaplay.pages.dev/ |
137 KB 25 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Primary Request
/
boaaplay.pages.dev/ Redirect Chain
|
137 KB 25 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8926e95.css
www1.bac-assets.com/deposits/spa-assets/bundles/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
e9d5cc1c.css
www1.bac-assets.com/deposits/spa-assets/bundles/ |
805 KB 257 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d80d4371.css
www1.bac-assets.com/deposits/spa-assets/bundles/ |
819 KB 260 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aa0efbb1.css
www1.bac-assets.com/deposits/spa-assets/bundles/ |
840 KB 264 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9ca6aa7a.css
www1.bac-assets.com/deposits/spa-assets/bundles/ |
884 KB 271 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
924ea6ae.css
www1.bac-assets.com/deposits/spa-assets/bundles/ |
820 KB 260 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b5ff8500.css
www1.bac-assets.com/deposits/spa-assets/bundles/ |
1 MB 184 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3c9eaadb.css
www1.bac-assets.com/deposits/spa-assets/bundles/ |
599 KB 193 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ec2eb864.css
www1.bac-assets.com/deposits/spa-assets/bundles/ |
808 KB 258 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cf6bc60.css
www1.bac-assets.com/deposits/spa-assets/bundles/ |
837 KB 260 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
59e9246c.css
www1.bac-assets.com/deposits/spa-assets/bundles/ |
827 KB 260 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8ead43bc.css
www1.bac-assets.com/deposits/spa-assets/bundles/ |
799 KB 256 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
activityi;dc_pre=CIWY0N_RjooDFZi-_QcdEfkquA;src=1359940;type=check839;cat=2018_004;ord=1;num=1552013670894;gtm=2od6f0;auiddc=1598782156.1674729858;~oref=https%3A%2F%2Fwww.bankofamerica.com%2Fdeposi...
1359940.fls.doubleclick.net/ Frame C8AA Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
assets-images-global-logos-bac-logo-v2-CSX3648cbbb.svg
www1.bac-assets.com/deposits/spa-assets/images/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
880d47ad.css
www.bankofamerica.com/spa/widgets/www-chat/3.0.0/spa-assets/bundles/ |
61 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Bank-of-America-Emblem-500x281.png
1000logos.net/wp-content/uploads/2016/10/ |
32 KB 33 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BOA.PNG
cdn.cookielaw.org/logos/9b1b72d0-06ef-4e7c-9b2a-e8bc09f34daf/5a21514a-3b71-4677-b52d-207b6f11ff68/fceb4368-db91-43cf-af24-36ac5b5badc2/ |
70 KB 70 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
poweredBy_ot_logo.svg
cdn.cookielaw.org/logos/static/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
assets-images-global-header-secure-lock-CSXa09bf5fc.svg
www1.bac-assets.com/deposits/spa-assets/images/ |
353 B 416 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
assets-images-global-title-flagscape_red-CSX345e7fd7.svg
www1.bac-assets.com/deposits/spa-assets/images/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
roboto-regular.woff2
www1.bac-assets.com/deposits/spa-assets/components/utilities/global/sparta-style-utility/4.6.3/font/roboto-regular/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
cnx-regular.woff2
www1.bac-assets.com/deposits/spa-assets/components/utilities/global/sparta-style-utility/4.6.3/font/cnx-regular/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
roboto-regular.woff
www1.bac-assets.com/deposits/spa-assets/components/utilities/global/sparta-style-utility/4.6.3/font/roboto-regular/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
cnx-regular.woff
www1.bac-assets.com/deposits/spa-assets/components/utilities/global/sparta-style-utility/4.6.3/font/cnx-regular/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
