ww4.welcomeclient.com

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 6 HTTP transactions. The main IP is 54.243.161.41, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is ww4.welcomeclient.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on January 10th 2022. Valid for: a year.

This is the only time ww4.welcomeclient.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
6	54.243.161.41 54.243.161.41		14618 (AMAZON-AES) (AMAZON-AES)
6	1

6 54.243.161.41 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-161-41.compute-1.amazonaws.com

ww4.welcomeclient.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	welcomeclient.com ww4.welcomeclient.com	84 KB
6	1

	Domain	Requested by
6	ww4.welcomeclient.com	ww4.welcomeclient.com
6	1

This site contains no links.

Subject Issuer	Validity	Valid
*.welcomeclient.com Entrust Certification Authority - L1K	`2022-01-10` - `2023-02-09`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://ww4.welcomeclient.com/4DCGI/WEB_BDLogin/500530637/1894?501947177
Frame ID: 56F9A67F333BC18AA16FEEEA8A955DB2
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

6
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

84 kB
Transfer

326 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 1894 Show response
ww4.welcomeclient.com/4DCGI/WEB_BDLogin/500530637/ 8 KB
4 KB 842ms
313ms Document
text/html 54.243.161.41
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://ww4.welcomeclient.com/4DCGI/WEB_BDLogin/500530637/1894?501947177

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.243.161.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-161-41.compute-1.amazonaws.com

Software

nginx /

Resource Hash

3cefe4e386bad5a5165679e9e95b520a8c07132e29e086794f1c4dd14e5d3c8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Tue, 07 Feb 2023 13:14:48 GMT
expires: Sat, 20 Sep 2000 01:56:59 GMT
last-modified: Tue, 07 Feb 2023 13:14:48 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-frm_key: 0
x-upstream: 10.1.101.15:8002
x-wupstream: 10.1.200.59
x-xss-protection: 1; mode=block

GET
H2 200 jquery-3.5.1.min.js Show response
ww4.welcomeclient.com/Extras/jquery/ 87 KB
31 KB 352ms
351ms Script
application/javascript 54.243.161.41
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://ww4.welcomeclient.com/Extras/jquery/jquery-3.5.1.min.js

Requested by

Host: ww4.welcomeclient.com
URL: https://ww4.welcomeclient.com/4DCGI/WEB_BDLogin/500530637/1894?501947177

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.243.161.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-161-41.compute-1.amazonaws.com

Software

nginx /

Resource Hash

9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ww4.welcomeclient.com/4DCGI/WEB_BDLogin/500530637/1894?501947177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: public
date: Tue, 07 Feb 2023 13:14:49 GMT
content-encoding: gzip
x-wupstream: 10.1.100.89
last-modified: Mon, 04 Jul 2022 14:06:11 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains;
etag: "62c2f3d3-78bf"
content-type: application/javascript
x-upstream: STATIC-FILE
cache-control: max-age=604800
content-length: 30911
x-xss-protection: 1; mode=block
expires: Tue, 14 Feb 2023 13:14:49 GMT

GET
H2 200 jquery.xdomainrequest.min.js Show response
ww4.welcomeclient.com/Extras/sha2/ 2 KB
1 KB 352ms
352ms Script
application/javascript 54.243.161.41
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://ww4.welcomeclient.com/Extras/sha2/jquery.xdomainrequest.min.js

Requested by

Host: ww4.welcomeclient.com
URL: https://ww4.welcomeclient.com/4DCGI/WEB_BDLogin/500530637/1894?501947177

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.243.161.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-161-41.compute-1.amazonaws.com

Software

nginx /

Resource Hash

c8d6754a59c23fa67cf981092bb70d0a0ec9a43f205daf2f2f922cf6e5a74fce

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ww4.welcomeclient.com/4DCGI/WEB_BDLogin/500530637/1894?501947177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: public
date: Tue, 07 Feb 2023 13:14:49 GMT
content-encoding: gzip
x-wupstream: 10.1.100.89
last-modified: Thu, 04 Jun 2020 19:40:21 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains;
etag: "5ed94e25-42f"
content-type: application/javascript
x-upstream: STATIC-FILE
cache-control: max-age=604800
content-length: 1071
x-xss-protection: 1; mode=block
expires: Tue, 14 Feb 2023 13:14:49 GMT

GET
H2 200 bootstrap.min.css
ww4.welcomeclient.com/Extras/bootstrap/4.6.1/css/ 158 KB
24 KB 235ms
234ms Stylesheet
text/css 54.243.161.41
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://ww4.welcomeclient.com/Extras/bootstrap/4.6.1/css/bootstrap.min.css

