update-bankoamerica.com Open in urlscan Pro
31.170.161.16 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://update-bankoamerica.com/
Submission: On August 12 via manual (August 12th 2020, 11:06:04 pm UTC) from US

Summary HTTP 25 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 25 HTTP transactions. The main IP is 31.170.161.16, located in United States and belongs to AS-HOSTINGER, LT. The main domain is update-bankoamerica.com.

This is the only time update-bankoamerica.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Bank of America (Banking)

Domain & IP information

	IP Address	AS Autonomous System
10	31.170.161.16 31.170.161.16	47583 (AS-HOSTINGER) (AS-HOSTINGER)
2	130.61.96.156 130.61.96.156	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
7	54.246.162.154 54.246.162.154	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::ac43:46d1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	5

10 31.170.161.16 (United States)

ASN47583 (AS-HOSTINGER, LT)

update-bankoamerica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.61.96.156 (Frankfurt am Main, Germany)

ASN31898 (ORACLE-BMC-31898, US)

cdn.smartclip-services.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 54.246.162.154 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-162-154.eu-west-1.compute.amazonaws.com

des.smartclip.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:46d1 (United States)

ASN13335 (CLOUDFLARENET, US)

hosting.miarroba.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	update-bankoamerica.com update-bankoamerica.com	228 KB
7	smartclip.net des.smartclip.net	12 KB
2	miarroba.info hosting.miarroba.info	980 B
2	smartclip-services.com cdn.smartclip-services.com	22 KB
0	bankofamerica.com Failed www.bankofamerica.com Failed
25	5

	Domain	Requested by
10	update-bankoamerica.com	update-bankoamerica.com
7	des.smartclip.net	update-bankoamerica.com
2	hosting.miarroba.info	update-bankoamerica.com
2	cdn.smartclip-services.com	update-bankoamerica.com
0	www.bankofamerica.com Failed	update-bankoamerica.com
25	5

This site contains no links.

Subject Issuer	Validity	Valid
*.smartclip-services.com Sectigo RSA Domain Validation Secure Server CA	`2019-12-30` - `2021-12-29`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-16` - `2021-07-16`	a year	crt.sh

This page contains 2 frames:

Primary Page: http://update-bankoamerica.com/
Frame ID: F4E6A3CF2FD821A0830A218D1DDA12C6
Requests: 24 HTTP requests in this frame

Frame: http://hosting.miarroba.info/607f6b0b381bbc1f64fa027d62891072_cookie.php
Frame ID: 4FCDCD1884A27480A911392E237CD8E3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

