www.debitactivate-starthelp.com Open in urlscan Pro
2606:4700::6810:f34e Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.debitactivate-starthelp.com/
Effective URL:
https://www.debitactivate-starthelp.com/login
Submission: On September 29 via automatic, source certstream-suspicious (September 29th 2022, 7:56:43 pm UTC) — Scanned from DE

Summary HTTP 20 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 20 HTTP transactions. The main IP is 2606:4700::6810:f34e, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.debitactivate-starthelp.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 29th 2022. Valid for: a year.

This is the only time www.debitactivate-starthelp.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Bank of America (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 16	2606:4700::68... 2606:4700::6810:f34e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	171.159.118.200 171.159.118.200	10794 (BANKAMERICA) (BANKAMERICA)
20	2

16 2606:4700::6810:f34e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.debitactivate-starthelp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 171.159.118.200 (United States)

ASN10794 (BANKAMERICA, US)

secure.bankofamerica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	debitactivate-starthelp.com 1 redirects www.debitactivate-starthelp.com	292 KB
5	bankofamerica.com secure.bankofamerica.com — Cisco Umbrella Rank: 11651	61 KB
20	2

	Domain	Requested by
16	www.debitactivate-starthelp.com	1 redirects www.debitactivate-starthelp.com
5	secure.bankofamerica.com	www.debitactivate-starthelp.com
20	2

This site contains links to these domains. Also see Links.

Domain
www.bankofamerica.com

Subject Issuer	Validity	Valid
www.debitactivate-starthelp.com Cloudflare Inc ECC CA-3	`2022-09-29` - `2023-09-28`	a year	crt.sh
secure.bankofamerica.com Entrust Certification Authority - L1M	`2022-06-27` - `2023-06-27`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.debitactivate-starthelp.com/login
Frame ID: 361FD809F0DA356BD3029C7A9DAC3B66
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bank of America | Online Banking | Log In | User ID

Page URL History Show full URLs

https://www.debitactivate-starthelp.com/ HTTP 307
https://www.debitactivate-starthelp.com/login Page URL

Page Statistics

20
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

353 kB
Transfer

1194 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.bankofamerica.com/online-banking/mobile-banking-apps.go
Title: Learn about your Banking by Phone options ››

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.debitactivate-starthelp.com/ HTTP 307
https://www.debitactivate-starthelp.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
www.debitactivate-starthelp.com/
Redirect Chain

https://www.debitactivate-starthelp.com/
https://www.debitactivate-starthelp.com/login

14 KB
4 KB

52ms
52ms

Document
text/html

2606:4700::6810:f34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.debitactivate-starthelp.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:f34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Next.js
Resource Hash: 39a8b95e8e1d955b740fe4806c094c4a457b86168b77c072ac25bd4a61e5beed

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private
cf-cache-status: MISS
cf-ray: 7527488188e16958-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 29 Sep 2022 19:56:38 GMT
server: cloudflare
vary: Accept-Encoding
x-do-app-origin: 55288099-a248-44bc-9b64-f90bb7d81ac7
x-do-orig-status: 200
x-powered-by: Next.js

Redirect headers

cache-control: private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: MISS
cf-ray: 7527488138346958-FRA
date: Thu, 29 Sep 2022 19:56:37 GMT
location: /login
server: cloudflare
vary: Accept-Encoding
x-do-app-origin: 55288099-a248-44bc-9b64-f90bb7d81ac7
x-do-orig-status: 307

GET
H2 200 20285528fc0664fd.css
www.debitactivate-starthelp.com/_next/static/css/ 465 KB
64 KB 63ms
62ms Stylesheet
text/css 2606:4700::6810:f34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.debitactivate-starthelp.com/_next/static/css/20285528fc0664fd.css
Requested by: Host: www.debitactivate-starthelp.com
URL: https://www.debitactivate-starthelp.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:f34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47706b3d3e8c19fa3ac752ec25a2a2a536d9025922c98cdafa85ec8a213223e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.debitactivate-starthelp.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 19:56:38 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: 55288099-a248-44bc-9b64-f90bb7d81ac7
x-do-orig-status: 200
etag: W/"74531-49773873e8"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 75274881d9916958-FRA