roboto-regular.ttf
www1.bac-assets.com/deposits/spa-assets/components/utilities/global/sparta-style-utility/4.6.3/font/roboto-regular/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
cnx-regular.ttf
www1.bac-assets.com/deposits/spa-assets/components/utilities/global/sparta-style-utility/4.6.3/font/cnx-regular/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
boaaplay.pages.dev/ |
137 KB 25 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www1.bac-assets.com
- URL
- https://www1.bac-assets.com/deposits/spa-assets/components/utilities/global/sparta-style-utility/4.6.3/font/roboto-regular/roboto-regular.woff2
- Domain
- www1.bac-assets.com
- URL
- https://www1.bac-assets.com/deposits/spa-assets/components/utilities/global/sparta-style-utility/4.6.3/font/cnx-regular/cnx-regular.woff2
- Domain
- www1.bac-assets.com
- URL
- https://www1.bac-assets.com/deposits/spa-assets/components/utilities/global/sparta-style-utility/4.6.3/font/roboto-regular/roboto-regular.woff
- Domain
- www1.bac-assets.com
- URL
- https://www1.bac-assets.com/deposits/spa-assets/components/utilities/global/sparta-style-utility/4.6.3/font/cnx-regular/cnx-regular.woff
- Domain
- www1.bac-assets.com
- URL
- https://www1.bac-assets.com/deposits/spa-assets/components/utilities/global/sparta-style-utility/4.6.3/font/roboto-regular/roboto-regular.ttf
- Domain
- www1.bac-assets.com
- URL
- https://www1.bac-assets.com/deposits/spa-assets/components/utilities/global/sparta-style-utility/4.6.3/font/cnx-regular/cnx-regular.ttf
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Bank of America (Banking) Generic Cloudflare (Online)2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 13 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.boaaplay.pages.dev/ | Name: __cf_mw_byp Value: pSX4YuWS0k26rNfmoeMIlqP6Ax2nN10PosRetN5U6so-1733333300-0.0.1.1-/ |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
.doubleclick.net/ | Name: receive-cookie-deprecation Value: 1 |
13 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
1000logos.net
1359940.fls.doubleclick.net
boaaplay.pages.dev
cdn.cookielaw.org
www.bankofamerica.com
www1.bac-assets.com
www1.bac-assets.com
142.250.185.70
171.161.116.100
188.114.96.3
192.229.233.230
2606:4700:20::ac43:472d
2606:4700::6812:562a
2007fca0b50ad90b8f638c3bdb3d0af3e88009928d50c3cfbc3a2d006265bbfd
267913e6dde25565b184f43a56628b00d340258d8e39b920fd3f4512814fb7ff
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
605f74e0a6c0b7c1987291491da484b17297bbd8c5bd4802df678e678fd88265
69d3432300ba1610b3b7b677b5e821630636aae7f61c01e1058158e69701b2d5
6dc8a68a616c5e6058b472bd6fbd8f33b04bf6858418b421259753df93a7258e
707573eefd23a946f969b6125858a9702bd6c55c90f1a3c8655fe136c0735e02
7b656dbff5c612424c0347144cab9f9ac3ec6af0ee13f94ba44c7253dcaf701d
7e6ce497138ce47d8ab66d70c46d245e1261d7f2d3f1db3556eec0ca1c82e2ec
82dc85b13a0dc29ed2614992df679b5e063c13da3119ce8b2f1e272b1a3e0231
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
8ca1e313150653f01b994df2154b4eb485bb8761f2d3a7bb4eb2d678ecbed435
9f0a62eee9f436237f413f5b901ed6b69f073c0042babbc81b9db25c93efc4f0
a154e9972c58b8a28ab486b93d7b7a702bf3f71505b5c1556b8fdaa8ab12b95a
aad94fb02e4a7ff1dce84b2b8c807b0cdcf7aaa641ad0d486471a5c04714d0c4
aeba1daaac7fae8f8de4d3fbf5177deed6cbbf1dad34ab98fcef50bc6cc28cfc
b8ec865b86d17af29284a2371bafcbbd7615119af33b1327463d4325ee4ad425
ba57f35cd12a63b3810f2c07a4b76e8f2903c084894dc6bba0030c188234d923
df335bcc9483c0dbc409ad3982efb76d331a7d70781b48ecc301b60adfea0633
eb283653a9db8a28d4e1a1a8a0009bfd6a7030ab31b15e447040aaf16d32e434
ef1e2c7f7966523d78b1c294052dfa4b2db256a21ead9fb711d187e0fd54be7a
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
f6f04725dac71e22da396144374178d3d069d06bc2a0485108f9c36215d090e0