LiteSpeed (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^LiteSpeed$/i

Page Statistics

25
Requests

12 %
HTTPS

25 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

263 kB
Transfer

877 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response update-bankoamerica.com/	34 KB 9 KB	361ms 299ms	Document text/html	31.170.161.16 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL http://update-bankoamerica.com/ Protocol HTTP/1.1 Server 31.170.161.16 , United States, ASN47583 (AS-HOSTINGER, LT), Reverse DNS Software LiteSpeed / PHP/7.2.32 Resource Hash `5b6c387f199d2f2568a8f3d8a506f9f12970e9847e32ce682e47a45ab8a8c1b8` Request headers Host update-bankoamerica.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Connection Keep-Alive X-Powered-By PHP/7.2.32 Content-Type text/html; charset=UTF-8 Cache-Control public, max-age=604800 Expires Wed, 19 Aug 2020 23:05:40 GMT Content-Length 8914 Content-Encoding gzip Vary Accept-Encoding Date Wed, 12 Aug 2020 23:05:40 GMT Server LiteSpeed
GET H/1.1	200 OK	gtm5445.html Show response update-bankoamerica.com/www.googletagmanager.com/	34 KB 9 KB	315ms 280ms	Script text/html	31.170.161.16 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL http://update-bankoamerica.com/www.googletagmanager.com/gtm5445.html?id=GTM-T2VG59 Requested by Host: update-bankoamerica.com URL: http://update-bankoamerica.com/ Protocol HTTP/1.1 Server 31.170.161.16 , United States, ASN47583 (AS-HOSTINGER, LT), Reverse DNS Software LiteSpeed / PHP/7.2.32 Resource Hash `5b6c387f199d2f2568a8f3d8a506f9f12970e9847e32ce682e47a45ab8a8c1b8` Request headers Referer http://update-bankoamerica.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 12 Aug 2020 23:05:40 GMT Content-Encoding gzip Server LiteSpeed X-Powered-By PHP/7.2.32 Vary Accept-Encoding Content-Type text/html; charset=UTF-8 Cache-Control public, max-age=604800 Connection Keep-Alive Content-Length 8914 Expires Wed, 19 Aug 2020 23:05:40 GMT
GET H/1.1	200 OK	f.txt Show response update-bankoamerica.com/pagead2.googlesyndication.com/pagead/js/	34 KB 9 KB	324ms 288ms	Script text/html	31.170.161.16 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL http://update-bankoamerica.com/pagead2.googlesyndication.com/pagead/js/f.txt Requested by Host: update-bankoamerica.com URL: http://update-bankoamerica.com/ Protocol HTTP/1.1 Server 31.170.161.16 , United States, ASN47583 (AS-HOSTINGER, LT), Reverse DNS Software LiteSpeed / PHP/7.2.32 Resource Hash `5b6c387f199d2f2568a8f3d8a506f9f12970e9847e32ce682e47a45ab8a8c1b8` Request headers Referer http://update-bankoamerica.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 12 Aug 2020 23:05:40 GMT Content-Encoding gzip Server LiteSpeed X-Powered-By PHP/7.2.32 Vary Accept-Encoding Content-Type text/html; charset=UTF-8 Cache-Control public, max-age=604800 Connection Keep-Alive Content-Length 8914 Expires Wed, 19 Aug 2020 23:05:40 GMT
GET H/1.1	200 OK	vipaa-v4-jawr.css update-bankoamerica.com/source/	448 KB 64 KB	161ms 159ms	Stylesheet text/css	31.170.161.16 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL http://update-bankoamerica.com/source/vipaa-v4-jawr.css Requested by Host: update-bankoamerica.com URL: http://update-bankoamerica.com/ Protocol HTTP/1.1 Server 31.170.161.16 , United States, ASN47583 (AS-HOSTINGER, LT), Reverse DNS Software LiteSpeed / Resource Hash `5348dc1a48ac3b8d64743434443324f4cd4ef8324f52db2e4ef874e001af1da8` Request headers Referer http://update-bankoamerica.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 12 Aug 2020 23:05:40 GMT Content-Encoding gzip Last-Modified Wed, 12 Aug 2020 22:52:11 GMT Server LiteSpeed Etag "70006-5f34729b-d16659852ac869ad;gz" Vary Accept-Encoding Content-Type text/css Cache-Control public, max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Content-Length 65438 Expires Fri, 11 Sep 2020 23:05:40 GMT
GET H/1.1	200 OK	jquery.min.js Show response update-bankoamerica.com/frostEdit/libs/jquery/3.4.1/	86 KB 30 KB	311ms 276ms	Script application/x-javascript	31.170.161.16 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL http://update-bankoamerica.com/frostEdit/libs/jquery/3.4.1/jquery.min.js Requested by Host: update-bankoamerica.com URL: http://update-bankoamerica.com/ Protocol HTTP/1.1 Server 31.170.161.16 , United States, ASN47583 (AS-HOSTINGER, LT), Reverse DNS Software LiteSpeed / Resource Hash `0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a` Request headers Referer http://update-bankoamerica.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 12 Aug 2020 23:05:40 GMT Content-Encoding gzip Last-Modified Wed, 12 Aug 2020 22:52:11 GMT Server LiteSpeed Etag "15851-5f34729b-49988b1837abfc85;gz" Vary Accept-Encoding Content-Type application/x-javascript Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 30737 Expires Wed, 19 Aug 2020 23:05:40 GMT