GET
H2 200 webpack-bb469f829a664d48.js Show response
www.debitactivate-starthelp.com/_next/static/chunks/ 2 KB
1 KB 41ms
41ms Script
application/javascript 2606:4700::6810:f34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.debitactivate-starthelp.com/_next/static/chunks/webpack-bb469f829a664d48.js
Requested by: Host: www.debitactivate-starthelp.com
URL: https://www.debitactivate-starthelp.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:f34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5dfe185409ff8cc0e73ea870cbefbcdac38297bbfa69c545686e536f7c51fa64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.debitactivate-starthelp.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 19:56:38 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: 55288099-a248-44bc-9b64-f90bb7d81ac7
x-do-orig-status: 200
etag: W/"891-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 75274881d9926958-FRA

GET
H2 200 framework-9b5d6ec4444c80fa.js Show response
www.debitactivate-starthelp.com/_next/static/chunks/ 138 KB
45 KB 74ms
71ms Script
application/javascript 2606:4700::6810:f34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.debitactivate-starthelp.com/_next/static/chunks/framework-9b5d6ec4444c80fa.js
Requested by: Host: www.debitactivate-starthelp.com
URL: https://www.debitactivate-starthelp.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:f34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1aee3a5f0c4b6735edff60d58f20a936ce11e5d4a36a5a76390aeda043ae4048

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.debitactivate-starthelp.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 19:56:38 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: 55288099-a248-44bc-9b64-f90bb7d81ac7
x-do-orig-status: 200
etag: W/"228c5-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 75274881f9ed6958-FRA

GET
H2 200 main-3123a443c688934f.js Show response
www.debitactivate-starthelp.com/_next/static/chunks/ 102 KB
31 KB 98ms
96ms Script
application/javascript 2606:4700::6810:f34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.debitactivate-starthelp.com/_next/static/chunks/main-3123a443c688934f.js
Requested by: Host: www.debitactivate-starthelp.com
URL: https://www.debitactivate-starthelp.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:f34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0eed4542b90a01be928023ec3dc7abed45c63ffc8067a496863ecef579d4af9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.debitactivate-starthelp.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 19:56:38 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: 55288099-a248-44bc-9b64-f90bb7d81ac7
x-do-orig-status: 200
etag: W/"199f6-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 75274881f9f46958-FRA

GET
H2 200 _app-20b73962947f98fc.js Show response
www.debitactivate-starthelp.com/_next/static/chunks/pages/ 1 KB
697 B 59ms
57ms Script
application/javascript 2606:4700::6810:f34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.debitactivate-starthelp.com/_next/static/chunks/pages/_app-20b73962947f98fc.js
Requested by: Host: www.debitactivate-starthelp.com
URL: https://www.debitactivate-starthelp.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:f34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c34151d923447a6c89471c6c94f630297651f6971391e2a9e43bb1995904dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.debitactivate-starthelp.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 19:56:38 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: 55288099-a248-44bc-9b64-f90bb7d81ac7
x-do-orig-status: 200
etag: W/"4e6-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 75274881f9f66958-FRA

GET
H2 200 378-7f91520e427c4e29.js Show response
www.debitactivate-starthelp.com/_next/static/chunks/ 44 KB
15 KB 66ms
64ms Script
application/javascript 2606:4700::6810:f34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.debitactivate-starthelp.com/_next/static/chunks/378-7f91520e427c4e29.js
Requested by: Host: www.debitactivate-starthelp.com
URL: https://www.debitactivate-starthelp.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:f34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 648c8ca970b06c87695f59b11c03246440c3bdd9a12b3e61a356d2057e3180fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.debitactivate-starthelp.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 19:56:38 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: 55288099-a248-44bc-9b64-f90bb7d81ac7
x-do-orig-status: 200
etag: W/"b13a-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 75274881f9f76958-FRA

GET
H2 200 107-8eb7cb37ed7e8331.js Show response
www.debitactivate-starthelp.com/_next/static/chunks/ 78 KB
27 KB 72ms
70ms Script
application/javascript 2606:4700::6810:f34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.debitactivate-starthelp.com/_next/static/chunks/107-8eb7cb37ed7e8331.js
Requested by: Host: www.debitactivate-starthelp.com
URL: https://www.debitactivate-starthelp.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:f34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19f368dc92da70f236d853c51baf78ce455f9893248ef03131b795e052ac0574

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.debitactivate-starthelp.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 19:56:38 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: 55288099-a248-44bc-9b64-f90bb7d81ac7
x-do-orig-status: 200
etag: W/"136f5-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 75274881f9f96958-FRA

