security.alerts.bankofamerica.com.updating.fithumanperformance.com
Open in
urlscan Pro
192.185.5.246
Malicious Activity!
Public Scan
Submission: On March 24 via automatic, source openphish
Summary
This is the only time security.alerts.bankofamerica.com.updating.fithumanperformance.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Bank of America (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
15 | 192.185.5.246 192.185.5.246 | 20013 (CYRUSONE) (CYRUSONE - CyrusOne LLC) | |
6 | 23.43.117.209 23.43.117.209 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
4 | 171.161.206.200 171.161.206.200 | 10794 (BANKAMERICA) (BANKAMERICA - Bank of America) | |
1 | 104.19.196.102 104.19.196.102 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
26 | 4 |
ASN20013 (CYRUSONE - CyrusOne LLC, US)
security.alerts.bankofamerica.com.updating.fithumanperformance.com |
ASN20940 (AKAMAI-ASN1, US)
PTR: a23-43-117-209.deploy.static.akamaitechnologies.com
online.bbt.com |
ASN10794 (BANKAMERICA - Bank of America, US)
secure.bankofamerica.com |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdnjs.cloudflare.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
fithumanperformance.com
security.alerts.bankofamerica.com.updating.fithumanperformance.com |
629 KB |
6 |
bbt.com
online.bbt.com |
176 KB |
4 |
bankofamerica.com
secure.bankofamerica.com |
692 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com |
3 KB |
26 | 4 |
Domain | Requested by | |
---|---|---|
15 | security.alerts.bankofamerica.com.updating.fithumanperformance.com |
security.alerts.bankofamerica.com.updating.fithumanperformance.com
online.bbt.com |
6 | online.bbt.com |
security.alerts.bankofamerica.com.updating.fithumanperformance.com
|
4 | secure.bankofamerica.com |
security.alerts.bankofamerica.com.updating.fithumanperformance.com
|
1 | cdnjs.cloudflare.com |
security.alerts.bankofamerica.com.updating.fithumanperformance.com
|
26 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://security.alerts.bankofamerica.com.updating.fithumanperformance.com/sign-in/account-details.html?73656375726974792e616c657274732e62616e6b6f66616d65726963612e636f6d2e7570646174696e672e66697468756d616e706572666f726d616e63652e636f6d-73656375726974792e616c657274732e62616e6b6f66616d65726963612e636f6d2e7570646174696e672e66697468756d616e706572666f726d616e63652e636f6d-73656375726974792e616c657274732e62616e6b6f66616d65726963612e636f6d2e7570646174696e672e66697468756d616e706572666f726d616e63652e636f6d73656375726974792e616c657274732e62616e6b6f66616d65726963612e636f6d2e7570646174696e672e66697468756d616e706572666f726d616e63652e636f6d73656375726974792e616c657274732e62616e6b6f66616d65726963612e636f6d2e7570646174696e672e66697468756d616e706572666f726d616e63652e636f6d73656375726974792e616c657274732e62616e6b6f66616d65726963612e636f6d2e7570646174696e672e66697468756d616e706572666f726d616e63652e636f6d73656375726974792e616c657274732e62616e6b6f66616d65726963612e636f6d2e7570646174696e672e66697468756d616e706572666f726d616e63652e636f6d73656375726974792e616c657274732e62616e6b6f66616d65726963612e636f6d2e7570646174696e672e66697468756d616e706572666f726d616e63652e636f6d73656375726974792e616c657274732e62616e6b6f66616d65726963612e636f6d2e7570646174696e672e66697468756d616e706572666f726d616e63652e636f6d73656375726974792e616c657274732e62616e6b6f66616d65726963612e636f6d2e7570646174696e672e66697468756d616e706572666f726d616e63652e636f6d73656375726974792e616c657274732e62616e6b6f66616d65726963612e636f6d2e7570646174696e672e66697468756d616e706572666f726d616e63652e636f6d
Frame ID: F9B85642EAC3F53A2EF70A76206912E8
Requests: 26 HTTP requests in this frame
Screenshot
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Modernizr (JavaScript Libraries) Expand
Detected patterns
- env /^Modernizr$/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
- script /jquery.*\.js/i
- env /^jQuery$/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
26 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
account-details.html
