bankofamericax13.webcindario.com Open in urlscan Pro
5.57.226.202  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://bankofamericax13.webcindario.com/5f11e151/ Page URL
2. https://bankofamericax13.webcindario.com/5f11e151/signOnV2Screen.php Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response bankofamericax13.webcindario.com/5f11e151/	2 KB 1 KB	132ms 42ms	Document text/html	5.57.226.202 StackScale
General Check archive.org Show headers Download Go to Full URL https://bankofamericax13.webcindario.com/5f11e151/ Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES), Reverse DNS Software nginx / Webcindario Hosting Service Resource Hash 02b111f86134ca03dd47d0d23ac95abaa0a1ee7447380120d234c55005bc3951 Request headers :method GET :authority bankofamericax13.webcindario.com :scheme https :path /5f11e151/ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 server nginx date Tue, 18 Jun 2019 05:04:00 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding set-cookie __muid=001ffa030892481b9414aad91a971f61f70e2112; Domain=.webcindario.com; Path=/; Expires=Tue, 19 Jan 2038 03:14:11 GMT; HttpOnly x-powered-by Webcindario Hosting Service content-encoding gzip
GET		adsbygoogle.js pagead2.googlesyndication.com/pagead/js/	0 0
GET		/ hosting.miarroba.info/	0 0
GET H2	200	gtm.js www.googletagmanager.com/	48 KB 18 KB	14ms 14ms	Script application/javascript	2a00:1450:4001:824::2008 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-T2VG59 Requested by Host: bankofamericax13.webcindario.com URL: https://bankofamericax13.webcindario.com/5f11e151/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Google Tag Manager / Resource Hash Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://bankofamericax13.webcindario.com/5f11e151/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 18 Jun 2019 05:04:00 GMT content-encoding br last-modified Mon, 17 Jun 2019 23:12:11 GMT server Google Tag Manager access-control-allow-origin http://www.googletagmanager.com vary Accept-Encoding content-type application/javascript; charset=UTF-8 status 200 alt-svc quic=":443"; ma=2592000; v="46,44,43,39" cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control content-length 18620 x-xss-protection 0 expires Tue, 18 Jun 2019 05:04:00 GMT
GET H2	200	Primary Request signOnV2Screen.php Show response bankofamericax13.webcindario.com/5f11e151/	4 KB 2 KB	40ms 39ms	Document text/html	5.57.226.202 StackScale
General Check archive.org Show headers Download Go to Full URL https://bankofamericax13.webcindario.com/5f11e151/signOnV2Screen.php Requested by Host: bankofamericax13.webcindario.com URL: https://bankofamericax13.webcindario.com/5f11e151/ Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES), Reverse DNS Software nginx / Webcindario Hosting Service Resource Hash ca2e312d4162f4f2429ebe946b3d2253fff2055139dcda3f6f7391fda64e78d7 Request headers :method GET :authority bankofamericax13.webcindario.com :scheme https :path /5f11e151/signOnV2Screen.php pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 referer https://bankofamericax13.webcindario.com/5f11e151/ accept-encoding gzip, deflate, br cookie __muid=001ffa030892481b9414aad91a971f61f70e2112 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://bankofamericax13.webcindario.com/5f11e151/ Response headers status 200 server nginx date Tue, 18 Jun 2019 05:04:00 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding x-powered-by Webcindario Hosting Service content-encoding gzip
GET H2	200	analytics.js www.google-analytics.com/	43 KB 17 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:81c::200e Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2VG59 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Golfe2 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://bankofamericax13.webcindario.com/5f11e151/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 21 May 2019 23:53:44 GMT server Golfe2 age 336 date Tue, 18 Jun 2019 04:58:24 GMT vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=7200 alt-svc quic=":443"; ma=2592000; v="46,44,43,39" content-length 17595 expires Tue, 18 Jun 2019 06:58:24 GMT
GET		collect www.google-analytics.com/r/	0 0
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	90 KB 33 KB	24ms 18ms	Script text/javascript	2a00:1450:4001:808::2002 Google LLC
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: bankofamericax13.webcindario.com URL: https://bankofamericax13.webcindario.com/5f11e151/signOnV2Screen.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash 9e2c3501650bf50a4d7d890902dbcba693e66ae153e6661edefa17ae5ec6207b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://bankofamericax13.webcindario.com/5f11e151/signOnV2Screen.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 18 Jun 2019 05:04:00 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 content-disposition attachment; filename="f.txt" alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39" content-length 34054 x-xss-protection 0 server cafe etag 9708510623592440332 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Tue, 18 Jun 2019 05:04:00 GMT