GET
H2 200 443-62dd299028d36af5.js Show response
www.debitactivate-starthelp.com/_next/static/chunks/ 18 KB
7 KB 59ms
57ms Script
application/javascript 2606:4700::6810:f34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.debitactivate-starthelp.com/_next/static/chunks/443-62dd299028d36af5.js
Requested by: Host: www.debitactivate-starthelp.com
URL: https://www.debitactivate-starthelp.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:f34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dca7d358b9ba49b60befdb37a28ff4be77c5581efc284ab556a25ca3f7a0dc20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.debitactivate-starthelp.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 19:56:38 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: 55288099-a248-44bc-9b64-f90bb7d81ac7
x-do-orig-status: 200
etag: W/"4926-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 75274881f9fc6958-FRA

GET
H2 200 login-d48fa9eaa343cf33.js Show response
www.debitactivate-starthelp.com/_next/static/chunks/pages/ 214 KB
36 KB 73ms
72ms Script
application/javascript 2606:4700::6810:f34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.debitactivate-starthelp.com/_next/static/chunks/pages/login-d48fa9eaa343cf33.js
Requested by: Host: www.debitactivate-starthelp.com
URL: https://www.debitactivate-starthelp.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:f34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8cd5a6fcd15185a45ee4a2d2d7f3c2029c8061d1724649b95f2c368446b3c549

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.debitactivate-starthelp.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 19:56:38 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: 55288099-a248-44bc-9b64-f90bb7d81ac7
x-do-orig-status: 200
etag: W/"356e7-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 75274881f9fe6958-FRA

GET
H2 200 _buildManifest.js Show response
www.debitactivate-starthelp.com/_next/static/rWwCGPFlD-1KboF2AJ5Wg/ 2 KB
849 B 79ms
78ms Script
application/javascript 2606:4700::6810:f34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.debitactivate-starthelp.com/_next/static/rWwCGPFlD-1KboF2AJ5Wg/_buildManifest.js
Requested by: Host: www.debitactivate-starthelp.com
URL: https://www.debitactivate-starthelp.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:f34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dc58748968b0e0b67ceb1a3d2844e6c571a2b652fb81ae835d216d0f3fec0bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.debitactivate-starthelp.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 19:56:38 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: 55288099-a248-44bc-9b64-f90bb7d81ac7
x-do-orig-status: 200
etag: W/"87e-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 75274881fa006958-FRA

GET
H2 200 _ssgManifest.js Show response
www.debitactivate-starthelp.com/_next/static/rWwCGPFlD-1KboF2AJ5Wg/ 76 B
123 B 59ms
58ms Script
application/javascript 2606:4700::6810:f34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.debitactivate-starthelp.com/_next/static/rWwCGPFlD-1KboF2AJ5Wg/_ssgManifest.js
Requested by: Host: www.debitactivate-starthelp.com
URL: https://www.debitactivate-starthelp.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:f34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e182e3257a3b5564f7bfb9fb1c6a1e13f8f7c9a3fa0dd6e39ccf473ef8d4f960

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.debitactivate-starthelp.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 19:56:38 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: 55288099-a248-44bc-9b64-f90bb7d81ac7
x-do-orig-status: 200
etag: W/"4c-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 75274881fa036958-FRA

GET
H2 200 BofA_rgb.png
www.debitactivate-starthelp.com/images/ 38 KB
39 KB 59ms
58ms Image
image/png 2606:4700::6810:f34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.debitactivate-starthelp.com/images/BofA_rgb.png
Requested by: Host: www.debitactivate-starthelp.com
URL: https://www.debitactivate-starthelp.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:f34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30652cee5990b3b76f6cbf6f26362be9254dd62b4c6e6003c1127d1484573787

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.debitactivate-starthelp.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 19:56:38 GMT
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: 55288099-a248-44bc-9b64-f90bb7d81ac7
x-do-orig-status: 200
etag: W/"99fe-49773873e8"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 75274881fa046958-FRA
content-length: 39422

GET
H2 200 mobile_llama.png
www.debitactivate-starthelp.com/images/ 19 KB
19 KB 72ms
71ms Image
image/png 2606:4700::6810:f34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.debitactivate-starthelp.com/images/mobile_llama.png
Requested by: Host: www.debitactivate-starthelp.com
URL: https://www.debitactivate-starthelp.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:f34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6bb1d4b1b719488b9812d1fb67b41b03857eec8f4e0a4d46a8066574037d817a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.debitactivate-starthelp.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 19:56:38 GMT
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: 55288099-a248-44bc-9b64-f90bb7d81ac7
x-do-orig-status: 200
etag: W/"4adf-49773873e8"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 752748821a206958-FRA
content-length: 19167

