trying-toclone.surge.sh Open in urlscan Pro
159.203.159.100  Malicious Activity! Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response trying-toclone.surge.sh/	563 KB 79 KB	1094ms 139ms	Document text/html	159.203.159.100 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://trying-toclone.surge.sh/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.203.159.100 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Surge / Resource Hash 3cea3b95b828471bea7705e1a7221843df5ce3d399438d64b4f927d11fdcc47d Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36 Response headers Accept-Ranges bytes Age 31541435 Cache-Control public, max-age=0, must-revalidate Connection close Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Wed, 24 Jul 2024 15:11:16 GMT ETag "3cea3b95b828471bea7705e1a7221843df5ce3d399438d64b4f927d11fdcc47d" Response-Time 14ms Server Surge Surge-Cache HIT Surge-Stamp 1111::1690289871463-f74b9ad4e9b0c344278f8e53d9fa260a Transfer-Encoding chunked Vary Accept-Encoding
GET H2	200	babel-polyfill.js Show response www1.bac-assets.com/homepage/spa-assets/components/utilities/platform/	97 KB 34 KB	500ms 56ms	Script application/x-javascript	192.229.233.230 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://www1.bac-assets.com/homepage/spa-assets/components/utilities/platform/babel-polyfill.js Requested by Host: trying-toclone.surge.sh URL: https://trying-toclone.surge.sh/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.233.230 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/67D3) / Resource Hash a108985f6e9a607d6e1b8cb294cdad7bffb288589c3f9fa3768b84763b0af94d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://trying-toclone.surge.sh/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36 Response headers date Wed, 24 Jul 2024 15:11:17 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000 age 5197378 x-boa-requestid ZlHLU5I4ai_cZbex7hp_GgAAAAQ x-cache HIT content-length 34250 last-modified Fri, 26 Jan 2024 01:13:59 GMT server ECS (frb/67D3) etag "183fe-60fcf02c640e3" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/x-javascript cache-control max-age=31536000, public accept-ranges bytes expires Thu, 24 Jul 2025 15:11:17 GMT
GET		7acfcf42.css www1.bac-assets.com/homepage/spa-assets/bundles/	0 0
GET H2	200	require.js Show response www1.bac-assets.com/homepage/spa-assets/components/utilities/vendor/require/2.2.0/js/	25 KB 8 KB	499ms 56ms	Script application/x-javascript	192.229.233.230 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://www1.bac-assets.com/homepage/spa-assets/components/utilities/vendor/require/2.2.0/js/require.js Requested by Host: trying-toclone.surge.sh URL: https://trying-toclone.surge.sh/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.233.230 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/668D) / Resource Hash adab1708b4b053c52d06be506c9630c44bb6a4b986d03344d3cf91997c9e6ad6 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://trying-toclone.surge.sh/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36 Response headers date Wed, 24 Jul 2024 15:11:17 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000 age 1674138 x-boa-requestid ZoeN-zDRYOQL_w2IBVk4XgAAAhA x-cache HIT content-length 7899 last-modified Fri, 26 Jan 2024 01:13:59 GMT server ECS (frb/668D) etag "6570-60fcf02c811bd" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/x-javascript cache-control max-age=31536000, public accept-ranges bytes expires Thu, 24 Jul 2025 15:11:17 GMT
GET H/1.1	200 OK	auth.js Show response trying-toclone.surge.sh/	85 B 534 B	1300ms 456ms	Script application/javascript	159.203.159.100 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://trying-toclone.surge.sh/auth.js Requested by Host: trying-toclone.surge.sh URL: https://trying-toclone.surge.sh/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.203.159.100 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Surge / Resource Hash 0ae2de68bda2fa22f32b9350b95ff62c402b43b18d2989be707f3e52e4c07f3b Request headers Referer https://trying-toclone.surge.sh/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36 Response headers Date Wed, 24 Jul 2024 15:11:18 GMT Surge-Stamp 1082::1690289871463-4f8875817e3de03a532307a6235bf6fe Server Surge Age 0 ETag "0ae2de68bda2fa22f32b9350b95ff62c402b43b18d2989be707f3e52e4c07f3b" Vary Accept-Encoding Content-Type application/javascript; charset=UTF-8 Response-Time 339ms Cache-Control public, max-age=0, must-revalidate Connection close Accept-Ranges bytes Content-Length 85 Surge-Cache MISS