GET H2	200	m.png bankofamericax13.webcindario.com/5f11e151/	277 KB 278 KB	83ms 77ms	Image image/png	5.57.226.202 StackScale
General Check archive.org Show headers Download Go to Show image Full URL https://bankofamericax13.webcindario.com/5f11e151/m.png Requested by Host: bankofamericax13.webcindario.com URL: https://bankofamericax13.webcindario.com/5f11e151/signOnV2Screen.php Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES), Reverse DNS Software nginx / Webcindario Hosting Service Resource Hash 2dd8fb1774a42305356216906f8d96a5ffc2309c5e6d0fa9a7d7f30c64bb25f8 Request headers Referer https://bankofamericax13.webcindario.com/5f11e151/signOnV2Screen.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 18 Jun 2019 05:04:00 GMT etag "5d0837a9-45504" last-modified Tue, 18 Jun 2019 01:00:25 GMT server nginx x-powered-by Webcindario Hosting Service content-type image/png status 200 accept-ranges bytes content-length 283908
GET H2	200	2.PNG bankofamericax13.webcindario.com/5f11e151/images/	567 KB 568 KB	81ms 78ms	Image image/png	5.57.226.202 StackScale
General Check archive.org Show headers Download Go to Show image Full URL https://bankofamericax13.webcindario.com/5f11e151/images/2.PNG Requested by Host: bankofamericax13.webcindario.com URL: https://bankofamericax13.webcindario.com/5f11e151/signOnV2Screen.php Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES), Reverse DNS Software nginx / Webcindario Hosting Service Resource Hash ad556892c91cdc3a9309e6efec918f6d02b423554f704546838947e1c39948e0 Request headers Referer https://bankofamericax13.webcindario.com/5f11e151/signOnV2Screen.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 18 Jun 2019 05:04:00 GMT etag "5d0837a9-8dcda" last-modified Tue, 18 Jun 2019 01:00:25 GMT server nginx x-powered-by Webcindario Hosting Service content-type image/png status 200 accept-ranges bytes content-length 580826
GET H2	200	/ Show response hosting.miarroba.info/	0 427 B	47ms 43ms	Script application/javascript	2606:4700:20::6819:ce08 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://hosting.miarroba.info/?__muid=001ffa030892481b9414aad91a971f61f70e2112&h=1869871&t=1560834240&k=4e0f3c47c52d7f4a7407a751679f4a7d Requested by Host: bankofamericax13.webcindario.com URL: https://bankofamericax13.webcindario.com/5f11e151/signOnV2Screen.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:ce08 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://bankofamericax13.webcindario.com/5f11e151/signOnV2Screen.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Tue, 18 Jun 2019 05:04:00 GMT content-encoding br content-type application/javascript; charset=iso-8859-1 last-modified Tue, 18 Jun 2019 05:04:00 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding p3p CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" status 200 cache-control no-cache cf-ray 4e8ab850cd239ace-FRA expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	48 KB 18 KB	20ms 17ms	Script application/javascript	2a00:1450:4001:824::2008 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-T2VG59 Requested by Host: bankofamericax13.webcindario.com URL: https://bankofamericax13.webcindario.com/5f11e151/signOnV2Screen.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Google Tag Manager / Resource Hash ec45364dcda1c5da8dd39c63002dc7b2407a73c1436136a7b2351db7f67eaab6 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://bankofamericax13.webcindario.com/5f11e151/signOnV2Screen.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 18 Jun 2019 05:04:00 GMT content-encoding br last-modified Mon, 17 Jun 2019 23:12:11 GMT server Google Tag Manager access-control-allow-origin http://www.googletagmanager.com vary Accept-Encoding content-type application/javascript; charset=UTF-8 status 200 alt-svc quic=":443"; ma=2592000; v="46,44,43,39" cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control content-length 18620 x-xss-protection 0 expires Tue, 18 Jun 2019 05:04:00 GMT
GET H/1.1	200	ads Show response des.smartclip.net/	20 B 503 B	110ms 28ms	Script application/javascript	54.77.148.103 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://des.smartclip.net/ads?type=dyn&plc=75133&elementId=001ffa030892481b9414aad91a971f61f70e2112&sz=400x320&rnd=29320673 Requested by Host: bankofamericax13.webcindario.com URL: https://bankofamericax13.webcindario.com/5f11e151/signOnV2Screen.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.77.148.103 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-54-77-148-103.eu-west-1.compute.amazonaws.com Software nginx/1.13.12 / Resource Hash 7285303c6f1bd19a091fb8046d1c43704c3f846461b957fe4198c3e051fce7eb Request headers Referer https://bankofamericax13.webcindario.com/5f11e151/signOnV2Screen.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 18 Jun 2019 05:04:00 GMT Content-Encoding gzip Sc-Supply-Network 999999 Vary Accept-Encoding P3P CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Sc-Uuid aa0297eb-6c62-4b54-8216-e143e9adf23d Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Credentials true Content-Type application/javascript; charset=utf-8 Sc-Device-Type PC Server nginx/1.13.12
