onlineassistance.ml Open in urlscan Pro
2a02:4780:dead:f57d::1 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://onlineassistance.ml/bankofamerica/2.html
Submission: On June 14 via automatic, source openphish (June 14th 2017, 9:10:56 am UTC)

Summary HTTP 22 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 6 domains to perform 22 HTTP transactions. The main IP is 2a02:4780:dead:f57d::1, located in Lithuania and belongs to HOSTINGER-AS, LT. The main domain is onlineassistance.ml.

This is the only time onlineassistance.ml was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Bank of America (Banking)

Domain & IP information

	IP Address	AS Autonomous System
4	2a02:4780:dea... 2a02:4780:dead:f57d::1	47583 (HOSTINGER-AS) (HOSTINGER-AS)
9	171.161.198.200 171.161.198.200	10794 (BANKAMERICA) (BANKAMERICA - Bank of America)
1	151.101.112.133 151.101.112.133	54113 (FASTLY) (FASTLY - Fastly)
2	171.161.202.100 171.161.202.100	10794 (BANKAMERICA) (BANKAMERICA - Bank of America)
1	129.33.138.4 129.33.138.4	36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.)
2	2a00:1450:400... 2a00:1450:4001:819::200e	15169 (GOOGLE) (GOOGLE - Google Inc.)
1	50.19.252.204 50.19.252.204	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
22	8

4 2a02:4780:dead:f57d::1 (Lithuania)

ASN47583 (HOSTINGER-AS, LT)

onlineassistance.ml	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 171.161.198.200 (Concord, United States)

ASN10794 (BANKAMERICA - Bank of America, US)

secure.bankofamerica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.133 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

cloud.githubusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 171.161.202.100 (Concord, United States)

ASN10794 (BANKAMERICA - Bank of America, US)

www.bankofamerica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 129.33.138.4 (Durham, United States)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)

testdata.coremetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:819::200e (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.19.252.204 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-50-19-252-204.compute-1.amazonaws.com

www.1freehosting.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	bankofamerica.com secure.bankofamerica.com streak.bankofamerica.com Failed pane.bankofamerica.com Failed www.bankofamerica.com	310 KB
4	onlineassistance.ml onlineassistance.ml	11 KB
2	google-analytics.com www.google-analytics.com	16 KB
1	1freehosting.com www.1freehosting.com
1	coremetrics.com testdata.coremetrics.com	43 B
1	githubusercontent.com cloud.githubusercontent.com	21 KB
22	6

	Domain	Requested by
9	secure.bankofamerica.com	onlineassistance.ml secure.bankofamerica.com
4	onlineassistance.ml	secure.bankofamerica.com onlineassistance.ml
2	www.google-analytics.com	onlineassistance.ml
2	www.bankofamerica.com	secure.bankofamerica.com
1	www.1freehosting.com	onlineassistance.ml
1	testdata.coremetrics.com	onlineassistance.ml
1	cloud.githubusercontent.com	onlineassistance.ml
0	pane.bankofamerica.com Failed	onlineassistance.ml
0	streak.bankofamerica.com Failed	onlineassistance.ml
22	9

This site contains links to these domains. Also see Links.

Domain
secure.bankofamerica.com
www.bankofamerica.com
www.000webhost.com

Subject Issuer	Validity	Valid
secure.bankofamerica.com Symantec Class 3 EV SSL CA - G3	`2016-10-21` - `2017-10-22`	a year	crt.sh
www.github.com DigiCert SHA2 High Assurance Server CA	`2017-03-23` - `2020-05-13`	3 years	crt.sh
www.bankofamerica.com Symantec Class 3 EV SSL CA - G3	`2016-09-08` - `2017-09-09`	a year	crt.sh
*.google-analytics.com Google Internet Authority G2	`2017-05-31` - `2017-08-23`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://onlineassistance.ml/bankofamerica/2.html
Frame ID: 27868.1
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

22
Requests

64 %
HTTPS

29 %
IPv6

6
Domains

9
Subdomains

8
IPs

3
Countries

357 kB
Transfer

1143 kB
Size

7
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://secure.bankofamerica.com/login/languageToggle.go?request_locale=es-us
Title: En Español

Search URL Search Domain Scan URL

URL: https://secure.bankofamerica.com/login/reset/entry/forgotIDPwdScreen.go

Search URL Search Domain Scan URL

URL: https://www.bankofamerica.com/onlinebanking/learning-center.go
Title: Learn more about Online Banking

Search URL Search Domain Scan URL

URL: https://www.bankofamerica.com/online-banking/service-agreement.go
Title: Service Agreement

Search URL Search Domain Scan URL

URL: https://www.bankofamerica.com/privacy/
Title: Privacy & Security

Search URL Search Domain Scan URL

URL: http://www.bankofamerica.com/help/equalhousing_popup.cfm
Title: Equal Housing Lender

Search URL Search Domain Scan URL

URL: https://www.000webhost.com/?utm_source=000webhostapp&utm_campaign=000_logo&utm_medium=website_igondo&utm_content=footer_img

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request 12

http://testdata.coremetrics.com/cm?tid=6&ci=60010394&vn2=e4.0&st=1497431444737&vn1=4.2.7.1BOA&ec=utf-8&pi=OLB%3ATool%3ASiteKey%3BSign_In&cg=OLB%3ATool%3ASiteKey&rnd=1497432373855&pc=Y&jv=1.5&np0=Ch...
http://testdata.coremetrics.com/cm?tid=6&ci=60010394&vn2=e4.0&st=1497431444737&vn1=4.2.7.1BOA&ec=utf-8&pi=OLB%3ATool%3ASiteKey%3BSign_In&cg=OLB%3ATool%3ASiteKey&rnd=1497432373855&pc=Y&jv=1.5&np0=Ch...