GET H2	200	assets-images-global-logos-bac-logo-v2-CSX3648cbbb.svg www1.bac-assets.com/homepage/spa-assets/images/	3 KB 2 KB	499ms 56ms	Image image/svg+xml	192.229.233.230 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://www1.bac-assets.com/homepage/spa-assets/images/assets-images-global-logos-bac-logo-v2-CSX3648cbbb.svg Requested by Host: trying-toclone.surge.sh URL: https://trying-toclone.surge.sh/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.233.230 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/6712) / Resource Hash 7e6ce497138ce47d8ab66d70c46d245e1261d7f2d3f1db3556eec0ca1c82e2ec Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://trying-toclone.surge.sh/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36 Response headers date Wed, 24 Jul 2024 15:11:17 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000 age 5484365 x-boa-requestid Zk1qSLkG4EMX0Opo1qNTwwAAAWM x-cache HIT content-length 1604 last-modified Fri, 15 Mar 2019 14:29:29 GMT server ECS (frb/6712) etag "d90-58422ddd48440" vary Accept-Encoding x-frame-options SAMEORIGIN content-type image/svg+xml cache-control max-age=26920000, public accept-ranges bytes expires Thu, 24 Jul 2025 15:11:17 GMT
GET H2	200	assets-images-site-homepage-icons-get_app_interstitial_icon-CSXbef49635.svg www1.bac-assets.com/homepage/spa-assets/images/	36 KB 14 KB	530ms 87ms	Image image/svg+xml	192.229.233.230 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://www1.bac-assets.com/homepage/spa-assets/images/assets-images-site-homepage-icons-get_app_interstitial_icon-CSXbef49635.svg Requested by Host: trying-toclone.surge.sh URL: https://trying-toclone.surge.sh/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.233.230 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/668A) / Resource Hash ddc2154c0d608206ff9c64e5acb6e38a3f153e8a9939d846763ddf701424456d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://trying-toclone.surge.sh/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36 Response headers date Wed, 24 Jul 2024 15:11:17 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000 age 5484365 x-boa-requestid Zk1qSBDjngcO-7ThoBAOcwAAASU x-cache HIT content-length 14111 last-modified Fri, 18 May 2018 14:59:45 GMT server ECS (frb/668A) etag "90c6-56c7c33d69a40" vary Accept-Encoding x-frame-options SAMEORIGIN content-type image/svg+xml cache-control max-age=26920000, public accept-ranges bytes expires Thu, 24 Jul 2025 15:11:17 GMT
GET H2	200	assets-images-site-homepage-icons-get_app_interstitial_lock-CSX6d401b45.svg www1.bac-assets.com/homepage/spa-assets/images/	587 B 429 B	44ms 25ms	Image image/svg+xml	192.229.233.230 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://www1.bac-assets.com/homepage/spa-assets/images/assets-images-site-homepage-icons-get_app_interstitial_lock-CSX6d401b45.svg Requested by Host: trying-toclone.surge.sh URL: https://trying-toclone.surge.sh/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.233.230 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/6760) / Resource Hash 46344c37451bf1505050f5ca9096e1d16686172250401bb04558f13eb5bb04f8 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://trying-toclone.surge.sh/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36 Response headers date Wed, 24 Jul 2024 15:11:17 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000 age 5484365 x-boa-requestid Zk1qSCLFiUuBhynuEtNrSAAAARo x-cache HIT content-length 326 last-modified Fri, 18 May 2018 14:59:45 GMT server ECS (frb/6760) etag "24b-56c7c33d69a40" vary Accept-Encoding x-frame-options SAMEORIGIN content-type image/svg+xml cache-control max-age=26920000, public accept-ranges bytes expires Thu, 24 Jul 2025 15:11:17 GMT