security.alerts.bankofamerica.com.updating.fithumanperformance.com/sign-in/ |
38 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.css
security.alerts.bankofamerica.com.updating.fithumanperformance.com/sign-in/IMG/ |
72 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.9.1.min.js
online.bbt.com/retailEnrollment/resources/js/vendor/ |
97 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cssua.js
online.bbt.com/retailEnrollment/resources/js/vendor/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
plugin.combined.min.js
online.bbt.com/retailEnrollment/resources/js/ |
473 KB 130 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
u-enrollment.js
online.bbt.com/retailEnrollment/resources/js/ |
13 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
olb-summary-container.css
secure.bankofamerica.com/pa/components/containers/olb-summary-container/1.2.2/style/ |
2 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fok.css
security.alerts.bankofamerica.com.updating.fithumanperformance.com/sign-in/cc/ |
134 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dessin.css
security.alerts.bankofamerica.com.updating.fithumanperformance.com/sign-in/cc/ |
433 KB 83 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
topnav.js
secure.bankofamerica.com/pa/components/utilities/top-nav-util/1.15/script/ |
630 KB 630 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ajax-loader.gif
secure.bankofamerica.com/pa/components/modules/olb-header-module/33.0/graphic/ |
2 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bc_yaab_CashReward_MasterCard.png
secure.bankofamerica.com/content/images/ContextualSiteGraphics/CreditCardArt/en_US/eclo/ |
106 KB 57 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fot1.jpg
security.alerts.bankofamerica.com.updating.fithumanperformance.com/sign-in/IMG/ |
104 KB 104 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fot2.jpg
security.alerts.bankofamerica.com.updating.fithumanperformance.com/sign-in/IMG/ |
154 KB 154 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tooltips.min.js
online.bbt.com/retailEnrollment/resources/js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
jquery.maskedinput.js
cdnjs.cloudflare.com/ajax/libs/jquery.maskedinput/1.4.1/ |
10 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lightbox.min.js
online.bbt.com/retailEnrollment/resources/js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sourcesanspro-regular-webfont.woff
security.alerts.bankofamerica.com.updating.fithumanperformance.com/sign-in/css/font/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sourcesanspro-regular-webfont.ttf
security.alerts.bankofamerica.com.updating.fithumanperformance.com/sign-in/css/font/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
olb-header-sprite-2015-11.svg
security.alerts.bankofamerica.com.updating.fithumanperformance.com/sign-in/IMG/ |
71 KB 72 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sc-sprite.png
security.alerts.bankofamerica.com.updating.fithumanperformance.com/sign-in/IMG/ |
11 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
summary-arrows.png
security.alerts.bankofamerica.com.updating.fithumanperformance.com/pa/components/containers/olb-summary-container/1.2.2/graphic/ |
4 KB 4 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sprite_securityctr_121011.png
security.alerts.bankofamerica.com.updating.fithumanperformance.com/sign-in/IMG/ |
153 KB 153 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
triangle-bottom.png
security.alerts.bankofamerica.com.updating.fithumanperformance.com/sign-in/IMG/ |
265 B 481 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sourcesanspro-semibold-webfont.woff
security.alerts.bankofamerica.com.updating.fithumanperformance.com/sign-in/css/font/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sourcesanspro-semibold-webfont.ttf