Request 13

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

Request 18

http://www.google-analytics.com/r/__utm.gif?utmwv=5.6.7&utms=1&utmn=1848031230&utmhn=onlineassistance.ml&utmcs=UTF-8&utmsr=1600x1200&utmvp=1583x1132&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=26.0%20r0...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.6.7&utms=1&utmn=1848031230&utmhn=onlineassistance.ml&utmcs=UTF-8&utmsr=1600x1200&utmvp=1583x1132&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=26.0%20r...

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request 2.html Show response
onlineassistance.ml/bankofamerica/ 28 KB
8 KB 272ms
118ms Document
text/html 2a02:4780:dead:f57d::1
HOSTINGER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://onlineassistance.ml/bankofamerica/2.html

Protocol

HTTP/1.1

Server

2a02:4780:dead:f57d::1 , Lithuania, ASN47583 (HOSTINGER-AS, LT),

Reverse DNS

Software

awex /

Resource Hash

900c894dd69396868add4dd9e390081f7dcc79581c632294b1007003a6b68f95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: onlineassistance.ml
Accept-Language: en-US,en;q=0.8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Cache-Control: no-cache
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36

Response headers

Date: Wed, 14 Jun 2017 09:10:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: awex
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Xss-Protection: 1; mode=block
X-Request-ID: 70b7b87d9161e4b1ef3e16c7dbe99c99

GET
H/1.1 200
OK vipaa-v2-jawr.css
secure.bankofamerica.com/pa/components/bundles/gzip-compressed/xengine/VIPAA/3.4/style/ 195 KB
30 KB 1128ms
325ms Stylesheet
text/css 171.161.198.200
Bank of America

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.bankofamerica.com/pa/components/bundles/gzip-compressed/xengine/VIPAA/3.4/style/vipaa-v2-jawr.css
Requested by: Host: onlineassistance.ml
URL: http://onlineassistance.ml/bankofamerica/2.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 171.161.198.200 Concord, United States, ASN10794 (BANKAMERICA - Bank of America, US),
Reverse DNS
Software: /
Resource Hash: b43ed1d3bfd568eac3b1bc15ebe70fc423734748328bce49a9f3fb7399ce897b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: secure.bankofamerica.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://onlineassistance.ml/bankofamerica/2.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://onlineassistance.ml/bankofamerica/2.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36

Response headers

Date: Wed, 14 Jun 2017 09:10:43 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 May 2017 17:23:11 GMT
Age: 0
ETag: "769f-54fbb8ae07dc0"
X-BOA-RequestID: 7yPe_6dGYg4AAuU6nlgAAAD_
X-Serviced-By: NsyIk5yCc2GgxsOZyEO7ow==--Htiu86/7LcKzBTMn7gRCqQ==
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=473
Content-Length: 30367
Expires: Thu, 14 Jun 2018 09:10:43 GMT

GET
H/1.1 200
OK Cookie set vipaa-v2-jawr.js Show response
secure.bankofamerica.com/pa/components/bundles/gzip-compressed/xengine/VIPAA/3.4/script/ 723 KB
181 KB 1151ms
348ms Script
application/x-javascript 171.161.198.200
Bank of America

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.bankofamerica.com/pa/components/bundles/gzip-compressed/xengine/VIPAA/3.4/script/vipaa-v2-jawr.js
Requested by: Host: onlineassistance.ml
URL: http://onlineassistance.ml/bankofamerica/2.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 171.161.198.200 Concord, United States, ASN10794 (BANKAMERICA - Bank of America, US),
Reverse DNS
Software: /
Resource Hash: afcaad4eb11ebacd898a88390b66195dbe333903745adcd6187aa8d48ea991be

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: secure.bankofamerica.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36
Accept: */*
Referer: http://onlineassistance.ml/bankofamerica/2.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://onlineassistance.ml/bankofamerica/2.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36

Response headers

Date: Wed, 14 Jun 2017 09:10:43 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 May 2017 17:23:10 GMT
ETag: "2d5c2-54fbb8ad13b80"
X-BOA-RequestID: 7UbeyKdGYg4AACG5TbcAAABd
X-Serviced-By: NsyIk5yCc2GgxsOZyEO7ow==--Htiu86/7LcKzBTMn7gRCqQ==
Content-Type: application/x-javascript
Set-Cookie: TLTSID=5845F59C50E11050F42BBBD87FFDC194; Path=/; Domain=.bankofamerica.com TLTUID=5845F59C50E11050F42BBBD87FFDC194; Path=/; Domain=.bankofamerica.com; Expires=Wed, 14-06-2027 09:10:43 GMT SPID=F1S1;path=/;domain=.bankofamerica.com; SID=002642132B005940FD93;path=/;domain=.bankofamerica.com;
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=499
Content-Length: 185794
Expires: Thu, 14 Jun 2018 09:10:43 GMT

GET
H/1.1 200
OK bac_reg_logo_tmp_250X69.gif
secure.bankofamerica.com/content/images/ContextualSiteGraphics/Logos/en_US/ 4 KB
3 KB 161ms
161ms Image
image/gif 171.161.198.200
Bank of America

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.bankofamerica.com/content/images/ContextualSiteGraphics/Logos/en_US/bac_reg_logo_tmp_250X69.gif
Requested by: Host: onlineassistance.ml
URL: http://onlineassistance.ml/bankofamerica/2.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 171.161.198.200 Concord, United States, ASN10794 (BANKAMERICA - Bank of America, US),
Reverse DNS
Software: /
Resource Hash: 6faff1c939a50b046b98c124b959cb7cba4782252358581a19cbb06e9896afdc