GET H2	200	assets-images-global-get-app-modal-Download_on_the_App_Store_Badge_US-UK_RGB_blk_092917-CSXd8fd3663.svg www1.bac-assets.com/homepage/spa-assets/images/	7 KB 3 KB	27ms 27ms	Image image/svg+xml	192.229.233.230 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://www1.bac-assets.com/homepage/spa-assets/images/assets-images-global-get-app-modal-Download_on_the_App_Store_Badge_US-UK_RGB_blk_092917-CSXd8fd3663.svg Requested by Host: trying-toclone.surge.sh URL: https://trying-toclone.surge.sh/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.233.230 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/6711) / Resource Hash 3f1ea5c409c0d00088df9790fa7698929b4b8d242ec4372ab83fa8c3b969c692 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://trying-toclone.surge.sh/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36 Response headers date Wed, 24 Jul 2024 15:11:17 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000 age 5484365 x-boa-requestid Zk1qSJOtwe4uSNt8Qnuq7QAAAS8 x-cache HIT content-length 2916 last-modified Fri, 18 May 2018 14:59:45 GMT server ECS (frb/6711) etag "1c96-56c7c33d69a40" vary Accept-Encoding x-frame-options SAMEORIGIN content-type image/svg+xml cache-control max-age=26920000, public accept-ranges bytes expires Thu, 24 Jul 2025 15:11:17 GMT
GET H2	200	assets-images-global-get-app-modal-google-play-badge-CSX89f9024.svg www1.bac-assets.com/homepage/spa-assets/images/	5 KB 2 KB	260ms 259ms	Image image/svg+xml	192.229.233.230 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://www1.bac-assets.com/homepage/spa-assets/images/assets-images-global-get-app-modal-google-play-badge-CSX89f9024.svg Requested by Host: trying-toclone.surge.sh URL: https://trying-toclone.surge.sh/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.233.230 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/6795) / Resource Hash 1fb7690d7f2b1b600dbea5fbfce96198cae49ad0009fee412d96bc462a27eea9 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://trying-toclone.surge.sh/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36 Response headers date Wed, 24 Jul 2024 15:11:18 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000 age 5484366 x-boa-requestid Zk1qSGHu2b8Zddp5CsGRkgAAATw x-cache HIT content-length 1841 last-modified Fri, 18 May 2018 14:59:45 GMT server ECS (frb/6795) etag "1381-56c7c33d69a40" vary Accept-Encoding x-frame-options SAMEORIGIN content-type image/svg+xml cache-control max-age=26920000, public accept-ranges bytes expires Thu, 24 Jul 2025 15:11:18 GMT
GET H2	200	assets-images-site-homepage-icons-calendar-CSXef62d939.svg www1.bac-assets.com/homepage/spa-assets/images/	1 KB 717 B	28ms 28ms	Image image/svg+xml	192.229.233.230 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://www1.bac-assets.com/homepage/spa-assets/images/assets-images-site-homepage-icons-calendar-CSXef62d939.svg Requested by Host: trying-toclone.surge.sh URL: https://trying-toclone.surge.sh/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.233.230 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/67DF) / Resource Hash 79266c36aad7737b74bb1a73c53b99e51c2cda5f7e5ac1e9c5f6178e5181159d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://trying-toclone.surge.sh/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36 Response headers date Wed, 24 Jul 2024 15:11:18 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000 age 5484366 x-boa-requestid Zk1qSRDjngcO-7ThoBAOdgAAAW8 x-cache HIT content-length 590 last-modified Thu, 05 Apr 2018 17:15:06 GMT server ECS (frb/67DF) etag "4a7-5691d14b61a80" vary Accept-Encoding x-frame-options SAMEORIGIN content-type image/svg+xml cache-control max-age=26920000, public accept-ranges bytes expires Thu, 24 Jul 2025 15:11:18 GMT