GET H/1.1	200 OK	miarroba.js Show response cdn.smartclip-services.com/v1/Storage-a482323/smartclip-services/ava/config/	2 KB 2 KB	237ms 60ms	Script application/javascript	130.61.96.156 ORACLE-BMC-31898
General Check archive.org Show headers Download Go to Full URL https://cdn.smartclip-services.com/v1/Storage-a482323/smartclip-services/ava/config/miarroba.js Requested by Host: update-bankoamerica.com URL: http://update-bankoamerica.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 130.61.96.156 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US), Reverse DNS Software / Resource Hash `297b2188e8b8a5bd95bc5fea0996c0ac64bb6b500e1ff23001d881ccccebf7a5` Request headers Referer http://update-bankoamerica.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 12 Aug 2020 23:05:40 GMT Last-Modified Mon, 30 Mar 2020 14:17:15 GMT ETag "5e81ff6b-748" Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Expose-Headers Content-Length,Content-Range Cache-Control max-age=86400 Connection keep-alive Accept-Ranges bytes Access-Control-Allow-Headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range Content-Length 1864 Expires Thu, 13 Aug 2020 23:05:40 GMT
GET H/1.1	200 OK	lz_loaderad05.js Show response update-bankoamerica.com/img.sunmediaads.com/ads/	34 KB 9 KB	162ms 161ms	Script text/html	31.170.161.16 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL http://update-bankoamerica.com/img.sunmediaads.com/ads/lz_loaderad05.js?ver=1.4 Requested by Host: update-bankoamerica.com URL: http://update-bankoamerica.com/ Protocol HTTP/1.1 Server 31.170.161.16 , United States, ASN47583 (AS-HOSTINGER, LT), Reverse DNS Software LiteSpeed / PHP/7.2.32 Resource Hash `5b6c387f199d2f2568a8f3d8a506f9f12970e9847e32ce682e47a45ab8a8c1b8` Request headers Referer http://update-bankoamerica.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 12 Aug 2020 23:05:41 GMT Content-Encoding gzip Server LiteSpeed X-Powered-By PHP/7.2.32 Vary Accept-Encoding Content-Type text/html; charset=UTF-8 Cache-Control public, max-age=604800 Connection Keep-Alive Content-Length 8914 Expires Wed, 19 Aug 2020 23:05:41 GMT
GET H/1.1	200 OK	BofA_rgb.png update-bankoamerica.com/Images/	38 KB 39 KB	340ms 339ms	Image image/png	31.170.161.16 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL http://update-bankoamerica.com/Images/BofA_rgb.png Requested by Host: update-bankoamerica.com URL: http://update-bankoamerica.com/ Protocol HTTP/1.1 Server 31.170.161.16 , United States, ASN47583 (AS-HOSTINGER, LT), Reverse DNS Software LiteSpeed / Resource Hash `30652cee5990b3b76f6cbf6f26362be9254dd62b4c6e6003c1127d1484573787` Request headers Referer http://update-bankoamerica.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 12 Aug 2020 23:05:41 GMT Last-Modified Wed, 12 Aug 2020 22:52:11 GMT Server LiteSpeed Etag "99fe-5f34729b-b04203d23f8f6072;;;" Content-Type image/png Cache-Control public, max-age=31536000 Connection Keep-Alive Accept-Ranges bytes Content-Length 39422 Expires Thu, 12 Aug 2021 23:05:41 GMT
GET H/1.1	200 OK	mobile_llama.png update-bankoamerica.com/Images/	19 KB 19 KB	159ms 159ms	Image image/png	31.170.161.16 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL http://update-bankoamerica.com/Images/mobile_llama.png Requested by Host: update-bankoamerica.com URL: http://update-bankoamerica.com/ Protocol HTTP/1.1 Server 31.170.161.16 , United States, ASN47583 (AS-HOSTINGER, LT), Reverse DNS Software LiteSpeed / Resource Hash `6bb1d4b1b719488b9812d1fb67b41b03857eec8f4e0a4d46a8066574037d817a` Request headers Referer http://update-bankoamerica.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 12 Aug 2020 23:05:41 GMT Last-Modified Wed, 12 Aug 2020 22:52:11 GMT Server LiteSpeed Etag "4adf-5f34729b-3f56e882830c103e;;;" Content-Type image/png Cache-Control public, max-age=31536000 Connection Keep-Alive Accept-Ranges bytes Content-Length 19167 Expires Thu, 12 Aug 2021 23:05:41 GMT