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: secure.bankofamerica.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://onlineassistance.ml/bankofamerica/2.html
Cookie: TLTSID=5845F59C50E11050F42BBBD87FFDC194; TLTUID=5845F59C50E11050F42BBBD87FFDC194; SPID=F1S1; SID=002642132B005940FD93
Connection: keep-alive
Cache-Control: no-cache
Referer: http://onlineassistance.ml/bankofamerica/2.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36

Response headers

Date: Wed, 14 Jun 2017 09:10:44 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Oct 2015 16:09:34 GMT
Age: 540
ETag: "e0b-52212c9cd8b80"
X-BOA-RequestID: MmHzp6dGYh4AAoGDDJEAAAGK
Vary: Accept-Encoding
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
X-Serviced-By: lXqJt957MOUaBBT3WMEpNQ==--Htiu86/7LcKzBTMn7gRCqQ==
Keep-Alive: timeout=5, max=500
Content-Length: 2885

GET
H/1.1 200
OK cm-jawr.js Show response
secure.bankofamerica.com/pa/components/bundles/gzip-compressed/xengine/VIPAA/3.4/script/ 40 KB
13 KB 167ms
167ms Script
application/x-javascript 171.161.198.200
Bank of America

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.bankofamerica.com/pa/components/bundles/gzip-compressed/xengine/VIPAA/3.4/script/cm-jawr.js
Requested by: Host: onlineassistance.ml
URL: http://onlineassistance.ml/bankofamerica/2.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 171.161.198.200 Concord, United States, ASN10794 (BANKAMERICA - Bank of America, US),
Reverse DNS
Software: /
Resource Hash: 998c6193823c1c20b08bb87887331457bf6b35fd3466689386bf67e234c2f239

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: secure.bankofamerica.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36
Accept: */*
Referer: http://onlineassistance.ml/bankofamerica/2.html
Cookie: TLTSID=5845F59C50E11050F42BBBD87FFDC194; TLTUID=5845F59C50E11050F42BBBD87FFDC194; SPID=F1S1; SID=002642132B005940FD93
Connection: keep-alive
Cache-Control: no-cache
Referer: http://onlineassistance.ml/bankofamerica/2.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36

Response headers

Date: Wed, 14 Jun 2017 09:10:44 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 May 2017 17:23:10 GMT
ETag: "34b9-54fbb8ad13b80"
X-BOA-RequestID: 7U5NY6dGYg4AACG5TbwAAAAa
X-Serviced-By: NsyIk5yCc2GgxsOZyEO7ow==--Htiu86/7LcKzBTMn7gRCqQ==
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=500
Content-Length: 13497
Expires: Thu, 14 Jun 2018 09:10:44 GMT

GET
H/1.1 200
OK 9968df22-b55e-11e6-941d-edbc894c2b78.png
cloud.githubusercontent.com/assets/23024110/20663010/ 21 KB
21 KB 23ms
6ms Image
image/png 151.101.112.133
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloud.githubusercontent.com/assets/23024110/20663010/9968df22-b55e-11e6-941d-edbc894c2b78.png
Requested by: Host: onlineassistance.ml
URL: http://onlineassistance.ml/bankofamerica/2.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.133 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: GitHub Cloud /
Resource Hash: 1c7356ef5b319167b4bc7cca134ca63a58db944b0e7fc19cd39df1367d67421c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: cloud.githubusercontent.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://onlineassistance.ml/bankofamerica/2.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://onlineassistance.ml/bankofamerica/2.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36

Response headers

X-Fastly-Request-ID: a754595b35fe3c7649e6089aa4fb5351dcc8b79f
Date: Wed, 14 Jun 2017 09:10:44 GMT
Via: 1.1 varnish
Age: 2190863
X-Cache: HIT
Connection: keep-alive
Content-Length: 21514
X-Served-By: cache-hhn1549-HHN
Last-Modified: Mon, 28 Nov 2016 09:34:21 GMT
Server: GitHub Cloud
X-Timer: S1497431444.460819,VS0,VE0
ETag: "13b47b3dbeec4d7ad95fd2a68b62687a"
Content-Type: image/png
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: https://github.com
X-Cache-Hits: 33491

GET
H/1.1 200
OK vipaa-v2-jawr-print.css
secure.bankofamerica.com/pa/components/bundles/gzip-compressed/xengine/VIPAA/3.4/style/ 302 B
154 B 165ms
164ms Stylesheet
text/css 171.161.198.200
Bank of America

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.bankofamerica.com/pa/components/bundles/gzip-compressed/xengine/VIPAA/3.4/style/vipaa-v2-jawr-print.css
Requested by: Host: onlineassistance.ml
URL: http://onlineassistance.ml/bankofamerica/2.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 171.161.198.200 Concord, United States, ASN10794 (BANKAMERICA - Bank of America, US),
Reverse DNS
Software: /
Resource Hash: 2685d0b576e6b9b5690c3f92a7093f2a24194c410452288d97c54d19dcf30160

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: secure.bankofamerica.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://onlineassistance.ml/bankofamerica/2.html
Cookie: TLTSID=5845F59C50E11050F42BBBD87FFDC194; TLTUID=5845F59C50E11050F42BBBD87FFDC194; SPID=F1S1; SID=002642132B005940FD93
Connection: keep-alive
Cache-Control: no-cache
Referer: http://onlineassistance.ml/bankofamerica/2.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36

