bank-americaverify.github.io
Open in
urlscan Pro
185.199.111.153
Malicious Activity!
Public Scan
URL:
https://bank-americaverify.github.io/select.html
Submission Tags: @ipnigh
Submission: On September 20 via api from GB
Submission Tags: @ipnigh
Submission: On September 20 via api from GB
Summary
This website contacted 3 IPs
in 2 countries
across 2 domains to perform 18 HTTP transactions.
The main IP is 185.199.111.153, located in
United States and
belongs to FASTLY - Fastly, US.
The main domain is bank-americaverify.github.io.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on June 27th 2018. Valid for: 2 years.
This is the only time bank-americaverify.github.io was scanned on urlscan.io!
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on June 27th 2018. Valid for: 2 years.
This is the only time bank-americaverify.github.io was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Bank of America (Banking) GDrive and other (Online)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 14 | 185.199.111.153 185.199.111.153 | 54113 (FASTLY) (FASTLY - Fastly) | |
| 4 | 2a00:1450:400... 2a00:1450:4001:81a::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 18 | 3 |
4
2a00:1450:4001:81a::200a
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE - Google LLC, US)
ASN15169 (GOOGLE - Google LLC, US)
| fonts.googleapis.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 14 |
github.io
bank-americaverify.github.io |
454 KB |
| 4 |
googleapis.com
fonts.googleapis.com |
2 KB |
| 18 | 2 |
| Domain | Requested by | |
|---|---|---|
| 14 | bank-americaverify.github.io |
bank-americaverify.github.io
|
| 4 | fonts.googleapis.com |
bank-americaverify.github.io
|
| 18 | 2 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| www.github.com DigiCert SHA2 High Assurance Server CA |
2018-06-27 - 2020-06-20 |
2 years | crt.sh |
| *.googleapis.com GTS CA 1O1 |
2019-09-05 - 2019-11-28 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://bank-americaverify.github.io/select.html
Frame ID: E9F92FACC2937B8D5D6CE8C224B183CB
Requests: 22 HTTP requests in this frame
Screenshot
Detected technologies
Ruby
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- url /^https?:\/\/[^\/]+\.github\.io\//i
- headers server /^GitHub\.com$/i
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Varnish
(Cache Tools)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i
Ruby on Rails
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- url /^https?:\/\/[^\/]+\.github\.io\//i
- headers server /^GitHub\.com$/i
GitHub Pages
(CDN)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- url /^https?:\/\/[^\/]+\.github\.io\//i
- headers server /^GitHub\.com$/i
Google Font API
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
18 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
select.html
bank-americaverify.github.io/ |
116 KB 44 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.min.css
bank-americaverify.github.io/vendor/bootstrap/css/ |
150 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
all.min.css
bank-americaverify.github.io/vendor/fontawesome-free/css/ |
53 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
4 KB 580 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
851 B 411 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
2 KB 482 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
10 KB 758 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
agency.min.css
bank-americaverify.github.io/css/ |
160 KB 87 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
bank-americaverify.github.io/vendor/jquery/ |
85 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.bundle.min.js
bank-americaverify.github.io/vendor/bootstrap/js/ |
75 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.easing.min.js
bank-americaverify.github.io/vendor/jquery-easing/ |
2 KB 972 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jqBootstrapValidation.js
bank-americaverify.github.io/js/ |
36 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
contact_me.js
bank-americaverify.github.io/js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
agency.min.js
bank-americaverify.github.io/js/ |
1 KB 751 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
wrap.png
bank-americaverify.github.io/img/ |
57 KB 57 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
wwrap.png
bank-americaverify.github.io/img/ |
50 KB 50 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1tent.png
bank-americaverify.github.io/img/ |
60 KB 60 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
edij.png
bank-americaverify.github.io/img/ |
58 KB 58 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
517 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Bank of America (Banking) GDrive and other (Online)6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| $ function| jQuery object| bootstrap undefined| sprytextfield10 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=31556952 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bank-americaverify.github.io
fonts.googleapis.com
185.199.111.153
2a00:1450:4001:81a::200a
086a80ab28cd4eb68e973c95ea7730b13e3129f5a9b19e90c5e50690abc7db41
0b6c1e1b33c085efad5bdc32654ec90b4ddc934eb1c1aca71a439ff89867f468
0e95cbf733f41b43a1e2716643ad7ea8cd5fdfcb2eee2d038f4618c579bcaff7
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1992f9dd19f0c2baa2eef13360c9a8c445bfeb97ee0fe457e8a7de525d75f1d2
1f7723b6b9bfced0deba108df48e3287888dd986f1ff2d5133bacc9807ac0349
22ef32d3f6c5b2b941308cfa949c54610dcfe4f45a2aab4677ab357f4c4d6fff
3126158d682bafa50bffd7907d0bcecadebf82cc5be9da70235cea3390db2c2b
381dd9cb91d4bdcd1aa3ee410a6f2571cfd4486a49b2213663e96a727bfc7b8d
3940a87ac6c084ac5c3bab832db32ee8e21a1c5d3ebc6b49f105b60a3b9d31dc
4761ed023a6ad4d39367414f0d454552f06754101bfa0a5122fbc186f5c7e372
4c940a58b40018214ca32665ff4cf755522b32a027b309cccb950ccd22e27637
68e357769305fcf03ea23213551ea1a6c3aac4a059e83834ca14e7d81a768e09
6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c
73b1ce58fa539aab1d6d1424607c5ff60fc5e2f2c0becd3a776f7f4f8f3664b0
7f7231894956565bec35652625d57ce5f86d017d0b59edac6f6e9fde43d5a683
956c2f26876aac206eaf0019da7d4c884ef7010819e86afd8d645de9e77b5a24
9f43663537315e7785e9eed8896bb0a84bcdde327d41ebfb4787286c85019166
a5590dd5ad59d144e6954ac2942aa45e2eb365c74b5d514eeb996f0a93bff975
c598946947854f8ae24de5ddb824fc9dd6fab41e25341b0b984ff23933bb17cb
c7b07a0440ecfbd1f32110a6a5c7e92ecfe0200a65ba5fdd5660a98cf2294c09
fcead9821dce61e4d64b068d89d5e8e86a37b727319fee56e91e5a8dd8e93edf