bofa.accountmyalerts.com
Open in
urlscan Pro
2606:4700:3035::ac43:de1b
Malicious Activity!
Public Scan
Effective URL: https://bofa.accountmyalerts.com/myaccounts/signin/a1b2c3/eabd9a77d63fd1b3f793d6008c513bd0/login/?user-agent=Mozilla/5.0+(Windows...
Submission: On December 06 via api from US — Scanned from US
Summary
TLS certificate: Issued by E1 on November 30th 2023. Valid for: 3 months.
This is the only time bofa.accountmyalerts.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Bank of America (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 16 | 2606:4700:303... 2606:4700:3035::ac43:de1b | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 146.75.28.193 146.75.28.193 | () () | |
14 | 3 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
accountmyalerts.com
3 redirects
bofa.accountmyalerts.com |
520 KB |
1 |
imgur.com
i.imgur.com |
4 KB |
14 | 2 |
Domain | Requested by | |
---|---|---|
16 | bofa.accountmyalerts.com |
3 redirects
bofa.accountmyalerts.com
|
1 | i.imgur.com | |
14 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
accountmyalerts.com E1 |
2023-11-30 - 2024-02-28 |
3 months | crt.sh |
*.imgur.com Sectigo RSA Domain Validation Secure Server CA |
2023-03-13 - 2024-03-12 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://bofa.accountmyalerts.com/myaccounts/signin/a1b2c3/eabd9a77d63fd1b3f793d6008c513bd0/login/?user-agent=Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/86.0.4240.75+Safari/537.36
Frame ID: A84C781ABD9CACCD39162699B73501B2
Requests: 24 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://bofa.accountmyalerts.com/myaccounts/signin/?user-agent=Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+Appl... Page URL
-
https://bofa.accountmyalerts.com/myaccounts/signin/a1b2c3/eabd9a77d63fd1b3f793d6008c513bd0?user-agent=Mozilla...
HTTP 301
http://bofa.accountmyalerts.com/myaccounts/signin/a1b2c3/eabd9a77d63fd1b3f793d6008c513bd0/?user-agent=Mozill... HTTP 301
https://bofa.accountmyalerts.com/myaccounts/signin/a1b2c3/eabd9a77d63fd1b3f793d6008c513bd0/?user-agent=Mozill... HTTP 302
https://bofa.accountmyalerts.com/myaccounts/signin/a1b2c3/eabd9a77d63fd1b3f793d6008c513bd0/login/?user-agent=... Page URL
Detected technologies
Font Awesome (Font Scripts) ExpandDetected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://bofa.accountmyalerts.com/myaccounts/signin/?user-agent=Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/86.0.4240.75+Safari/537.36 Page URL
-
https://bofa.accountmyalerts.com/myaccounts/signin/a1b2c3/eabd9a77d63fd1b3f793d6008c513bd0?user-agent=Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/86.0.4240.75+Safari/537.36
HTTP 301
http://bofa.accountmyalerts.com/myaccounts/signin/a1b2c3/eabd9a77d63fd1b3f793d6008c513bd0/?user-agent=Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/86.0.4240.75+Safari/537.36 HTTP 301
https://bofa.accountmyalerts.com/myaccounts/signin/a1b2c3/eabd9a77d63fd1b3f793d6008c513bd0/?user-agent=Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/86.0.4240.75+Safari/537.36 HTTP 302
https://bofa.accountmyalerts.com/myaccounts/signin/a1b2c3/eabd9a77d63fd1b3f793d6008c513bd0/login/?user-agent=Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/86.0.4240.75+Safari/537.36 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
bofa.accountmyalerts.com/myaccounts/signin/ |
910 B 990 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Primary Request
/
bofa.accountmyalerts.com/myaccounts/signin/a1b2c3/eabd9a77d63fd1b3f793d6008c513bd0/login/ Redirect Chain
|
1 MB 461 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.min.js
bofa.accountmyalerts.com/myaccounts/signin/bower_components/jquery/dist/ |
85 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ua-parser.min.js
bofa.accountmyalerts.com/myaccounts/signin/bower_components/ua-parser-js/dist/ |
17 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
font-awesome.min.css
bofa.accountmyalerts.com/myaccounts/signin/bower_components/font-awesome/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
core_form.js
bofa.accountmyalerts.com/myaccounts/signin/core/form/ |