GET H/1.1	200	ads Show response des.smartclip.net/	3 KB 2 KB	148ms 114ms	Script application/javascript	54.246.162.154 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://des.smartclip.net/ads?type=dyn&plc=75133&elementId=44ea2e90b2cdfd7bc177e53c3e7e877db57d31de&sz=400x320&rnd=39521979 Requested by Host: update-bankoamerica.com URL: http://update-bankoamerica.com/ Protocol HTTP/1.1 Server 54.246.162.154 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-246-162-154.eu-west-1.compute.amazonaws.com Software nginx/1.17.6 / Resource Hash `b2b2f802c31015858ee5fbf1e248cd59e16d7267bf070a08f0c33f2e4a7fdb05` Request headers Referer http://update-bankoamerica.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 12 Aug 2020 23:05:41 GMT Content-Encoding gzip Sc-Supply-Network 999999 Vary Accept-Encoding P3P CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Sc-Uuid 224e41da-edab-414e-8a96-4c03641df1b9 Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Credentials true Content-Type application/javascript; charset=utf-8 Sc-Device-Type PC Server nginx/1.17.6
GET H/1.1	200	ads Show response des.smartclip.net/	3 KB 2 KB	106ms 74ms	Script application/javascript	54.246.162.154 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://des.smartclip.net/ads?type=dyn&plc=75133&elementId=44ea2e90b2cdfd7bc177e53c3e7e877db57d31de&sz=400x320&rnd=82532775 Requested by Host: update-bankoamerica.com URL: http://update-bankoamerica.com/ Protocol HTTP/1.1 Server 54.246.162.154 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-246-162-154.eu-west-1.compute.amazonaws.com Software nginx/1.17.6 / Resource Hash `eabc6ab50d00fefc001538aaef8cf0076a42836d2c7283a7d5ee6cb062b83570` Request headers Referer http://update-bankoamerica.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 12 Aug 2020 23:05:41 GMT Content-Encoding gzip Sc-Supply-Network 999999 Vary Accept-Encoding P3P CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Sc-Uuid 958653ba-5bbf-4dd8-8aaa-4f348825cfad Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Credentials true Content-Type application/javascript; charset=utf-8 Sc-Device-Type PC Server nginx/1.17.6
GET H/1.1	200 OK	ava.js Show response cdn.smartclip-services.com/v1/Storage-a482323/smartclip-services/ava/	76 KB 19 KB	64ms 62ms	Script application/javascript	130.61.96.156 ORACLE-BMC-31898
General Check archive.org Show headers Download Go to Full URL https://cdn.smartclip-services.com/v1/Storage-a482323/smartclip-services/ava/ava.js Requested by Host: update-bankoamerica.com URL: http://update-bankoamerica.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 130.61.96.156 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US), Reverse DNS Software / Resource Hash `94a3f5c1801fd7529d4733e86f11ae5af5c665abddc3e12e5f01ee2178729bd3` Request headers Referer http://update-bankoamerica.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma public Date Wed, 12 Aug 2020 23:05:41 GMT Content-Encoding gzip Last-Modified Wed, 29 Jul 2020 13:17:14 GMT ETag W/"5f2176da-12e6a" Transfer-Encoding chunked Content-Type application/javascript Cache-Control max-age=259200, public Connection keep-alive Expires Sat, 15 Aug 2020 23:05:41 GMT
GET H/1.1	200	ads Show response des.smartclip.net/	3 KB 2 KB	137ms 113ms	Script application/javascript	54.246.162.154 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://des.smartclip.net/ads?type=dyn&plc=75133&elementId=44ea2e90b2cdfd7bc177e53c3e7e877db57d31de&sz=400x320&rnd=93608661 Requested by Host: update-bankoamerica.com URL: http://update-bankoamerica.com/ Protocol HTTP/1.1 Server 54.246.162.154 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-246-162-154.eu-west-1.compute.amazonaws.com Software nginx/1.17.6 / Resource Hash `0b5a4db2969bb082f04e519203c92b42130c2b201c12da01933793d61ff79c9d` Request headers Referer http://update-bankoamerica.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 12 Aug 2020 23:05:41 GMT Content-Encoding gzip Sc-Supply-Network 999999 Vary Accept-Encoding P3P CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Sc-Uuid 695c5f65-22ea-4c1a-855a-929591584e7d Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Credentials true Content-Type application/javascript; charset=utf-8 Sc-Device-Type PC Server nginx/1.17.6
GET H/1.1	200	ads Show response des.smartclip.net/	3 KB 2 KB	147ms 111ms	Script application/javascript	54.246.162.154 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://des.smartclip.net/ads?type=dyn&plc=75133&elementId=44ea2e90b2cdfd7bc177e53c3e7e877db57d31de&sz=400x320&rnd=42754269 Requested by Host: update-bankoamerica.com URL: http://update-bankoamerica.com/ Protocol HTTP/1.1 Server 54.246.162.154 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-246-162-154.eu-west-1.compute.amazonaws.com Software nginx/1.17.6 / Resource Hash `08aecdcb635193130bc8d5095666e8d3dd713517e95ddfe0dff270b95279d75f` Request headers Referer http://update-bankoamerica.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 12 Aug 2020 23:05:41 GMT Content-Encoding gzip Sc-Supply-Network 999999 Vary Accept-Encoding P3P CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Sc-Uuid ece2d633-de3b-42b8-8aa7-4a0aa4480cc6 Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Credentials true Content-Type application/javascript; charset=utf-8 Sc-Device-Type PC Server nginx/1.17.6