GET H2	200	analytics.js Show response www.google-analytics.com/	43 KB 17 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:81c::200e Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2VG59 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Golfe2 / Resource Hash 8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://bankofamericax13.webcindario.com/5f11e151/signOnV2Screen.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 21 May 2019 23:53:44 GMT server Golfe2 age 336 date Tue, 18 Jun 2019 04:58:24 GMT vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=7200 alt-svc quic=":443"; ma=2592000; v="46,44,43,39" content-length 17595 expires Tue, 18 Jun 2019 06:58:24 GMT
GET H2	200	integrator.js Show response adservice.google.de/adsid/	109 B 481 B	65ms 18ms	Script application/javascript	2a00:1450:4001:820::2002 Google LLC
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=bankofamericax13.webcindario.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash 0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://bankofamericax13.webcindario.com/5f11e151/signOnV2Screen.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 18 Jun 2019 05:04:00 GMT content-encoding gzip x-content-type-options nosniff content-type application/javascript; charset=UTF-8 server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39" content-length 104 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	109 B 481 B	63ms 17ms	Script application/javascript	2a00:1450:4001:809::2002 Google LLC
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=bankofamericax13.webcindario.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash 0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://bankofamericax13.webcindario.com/5f11e151/signOnV2Screen.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 18 Jun 2019 05:04:00 GMT content-encoding gzip x-content-type-options nosniff content-type application/javascript; charset=UTF-8 server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39" content-length 104 x-xss-protection 0
GET H2	200	show_ads_impl.js Show response pagead2.googlesyndication.com/pagead/js/r20190612/r20190131/	211 KB 78 KB	25ms 24ms	Script text/javascript	2a00:1450:4001:808::2002 Google LLC
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20190612/r20190131/show_ads_impl.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash ac4a458417bc7bcb30c856c778b0ffa471aa934335c41916f8c0ca607918de0f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://bankofamericax13.webcindario.com/5f11e151/signOnV2Screen.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 18 Jun 2019 05:04:00 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 content-disposition attachment; filename="f.txt" alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39" content-length 79882 x-xss-protection 0 server cafe etag 7860360361704898373 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Tue, 18 Jun 2019 05:04:00 GMT
GET H2	200	show_ads_impl.js Show response pagead2.googlesyndication.com/pagead/js/r20190612/r20190131/ Frame B193	211 KB 78 KB	32ms 31ms	Script text/javascript	2a00:1450:4001:808::2002 Google LLC
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20190612/r20190131/show_ads_impl.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash ac4a458417bc7bcb30c856c778b0ffa471aa934335c41916f8c0ca607918de0f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://bankofamericax13.webcindario.com/5f11e151/signOnV2Screen.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 18 Jun 2019 05:04:00 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 content-disposition attachment; filename="f.txt" alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39" content-length 79882 x-xss-protection 0 server cafe etag 7860360361704898373 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Tue, 18 Jun 2019 05:04:00 GMT
GET H2	200	ca-pub-7294310421616689.js Show response pagead2.googlesyndication.com/pub-config/r20160913/	108 B 270 B	6ms 6ms	Script text/javascript	2a00:1450:4001:808::2002 Google LLC
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-7294310421616689.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash 617229202229089622770a111fef4f514877475b89056525185a70e0cbc5bc95 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://bankofamericax13.webcindario.com/5f11e151/signOnV2Screen.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 17 Jun 2019 20:12:20 GMT content-encoding gzip x-content-type-options nosniff last-modified Sun, 16 Jun 2019 18:22:42 GMT server sffe age 31900 vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=43200 accept-ranges bytes alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39" content-length 118 x-xss-protection 0 expires Tue, 18 Jun 2019 08:12:20 GMT
GET H2	200	zrt_lookup.html googleads.g.doubleclick.net/pagead/html/r20190612/r20190131/ Frame 6CE5	0 0	9ms 6ms	Document text/html	2a00:1450:4001:81d::2002 Google LLC