Response headers

Date: Wed, 14 Jun 2017 09:10:44 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 May 2017 17:23:11 GMT
ETag: "9a-54fbb8ae07dc0"
X-BOA-RequestID: 7VPAW6dGYg4AACG5Tb4AAAAa
X-Serviced-By: NsyIk5yCc2GgxsOZyEO7ow==--Htiu86/7LcKzBTMn7gRCqQ==
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=499
Content-Length: 154
Expires: Thu, 14 Jun 2018 09:10:44 GMT

GET
H/1.1 404
Not Found browserDataCMS.js Show response
onlineassistance.ml/content/browser-support/js/ 8 KB
3 KB 118ms
118ms XHR
text/html 2a02:4780:dead:f57d::1
HOSTINGER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://onlineassistance.ml/content/browser-support/js/browserDataCMS.js

Requested by

Host: secure.bankofamerica.com
URL: https://secure.bankofamerica.com/pa/components/bundles/gzip-compressed/xengine/VIPAA/3.4/script/vipaa-v2-jawr.js

Protocol

HTTP/1.1

Server

2a02:4780:dead:f57d::1 , Lithuania, ASN47583 (HOSTINGER-AS, LT),

Reverse DNS

Software

awex /

Resource Hash

ab452d4def844f3a575de856a988302cbf697932db57a0dd1121f530dc0871bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: onlineassistance.ml
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: http://onlineassistance.ml/bankofamerica/2.html
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Cache-Control: no-cache
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: http://onlineassistance.ml/bankofamerica/2.html
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36

Response headers

Date: Wed, 14 Jun 2017 09:10:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: awex
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Xss-Protection: 1; mode=block
X-Request-ID: 551343d8d5f004d60319bdd995e2b01a

GET I3n.js
streak.bankofamerica.com/30306/ 0
0

GET a8e.js
pane.bankofamerica.com/30306/ 0
0

GET
H/1.1 200
OK fsd-secure-esp-sprite.png
secure.bankofamerica.com/pa/components/modules/header-module/2.8/graphic/ 473 B
473 B 173ms
173ms Image
image/png 171.161.198.200
Bank of America

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.bankofamerica.com/pa/components/modules/header-module/2.8/graphic/fsd-secure-esp-sprite.png
Requested by: Host: onlineassistance.ml
URL: http://onlineassistance.ml/bankofamerica/2.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 171.161.198.200 Concord, United States, ASN10794 (BANKAMERICA - Bank of America, US),
Reverse DNS
Software: /
Resource Hash: 8c37fb372596058d87dd9208541c49b020d0e840e4f3a5baa27d39be2dc70b01

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: secure.bankofamerica.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://secure.bankofamerica.com/pa/components/bundles/gzip-compressed/xengine/VIPAA/3.4/style/vipaa-v2-jawr.css
Cookie: TLTSID=5845F59C50E11050F42BBBD87FFDC194; TLTUID=5845F59C50E11050F42BBBD87FFDC194; SPID=F1S1; SID=002642132B005940FD93
Connection: keep-alive
Cache-Control: no-cache
Referer: https://secure.bankofamerica.com/pa/components/bundles/gzip-compressed/xengine/VIPAA/3.4/style/vipaa-v2-jawr.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36

Response headers

Date: Wed, 14 Jun 2017 09:10:44 GMT
Last-Modified: Wed, 07 Jun 2017 17:44:32 GMT
Age: 31
ETag: "1d9-5516249e5e000"
X-BOA-RequestID: pf_CoqdGrjIAAbuEek8AAAAm
X-Serviced-By: JzJQzbKH5Eltcoi1fgmo6A==--Htiu86/7LcKzBTMn7gRCqQ==
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=500
Content-Length: 473

GET
H/1.1 200
OK sign-in-sprite.png
secure.bankofamerica.com/pa/global-assets/1.0/graphic/ 3 KB
3 KB 161ms
161ms Image
image/png 171.161.198.200
Bank of America

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.bankofamerica.com/pa/global-assets/1.0/graphic/sign-in-sprite.png
Requested by: Host: onlineassistance.ml
URL: http://onlineassistance.ml/bankofamerica/2.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 171.161.198.200 Concord, United States, ASN10794 (BANKAMERICA - Bank of America, US),
Reverse DNS
Software: /
Resource Hash: 2a1b1589e316d02ab75481e7aa88c9975afd2e87f17982fb6d38b6ebe2425a4c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: secure.bankofamerica.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://secure.bankofamerica.com/pa/components/bundles/gzip-compressed/xengine/VIPAA/3.4/style/vipaa-v2-jawr.css
Cookie: TLTSID=5845F59C50E11050F42BBBD87FFDC194; TLTUID=5845F59C50E11050F42BBBD87FFDC194; SPID=F1S1; SID=002642132B005940FD93
Connection: keep-alive
Cache-Control: no-cache
Referer: https://secure.bankofamerica.com/pa/components/bundles/gzip-compressed/xengine/VIPAA/3.4/style/vipaa-v2-jawr.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36

Response headers

Date: Wed, 14 Jun 2017 09:10:44 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 May 2017 17:30:37 GMT
Age: 29
ETag: "c2f-54fbba575e940"
X-BOA-RequestID: 5EWjIKdGgkQAA4nfc-4AAABM
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
X-Serviced-By: LLyvOkP52FRmd99dETcqzw==--Htiu86/7LcKzBTMn7gRCqQ==
Keep-Alive: timeout=5, max=500
Content-Length: 3142
Expires: Thu, 14 Jun 2018 09:10:15 GMT

GET
H/1.1 200
OK tc_logging.js Show response
www.bankofamerica.com/pa/global-assets/external/tc/ 31 KB
31 KB 1080ms
278ms Script
application/x-javascript 171.161.202.100
Bank of America