GET
H2 404 aps-mobile-products-icon-sprite-dev.png
www.debitactivate-starthelp.com/content/images/ContextualSiteGraphics/Instructional/en_US/ 2 KB
2 KB 66ms
65ms Image
text/html 2606:4700::6810:f34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.debitactivate-starthelp.com/content/images/ContextualSiteGraphics/Instructional/en_US/aps-mobile-products-icon-sprite-dev.png
Requested by: Host: www.debitactivate-starthelp.com
URL: https://www.debitactivate-starthelp.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:f34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Next.js
Resource Hash: d9a6eb9d074ca7c9071479a96b646501d4fca854fabf21043e81cbda2cd6f35f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.debitactivate-starthelp.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 19:56:38 GMT
content-encoding: br
cf-cache-status: MISS
server: cloudflare
x-do-app-origin: 55288099-a248-44bc-9b64-f90bb7d81ac7
x-do-orig-status: 404
x-powered-by: Next.js
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: private
cf-ray: 752748827aee6958-FRA

GET
H/1.1 200
OK fsd-secure-esp-sprite.png
secure.bankofamerica.com/pa/components/modules/header-module/2.8/graphic/ 473 B
2 KB 804ms
98ms Image
image/png 171.159.118.200
BANKAMERICA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.bankofamerica.com/pa/components/modules/header-module/2.8/graphic/fsd-secure-esp-sprite.png

Requested by

Host: www.debitactivate-starthelp.com
URL: https://www.debitactivate-starthelp.com/_next/static/css/20285528fc0664fd.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

171.159.118.200 , United States, ASN10794 (BANKAMERICA, US),

Reverse DNS

Software

Resource Hash

8c37fb372596058d87dd9208541c49b020d0e840e4f3a5baa27d39be2dc70b01

Security Headers

Name

Value

Content-Security-Policy

script-src 'self' boa-api.arkoselabs.com *.bac-assets.com *.livelook.com *.livelook.net *.tiqcdn.com *.bankofamerica.com *.baml.com *.bofa.com *.ml.com *.merrill.com *.merrilledge.com *.mymerrill.com *.ustrust.com *.glance.net *.glancecdn.net *.myglance.net s3.amazonaws.com *.cobrowse.oraclecloud.com *.oraclecloud.com www.google-analytics.com *.convertro.com idsync.rlcdn.com *.coremetrics.com *.brightcove.net *.brightcove.com maps.googleapis.com www.paypalobjects.com anrdoezrs.com cj.dotomi.com cj.com cj.mplxtms.com emjcd.com mczbf.com sjwoe.com secure-cdn.mplxtms.com cdn.mplxtms.com 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https: data: blob: *.bac-assets.com *.bankofamerica.com *.livelook.com *.livelook.net *.glancecdn.net *.cobrowse.oraclecloud.com *.oraclecloud.com www.google-analytics.com *.convertro.com idsync.rlcdn.com 'unsafe-inline'; worker-src 'self' blob:;

Strict-Transport-Security

max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.debitactivate-starthelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: script-src 'self' boa-api.arkoselabs.com *.bac-assets.com *.livelook.com *.livelook.net *.tiqcdn.com *.bankofamerica.com *.baml.com *.bofa.com *.ml.com *.merrill.com *.merrilledge.com *.mymerrill.com *.ustrust.com *.glance.net *.glancecdn.net *.myglance.net s3.amazonaws.com *.cobrowse.oraclecloud.com *.oraclecloud.com www.google-analytics.com *.convertro.com idsync.rlcdn.com *.coremetrics.com *.brightcove.net *.brightcove.com maps.googleapis.com www.paypalobjects.com anrdoezrs.com cj.dotomi.com cj.com cj.mplxtms.com emjcd.com mczbf.com sjwoe.com secure-cdn.mplxtms.com cdn.mplxtms.com 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https: data: blob: *.bac-assets.com *.bankofamerica.com *.livelook.com *.livelook.net *.glancecdn.net *.cobrowse.oraclecloud.com *.oraclecloud.com www.google-analytics.com *.convertro.com idsync.rlcdn.com 'unsafe-inline'; worker-src 'self' blob:;
Date: Thu, 29 Sep 2022 19:56:38 GMT
Last-Modified: Tue, 16 Aug 2022 08:48:42 GMT
Age: 798
ETag: "1d9-5e657d0c8c396"
X-BOA-RequestID: YzVFVtBWd7N3rH1WpmMvVQAAATo
X-Serviced-By: g8xhzg73QjjzqNxb3UmeKQ==--n7BImw6wPTkM33JcEMv3pQ==
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=40, max=499
Content-Length: 473

