![](/screenshots/a2658a6d-8f7a-4bcd-a3a0-94fcce732f8e.png)
trying-toclone.surge.sh
Open in
urlscan Pro
159.203.159.100
Malicious Activity!
Public Scan
Submission: On July 24 via api from LU — Scanned from DE
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 19th 2024. Valid for: a year.
This is the only time trying-toclone.surge.sh was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Bank of America (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 159.203.159.100 159.203.159.100 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
17 | 192.229.233.230 192.229.233.230 | 15133 (EDGECAST) (EDGECAST) | |
1 | 34.199.195.55 34.199.195.55 | 14618 (AMAZON-AES) (AMAZON-AES) | |
24 | 4 |
ASN14061 (DIGITALOCEAN-ASN, US)
trying-toclone.surge.sh |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-195-55.compute-1.amazonaws.com
content-cdn.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
bac-assets.com
www1.bac-assets.com — Cisco Umbrella Rank: 310333 |
236 KB |
2 |
surge.sh
trying-toclone.surge.sh |
80 KB |
1 |
content-cdn.com
content-cdn.com — Cisco Umbrella Rank: 571126 |
183 B |
24 | 3 |
Domain | Requested by | |
---|---|---|
17 | www1.bac-assets.com |
trying-toclone.surge.sh
www1.bac-assets.com |
2 | trying-toclone.surge.sh |
trying-toclone.surge.sh
|
1 | content-cdn.com |
trying-toclone.surge.sh
|
24 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.sipc.org |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.surge.sh Sectigo RSA Domain Validation Secure Server CA |
2024-04-19 - 2025-05-18 |
a year | crt.sh |
www1.bac-assets.com Entrust Certification Authority - L1M |
2024-04-08 - 2025-05-08 |
a year | crt.sh |
content-cdn.com R10 |
2024-06-14 - 2024-09-12 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://trying-toclone.surge.sh/
Frame ID: EDB5D0E6BF035ECAA3B74424445650BE
Requests: 24 HTTP requests in this frame
Screenshot
![](/screenshots/a2658a6d-8f7a-4bcd-a3a0-94fcce732f8e.png)
Page Title
Bank of America - Banking, Credit Cards, Loans and Merrill InvestingDetected technologies
![](/vendor/wappa/icons/ZURB Foundation.png)
Detected patterns
- <div [^>]*class="[^"]*(?:small|medium|large)-\d{1,2} columns
![](/vendor/wappa/icons/RequireJS.png)
Detected patterns
- require.*\.js
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Member SIPC layer
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
24 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
trying-toclone.surge.sh/ |
563 KB 79 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
babel-polyfill.js
www1.bac-assets.com/homepage/spa-assets/components/utilities/platform/ |
97 KB 34 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
7acfcf42.css
www1.bac-assets.com/homepage/spa-assets/bundles/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
require.js
www1.bac-assets.com/homepage/spa-assets/components/utilities/vendor/require/2.2.0/js/ |
25 KB 8 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
auth.js
trying-toclone.surge.sh/ |
85 B 534 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
assets-images-global-logos-bac-logo-v2-CSX3648cbbb.svg
www1.bac-assets.com/homepage/spa-assets/images/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
assets-images-site-homepage-icons-get_app_interstitial_icon-CSXbef49635.svg
www1.bac-assets.com/homepage/spa-assets/images/ |
36 KB 14 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
assets-images-site-homepage-icons-get_app_interstitial_lock-CSX6d401b45.svg
www1.bac-assets.com/homepage/spa-assets/images/ |
587 B 429 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
assets-images-global-get-app-modal-Download_on_the_App_Store_Badge_US-UK_RGB_blk_092917-CSXd8fd3663.svg
www1.bac-assets.com/homepage/spa-assets/images/ |
7 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
assets-images-global-get-app-modal-google-play-badge-CSX89f9024.svg
www1.bac-assets.com/homepage/spa-assets/images/ |
5 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
assets-images-site-homepage-icons-calendar-CSXef62d939.svg
www1.bac-assets.com/homepage/spa-assets/images/ |
1 KB 717 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
assets-images-site-homepage-logos-new_merrill_desktop_logo-CSX5347e4ce.svg
www1.bac-assets.com/homepage/spa-assets/images/ |
6 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
