web-secure-clientlogin.info

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 3 HTTP transactions. The main IP is 160.20.145.36, located in Frankfurt am Main, Germany and belongs to COMBAHTON combahton GmbH, DE. The main domain is web-secure-clientlogin.info.

This is the only time web-secure-clientlogin.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	160.20.145.36 160.20.145.36	30823 (COMBAHTON...) (COMBAHTON combahton GmbH)
1	172.67.166.105 172.67.166.105	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	3

2 160.20.145.36 (Frankfurt am Main, Germany)

ASN30823 (COMBAHTON combahton GmbH, DE)
PTR: 160.20.145.36

web-secure-clientlogin.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.166.105 (United States)

ASN13335 (CLOUDFLARENET, US)

files.killbot.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	web-secure-clientlogin.info web-secure-clientlogin.info	373 KB
1	killbot.org files.killbot.org
3	2

	Domain	Requested by
2	web-secure-clientlogin.info	web-secure-clientlogin.info
1	files.killbot.org	web-secure-clientlogin.info
3	2

This site contains links to these domains. Also see Links.

Domain
staticweb.bankofamerica.com
www.bankofamerica.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-29` - `2023-06-28`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://web-secure-clientlogin.info/bankofa/
Frame ID: 945967D3F53566EE00FB06967DA3D84D
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Log In

Page Statistics

3
Requests

33 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

373 kB
Transfer

375 kB
Size

0
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://staticweb.bankofamerica.com/cavmwebbactouch/common/index.html

Search URL Search Domain Scan URL

URL: https://www.bankofamerica.com/security-center/privacy-overview/
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.bankofamerica.com/security-center/overview/
Title: Security

Search URL Search Domain Scan URL

URL: https://www.bankofamerica.com/help/equalhousing_popup.go
Title: Equal Housing Lender

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response web-secure-clientlogin.info/bankofa/	352 KB 353 KB	283ms 58ms	Document text/html	160.20.145.36 COMBAHTON combaht...
General Check archive.org Show headers Download Go to Full URL http://web-secure-clientlogin.info/bankofa/ Protocol HTTP/1.1 Server 160.20.145.36 Frankfurt am Main, Germany, ASN30823 (COMBAHTON combahton GmbH, DE), Reverse DNS 160.20.145.36 Software Apache / Resource Hash `4b287cd6cb63c02e2257528d247a9d5967925383280116432c435ed136083d0c` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language fi-FI,fi;q=0.9 Response headers Connection Keep-Alive Content-Type text/html; charset=UTF-8 Date Wed, 21 Dec 2022 16:06:22 GMT Keep-Alive timeout=5, max=100 Server Apache Transfer-Encoding chunked
GET H2	404	killbot-security.js files.killbot.org/.cdn-cgi/	0 0	1322ms 799ms	Script text/html	172.67.166.105 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://files.killbot.org/.cdn-cgi/killbot-security.js Requested by Host: web-secure-clientlogin.info URL: http://web-secure-clientlogin.info/bankofa/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.166.105 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash Request headers accept-language fi-FI,fi;q=0.9 Referer http://web-secure-clientlogin.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers
GET DATA	200 OK	truncated /	352 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `b1f1b36d5a72970f7331a6d62472b2183611314a6535cb5f691a89c0aca8b52e` Request headers accept-language fi-FI,fi;q=0.9 Referer http://web-secure-clientlogin.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	/ web-secure-clientlogin.info/bankofa/	20 KB 20 KB	58ms 58ms	Image text/html	160.20.145.36 COMBAHTON combaht...
General Check archive.org Show headers Download Go to Show image Full URL http://web-secure-clientlogin.info/bankofa/ Requested by Host: web-secure-clientlogin.info URL: http://web-secure-clientlogin.info/bankofa/ Protocol HTTP/1.1 Server 160.20.145.36 Frankfurt am Main, Germany, ASN30823 (COMBAHTON combahton GmbH, DE), Reverse DNS 160.20.145.36 Software Apache / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language fi-FI,fi;q=0.9 Referer http://web-secure-clientlogin.info/bankofa/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Wed, 21 Dec 2022 16:06:23 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=99 Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `52184077c38ffa89369d9ac64b03c61b78305e405676310c13bc52850c0c6c73` Request headers accept-language fi-FI,fi;q=0.9 Referer http://web-secure-clientlogin.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	447 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `7e912572bf29125241eb45052d79160b049a1a8fa66eb5ce0e024924af912456` Request headers accept-language fi-FI,fi;q=0.9 Referer http://web-secure-clientlogin.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Content-Type image/png

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| savepage_ShadowLoader

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://files.killbot.org/.cdn-cgi/killbot-security.js Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

files.killbot.org
web-secure-clientlogin.info
160.20.145.36
172.67.166.105
4b287cd6cb63c02e2257528d247a9d5967925383280116432c435ed136083d0c
52184077c38ffa89369d9ac64b03c61b78305e405676310c13bc52850c0c6c73
7e912572bf29125241eb45052d79160b049a1a8fa66eb5ce0e024924af912456
b1f1b36d5a72970f7331a6d62472b2183611314a6535cb5f691a89c0aca8b52e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

web-secure-clientlogin.info Open in urlscan Pro 160.20.145.36 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

3 Requests

33 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

3 IPs

2 Countries

373 kBTransfer

375 kBSize

0 Cookies

4 Outgoing links

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

web-secure-clientlogin.info Open in urlscan Pro
160.20.145.36 Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

33 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

373 kB
Transfer

375 kB
Size

0
Cookies

3 HTTP transactions
3 data transactions