GET
H/1.1 200
OK help-qm-fsd.png
secure.bankofamerica.com/pa/global-assets/1.0/graphic/ 3 KB
5 KB 804ms
98ms Image
image/png 171.159.118.200
BANKAMERICA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.bankofamerica.com/pa/global-assets/1.0/graphic/help-qm-fsd.png

Requested by

Host: www.debitactivate-starthelp.com
URL: https://www.debitactivate-starthelp.com/_next/static/css/20285528fc0664fd.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

171.159.118.200 , United States, ASN10794 (BANKAMERICA, US),

Reverse DNS

Software

Resource Hash

e1ac56ae25629e508f729b799d563d71920902a4cb26cf3bb602beb3e368775e

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.debitactivate-starthelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Content-Security-Policy: script-src 'self' boa-api.arkoselabs.com *.bac-assets.com *.livelook.com *.livelook.net *.tiqcdn.com *.bankofamerica.com *.baml.com *.bofa.com *.ml.com *.merrill.com *.merrilledge.com *.mymerrill.com *.ustrust.com *.glance.net *.glancecdn.net *.myglance.net s3.amazonaws.com *.cobrowse.oraclecloud.com *.oraclecloud.com www.google-analytics.com *.convertro.com idsync.rlcdn.com *.coremetrics.com *.brightcove.net *.brightcove.com maps.googleapis.com www.paypalobjects.com anrdoezrs.com cj.dotomi.com cj.com cj.mplxtms.com emjcd.com mczbf.com sjwoe.com secure-cdn.mplxtms.com cdn.mplxtms.com 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https: data: blob: *.bac-assets.com *.bankofamerica.com *.livelook.com *.livelook.net *.glancecdn.net *.cobrowse.oraclecloud.com *.oraclecloud.com www.google-analytics.com *.convertro.com idsync.rlcdn.com 'unsafe-inline'; worker-src 'self' blob:;
Date: Thu, 29 Sep 2022 19:56:38 GMT
Age: 279
X-BOA-RequestID: YzX3X7B5983CunEcj7Wz5AAAAe8
X-Serviced-By: xsXl6YYBwSwo+bmEu65Yrg==--sKgJBYnUCdZi1t0ui6V5bQ==
Connection: Keep-Alive
Content-Length: 3243
Last-Modified: Tue, 16 Aug 2022 09:03:59 GMT
ETag: "c94-5e658076c55d3"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Keep-Alive: timeout=40, max=457
Expires: Fri, 29 Sep 2023 19:52:00 GMT

GET
H/1.1 200
OK sign-in-sprite.png
secure.bankofamerica.com/pa/global-assets/1.0/graphic/ 3 KB
5 KB 821ms
102ms Image
image/png 171.159.118.200
BANKAMERICA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.bankofamerica.com/pa/global-assets/1.0/graphic/sign-in-sprite.png

Requested by

Host: www.debitactivate-starthelp.com
URL: https://www.debitactivate-starthelp.com/_next/static/css/20285528fc0664fd.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