assets-images-site-hp-assets-offers-consumer-merrill-en-rebrand-merrill-me_l1nav_ret_planning_3539686_e.webp
www1.bac-assets.com/homepage/spa-assets/images/ |
614 B 778 B |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
assets-images-site-homepage-sign-in-module-hp-url-example-CSX3e076ebf.png
www1.bac-assets.com/homepage/spa-assets/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
assets-images-site-homepage-news-life-services-yni_sec_phone_4657392_e-CSX8c7d2691.webp
www1.bac-assets.com/homepage/spa-assets/images/ |
88 KB 88 KB |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dWdnY2Y6Ly9nZWx2YXQtZ2JweWJhci5maGV0ci5mdS8=.gif
content-cdn.com/723/ |
42 B 183 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
assets-images-site-homepage-icons-colored-flagscape-v2-CSX4e4e3134.svg
www1.bac-assets.com/homepage/spa-assets/images/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
assets-images-site-homepage-news-new_erica-CSX703c053a.png
www1.bac-assets.com/homepage/spa-assets/images/ |
64 KB 64 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
assets-images-site-homepage-news-mb_yni_bb_3034668_1440-CSXe3b51fda.jpg
www1.bac-assets.com/homepage/spa-assets/images/ |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
assets-images-global-logos-icon-ehl-white-CSX189e8f4c.svg
www1.bac-assets.com/homepage/spa-assets/images/ |
380 B 395 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
6960ce2f.js
www1.bac-assets.com/homepage/spa-assets/bundles/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
e1d34f63.js
www1.bac-assets.com/homepage/spa-assets/bundles/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
10e4ad8.js
www1.bac-assets.com/homepage/spa-assets/bundles/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
assets-images-global-favicon-favicon-CSX8d65d6e4.ico
www1.bac-assets.com/homepage/spa-assets/images/ |
15 KB 2 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www1.bac-assets.com
- URL
- https://www1.bac-assets.com/homepage/spa-assets/bundles/7acfcf42.css
- Domain
- www1.bac-assets.com
- URL
- https://www1.bac-assets.com/homepage/spa-assets/bundles/6960ce2f.js
- Domain
- www1.bac-assets.com
- URL
- https://www1.bac-assets.com/homepage/spa-assets/bundles/e1d34f63.js
- Domain
- www1.bac-assets.com
- URL
- https://www1.bac-assets.com/homepage/spa-assets/bundles/10e4ad8.js
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Bank of America (Banking)20 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| digitalData object| nucleusSpartaProperties object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| createCSSBundleLink object| sparta function| requirejs function| require function| define object| theBody object| global object| spaParams function| onLoopReady object| spartaRequireLoop object| loopExecs object| required0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
content-cdn.com
trying-toclone.surge.sh
www1.bac-assets.com
www1.bac-assets.com
159.203.159.100
192.229.233.230
34.199.195.55
03b74e5c453f3a747cc73007570f2dc4d68c4071eb60ddfd384ec2d4f265c8e0
0ae2de68bda2fa22f32b9350b95ff62c402b43b18d2989be707f3e52e4c07f3b
1fb7690d7f2b1b600dbea5fbfce96198cae49ad0009fee412d96bc462a27eea9
2d9705dc449a9757f9b36ace6d7479eabcf2a90b210b400d49f7f8e7e4837d2e
36d949908df2e6067788cfc71a6f8d26baf2ef9a93e6a91a8377cb26d2ea8f6b
3c5226fd06e36fbd81095b575f04a9d154182bb975e2f0633ebf9ea44a62e543
3cea3b95b828471bea7705e1a7221843df5ce3d399438d64b4f927d11fdcc47d
3f1ea5c409c0d00088df9790fa7698929b4b8d242ec4372ab83fa8c3b969c692
46344c37451bf1505050f5ca9096e1d16686172250401bb04558f13eb5bb04f8
6d7ac293ab6a5f1f5bddc8d4e59602950fbfa5434d1b50e1a840eab9dd6b4b7c
79266c36aad7737b74bb1a73c53b99e51c2cda5f7e5ac1e9c5f6178e5181159d
7e6ce497138ce47d8ab66d70c46d245e1261d7f2d3f1db3556eec0ca1c82e2ec
8faba458d243f473199f2d36b2954c66bf34c3ba5dd22992cac7b0f650e09277
a108985f6e9a607d6e1b8cb294cdad7bffb288589c3f9fa3768b84763b0af94d
a1c28de478a88c957daebdfe824082696a3be976edb099dbe9c60b8070d925e4
adab1708b4b053c52d06be506c9630c44bb6a4b986d03344d3cf91997c9e6ad6
c90dbe69070de8b85da2a0d820d99cafce056ef64b3a4af14b4139095da0aa7a
d5bba1cae66759adfee0d50ab0419e6bb19a48f8c360e4be8e582ba75e7a1402
ddc2154c0d608206ff9c64e5acb6e38a3f153e8a9939d846763ddf701424456d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629