GET H2	200	assets-images-site-homepage-logos-new_merrill_desktop_logo-CSX5347e4ce.svg www1.bac-assets.com/homepage/spa-assets/images/	6 KB 2 KB	29ms 29ms	Image image/svg+xml	192.229.233.230 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://www1.bac-assets.com/homepage/spa-assets/images/assets-images-site-homepage-logos-new_merrill_desktop_logo-CSX5347e4ce.svg Requested by Host: trying-toclone.surge.sh URL: https://trying-toclone.surge.sh/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.233.230 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/674D) / Resource Hash 2d9705dc449a9757f9b36ace6d7479eabcf2a90b210b400d49f7f8e7e4837d2e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://trying-toclone.surge.sh/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36 Response headers date Wed, 24 Jul 2024 15:11:18 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000 age 5484363 x-boa-requestid Zk1qS7kG4EMX0Opo1qNT0QAAAWg x-cache HIT content-length 2243 last-modified Wed, 19 Jun 2019 01:25:59 GMT server ECS (frb/674D) etag "169f-58ba31c94d7c0" vary Accept-Encoding x-frame-options SAMEORIGIN content-type image/svg+xml cache-control max-age=26920000, public accept-ranges bytes expires Thu, 24 Jul 2025 15:11:18 GMT
GET H2	200	assets-images-site-hp-assets-offers-consumer-merrill-en-rebrand-merrill-me_l1nav_ret_planning_3539686_e.webp www1.bac-assets.com/homepage/spa-assets/images/	614 B 778 B	33ms 26ms	Image application/octet-stream	192.229.233.230 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://www1.bac-assets.com/homepage/spa-assets/images/assets-images-site-hp-assets-offers-consumer-merrill-en-rebrand-merrill-me_l1nav_ret_planning_3539686_e.webp Requested by Host: trying-toclone.surge.sh URL: https://trying-toclone.surge.sh/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.233.230 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/669F) / Resource Hash 8faba458d243f473199f2d36b2954c66bf34c3ba5dd22992cac7b0f650e09277 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://trying-toclone.surge.sh/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36 Response headers date Wed, 24 Jul 2024 15:11:18 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Tue, 18 May 2021 00:04:10 GMT server ECS (frb/669F) age 5484363 etag "266-5c28f731676b6" x-boa-requestid Zk1qSxDjngcO-7ThoBAOfwAAARE x-frame-options SAMEORIGIN x-cache HIT content-type application/octet-stream cache-control max-age=26920000, public accept-ranges bytes content-length 614 expires Wed, 24 Jul 2024 15:11:19 GMT
GET H2	200	assets-images-site-homepage-sign-in-module-hp-url-example-CSX3e076ebf.png www1.bac-assets.com/homepage/spa-assets/images/	4 KB 4 KB	29ms 28ms	Image image/png	192.229.233.230 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://www1.bac-assets.com/homepage/spa-assets/images/assets-images-site-homepage-sign-in-module-hp-url-example-CSX3e076ebf.png Requested by Host: trying-toclone.surge.sh URL: https://trying-toclone.surge.sh/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.233.230 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/6713) / Resource Hash 6d7ac293ab6a5f1f5bddc8d4e59602950fbfa5434d1b50e1a840eab9dd6b4b7c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://trying-toclone.surge.sh/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36 Response headers date Wed, 24 Jul 2024 15:11:18 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Mon, 04 Dec 2017 16:09:25 GMT server ECS (frb/6713) age 5484363 etag "1006-55f85f12b7740" x-boa-requestid Zk1qTDZHLrNSFtUcYv_ScgAAAU8 x-frame-options SAMEORIGIN x-cache HIT content-type image/png cache-control max-age=26920000, public accept-ranges bytes content-length 4102 expires Thu, 24 Jul 2025 15:11:18 GMT