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bankofamerica.com/pa/global-assets/external/tc/tc_logging.js?
Requested by: Host: secure.bankofamerica.com
URL: https://secure.bankofamerica.com/pa/components/bundles/gzip-compressed/xengine/VIPAA/3.4/script/cm-jawr.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 171.161.202.100 Concord, United States, ASN10794 (BANKAMERICA - Bank of America, US),
Reverse DNS
Software: /
Resource Hash: 6311e3641052ab97ed4e703f0f624c62b7d62c7e1c66fe0423c34706975c3d25

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: www.bankofamerica.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Accept: */*
Referer: http://onlineassistance.ml/bankofamerica/2.html
Cookie: TLTSID=5845F59C50E11050F42BBBD87FFDC194; TLTUID=5845F59C50E11050F42BBBD87FFDC194; SPID=F1S1; SID=002642132B005940FD93
Connection: keep-alive
Cache-Control: no-cache
Referer: http://onlineassistance.ml/bankofamerica/2.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Wed, 14 Jun 2017 09:10:45 GMT
Last-Modified: Wed, 17 May 2017 17:31:07 GMT
Age: 0
ETag: "7ba9-54fbba73facc0"
X-BOA-RequestID: jOl3gadGgjAAAq3Ci3MAAACS
X-Serviced-By: /pa/global-assets/external/tc/tc_logging.js--mQojLBL+3CCg7W/ckCYkig==--hqLCpNMd6z5x5G7jP0TOPg==
Content-Type: application/x-javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=500
Content-Length: 31657

GET
H/1.1

200
OK

Cookie set cm
testdata.coremetrics.com/
Redirect Chain

http://testdata.coremetrics.com/cm?tid=6&ci=60010394&vn2=e4.0&st=1497431444737&vn1=4.2.7.1BOA&ec=utf-8&pi=OLB%3ATool%3ASiteKey%3BSign_In&cg=OLB%3ATool%3ASiteKey&rnd=1497432373855&pc=Y&jv=1.5&np0=Ch...
http://testdata.coremetrics.com/cm?tid=6&ci=60010394&vn2=e4.0&st=1497431444737&vn1=4.2.7.1BOA&ec=utf-8&pi=OLB%3ATool%3ASiteKey%3BSign_In&cg=OLB%3ATool%3ASiteKey&rnd=1497432373855&pc=Y&jv=1.5&np0=Ch...

43 B
43 B

151ms
150ms

Image
image/gif

129.33.138.4
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://testdata.coremetrics.com/cm?tid=6&ci=60010394&vn2=e4.0&st=1497431444737&vn1=4.2.7.1BOA&ec=utf-8&pi=OLB%3ATool%3ASiteKey%3BSign_In&cg=OLB%3ATool%3ASiteKey&rnd=1497432373855&pc=Y&jv=1.5&np0=Chrome%2520PDF%2520Viewer&np1=Shockwave%2520Flash&np2=Widevine%2520Content%2520Decryption%2520Module&np3=Native%2520Client&np4=Chrome%2520PDF%2520Viewer&je=n&sw=1600&sh=1200&pd=24&tz=0&ul=http%3A//onlineassistance.ml/bankofamerica/2.html&cvdone=p
Requested by: Host: onlineassistance.ml
URL: http://onlineassistance.ml/bankofamerica/2.html
Protocol: HTTP/1.1
Server: 129.33.138.4 Durham, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
Software: Apache /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: testdata.coremetrics.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://onlineassistance.ml/bankofamerica/2.html
Cookie: CoreID6=80061497431446280499157; TestSess3=80061497431446280499157
Connection: keep-alive
Cache-Control: no-cache
Referer: http://onlineassistance.ml/bankofamerica/2.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 14 Jun 2017 09:10:46 GMT
Server: Apache
P3P: CP="NON DSP COR CUR ADMo DEVo PSAo PSDo OUR IND ONL UNI PUR COM NAV INT DEM STA"
Set-Cookie: 60010394_login=1497431446285514024460010394; path=/ 60010394_reset=1497431446;path=/
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, pre-check=0, post-check=0, private
Connection: Keep-Alive
Content-Type: image/gif
Keep-Alive: timeout=300, max=35
Content-Length: 43
Expires: Tue, 13 Jun 2017 09:10:46 GMT

Redirect headers

Date: Wed, 14 Jun 2017 09:10:46 GMT
Server: Apache
P3P: CP="NON DSP COR CUR ADMo DEVo PSAo PSDo OUR IND ONL UNI PUR COM NAV INT DEM STA"
Location: /cm?tid=6&ci=60010394&vn2=e4.0&st=1497431444737&vn1=4.2.7.1BOA&ec=utf-8&pi=OLB%3ATool%3ASiteKey%3BSign_In&cg=OLB%3ATool%3ASiteKey&rnd=1497432373855&pc=Y&jv=1.5&np0=Chrome%2520PDF%2520Viewer&np1=Shockwave%2520Flash&np2=Widevine%2520Content%2520Decryption%2520Module&np3=Native%2520Client&np4=Chrome%2520PDF%2520Viewer&je=n&sw=1600&sh=1200&pd=24&tz=0&ul=http%3A//onlineassistance.ml/bankofamerica/2.html&cvdone=p
Connection: Keep-Alive
Set-Cookie: CoreID6=80061497431446280499157; path=/; expires=Sun, 13 Jun 2032 09:10:46 GMT TestSess3=80061497431446280499157;path=/
Keep-Alive: timeout=300, max=38
Content-Length: 0

GET
H2

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

42 KB
16 KB

21ms
5ms

Script
text/javascript

2a00:1450:4001:819::200e
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: onlineassistance.ml
URL: http://onlineassistance.ml/bankofamerica/2.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:819::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

