ssologon-prd.sm.bankofamerica.com
Open in
urlscan Pro
171.159.227.7
Public Scan
Effective URL: https://ssologon-prd.sm.bankofamerica.com/unauthorized/sso_login.fcc?TYPE=33554433&REALMOID=06-000cece4-668d-10a5-a7a1-c5baabc51086&GUID=&...
Submission: On December 19 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by Entrust Certification Authority - L1M on November 7th 2019. Valid for: a year.
This is the only time ssologon-prd.sm.bankofamerica.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 216.178.242.201 216.178.242.201 | 11303 (DATARETURN) (DATARETURN - MCI Communications Services) | |
1 1 | 171.159.226.35 171.159.226.35 | 10794 (BANKAMERICA) (BANKAMERICA - Bank of America) | |
1 8 | 171.159.227.7 171.159.227.7 | 10794 (BANKAMERICA) (BANKAMERICA - Bank of America) | |
8 | 2 |
ASN11303 (DATARETURN - MCI Communications Services, Inc. d/b/a Verizon Business, US)
mcoeorigin2.bankofamerica.com |
ASN10794 (BANKAMERICA - Bank of America, National Association, US)
fedsso.bankofamerica.com |
ASN10794 (BANKAMERICA - Bank of America, National Association, US)
ssologon-prd.sm.bankofamerica.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
bankofamerica.com
2 redirects
mcoeorigin2.bankofamerica.com fedsso.bankofamerica.com ssologon-prd.sm.bankofamerica.com |
75 KB |
8 | 1 |
Domain | Requested by | |
---|---|---|
8 | ssologon-prd.sm.bankofamerica.com |
1 redirects
mcoeorigin2.bankofamerica.com
ssologon-prd.sm.bankofamerica.com |
1 | fedsso.bankofamerica.com | 1 redirects |
1 | mcoeorigin2.bankofamerica.com | |
8 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
password.bankofamerica.com |
pns.bankofamerica.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
mcoe.bankofamerica.com Entrust Certification Authority - L1M |
2019-01-30 - 2020-01-30 |
a year | crt.sh |
ssologon-prd-rva.bankofamerica.com Entrust Certification Authority - L1M |
2019-11-07 - 2020-11-07 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://ssologon-prd.sm.bankofamerica.com/unauthorized/sso_login.fcc?TYPE=33554433&REALMOID=06-000cece4-668d-10a5-a7a1-c5baabc51086&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=$SM$kDrp6N0iE8S2fVFCGz6dIOYvylhMFqW%2fXkCTqtkamaLHivwXr0zE%2bAL9hLT6DKbY&TARGET=$SM$HTTPS%3a%2f%2fssologon-prd%2esm%2ebankofamerica%2ecom%2ffed%2fssologon%2ehtml%3fresumePath%3d$%2Fidp$%2FZ2wrL$%2FresumeSAML20$%2Fidp$%2FstartSSO%2eping
Frame ID: 66DB768C992E8425A29BE32604124E8E
Requests: 8 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://mcoeorigin2.bankofamerica.com/ Page URL
-
https://fedsso.bankofamerica.com/idp/startSSO.ping?PartnerSpId=McoeAuthor6Prod
HTTP 302
https://ssologon-prd.sm.bankofamerica.com/fed/ssologon.html?resumePath=%2Fidp%2FZ2wrL%2FresumeSAML20%2Fidp%2FstartSSO.... HTTP 302
https://ssologon-prd.sm.bankofamerica.com/unauthorized/sso_login.fcc?TYPE=33554433&REALMOID=06-000cece4-668d-10a5-a7a1... Page URL
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Click Here for registration instructions
Search URL Search Domain Scan URL
Title: Get Standard ID
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://mcoeorigin2.bankofamerica.com/ Page URL
-
https://fedsso.bankofamerica.com/idp/startSSO.ping?PartnerSpId=McoeAuthor6Prod
HTTP 302
https://ssologon-prd.sm.bankofamerica.com/fed/ssologon.html?resumePath=%2Fidp%2FZ2wrL%2FresumeSAML20%2Fidp%2FstartSSO.ping HTTP 302
https://ssologon-prd.sm.bankofamerica.com/unauthorized/sso_login.fcc?TYPE=33554433&REALMOID=06-000cece4-668d-10a5-a7a1-c5baabc51086&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=$SM$kDrp6N0iE8S2fVFCGz6dIOYvylhMFqW%2fXkCTqtkamaLHivwXr0zE%2bAL9hLT6DKbY&TARGET=$SM$HTTPS%3a%2f%2fssologon-prd%2esm%2ebankofamerica%2ecom%2ffed%2fssologon%2ehtml%3fresumePath%3d$%2Fidp$%2FZ2wrL$%2FresumeSAML20$%2Fidp$%2FstartSSO%2eping Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
8 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Cookie set
/
mcoeorigin2.bankofamerica.com/ |
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
sso_login.fcc
ssologon-prd.sm.bankofamerica.com/unauthorized/ Redirect Chain
|
8 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
common.js
ssologon-prd.sm.bankofamerica.com/unauthorized/ |
319 B 741 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
security.js
ssologon-prd.sm.bankofamerica.com/unauthorized/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
urlmunger.js
ssologon-prd.sm.bankofamerica.com/unauthorized/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.css
ssologon-prd.sm.bankofamerica.com/unauthorized/ |
7 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ssoBackgroundTall.jpg
ssologon-prd.sm.bankofamerica.com/unauthorized/images/ |
44 KB 44 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ssoTitleSSO.gif
ssologon-prd.sm.bankofamerica.com/unauthorized/images/ |
5 KB 6 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
22 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| includeCSSfile function| checkBasicXssCharsName function| checkForXssCharsInURL function| isSiteminderCookieValid function| doTrim function| isNumber function| envSpecificICP function| returnEnvSpecificICP function| implSecurity function| doTest function| errorMessage function| errorMessageMobile function| ValidateForm function| showHints function| showIDHint function| showpasswordHint object| ismobile function| checkbrowsersource function| handleEnter object| theBody2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
ssologon-prd.sm.bankofamerica.com/ | Name: TS01157efa Value: 0176872a98fcb43fa17bb2c2be72f9dc708310f12844bedee41eb5990577e863915e098fd9e80a851a33bdfe170c4601f3d569a2e5 |
|
ssologon-prd.sm.bankofamerica.com/ | Name: bac_persist Value: 2603136683.58430.0000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fedsso.bankofamerica.com
mcoeorigin2.bankofamerica.com
ssologon-prd.sm.bankofamerica.com
171.159.226.35
171.159.227.7
216.178.242.201
56fd78e6e4f6ade1c29af2c13b1f6fc954d74a1f9b714bf75a377fb97dc0ddcc
5f719b3c4ebf3d2c815795a1d6f408e500295dae5bd0feab44ca8de1381f4332
6165df0a84d64f75902c52e1f73da04208705f935f572a95dd818c83b7d46254
73d84e8c3faaeac55216473f074962d6d4527b51cdd2e3ec832d95c6b2ca3271
c3b5b815c46a872a15e3a4ed97155ba31c9cbb967e1cfe7ee2c13b3dfb9f1728
c770ac2cc834498ffeca563563dab32c6a97d66f55ec33e30d2af832dcc9f39d
e3f882db2ef93035a6b9cb36615614f3ed0b261fd5a4c2b73949cb76156650c8
efb581113a223be8e863e55bb71326d4a03f9127f0625afd1e36ece3a4bc38a1