GET H2	200	assets-images-site-homepage-news-life-services-yni_sec_phone_4657392_e-CSX8c7d2691.webp www1.bac-assets.com/homepage/spa-assets/images/	88 KB 88 KB	27ms 27ms	Image application/octet-stream	192.229.233.230 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://www1.bac-assets.com/homepage/spa-assets/images/assets-images-site-homepage-news-life-services-yni_sec_phone_4657392_e-CSX8c7d2691.webp Requested by Host: trying-toclone.surge.sh URL: https://trying-toclone.surge.sh/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.233.230 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/6763) / Resource Hash 03b74e5c453f3a747cc73007570f2dc4d68c4071eb60ddfd384ec2d4f265c8e0 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://trying-toclone.surge.sh/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36 Response headers date Wed, 24 Jul 2024 15:11:18 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Thu, 09 May 2024 00:07:12 GMT server ECS (frb/6763) age 5484362 etag "15f92-617fa337486f5" x-boa-requestid Zk1qTPOtREgsQcsJpoRVqgAAARc x-frame-options SAMEORIGIN x-cache HIT content-type application/octet-stream cache-control max-age=26920000, public accept-ranges bytes content-length 90002 expires Wed, 24 Jul 2024 15:11:19 GMT
GET H2	200	dWdnY2Y6Ly9nZWx2YXQtZ2JweWJhci5maGV0ci5mdS8=.gif content-cdn.com/723/	42 B 183 B	378ms 123ms	Image image/gif	34.199.195.55 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://content-cdn.com/723/dWdnY2Y6Ly9nZWx2YXQtZ2JweWJhci5maGV0ci5mdS8=.gif Requested by Host: trying-toclone.surge.sh URL: https://trying-toclone.surge.sh/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.199.195.55 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-199-195-55.compute-1.amazonaws.com Software envoy / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://trying-toclone.surge.sh/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36 Response headers date Wed, 24 Jul 2024 15:11:19 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-envoy-upstream-service-time 1 server envoy content-length 42 vary Origin content-type image/gif
GET H2	200	assets-images-site-homepage-icons-colored-flagscape-v2-CSX4e4e3134.svg www1.bac-assets.com/homepage/spa-assets/images/	2 KB 1 KB	26ms 26ms	Image image/svg+xml	192.229.233.230 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://www1.bac-assets.com/homepage/spa-assets/images/assets-images-site-homepage-icons-colored-flagscape-v2-CSX4e4e3134.svg Requested by Host: trying-toclone.surge.sh URL: https://trying-toclone.surge.sh/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.233.230 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/67AA) / Resource Hash 3c5226fd06e36fbd81095b575f04a9d154182bb975e2f0633ebf9ea44a62e543 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://trying-toclone.surge.sh/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36 Response headers date Wed, 24 Jul 2024 15:11:18 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000 age 5484362 x-boa-requestid Zk1qTP3RcjOo4zz4urc_XAAAABs x-cache HIT content-length 960 last-modified Fri, 15 Mar 2019 14:29:29 GMT server ECS (frb/67AA) etag "83a-58422ddd48440" vary Accept-Encoding x-frame-options SAMEORIGIN content-type image/svg+xml cache-control max-age=26920000, public accept-ranges bytes expires Thu, 24 Jul 2025 15:11:18 GMT
GET H2	200	assets-images-site-homepage-news-new_erica-CSX703c053a.png www1.bac-assets.com/homepage/spa-assets/images/	64 KB 64 KB	31ms 30ms	Image image/png	192.229.233.230 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://www1.bac-assets.com/homepage/spa-assets/images/assets-images-site-homepage-news-new_erica-CSX703c053a.png Requested by Host: trying-toclone.surge.sh URL: https://trying-toclone.surge.sh/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.233.230 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/6772) / Resource Hash a1c28de478a88c957daebdfe824082696a3be976edb099dbe9c60b8070d925e4 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://trying-toclone.surge.sh/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36 Response headers date Wed, 24 Jul 2024 15:11:18 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Fri, 09 Jun 2023 01:13:13 GMT server ECS (frb/6772) age 5282036 etag "100cc-5fda812b86b1a" x-boa-requestid ZlCAojDOJ98GZs8bVRw7UwAAAIM x-frame-options SAMEORIGIN x-cache HIT content-type image/png cache-control max-age=26920000, public accept-ranges bytes content-length 65740 expires Thu, 24 Jul 2025 15:11:18 GMT