Golfe2 /

Resource Hash

4e2ed635abf0b2dcbac3ea04d16ccf58bb2195364d65b76190f03da0f43255c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /ga.js
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.google-analytics.com
referer: http://onlineassistance.ml/bankofamerica/2.html
:scheme: https
:method: GET
Referer: http://onlineassistance.ml/bankofamerica/2.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 06 Jun 2017 00:25:39 GMT
server: Golfe2
age: 4574
date: Wed, 14 Jun 2017 07:54:32 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="38,37,36,35"
content-length: 16022
expires: Wed, 14 Jun 2017 09:54:32 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK ga.js Show response
www.1freehosting.com/cdn/ 0
0 313ms
105ms Script
application/javascript 50.19.252.204
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

http://www.1freehosting.com/cdn/ga.js

Requested by

Host: onlineassistance.ml
URL: http://onlineassistance.ml/bankofamerica/2.html

Protocol

HTTP/1.1

Server

50.19.252.204 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-50-19-252-204.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.1freehosting.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36
Accept: */*
Referer: http://onlineassistance.ml/bankofamerica/2.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://onlineassistance.ml/bankofamerica/2.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36

Response headers

Date: Wed, 14 Jun 2017 09:10:46 GMT
Via: 1.1 vegur
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 0
X-Xss-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Thu, 09 Feb 2017 20:16:30 GMT
Server: Cowboy
Etag: W/"0-3373296270"
X-Download-Options: noopen
X-Frame-Options: DENY
Content-Type: application/javascript
Cache-Control: no-store, no-cache
Accept-Ranges: bytes
Expires: 0

GET
H/1.1 200
OK gfootb-static-sprite.png
secure.bankofamerica.com/pa/components/modules/global-footer-module/2.5/graphic/ 48 KB
48 KB 175ms
174ms Image
image/png 171.161.198.200
Bank of America

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.bankofamerica.com/pa/components/modules/global-footer-module/2.5/graphic/gfootb-static-sprite.png
Requested by: Host: secure.bankofamerica.com
URL: https://secure.bankofamerica.com/pa/components/bundles/gzip-compressed/xengine/VIPAA/3.4/script/vipaa-v2-jawr.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 171.161.198.200 Concord, United States, ASN10794 (BANKAMERICA - Bank of America, US),
Reverse DNS
Software: /
Resource Hash: ca3205c6a4eecfd67ad990b62b10e19f601230a2a5b2791676089e82836763f4

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: secure.bankofamerica.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://secure.bankofamerica.com/pa/components/bundles/gzip-compressed/xengine/VIPAA/3.4/style/vipaa-v2-jawr.css
Cookie: TLTSID=5845F59C50E11050F42BBBD87FFDC194; TLTUID=5845F59C50E11050F42BBBD87FFDC194; SPID=F1S1; SID=002642132B005940FD93
Connection: keep-alive
Cache-Control: no-cache
Referer: https://secure.bankofamerica.com/pa/components/bundles/gzip-compressed/xengine/VIPAA/3.4/style/vipaa-v2-jawr.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36

Response headers

Date: Wed, 14 Jun 2017 09:10:46 GMT
Last-Modified: Wed, 17 May 2017 17:29:20 GMT
Age: 864
ETag: "be1b-54fbba0defc00"
X-BOA-RequestID: tt7Ec6dGYiYABY3G3PcAAAGt
X-Serviced-By: fxL70TUnz7ARxCskrhvHGg==--Htiu86/7LcKzBTMn7gRCqQ==
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=500
Content-Length: 48667

GET
H/1.1 200
OK gfoot-home-icon.png
secure.bankofamerica.com/pa/components/modules/global-footer-module/2.5/graphic/ 144 B
144 B 161ms
160ms Image
image/png 171.161.198.200
Bank of America

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.bankofamerica.com/pa/components/modules/global-footer-module/2.5/graphic/gfoot-home-icon.png
Requested by: Host: secure.bankofamerica.com
URL: https://secure.bankofamerica.com/pa/components/bundles/gzip-compressed/xengine/VIPAA/3.4/script/vipaa-v2-jawr.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 171.161.198.200 Concord, United States, ASN10794 (BANKAMERICA - Bank of America, US),
Reverse DNS
Software: /
Resource Hash: a8bc6337547a246ef75d1ae66d7ec8a0ed6171c1ba49804a403124e27c8e8452

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: secure.bankofamerica.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://secure.bankofamerica.com/pa/components/bundles/gzip-compressed/xengine/VIPAA/3.4/style/vipaa-v2-jawr.css
Cookie: TLTSID=5845F59C50E11050F42BBBD87FFDC194; TLTUID=5845F59C50E11050F42BBBD87FFDC194; SPID=F1S1; SID=002642132B005940FD93
Connection: keep-alive
Cache-Control: no-cache
Referer: https://secure.bankofamerica.com/pa/components/bundles/gzip-compressed/xengine/VIPAA/3.4/style/vipaa-v2-jawr.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36

Response headers

Date: Wed, 14 Jun 2017 09:10:46 GMT
Last-Modified: Wed, 17 May 2017 17:29:20 GMT
Age: 864
ETag: "90-54fbba0defc00"
X-BOA-RequestID: GHOTw6dGYg4AACG5-pQAAAAF
X-Serviced-By: NsyIk5yCc2GgxsOZyEO7ow==--Htiu86/7LcKzBTMn7gRCqQ==
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=500
Content-Length: 144