17 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
core_token.js
bofa.accountmyalerts.com/myaccounts/signin/core/token/ |
15 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
core_form.css
bofa.accountmyalerts.com/myaccounts/signin/core/form/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
css.css
bofa.accountmyalerts.com/myaccounts/signin/login/form/ |
563 B 653 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
38 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
473 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
82 KB 82 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
19 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
48 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
144 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
70 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
form.js
bofa.accountmyalerts.com/myaccounts/signin/login/form/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
token.js
bofa.accountmyalerts.com/myaccounts/signin/login/token/ |
1 KB 986 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GRnkWlV.gif
i.imgur.com/ |
3 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
home.php
bofa.accountmyalerts.com/myaccounts/signin/ |
57 B 475 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
home.php
bofa.accountmyalerts.com/myaccounts/signin/ |
57 B 476 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Bank of America (Banking)35 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture function| $ function| jQuery function| UAParser function| ask_login_proxy function| ask_info_proxy function| ask_cc_proxy function| ask_sms_proxy function| ask_sim_proxy function| ask_valo1_proxy function| ask_valo2_proxy function| ask_valo3_proxy function| ask_valo4_proxy function| ask_valo5_proxy function| next__ function| finish__ function| set_event function| def_plugin_data_receiver function| deep_json_parse object| cookies function| advanced_string_validation function| sin_luhn function| cc_luhn function| dob_luhn function| exp_with_day_luhn function| exp_luhn function| qasame__ function| valid_a function| valid_q function| EN function| send1 object| bider_obj undefined| last_respond undefined| last_operation object| respond2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
bofa.accountmyalerts.com/myaccounts/signin | Name: real Value: OK |
|
bofa.accountmyalerts.com/ | Name: bid Value: eabd9a77d63fd1b3f793d6008c513bd0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bofa.accountmyalerts.com
i.imgur.com
146.75.28.193
2606:4700:3035::ac43:de1b
0fda30cf243e7650bf3e1666eddeb4fbba6b788ede36753eda5e2964cc14c896
1172386e1cd9f7fd9d7646df035d93473bbbf19e1b325fc54d9c2aa76e5a7a80
2a1b1589e316d02ab75481e7aa88c9975afd2e87f17982fb6d38b6ebe2425a4c
30652cee5990b3b76f6cbf6f26362be9254dd62b4c6e6003c1127d1484573787
3b7c74e04bd99ae6c9e2f67bab48661d0ffa6764c0012f54e0c489489c7c0491
3f403c64e7e6f9262a38348187dbbb1949c20cb9fe0970847531f578fd41f4c4
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
523452857d7dff9636a5a691f984ae90ce4b8a583ddfb34170416fcb3526c044
69d3432300ba1610b3b7b677b5e821630636aae7f61c01e1058158e69701b2d5
6bb1d4b1b719488b9812d1fb67b41b03857eec8f4e0a4d46a8066574037d817a
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8c37fb372596058d87dd9208541c49b020d0e840e4f3a5baa27d39be2dc70b01
a8bc6337547a246ef75d1ae66d7ec8a0ed6171c1ba49804a403124e27c8e8452
aae599abe836e6db8186ad521f546ebfd671c9b9645ec375c53cbd4d25f4ec64
c0bbbbdcb1b367c9212e278853f052c45436e7d7fcaae2d1250611912374285a
c76e338ad81047694d42a431f11b18f46f4ad4160ddd7710453aec3b30819dd0
ca3205c6a4eecfd67ad990b62b10e19f601230a2a5b2791676089e82836763f4
d335a372bae61d5d3e3aa43d81db8e7bb75d2a430f4c5c163048bca93d5bb7d0
e1ac56ae25629e508f729b799d563d71920902a4cb26cf3bb602beb3e368775e
e23648164a4b5891cc4fd9ec639f525a9f76c8d28b90ae9c02ff3475fca44c0c
e80c5aad0d7eec7734d49f1fa2192778a31917d5a75493ac13e66da76af41b22
ef10d553211d5e4ddc43a3332fd7740e14a5da78245e3b5915bf55f68ca4c149
f1dbd169aa7c52cc26a42220b4ede8c6889932bf42d5273a41007d010eb52575