GET H/1.1	200	ads Show response des.smartclip.net/	3 KB 2 KB	148ms 113ms	Script application/javascript	54.246.162.154 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://des.smartclip.net/ads?type=dyn&plc=75133&elementId=44ea2e90b2cdfd7bc177e53c3e7e877db57d31de&sz=400x320&rnd=97695233 Requested by Host: update-bankoamerica.com URL: http://update-bankoamerica.com/ Protocol HTTP/1.1 Server 54.246.162.154 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-246-162-154.eu-west-1.compute.amazonaws.com Software nginx/1.17.6 / Resource Hash `1383d44d2e78e1202dceea184b622484d15813f71010294563462f641d7aa473` Request headers Referer http://update-bankoamerica.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 12 Aug 2020 23:05:41 GMT Content-Encoding gzip Sc-Supply-Network 999999 Vary Accept-Encoding P3P CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Sc-Uuid 0a796eb7-15d5-418e-8bea-f8de4b9b5036 Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Credentials true Content-Type application/javascript; charset=utf-8 Sc-Device-Type PC Server nginx/1.17.6
GET H/1.1	200	ads Show response des.smartclip.net/	3 KB 2 KB	143ms 108ms	Script application/javascript	54.246.162.154 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://des.smartclip.net/ads?type=dyn&plc=75133&elementId=44ea2e90b2cdfd7bc177e53c3e7e877db57d31de&sz=400x320&rnd=76160770 Requested by Host: update-bankoamerica.com URL: http://update-bankoamerica.com/ Protocol HTTP/1.1 Server 54.246.162.154 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-246-162-154.eu-west-1.compute.amazonaws.com Software nginx/1.17.6 / Resource Hash `17f11c5ee427ea7075d675050f9e87001371223addbd927ab8b74d8d986b3311` Request headers Referer http://update-bankoamerica.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 12 Aug 2020 23:05:41 GMT Content-Encoding gzip Sc-Supply-Network 999999 Vary Accept-Encoding P3P CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Sc-Uuid 6e2c123d-68d7-472d-8b84-f76f943d950c Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Credentials true Content-Type application/javascript; charset=utf-8 Sc-Device-Type PC Server nginx/1.17.6
GET H2	200	/ Show response hosting.miarroba.info/	1 KB 980 B	205ms 161ms	Script application/javascript	2606:4700:20::ac43:46d1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hosting.miarroba.info/?__muid=44ea2e90b2cdfd7bc177e53c3e7e877db57d31de&h=1969761&t=1589472951&k=98231aabc225c56398d4caab3958b6a1 Requested by Host: update-bankoamerica.com URL: http://update-bankoamerica.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:46d1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `601418b01dbf12d995051f558b9cb4c3811fb2691759f27d1cd5998bf9b5ba61` Request headers Referer http://update-bankoamerica.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers cf-ray 5c1dd7b04dc81f55-FRA pragma no-cache date Wed, 12 Aug 2020 23:05:41 GMT content-encoding br cf-cache-status DYNAMIC last-modified Wed, 12 Aug 2020 23:05:41 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding p3p CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" status 200 cache-control no-cache content-type application/javascript; charset=iso-8859-1 cf-request-id 048685222b00001f554f9d9200000001 expires Mon, 26 Jul 1997 05:00:00 GMT
GET H/1.1	200 OK	vipaa-v4-jawr-print.css update-bankoamerica.com/source/	10 KB 2 KB	325ms 287ms	Stylesheet text/css	31.170.161.16 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL http://update-bankoamerica.com/source/vipaa-v4-jawr-print.css Requested by Host: update-bankoamerica.com URL: http://update-bankoamerica.com/ Protocol HTTP/1.1 Server 31.170.161.16 , United States, ASN47583 (AS-HOSTINGER, LT), Reverse DNS Software LiteSpeed / Resource Hash `892981e91f766052cef3c087111050bf8396443882602cadd36b5963fdcd37be` Request headers Referer http://update-bankoamerica.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 12 Aug 2020 23:05:41 GMT Content-Encoding gzip Last-Modified Wed, 12 Aug 2020 22:52:11 GMT Server LiteSpeed Etag "271d-5f34729b-1dfaa62742b0b2e8;gz" Vary Accept-Encoding Content-Type text/css Cache-Control public, max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Content-Length 1213 Expires Fri, 11 Sep 2020 23:05:41 GMT
GET		fsd-secure-esp-sprite.png www.bankofamerica.com/pa/components/modules/header-module/2.8/graphic/	0 0