GET
H/1.1 404
Not Found cnx-regular.woff
onlineassistance.ml/pa/global-assets/1.0/font/cnx-regular/ 0
0 119ms
118ms Font
text/html 2a02:4780:dead:f57d::1
HOSTINGER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://onlineassistance.ml/pa/global-assets/1.0/font/cnx-regular/cnx-regular.woff

Requested by

Host: secure.bankofamerica.com
URL: https://secure.bankofamerica.com/pa/components/bundles/gzip-compressed/xengine/VIPAA/3.4/script/vipaa-v2-jawr.js

Protocol

HTTP/1.1

Server

2a02:4780:dead:f57d::1 , Lithuania, ASN47583 (HOSTINGER-AS, LT),

Reverse DNS

Software

awex /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Origin: http://onlineassistance.ml
Accept-Encoding: gzip, deflate, sdch
Host: onlineassistance.ml
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36
Accept: */*
Referer: http://onlineassistance.ml/bankofamerica/2.html
Cookie: mbox=check#true#1497431506|session#1497431445959-271595#1497433306; cmTPSet=Y
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36
Referer: http://onlineassistance.ml/bankofamerica/2.html
Origin: http://onlineassistance.ml

Response headers

Date: Wed, 14 Jun 2017 09:10:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: awex
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Xss-Protection: 1; mode=block
X-Request-ID: 7293fd1cf18b2bae52e92597adadf868

GET
H2

200

__utm.gif
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.6.7&utms=1&utmn=1848031230&utmhn=onlineassistance.ml&utmcs=UTF-8&utmsr=1600x1200&utmvp=1583x1132&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=26.0%20r0...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.6.7&utms=1&utmn=1848031230&utmhn=onlineassistance.ml&utmcs=UTF-8&utmsr=1600x1200&utmvp=1583x1132&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=26.0%20r...

35 B
44 B

15ms
15ms

Image
image/gif

2a00:1450:4001:819::200e
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/__utm.gif?utmwv=5.6.7&utms=1&utmn=1848031230&utmhn=onlineassistance.ml&utmcs=UTF-8&utmsr=1600x1200&utmvp=1583x1132&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=26.0%20r0&utmdt=Bank%20of%20America%20%7C%20Online%20Banking%20%7C%20Sign%20In%20%7C%20Online%20ID&utmhid=256778828&utmr=-&utmp=%2Fbankofamerica%2F2.html&utmht=1497431446049&utmac=UA-21588661-2&utmcc=__utma%3D236206687.535667078.1497431446.1497431446.1497431446.1%3B%2B__utmz%3D236206687.1497431446.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=2133309435&utmredir=1&utmu=qhAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: onlineassistance.ml
URL: http://onlineassistance.ml/bankofamerica/2.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:819::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /r/__utm.gif?utmwv=5.6.7&utms=1&utmn=1848031230&utmhn=onlineassistance.ml&utmcs=UTF-8&utmsr=1600x1200&utmvp=1583x1132&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=26.0%20r0&utmdt=Bank%20of%20America%20%7C%20Online%20Banking%20%7C%20Sign%20In%20%7C%20Online%20ID&utmhid=256778828&utmr=-&utmp=%2Fbankofamerica%2F2.html&utmht=1497431446049&utmac=UA-21588661-2&utmcc=__utma%3D236206687.535667078.1497431446.1497431446.1497431446.1%3B%2B__utmz%3D236206687.1497431446.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=2133309435&utmredir=1&utmu=qhAAAAAAAAAAAAAAAAAAAAAE~
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.google-analytics.com
referer: http://onlineassistance.ml/bankofamerica/2.html
:scheme: https
:method: GET
Referer: http://onlineassistance.ml/bankofamerica/2.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jun 2017 09:10:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="38,37,36,35"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/__utm.gif?utmwv=5.6.7&utms=1&utmn=1848031230&utmhn=onlineassistance.ml&utmcs=UTF-8&utmsr=1600x1200&utmvp=1583x1132&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=26.0%20r0&utmdt=Bank%20of%20America%20%7C%20Online%20Banking%20%7C%20Sign%20In%20%7C%20Online%20ID&utmhid=256778828&utmr=-&utmp=%2Fbankofamerica%2F2.html&utmht=1497431446049&utmac=UA-21588661-2&utmcc=__utma%3D236206687.535667078.1497431446.1497431446.1497431446.1%3B%2B__utmz%3D236206687.1497431446.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=2133309435&utmredir=1&utmu=qhAAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason: HSTS

GET
H/1.1 404
Not Found cnx-regular.ttf
onlineassistance.ml/pa/global-assets/1.0/font/cnx-regular/ 0
0 119ms
119ms Font
text/html 2a02:4780:dead:f57d::1
HOSTINGER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://onlineassistance.ml/pa/global-assets/1.0/font/cnx-regular/cnx-regular.ttf

Requested by

Host: onlineassistance.ml
URL: http://onlineassistance.ml/bankofamerica/2.html

Protocol

HTTP/1.1

Server

2a02:4780:dead:f57d::1 , Lithuania, ASN47583 (HOSTINGER-AS, LT),

Reverse DNS

Software

awex /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Origin: http://onlineassistance.ml
Accept-Encoding: gzip, deflate, sdch
Host: onlineassistance.ml
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36
Accept: */*
Referer: http://onlineassistance.ml/bankofamerica/2.html
Cookie: mbox=check#true#1497431506|session#1497431445959-271595#1497433306; cmTPSet=Y; __utmt=1; __utma=236206687.535667078.1497431446.1497431446.1497431446.1; __utmb=236206687.1.10.1497431446; __utmc=236206687; __utmz=236206687.1497431446.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36
Referer: http://onlineassistance.ml/bankofamerica/2.html
Origin: http://onlineassistance.ml