171.159.118.200 , United States, ASN10794 (BANKAMERICA, US),

Reverse DNS

Software

Resource Hash

2a1b1589e316d02ab75481e7aa88c9975afd2e87f17982fb6d38b6ebe2425a4c

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.debitactivate-starthelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Content-Security-Policy: script-src 'self' boa-api.arkoselabs.com *.bac-assets.com *.livelook.com *.livelook.net *.tiqcdn.com *.bankofamerica.com *.baml.com *.bofa.com *.ml.com *.merrill.com *.merrilledge.com *.mymerrill.com *.ustrust.com *.glance.net *.glancecdn.net *.myglance.net s3.amazonaws.com *.cobrowse.oraclecloud.com *.oraclecloud.com www.google-analytics.com *.convertro.com idsync.rlcdn.com *.coremetrics.com *.brightcove.net *.brightcove.com maps.googleapis.com www.paypalobjects.com anrdoezrs.com cj.dotomi.com cj.com cj.mplxtms.com emjcd.com mczbf.com sjwoe.com secure-cdn.mplxtms.com cdn.mplxtms.com 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https: data: blob: *.bac-assets.com *.bankofamerica.com *.livelook.com *.livelook.net *.glancecdn.net *.cobrowse.oraclecloud.com *.oraclecloud.com www.google-analytics.com *.convertro.com idsync.rlcdn.com 'unsafe-inline'; worker-src 'self' blob:;
Date: Thu, 29 Sep 2022 19:56:38 GMT
Age: 63
X-BOA-RequestID: YzRKuqSrzzRgkWbMPSRa_gAAAOc
X-Serviced-By: 1G0Ed+46LVdKk17gH2JnDw==--cSncBxP2IlXx61Pc/LL19Q==
Connection: Keep-Alive
Content-Length: 3142
Last-Modified: Tue, 16 Aug 2022 09:04:08 GMT
ETag: "c2f-5e65807f90d15"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Keep-Alive: timeout=40, max=459
Expires: Fri, 29 Sep 2023 19:55:36 GMT

GET
H/1.1 200
OK gfootb-static-sprite.png
secure.bankofamerica.com/pa/components/modules/global-footer-module/2.5/graphic/ 48 KB
49 KB 972ms
221ms Image
image/png 171.159.118.200
BANKAMERICA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.bankofamerica.com/pa/components/modules/global-footer-module/2.5/graphic/gfootb-static-sprite.png

Requested by

Host: www.debitactivate-starthelp.com
URL: https://www.debitactivate-starthelp.com/_next/static/css/20285528fc0664fd.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

171.159.118.200 , United States, ASN10794 (BANKAMERICA, US),

Reverse DNS

Software

Resource Hash

ca3205c6a4eecfd67ad990b62b10e19f601230a2a5b2791676089e82836763f4

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.debitactivate-starthelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: script-src 'self' boa-api.arkoselabs.com *.bac-assets.com *.livelook.com *.livelook.net *.tiqcdn.com *.bankofamerica.com *.baml.com *.bofa.com *.ml.com *.merrill.com *.merrilledge.com *.mymerrill.com *.ustrust.com *.glance.net *.glancecdn.net *.myglance.net s3.amazonaws.com *.cobrowse.oraclecloud.com *.oraclecloud.com www.google-analytics.com *.convertro.com idsync.rlcdn.com *.coremetrics.com *.brightcove.net *.brightcove.com maps.googleapis.com www.paypalobjects.com anrdoezrs.com cj.dotomi.com cj.com cj.mplxtms.com emjcd.com mczbf.com sjwoe.com secure-cdn.mplxtms.com cdn.mplxtms.com 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https: data: blob: *.bac-assets.com *.bankofamerica.com *.livelook.com *.livelook.net *.glancecdn.net *.cobrowse.oraclecloud.com *.oraclecloud.com www.google-analytics.com *.convertro.com idsync.rlcdn.com 'unsafe-inline'; worker-src 'self' blob:;
Date: Thu, 29 Sep 2022 19:56:39 GMT
Last-Modified: Tue, 16 Aug 2022 08:47:38 GMT
Age: 805
ETag: "be1b-5e657ccf790c0"
X-BOA-RequestID: YzR8s280HUsSetr2rLMKOAAAAK8
X-Serviced-By: yenR36+0EiK6iGwKzPQT9A==--n7BImw6wPTkM33JcEMv3pQ==
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=40, max=463
Content-Length: 48667

GET
H/1.1 200
OK gfoot-home-icon.png
secure.bankofamerica.com/pa/components/modules/global-footer-module/2.5/graphic/ 144 B
1 KB 862ms
110ms Image
image/png 171.159.118.200
BANKAMERICA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.bankofamerica.com/pa/components/modules/global-footer-module/2.5/graphic/gfoot-home-icon.png

Requested by

Host: www.debitactivate-starthelp.com
URL: https://www.debitactivate-starthelp.com/_next/static/css/20285528fc0664fd.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