security.alerts.bankofamerica.com.updating.fithumanperformance.com/sign-in/css/font/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Bank of America (Banking)102 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery object| cssua function| DP_jQuery_1521929628449 object| html5 object| Modernizr function| yepnope function| showHide function| showContent function| closeContent undefined| dialogOpen function| processingWindow function| doCommonFormSubmit boolean| formSubmitted function| doubleSubmitCheck function| fsdreadCookie function| fsdcreateCookie function| fsdBrowserCheck function| OOLPopUpMLInterstitial function| fsdgoto function| fsdgeturl function| getRXPUrl function| getLegacyBPUrl function| contactusgoto function| contactusgeturl function| fsdPopularHelpTopic function| removeClassMatch function| setFsdSignOut function| beginFsdGlobalTimeout function| fsdKeepPipadSessionAlive function| myHandleContinue function| fsdExtendActiveCavSessions function| fsdPingPipad function| doLocatorSearch function| fsdCoBrowse_jQuery_init function| RetrieveLiveLookToken function| sendSAMLLivelook function| advPopupClose function| fsdReportError function| loadjscssfile function| calculateBamdLength function| checkNonBACDomain function| compareVersions number| pipadPingCount undefined| warnTime object| fsdd string| fsdSSK string| fsdSSK_cookie string| fsdReturnSiteIndicator boolean| fsdAppSessionPing boolean| isIE7 boolean| isIE8 undefined| profileL2Position object| mouseCurrPosition string| aoOpenAnAcc_PrefWid_TargetUrl string| getFsdPipadDomain object| applicationName string| applicationPingURL boolean| pipadTimer string| fsdTopnavUtilPath object| fsdDefaultSettings string| $activateToExpand string| $activateToCollapse function| $jq undefined| originalJQuery object| fsdBamdUpdate function| aam_tnt_cb function| mboxFactory function| mboxFactories function| DP_jQuery_1521929629648 object| jQuery182011705673889713375 object| boa boolean| isWSOPresent function| MLInterstitial object| fsdInvokeTimeoutModal function| _store function| _action function| _error function| _info function| _singleLine function| _scan function| _initialize object| utag_data string| bactm_envSelector object| adobe function| mboxCreate function| mboxDefine function| mboxUpdate object| mboxFactoryDefault boolean| TPS_FLAG function| check object| BBT_tooltip object| jQuery19107407683919928469 object| lightbox string| ua boolean| is_ipad boolean| is_iphone boolean| is_ipod boolean| is_ios boolean| is_android boolean| is_android_tablet boolean| is_touch0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdnjs.cloudflare.com
online.bbt.com
secure.bankofamerica.com
security.alerts.bankofamerica.com.updating.fithumanperformance.com
104.19.196.102
171.161.206.200
192.185.5.246
23.43.117.209
0333a0b29dd701fc809e2d3a24cb667b42d348839cd3983cb31b3109c1700220
07ab8037ad95a09281436931f3439d5a623877b1cc49b7830747cc92cc5b524e
0aa47d59aa3af806329e7cb9e797d106c22c2451f53760415f897f6c14c71368
1aad2bf6df40910f745524b32f6131a7031a09b6e24a8b1d2bf3bfaa780562e9
28f27170e6e57008cd3b8208ad8e6b90435fe3cf6d5be4af1942ed5c198ff61b
2a68a9fd4b540ba72872f8510183c609275a8b670d150f5b8c0d464991c221e9
31be94096e38240faf0b3e749ad80e70c3cd79b681cf96298ad7d6b060c53d30
41a9a1ba31fb0e0b59eb71deb12f2040ebd08aec4f65387fc911e3eb8bcbd8c1
5d58cb0a22619f72aef046cbf5750946fc4c891c4f0d5062cd1164db491fc0f1
624bce93143397fa130c588632a9a259383e886a826cf0a30b13961dc4e5ddf7
6a67d85a3740ab6e955afd67cc06d70b48e8b94551b689434b79262256c2843a
72be76cff38908f93b3ab28c8319d3809271f53ad08ab8a94b46f9f6de2fede9
7da236af7557f0ee11423cfa73ad6f8d1dc2b85fdb9e9ff6402e5250e634cc46
7ef14a1e070a6a2ec9ff44ccf5e923cb2a460c5861a3db8a9ae1e21557d27020
8968ae1edd3d760323f47e495b1c5ab43a6a06b55cf0c0be87482f16195bbfe4
9bb2a17fec94ff2a88c46f0f88d01815884cf11c7ca4f7e846dfde9a32826bbf
a31024022ee8aa9b6f6342c904c44af6e84b198cf0ce78b4c46dc458589e8b2c
aeb116770fdfc2b4046b655e4c875fba6fab7d21a5a49dcb0d6b37eab0870b03
b22f6258f23968111120c27e9f0caa064f187cf885d5fc9a646130bd4d59ed59
cface47fbe646ce617d6bb993b80a0a0431190c3ba90b07b97961ed3bc496933
df7481a95d9aadf17437ecabae1399d2d173cd32ec6ac04441b9666af33dd756
ec52a86ca9e16d4dd5d9bd2ffbc28cdc666e8bfdaaa7b60539dd94a164ce75f5