208.97.141.162
Open in
urlscan Pro
208.97.141.162
Malicious Activity!
Public Scan
Submission: On April 27 via automatic, source openphish
Summary
This is the only time 208.97.141.162 was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Bank of America (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
17 | 208.97.141.162 208.97.141.162 | 26347 (DREAMHOST-AS) (DREAMHOST-AS - New Dream Network) | |
1 | 52.87.45.227 52.87.45.227 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
1 | 18.211.169.77 18.211.169.77 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
1 | 54.209.39.241 54.209.39.241 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
20 | 4 |
ASN26347 (DREAMHOST-AS - New Dream Network, LLC, US)
PTR: rsssite.net
208.97.141.162 |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-87-45-227.compute-1.amazonaws.com
aero.bankofamerica.com |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-18-211-169-77.compute-1.amazonaws.com
boss.bankofamerica.com |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-209-39-241.compute-1.amazonaws.com
dull.bankofamerica.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
3 |
bankofamerica.com
aero.bankofamerica.com boss.bankofamerica.com dull.bankofamerica.com |
3 KB |
20 | 1 |
Domain | Requested by | |
---|---|---|
1 | dull.bankofamerica.com |
208.97.141.162
|
1 | boss.bankofamerica.com |
208.97.141.162
|
1 | aero.bankofamerica.com |
208.97.141.162
|
20 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
secure.bankofamerica.com |
www.bankofamerica.com |
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://208.97.141.162/100/bankofamerica/bofaonline/
Frame ID: 4BC34EE61A761E279C2EB564D01FB77A
Requests: 20 HTTP requests in this frame
10 Outgoing links
These are links going to different origins than the main page.
Title: Skip to main content
Search URL Search Domain Scan URL
Title: En Español
Search URL Search Domain Scan URL
Title: Forgot your Passcode?
Search URL Search Domain Scan URL
Title: {storeLinkText}
Search URL Search Domain Scan URL
Title: Learn about your Text Banking or Banking by Phone options ››
Search URL Search Domain Scan URL
Title: Enroll now for online Banking
Search URL Search Domain Scan URL
Title: Learn more about Online Banking
Search URL Search Domain Scan URL
Title: Service Agreement
Search URL Search Domain Scan URL
Title: Privacy & Security
Search URL Search Domain Scan URL
Title: Equal Housing Lender
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
20 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
208.97.141.162/100/bankofamerica/bofaonline/ |
36 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vipaa-v4-jawr.css
208.97.141.162/100/bankofamerica/bofaonline/index_files/ |
444 KB 64 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vipaa-v4-jawr.js.download
208.97.141.162/100/bankofamerica/bofaonline/index_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cc.go
208.97.141.162/100/bankofamerica/bofaonline/index_files/ |
28 KB 28 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
g8C
208.97.141.162/100/bankofamerica/bofaonline/index_files/ |
137 B 396 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
g8C(1)
208.97.141.162/100/bankofamerica/bofaonline/index_files/ |
137 B 395 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bac_reg_logo_tmp_250X69.gif
208.97.141.162/100/bankofamerica/bofaonline/index_files/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mobile_llama.png
208.97.141.162/100/bankofamerica/bofaonline/index_files/ |
13 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cm-jawr.js.download
208.97.141.162/100/bankofamerica/bofaonline/index_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
image
208.97.141.162/100/bankofamerica/bofaonline/index_files/ |
324 B 324 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vipaa-v4-jawr-print.css
208.97.141.162/100/bankofamerica/bofaonline/index_files/ |
10 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
I3n.js
aero.bankofamerica.com/30306/ |
571 B 900 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
a8e.js
boss.bankofamerica.com/30306/ |
571 B 900 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
y9h.js
dull.bankofamerica.com/boaa/ |
571 B 900 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fsd-secure-esp-sprite.png
208.97.141.162/pa/components/modules/header-module/2.8/graphic/ |
351 B 351 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cnx-regular.woff
208.97.141.162/pa/global-assets/1.0/font/cnx-regular/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
help-qm-fsd.png
208.97.141.162/pa/global-assets/1.0/graphic/ |
322 B 322 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gfootb-static-sprite.png
208.97.141.162/pa/components/modules/global-footer-module/2.5/graphic/ |
357 B 357 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gfoot-home-icon.png
208.97.141.162/pa/components/modules/global-footer-module/2.5/graphic/ |
352 B 352 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cnx-regular.ttf
208.97.141.162/pa/global-assets/1.0/font/cnx-regular/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Bank of America (Banking)47 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask string| boaVIPAAuseGzippedBundles string| boaVIPAAjawrEnabled string| dotcomURLPrefix string| pinRegexSwitch string| sbPinRegexSwitch string| newPwdStandardSwitch function| getSCookie function| get_SessionIdString object| boaPageDataJS function| seTTCookie function| geTTCookieVal function| readCookie undefined| ThrottleVal undefined| isSBCustomer string| runOnce undefined| img object| v object| ttMETA object| theBody string| captureMouseEvents number| maxMouseEvents string| ccPath string| _ia11 boolean| isFPEnabled string| vipaaGISMaskingEnabled object| GetAppDownloadConfig object| inauthNamespace object| _cc string| cmPageId string| cmCategoryId string| cmPageId_Modal string| cmSessionID string| appStepNumber string| appStepName string| appName undefined| testString undefined| cmFailure undefined| cmErrorMsg undefined| cmReqLocale undefined| locAppendage function| cmSetDD undefined| errorCode undefined| errorCodeCounter undefined| errorCodeIndex0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aero.bankofamerica.com
boss.bankofamerica.com
dull.bankofamerica.com
18.211.169.77
208.97.141.162
52.87.45.227
54.209.39.241
1e7ea3cf04b8563f9c10ab51bd2e34911a7a776913bef983ac7923c08e991b13
2d15902079e9b540733497bdcf8d01f21ca99a2c9c0f11cc18d4a8d917a15e44
2f0ac0559a948fa017a8ecdb5bddf7ac54033e8aa1eb91ff7df93243c690f0d1
404eacf4046468e0a5c8511f9aa880fdaf613bacc8521ddb79b7a234afdb53d0
45e3e1c1bcc49406268d473f1fe1a7b09559d53d99a009df4b97b944c60298c2
4aa4f1e2aef51f360a7f3db5cf223ec6d866253ab42d7bf38de6d6c23abc1da8
50687821ab1acd9eee8f92138713d8b7fbdf36a97989151998e65d756fddf32e
53341f84132452bce101be096eab54d89d00d76a61a10baa482cf7d3a53360da
6faff1c939a50b046b98c124b959cb7cba4782252358581a19cbb06e9896afdc
7b1fd36ec9eb6d295f21e2324b7eac0398cffbeb5728689de752728b72a68eb2
8c52089417c3a70be6422035cc8751d57fc9a3aa663670fed788a8368de7559c
c6ad8713670b4c45701b00066a6bc961cdf0fa461ed415f311e7100731d79c55
dcc20632135c4c6ebe55389bee231f39e82454458ac4b76b9cb88e49894ff2eb
deeef4b378b6e37c4c7bff6d77128884da130edd537fc20c5c80b3b6463c8548