GET		error-large.gif www.bankofamerica.com/pa/components/modules-app/VIPAA/messaging-vipaa-module/1.0/graphic/	0 0

GET		gfootb-static-sprite.png www.bankofamerica.com/pa/components/modules/global-footer-module/2.5/graphic/	0 0

GET		gfoot-home-icon.png www.bankofamerica.com/pa/components/modules/global-footer-module/2.5/graphic/	0 0

GET H/1.1	200 OK	cnx-regular.woff update-bankoamerica.com/source/	37 KB 38 KB	320ms 319ms	Font application/font-woff	31.170.161.16 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL http://update-bankoamerica.com/source/cnx-regular.woff Requested by Host: update-bankoamerica.com URL: http://update-bankoamerica.com/ Protocol HTTP/1.1 Server 31.170.161.16 , United States, ASN47583 (AS-HOSTINGER, LT), Reverse DNS Software LiteSpeed / Resource Hash `1c1b1ebfcdafd18df832e97201c689f62c2667791ce18a2c08a8fc3002884957` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://update-bankoamerica.com/ Origin http://update-bankoamerica.com Response headers Date Wed, 12 Aug 2020 23:05:41 GMT Last-Modified Wed, 12 Aug 2020 22:52:11 GMT Server LiteSpeed Etag "954c-5f34729b-a5704b866c98eb6e;;;" Content-Type application/font-woff Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 38220 Expires Wed, 19 Aug 2020 23:05:41 GMT
GET H/1.1	200	ads Show response des.smartclip.net/	3 KB 2 KB	74ms 73ms	Script application/javascript	54.246.162.154 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://des.smartclip.net/ads?type=dyn&plc=75133&elementId=44ea2e90b2cdfd7bc177e53c3e7e877db57d31de&sz=400x320&rnd=37522778 Requested by Host: update-bankoamerica.com URL: http://update-bankoamerica.com/ Protocol HTTP/1.1 Server 54.246.162.154 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-246-162-154.eu-west-1.compute.amazonaws.com Software nginx/1.17.6 / Resource Hash `25d9594b54535dd4673fa98e1479a82d4c615251d2255129b2697065c0c093b0` Request headers Referer http://update-bankoamerica.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 12 Aug 2020 23:05:41 GMT Content-Encoding gzip Sc-Supply-Network 999999 Vary Accept-Encoding P3P CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Sc-Uuid 65300f14-21bc-428e-8eea-fe6aac76a022 Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Credentials true Content-Type application/javascript; charset=utf-8 Sc-Device-Type PC Server nginx/1.17.6
POST H/1.1	200 OK	Cookie set 607f6b0b381bbc1f64fa027d62891072_cookie.php hosting.miarroba.info/ Frame 4FCD	0 0	102ms 96ms	Document text/html	2606:4700:20::ac43:46d1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://hosting.miarroba.info/607f6b0b381bbc1f64fa027d62891072_cookie.php Requested by Host: update-bankoamerica.com URL: http://update-bankoamerica.com/ Protocol HTTP/1.1 Server 2606:4700:20::ac43:46d1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Host hosting.miarroba.info Connection keep-alive Content-Length 162 Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 Origin http://update-bankoamerica.com Content-Type application/x-www-form-urlencoded User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://update-bankoamerica.com/ Accept-Encoding gzip, deflate Accept-Language en-US Cookie __weslvu=1597273541 Upgrade-Insecure-Requests 1 Origin http://update-bankoamerica.com Content-Type application/x-www-form-urlencoded User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://update-bankoamerica.com/ Response headers Date Wed, 12 Aug 2020 23:05:41 GMT Content-Type text/html; charset=iso-8859-1 Transfer-Encoding chunked Connection keep-alive Set-Cookie __cfduid=d4574c01b457f074af69f1e4c50f3d66d1597273541; expires=Fri, 11-Sep-20 23:05:41 GMT; path=/; domain=.miarroba.info; HttpOnly; SameSite=Lax __weslvu=1597273541; expires=Thu, 13-Aug-2020 00:05:41 GMT; Max-Age=3600; path=/; domain=hosting.miarroba.info Vary Accept-Encoding CF-Cache-Status DYNAMIC cf-request-id 04868522dc00001f45b5bf7200000001 Server cloudflare CF-RAY 5c1dd7b16a241f45-FRA Content-Encoding gzip