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20190612/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/html/r20190612/r20190131/zrt_lookup.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 referer https://bankofamericax13.webcindario.com/5f11e151/signOnV2Screen.php accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://bankofamericax13.webcindario.com/5f11e151/signOnV2Screen.php Response headers status 200 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * vary Accept-Encoding date Thu, 13 Jun 2019 20:55:25 GMT expires Thu, 27 Jun 2019 20:55:25 GMT content-type text/html; charset=UTF-8 etag 9107516332936589630 x-content-type-options nosniff content-encoding gzip server cafe content-length 7041 x-xss-protection 0 cache-control public, max-age=1209600 age 374915 alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
GET H2	200	collect www.google-analytics.com/	35 B 99 B	6ms 5ms	Image image/gif	2a00:1450:4001:81c::200e Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j76&a=630042235&t=pageview&_s=1&dl=https%3A%2F%2Fbankofamericax13.webcindario.com%2F5f11e151%2FsignOnV2Screen.php&ul=en-us&de=UTF-8&dt=Bank%20of%20America%20%7C%20Online%20Banking%20%7C%20Sign%20In%20%7C%20Online%20ID&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=QACAAAABC~&jid=&gjid=&cid=1871513158.1560834240&tid=UA-597118-7&_gid=849192226.1560834240&gtm=2wg651T2VG59&z=1289177197 Requested by Host: bankofamericax13.webcindario.com URL: https://bankofamericax13.webcindario.com/5f11e151/signOnV2Screen.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://bankofamericax13.webcindario.com/5f11e151/signOnV2Screen.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Thu, 13 Jun 2019 20:48:08 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 375352 content-type image/gif status 200 alt-svc quic=":443"; ma=2592000; v="46,44,43,39" cache-control no-cache, no-store, must-revalidate access-control-allow-origin * content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	403	ads googleads.g.doubleclick.net/pagead/ Frame 4FE7	0 0	28ms 27ms	Document text/html	2a00:1450:4001:81d::2002 Google LLC
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7294310421616689&output=html&adk=1812271804&adf=3025194257&lmt=1560834240&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fbankofamericax13.webcindario.com%2F5f11e151%2FsignOnV2Screen.php&ea=0&flash=0&pra=5&wgl=1&dt=1560834240159&bpp=29&bdt=44&fdt=74&idt=74&shv=r20190612&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=7733967607764&frm=20&pv=2&ga_vid=1871513158.1560834240&ga_sid=1560834240&ga_hid=630042235&ga_fc=0&iag=0&icsg=33440&dssz=11&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&ref=https%3A%2F%2Fbankofamericax13.webcindario.com%2F5f11e151%2F&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&osw_key=1215343&ifi=0&uci=0.irrxhugzwx66&fsb=1&dtd=91 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20190612/r20190131/show_ads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/ads?client=ca-pub-7294310421616689&output=html&adk=1812271804&adf=3025194257&lmt=1560834240&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fbankofamericax13.webcindario.com%2F5f11e151%2FsignOnV2Screen.php&ea=0&flash=0&pra=5&wgl=1&dt=1560834240159&bpp=29&bdt=44&fdt=74&idt=74&shv=r20190612&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=7733967607764&frm=20&pv=2&ga_vid=1871513158.1560834240&ga_sid=1560834240&ga_hid=630042235&ga_fc=0&iag=0&icsg=33440&dssz=11&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&ref=https%3A%2F%2Fbankofamericax13.webcindario.com%2F5f11e151%2F&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&osw_key=1215343&ifi=0&uci=0.irrxhugzwx66&fsb=1&dtd=91 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 referer https://bankofamericax13.webcindario.com/5f11e151/signOnV2Screen.php accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://bankofamericax13.webcindario.com/5f11e151/signOnV2Screen.php Response headers status 403 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Tue, 18 Jun 2019 05:04:00 GMT server cafe content-length 46 x-xss-protection 0 set-cookie test_cookie=CheckForPermission; expires=Tue, 18-Jun-2019 05:19:00 GMT; path=/; domain=.doubleclick.net alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
GET H2	200	osd.js Show response www.googletagservices.com/activeview/js/current/	75 KB 28 KB	71ms 38ms	Script text/javascript	2a00:1450:4001:809::2002 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20190612/r20190131/show_ads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash b6fbc563b614beb07727882bbbd837a37eac55c3eae9622c68294e6158d604c7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://bankofamericax13.webcindario.com/5f11e151/signOnV2Screen.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 18 Jun 2019 05:04:00 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1560769997427486" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=3000 accept-ranges bytes alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39" content-length 28399 x-xss-protection 0 expires Tue, 18 Jun 2019 05:04:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