Response headers

Date: Wed, 14 Jun 2017 09:10:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: awex
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Xss-Protection: 1; mode=block
X-Request-ID: 4898e976b146b106f369c87842281708

GET
H/1.1 200
OK favicon.ico
www.bankofamerica.com/pa/global-assets/1.0/graphic/ 318 B
182 B 138ms
137ms Other
image/x-icon 171.161.202.100
Bank of America

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bankofamerica.com/pa/global-assets/1.0/graphic/favicon.ico?ts=20151018
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 171.161.202.100 Concord, United States, ASN10794 (BANKAMERICA - Bank of America, US),
Reverse DNS
Software: /
Resource Hash: 97ac0743dec6f7dc9326192d642ae23bfbd0afc3601cc192462c6eb6f5ec1224

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: www.bankofamerica.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://onlineassistance.ml/bankofamerica/2.html
Cookie: TLTSID=5845F59C50E11050F42BBBD87FFDC194; TLTUID=5845F59C50E11050F42BBBD87FFDC194; SPID=F1S1; SID=002642132B005940FD93
Connection: keep-alive
Cache-Control: no-cache
Referer: http://onlineassistance.ml/bankofamerica/2.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36

Response headers

Date: Wed, 14 Jun 2017 09:10:46 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 May 2017 17:30:36 GMT
Age: 699
ETag: "13e-54fbba566a700"
X-BOA-RequestID: zTcbyadGgjoAAuHV5_8AAADP
Vary: Accept-Encoding
Content-Type: image/x-icon
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
X-Serviced-By: /pa/global-assets/1.0/graphic/favicon.ico--qOBY3rlwG+MicvR/A8cyMg==--hqLCpNMd6z5x5G7jP0TOPg==
Keep-Alive: timeout=5, max=497
Content-Length: 182
Expires: Thu, 14 Jun 2018 08:59:07 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: streak.bankofamerica.com
URL: http://streak.bankofamerica.com/30306/I3n.js

Domain: pane.bankofamerica.com
URL: http://pane.bankofamerica.com/30306/a8e.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Bank of America (Banking)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.onlineassistance.ml/	2017-06-14 09:40:46	Name: __utmb Value: 236206687.1.10.1497431446
.onlineassistance.ml/	1970-01-01 00:00:00	Name: __utmc Value: 236206687
.onlineassistance.ml/	2017-12-13 21:10:46	Name: __utmz Value: 236206687.1497431446.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.onlineassistance.ml/	2017-06-14 09:41:46	Name: mbox Value: check#true#1497431506\|session#1497431445959-271595#1497433306
.onlineassistance.ml/	2017-06-14 09:20:46	Name: __utmt Value: 1
onlineassistance.ml/	1970-01-01 00:00:00	Name: cmTPSet Value: Y
.onlineassistance.ml/	2019-06-14 09:10:46	Name: __utma Value: 236206687.535667078.1497431446.1497431446.1497431446.1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cloud.githubusercontent.com
onlineassistance.ml
pane.bankofamerica.com
secure.bankofamerica.com
streak.bankofamerica.com
testdata.coremetrics.com
www.1freehosting.com
www.bankofamerica.com
www.google-analytics.com
pane.bankofamerica.com
streak.bankofamerica.com
129.33.138.4
151.101.112.133
171.161.198.200
171.161.202.100
2a00:1450:4001:819::200e
2a02:4780:dead:f57d::1
50.19.252.204
1c7356ef5b319167b4bc7cca134ca63a58db944b0e7fc19cd39df1367d67421c
2685d0b576e6b9b5690c3f92a7093f2a24194c410452288d97c54d19dcf30160
2a1b1589e316d02ab75481e7aa88c9975afd2e87f17982fb6d38b6ebe2425a4c
4e2ed635abf0b2dcbac3ea04d16ccf58bb2195364d65b76190f03da0f43255c5
6311e3641052ab97ed4e703f0f624c62b7d62c7e1c66fe0423c34706975c3d25
6faff1c939a50b046b98c124b959cb7cba4782252358581a19cbb06e9896afdc
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8c37fb372596058d87dd9208541c49b020d0e840e4f3a5baa27d39be2dc70b01
900c894dd69396868add4dd9e390081f7dcc79581c632294b1007003a6b68f95
97ac0743dec6f7dc9326192d642ae23bfbd0afc3601cc192462c6eb6f5ec1224
998c6193823c1c20b08bb87887331457bf6b35fd3466689386bf67e234c2f239
a8bc6337547a246ef75d1ae66d7ec8a0ed6171c1ba49804a403124e27c8e8452
ab452d4def844f3a575de856a988302cbf697932db57a0dd1121f530dc0871bc
afcaad4eb11ebacd898a88390b66195dbe333903745adcd6187aa8d48ea991be
b43ed1d3bfd568eac3b1bc15ebe70fc423734748328bce49a9f3fb7399ce897b
ca3205c6a4eecfd67ad990b62b10e19f601230a2a5b2791676089e82836763f4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

onlineassistance.ml Open in urlscan Pro 2a02:4780:dead:f57d::1 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

22 Requests

64 %HTTPS

29 %IPv6

6 Domains

9 Subdomains

8 IPs

3 Countries

357 kBTransfer

1143 kBSize

7 Cookies

7 Outgoing links

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

7 Cookies

Security Headers

Indicators

onlineassistance.ml Open in urlscan Pro
2a02:4780:dead:f57d::1 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

64 %
HTTPS

29 %
IPv6

6
Domains

9
Subdomains

8
IPs

3
Countries

357 kB
Transfer

1143 kB
Size

7
Cookies

22 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!