GET H2	200	assets-images-site-homepage-news-mb_yni_bb_3034668_1440-CSXe3b51fda.jpg www1.bac-assets.com/homepage/spa-assets/images/	10 KB 10 KB	37ms 36ms	Image image/jpeg	192.229.233.230 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://www1.bac-assets.com/homepage/spa-assets/images/assets-images-site-homepage-news-mb_yni_bb_3034668_1440-CSXe3b51fda.jpg Requested by Host: trying-toclone.surge.sh URL: https://trying-toclone.surge.sh/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.233.230 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/67F3) / Resource Hash 36d949908df2e6067788cfc71a6f8d26baf2ef9a93e6a91a8377cb26d2ea8f6b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://trying-toclone.surge.sh/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36 Response headers date Wed, 24 Jul 2024 15:11:18 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Thu, 23 Apr 2020 01:13:28 GMT server ECS (frb/67F3) age 5103034 etag "2692-5a3eaf4c85e00" x-boa-requestid ZlM73Ot2ZXJ7UMAg7FS6jgAAAAk x-frame-options SAMEORIGIN x-cache HIT content-type image/jpeg cache-control max-age=26920000, public accept-ranges bytes content-length 9874 expires Thu, 24 Jul 2025 15:11:18 GMT
GET H2	200	assets-images-global-logos-icon-ehl-white-CSX189e8f4c.svg www1.bac-assets.com/homepage/spa-assets/images/	380 B 395 B	30ms 30ms	Image image/svg+xml	192.229.233.230 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://www1.bac-assets.com/homepage/spa-assets/images/assets-images-global-logos-icon-ehl-white-CSX189e8f4c.svg Requested by Host: trying-toclone.surge.sh URL: https://trying-toclone.surge.sh/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.233.230 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/67E2) / Resource Hash c90dbe69070de8b85da2a0d820d99cafce056ef64b3a4af14b4139095da0aa7a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://trying-toclone.surge.sh/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36 Response headers date Wed, 24 Jul 2024 15:11:18 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000 age 5484362 x-boa-requestid Zk1qTP3RcjOo4zz4urc_ZgAAACw x-cache HIT content-length 269 last-modified Wed, 12 Aug 2020 01:04:20 GMT server ECS (frb/67E2) etag "17c-5aca3c488ebd8" vary Accept-Encoding x-frame-options SAMEORIGIN content-type image/svg+xml cache-control max-age=26920000, public accept-ranges bytes expires Thu, 24 Jul 2025 15:11:18 GMT
GET		6960ce2f.js www1.bac-assets.com/homepage/spa-assets/bundles/	0 0
GET		e1d34f63.js www1.bac-assets.com/homepage/spa-assets/bundles/	0 0
GET		10e4ad8.js www1.bac-assets.com/homepage/spa-assets/bundles/	0 0
GET H2	200	assets-images-global-favicon-favicon-CSX8d65d6e4.ico www1.bac-assets.com/homepage/spa-assets/images/	15 KB 2 KB	28ms 28ms	Other image/x-icon	192.229.233.230 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://www1.bac-assets.com/homepage/spa-assets/images/assets-images-global-favicon-favicon-CSX8d65d6e4.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.233.230 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/67C0) / Resource Hash d5bba1cae66759adfee0d50ab0419e6bb19a48f8c360e4be8e582ba75e7a1402 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://trying-toclone.surge.sh/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36 Response headers date Wed, 24 Jul 2024 15:11:19 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000 age 5470547 x-boa-requestid Zk2gRUBNXlmomVIlrs_hZwAAAWY x-cache HIT content-length 2266 last-modified Fri, 15 Mar 2019 14:29:29 GMT server ECS (frb/67C0) etag "3aee-58422ddd48440" vary Accept-Encoding x-frame-options SAMEORIGIN content-type image/x-icon cache-control max-age=26920000, public accept-ranges bytes expires Thu, 24 Jul 2025 15:11:19 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www1.bac-assets.com