pagead2.googlesyndication.com

URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Domain

hosting.miarroba.info

URL

https://hosting.miarroba.info/?__muid=001ffa030892481b9414aad91a971f61f70e2112&h=1869871&t=1560834240&k=4e0f3c47c52d7f4a7407a751679f4a7d

Domain

www.google-analytics.com

URL

https://www.google-analytics.com/r/collect?v=1&_v=j76&a=868324829&t=pageview&_s=1&dl=https%3A%2F%2Fbankofamericax13.webcindario.com%2F5f11e151%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABC~&jid=60832537&gjid=1416588999&cid=1871513158.1560834240&tid=UA-597118-7&_gid=849192226.1560834240&_r=1&gtm=2wg651T2VG59&z=1825813284

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Bank of America (Banking)

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| dataLayer object| adsbygoogle object| s string| t object| google_tag_manager string| GoogleAnalyticsObject function| mia_ga object| google_js_reporting_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd object| google_sv_map object| google_t12n_vars object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| google_sa_impl object| google_jobrunner object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_iframe_oncopy function| Goog_AdSense_getAdAdapterInstance boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-19 01:33:55	Name: test_cookie Value: CheckForPermission
			.bankofamericax13.webcindario.com/	1970-01-19 01:33:54	Name: _gat_UA-597118-7 Value: 1
			.bankofamericax13.webcindario.com/	1970-01-19 01:35:20	Name: _gid Value: GA1.3.849192226.1560834240
			.bankofamericax13.webcindario.com/	1970-01-19 19:05:06	Name: _ga Value: GA1.3.1871513158.1560834240
			.webcindario.com/	1970-01-25 20:31:23	Name: __muid Value: 001ffa030892481b9414aad91a971f61f70e2112

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
bankofamericax13.webcindario.com
des.smartclip.net
googleads.g.doubleclick.net
hosting.miarroba.info
pagead2.googlesyndication.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
hosting.miarroba.info
pagead2.googlesyndication.com
www.google-analytics.com
2606:4700:20::6819:ce08
2a00:1450:4001:808::2002
2a00:1450:4001:809::2002
2a00:1450:4001:81c::200e
2a00:1450:4001:81d::2002
2a00:1450:4001:820::2002
2a00:1450:4001:824::2008
5.57.226.202
54.77.148.103
02b111f86134ca03dd47d0d23ac95abaa0a1ee7447380120d234c55005bc3951
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
2dd8fb1774a42305356216906f8d96a5ffc2309c5e6d0fa9a7d7f30c64bb25f8
617229202229089622770a111fef4f514877475b89056525185a70e0cbc5bc95
7285303c6f1bd19a091fb8046d1c43704c3f846461b957fe4198c3e051fce7eb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2
9e2c3501650bf50a4d7d890902dbcba693e66ae153e6661edefa17ae5ec6207b
ac4a458417bc7bcb30c856c778b0ffa471aa934335c41916f8c0ca607918de0f
ad556892c91cdc3a9309e6efec918f6d02b423554f704546838947e1c39948e0
b6fbc563b614beb07727882bbbd837a37eac55c3eae9622c68294e6158d604c7
ca2e312d4162f4f2429ebe946b3d2253fff2055139dcda3f6f7391fda64e78d7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec45364dcda1c5da8dd39c63002dc7b2407a73c1436136a7b2351db7f67eaab6