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.bankofamerica.com
URL: https://www.bankofamerica.com/pa/components/modules/header-module/2.8/graphic/fsd-secure-esp-sprite.png

Domain: www.bankofamerica.com
URL: https://www.bankofamerica.com/pa/components/modules-app/VIPAA/messaging-vipaa-module/1.0/graphic/error-large.gif

Domain: www.bankofamerica.com
URL: https://www.bankofamerica.com/pa/components/modules/global-footer-module/2.5/graphic/gfootb-static-sprite.png

Domain: www.bankofamerica.com
URL: https://www.bankofamerica.com/pa/components/modules/global-footer-module/2.5/graphic/gfoot-home-icon.png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Bank of America (Banking)

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.smartclip-services.com
des.smartclip.net
hosting.miarroba.info
update-bankoamerica.com
www.bankofamerica.com
www.bankofamerica.com
130.61.96.156
2606:4700:20::ac43:46d1
31.170.161.16
54.246.162.154
08aecdcb635193130bc8d5095666e8d3dd713517e95ddfe0dff270b95279d75f
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0b5a4db2969bb082f04e519203c92b42130c2b201c12da01933793d61ff79c9d
1383d44d2e78e1202dceea184b622484d15813f71010294563462f641d7aa473
17f11c5ee427ea7075d675050f9e87001371223addbd927ab8b74d8d986b3311
1c1b1ebfcdafd18df832e97201c689f62c2667791ce18a2c08a8fc3002884957
25d9594b54535dd4673fa98e1479a82d4c615251d2255129b2697065c0c093b0
297b2188e8b8a5bd95bc5fea0996c0ac64bb6b500e1ff23001d881ccccebf7a5
30652cee5990b3b76f6cbf6f26362be9254dd62b4c6e6003c1127d1484573787
5348dc1a48ac3b8d64743434443324f4cd4ef8324f52db2e4ef874e001af1da8
5b6c387f199d2f2568a8f3d8a506f9f12970e9847e32ce682e47a45ab8a8c1b8
601418b01dbf12d995051f558b9cb4c3811fb2691759f27d1cd5998bf9b5ba61
6bb1d4b1b719488b9812d1fb67b41b03857eec8f4e0a4d46a8066574037d817a
892981e91f766052cef3c087111050bf8396443882602cadd36b5963fdcd37be
94a3f5c1801fd7529d4733e86f11ae5af5c665abddc3e12e5f01ee2178729bd3
b2b2f802c31015858ee5fbf1e248cd59e16d7267bf070a08f0c33f2e4a7fdb05
eabc6ab50d00fefc001538aaef8cf0076a42836d2c7283a7d5ee6cb062b83570

update-bankoamerica.com Open in urlscan Pro 31.170.161.16 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

25 Requests

12 %HTTPS

25 %IPv6

5 Domains

5 Subdomains

5 IPs

3 Countries

263 kBTransfer

877 kBSize

0 Cookies

0 Outgoing links

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

34 JavaScript Global Variables

0 Cookies

Indicators

update-bankoamerica.com Open in urlscan Pro
31.170.161.16 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

12 %
HTTPS

25 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

263 kB
Transfer

877 kB
Size

0
Cookies

25 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!