171.159.118.200 , United States, ASN10794 (BANKAMERICA, US),

Reverse DNS

Software

Resource Hash

a8bc6337547a246ef75d1ae66d7ec8a0ed6171c1ba49804a403124e27c8e8452

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.debitactivate-starthelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: script-src 'self' boa-api.arkoselabs.com *.bac-assets.com *.livelook.com *.livelook.net *.tiqcdn.com *.bankofamerica.com *.baml.com *.bofa.com *.ml.com *.merrill.com *.merrilledge.com *.mymerrill.com *.ustrust.com *.glance.net *.glancecdn.net *.myglance.net s3.amazonaws.com *.cobrowse.oraclecloud.com *.oraclecloud.com www.google-analytics.com *.convertro.com idsync.rlcdn.com *.coremetrics.com *.brightcove.net *.brightcove.com maps.googleapis.com www.paypalobjects.com anrdoezrs.com cj.dotomi.com cj.com cj.mplxtms.com emjcd.com mczbf.com sjwoe.com secure-cdn.mplxtms.com cdn.mplxtms.com 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https: data: blob: *.bac-assets.com *.bankofamerica.com *.livelook.com *.livelook.net *.glancecdn.net *.cobrowse.oraclecloud.com *.oraclecloud.com www.google-analytics.com *.convertro.com idsync.rlcdn.com 'unsafe-inline'; worker-src 'self' blob:;
Date: Thu, 29 Sep 2022 19:56:39 GMT
Last-Modified: Tue, 16 Aug 2022 08:47:37 GMT
Age: 27
ETag: "90-5e657cce98aed"
X-BOA-RequestID: YzOa32LPuudfY6D5AStO7QAAAdI
X-Serviced-By: 35azveTP0hvW2ZEhTDzh1A==--DszZ8KF0NMqbPd6c2Ule3w==
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=40, max=471
Content-Length: 144

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Bank of America (Banking)

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.debitactivate-starthelp.com/content/images/ContextualSiteGraphics/Instructional/en_US/aps-mobile-products-icon-sprite-dev.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

secure.bankofamerica.com
www.debitactivate-starthelp.com
171.159.118.200
2606:4700::6810:f34e
0c34151d923447a6c89471c6c94f630297651f6971391e2a9e43bb1995904dd5
0eed4542b90a01be928023ec3dc7abed45c63ffc8067a496863ecef579d4af9f
19f368dc92da70f236d853c51baf78ce455f9893248ef03131b795e052ac0574
1aee3a5f0c4b6735edff60d58f20a936ce11e5d4a36a5a76390aeda043ae4048
2a1b1589e316d02ab75481e7aa88c9975afd2e87f17982fb6d38b6ebe2425a4c
30652cee5990b3b76f6cbf6f26362be9254dd62b4c6e6003c1127d1484573787
39a8b95e8e1d955b740fe4806c094c4a457b86168b77c072ac25bd4a61e5beed
47706b3d3e8c19fa3ac752ec25a2a2a536d9025922c98cdafa85ec8a213223e6
5dfe185409ff8cc0e73ea870cbefbcdac38297bbfa69c545686e536f7c51fa64
648c8ca970b06c87695f59b11c03246440c3bdd9a12b3e61a356d2057e3180fc
6bb1d4b1b719488b9812d1fb67b41b03857eec8f4e0a4d46a8066574037d817a
8c37fb372596058d87dd9208541c49b020d0e840e4f3a5baa27d39be2dc70b01
8cd5a6fcd15185a45ee4a2d2d7f3c2029c8061d1724649b95f2c368446b3c549
8dc58748968b0e0b67ceb1a3d2844e6c571a2b652fb81ae835d216d0f3fec0bc
a8bc6337547a246ef75d1ae66d7ec8a0ed6171c1ba49804a403124e27c8e8452
ca3205c6a4eecfd67ad990b62b10e19f601230a2a5b2791676089e82836763f4
d9a6eb9d074ca7c9071479a96b646501d4fca854fabf21043e81cbda2cd6f35f
dca7d358b9ba49b60befdb37a28ff4be77c5581efc284ab556a25ca3f7a0dc20
e182e3257a3b5564f7bfb9fb1c6a1e13f8f7c9a3fa0dd6e39ccf473ef8d4f960
e1ac56ae25629e508f729b799d563d71920902a4cb26cf3bb602beb3e368775e

www.debitactivate-starthelp.com Open in urlscan Pro 2606:4700::6810:f34e Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

20 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

353 kBTransfer

1194 kBSize

0 Cookies

1 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

20 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

www.debitactivate-starthelp.com Open in urlscan Pro
2606:4700::6810:f34e Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

353 kB
Transfer

1194 kB
Size

0
Cookies

20 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!