URL

https://www1.bac-assets.com/homepage/spa-assets/bundles/7acfcf42.css

Domain

www1.bac-assets.com

URL

https://www1.bac-assets.com/homepage/spa-assets/bundles/6960ce2f.js

Domain

www1.bac-assets.com

URL

https://www1.bac-assets.com/homepage/spa-assets/bundles/e1d34f63.js

Domain

www1.bac-assets.com

URL

https://www1.bac-assets.com/homepage/spa-assets/bundles/10e4ad8.js

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Bank of America (Banking)

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| digitalData object| nucleusSpartaProperties object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| createCSSBundleLink object| sparta function| requirejs function| require function| define object| theBody object| global object| spaParams function| onLoopReady object| spartaRequireLoop object| loopExecs object| required

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

content-cdn.com
trying-toclone.surge.sh
www1.bac-assets.com
www1.bac-assets.com
159.203.159.100
192.229.233.230
34.199.195.55
03b74e5c453f3a747cc73007570f2dc4d68c4071eb60ddfd384ec2d4f265c8e0
0ae2de68bda2fa22f32b9350b95ff62c402b43b18d2989be707f3e52e4c07f3b
1fb7690d7f2b1b600dbea5fbfce96198cae49ad0009fee412d96bc462a27eea9
2d9705dc449a9757f9b36ace6d7479eabcf2a90b210b400d49f7f8e7e4837d2e
36d949908df2e6067788cfc71a6f8d26baf2ef9a93e6a91a8377cb26d2ea8f6b
3c5226fd06e36fbd81095b575f04a9d154182bb975e2f0633ebf9ea44a62e543
3cea3b95b828471bea7705e1a7221843df5ce3d399438d64b4f927d11fdcc47d
3f1ea5c409c0d00088df9790fa7698929b4b8d242ec4372ab83fa8c3b969c692
46344c37451bf1505050f5ca9096e1d16686172250401bb04558f13eb5bb04f8
6d7ac293ab6a5f1f5bddc8d4e59602950fbfa5434d1b50e1a840eab9dd6b4b7c
79266c36aad7737b74bb1a73c53b99e51c2cda5f7e5ac1e9c5f6178e5181159d
7e6ce497138ce47d8ab66d70c46d245e1261d7f2d3f1db3556eec0ca1c82e2ec
8faba458d243f473199f2d36b2954c66bf34c3ba5dd22992cac7b0f650e09277
a108985f6e9a607d6e1b8cb294cdad7bffb288589c3f9fa3768b84763b0af94d
a1c28de478a88c957daebdfe824082696a3be976edb099dbe9c60b8070d925e4
adab1708b4b053c52d06be506c9630c44bb6a4b986d03344d3cf91997c9e6ad6
c90dbe69070de8b85da2a0d820d99cafce056ef64b3a4af14b4139095da0aa7a
d5bba1cae66759adfee0d50ab0419e6bb19a48f8c360e4be8e582ba75e7a1402
ddc2154c0d608206ff9c64e5acb6e38a3f153e8a9939d846763ddf701424456d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629