Requested by

Host: ww4.welcomeclient.com
URL: https://ww4.welcomeclient.com/4DCGI/WEB_BDLogin/500530637/1894?501947177

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.243.161.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-161-41.compute-1.amazonaws.com

Software

nginx /

Resource Hash

a4317c03b8d4d20c4c54e163b6d3c16e0107b02d4ee9acd7406d9f7c725cc8f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ww4.welcomeclient.com/4DCGI/WEB_BDLogin/500530637/1894?501947177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: public
date: Tue, 07 Feb 2023 13:14:49 GMT
content-encoding: gzip
x-wupstream: 10.1.200.59
last-modified: Tue, 28 Jun 2022 17:45:27 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains;
etag: "62bb3e37-5e6c"
content-type: text/css
x-upstream: STATIC-FILE
cache-control: max-age=604800
content-length: 24172
x-xss-protection: 1; mode=block
expires: Tue, 14 Feb 2023 13:14:49 GMT

GET
H2 200 GlobeUS.jpg
ww4.welcomeclient.com/Login/ 9 KB
10 KB 118ms
118ms Image
image/jpeg 54.243.161.41
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ww4.welcomeclient.com/Login/GlobeUS.jpg

Requested by

Host: ww4.welcomeclient.com
URL: https://ww4.welcomeclient.com/4DCGI/WEB_BDLogin/500530637/1894?501947177

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.243.161.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-161-41.compute-1.amazonaws.com

Software

nginx /

Resource Hash

48b8efd5c2631d4ddcff0255891942f9c27828a4e9dee51b6f6dd2b2bbb6976d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ww4.welcomeclient.com/4DCGI/WEB_BDLogin/500530637/1894?501947177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: public
date: Tue, 07 Feb 2023 13:14:49 GMT
x-wupstream: 10.1.100.89
strict-transport-security: max-age=63072000; includeSubdomains;
last-modified: Thu, 04 Jun 2020 19:40:55 GMT
server: nginx
etag: "5ed94e47-24f4"
content-type: image/jpeg
x-upstream: STATIC-FILE
cache-control: max-age=604800
accept-ranges: bytes
content-length: 9460
x-xss-protection: 1; mode=block
expires: Tue, 14 Feb 2023 13:14:49 GMT

GET
H2 200 bootstrap.min.js Show response
ww4.welcomeclient.com/Extras/bootstrap/4.6.1/js/ 61 KB
15 KB 118ms
118ms Script
application/javascript 54.243.161.41
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://ww4.welcomeclient.com/Extras/bootstrap/4.6.1/js/bootstrap.min.js

Requested by

Host: ww4.welcomeclient.com
URL: https://ww4.welcomeclient.com/4DCGI/WEB_BDLogin/500530637/1894?501947177

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.243.161.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-161-41.compute-1.amazonaws.com

Software

nginx /

Resource Hash

0b107098fc8b361ce610dba0d1656c620c725311e51d4417c7c57c8bda369e52

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ww4.welcomeclient.com/4DCGI/WEB_BDLogin/500530637/1894?501947177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: public
date: Tue, 07 Feb 2023 13:14:49 GMT
content-encoding: gzip
x-wupstream: 10.1.200.59
last-modified: Tue, 28 Jun 2022 17:45:27 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains;
etag: "62bb3e37-3beb"
content-type: application/javascript
x-upstream: STATIC-FILE
cache-control: max-age=604800
content-length: 15339
x-xss-protection: 1; mode=block
expires: Tue, 14 Feb 2023 13:14:49 GMT

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			ww4.welcomeclient.com/	1970-01-20 09:29:46	Name: com_sid Value:
			.welcomeclient.com/	1970-01-20 18:15:11	Name: isCustomer Value: true

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ww4.welcomeclient.com
54.243.161.41
0b107098fc8b361ce610dba0d1656c620c725311e51d4417c7c57c8bda369e52
3cefe4e386bad5a5165679e9e95b520a8c07132e29e086794f1c4dd14e5d3c8f
48b8efd5c2631d4ddcff0255891942f9c27828a4e9dee51b6f6dd2b2bbb6976d
9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38
a4317c03b8d4d20c4c54e163b6d3c16e0107b02d4ee9acd7406d9f7c725cc8f2
c8d6754a59c23fa67cf981092bb70d0a0ec9a43f205daf2f2f922cf6e5a74fce

ww4.welcomeclient.com Open in urlscan Pro 54.243.161.41 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

6 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

84 kBTransfer

326 kBSize

2 Cookies

0 Outgoing links

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

ww4.welcomeclient.com Open in urlscan Pro
54.243.161.41 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

84 kB
Transfer

326 kB
Size

2
Cookies

6 HTTP transactions
0 data transactions