bandolitis.com Open in urlscan Pro
50.115.21.226 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://bandolitis.com/app/webroot/bankofamerica.com.lgoin.2017/signInScreen.go.html
Submission: On June 06 via automatic, source openphish (June 6th 2017, 4:16:17 pm UTC)

Summary HTTP 18 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 5 IPs in 1 countries across 3 domains to perform 18 HTTP transactions. The main IP is 50.115.21.226, located in Tampa, United States and belongs to AS-KGIX - KGIX, US. The main domain is bandolitis.com.

This is the only time bandolitis.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Bank of America (Banking)

Domain & IP information

	IP Address	AS Autonomous System
4	50.115.21.226 50.115.21.226	53861 (AS-KGIX) (AS-KGIX - KGIX)
9	171.161.198.200 171.161.198.200	10794 (BANKAMERICA) (BANKAMERICA - Bank of America)
2	171.161.198.100 171.161.198.100	10794 (BANKAMERICA) (BANKAMERICA - Bank of America)
1	74.121.133.3 74.121.133.3	46589 (COREMETRI...) (COREMETRICS-1 - IBM)
18	5

4 50.115.21.226 (Tampa, United States)

ASN53861 (AS-KGIX - KGIX, US)
PTR: caelis.sudns.com

bandolitis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 171.161.198.200 (Concord, United States)

ASN10794 (BANKAMERICA - Bank of America, US)

secure.bankofamerica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 171.161.198.100 (Concord, United States)

ASN10794 (BANKAMERICA - Bank of America, US)

www.bankofamerica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.121.133.3 (Durham, United States)

ASN46589 (COREMETRICS-1 - IBM, US)

testdata.coremetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	bankofamerica.com secure.bankofamerica.com streak.bankofamerica.com Failed pane.bankofamerica.com Failed www.bankofamerica.com	310 KB
4	bandolitis.com bandolitis.com	29 KB
1	coremetrics.com testdata.coremetrics.com	43 B
18	3

	Domain	Requested by
9	secure.bankofamerica.com	bandolitis.com secure.bankofamerica.com
4	bandolitis.com	secure.bankofamerica.com bandolitis.com
2	www.bankofamerica.com	secure.bankofamerica.com
1	testdata.coremetrics.com	bandolitis.com
0	pane.bankofamerica.com Failed	bandolitis.com
0	streak.bankofamerica.com Failed	bandolitis.com
18	6

This site contains links to these domains. Also see Links.

Domain
secure.bankofamerica.com
www.bankofamerica.com

Subject Issuer	Validity	Valid
secure.bankofamerica.com Symantec Class 3 EV SSL CA - G3	`2016-10-21` - `2017-10-22`	a year	crt.sh
www.bankofamerica.com Symantec Class 3 EV SSL CA - G3	`2016-09-08` - `2017-09-09`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://bandolitis.com/app/webroot/bankofamerica.com.lgoin.2017/signInScreen.go.html
Frame ID: 26664.1
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

18
Requests

61 %
HTTPS

0 %
IPv6

3
Domains

6
Subdomains

5
IPs

1
Countries

338 kB
Transfer

1073 kB
Size

2
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://secure.bankofamerica.com/login/languageToggle.go?request_locale=es-us
Title: En Español

Search URL Search Domain Scan URL

URL: https://www.bankofamerica.com/onlinebanking/learning-center.go
Title: Learn more about Online Banking

Search URL Search Domain Scan URL

URL: https://www.bankofamerica.com/online-banking/service-agreement.go
Title: Service Agreement

Search URL Search Domain Scan URL

URL: https://www.bankofamerica.com/privacy/
Title: Privacy & Security

Search URL Search Domain Scan URL

URL: http://www.bankofamerica.com/help/equalhousing_popup.cfm
Title: Equal Housing Lender

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request 11

http://testdata.coremetrics.com/cm?tid=6&ci=60010394&vn2=e4.0&st=1496765764428&vn1=4.2.7.1BOA&ec=utf-8&pi=OLB%3ATool%3ASiteKey%3BSign_In&cg=OLB%3ATool%3ASiteKey&rnd=1496776524061&pc=Y&jv=1.5&np0=Ch...
http://testdata.coremetrics.com/cm?tid=6&ci=60010394&vn2=e4.0&st=1496765764428&vn1=4.2.7.1BOA&ec=utf-8&pi=OLB%3ATool%3ASiteKey%3BSign_In&cg=OLB%3ATool%3ASiteKey&rnd=1496776524061&pc=Y&jv=1.5&np0=Ch...

18 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request signInScreen.go.html Show response bandolitis.com/app/webroot/bankofamerica.com.lgoin.2017/	29 KB 29 KB	559ms 161ms	Document text/html	50.115.21.226 KGIX
General Check archive.org Show headers Download Go to Full URL http://bandolitis.com/app/webroot/bankofamerica.com.lgoin.2017/signInScreen.go.html Protocol HTTP/1.1 Server 50.115.21.226 Tampa, United States, ASN53861 (AS-KGIX - KGIX, US), Reverse DNS caelis.sudns.com Software Apache / Resource Hash `108751eca43d97863bd1cdfe71ec00f020ef2ce068da786669b5d6967b5bb129` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host bandolitis.com Accept-Language en-US,en;q=0.8 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/;q=0.8 Cache-Control no-cache Connection keep-alive Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36 Response headers Date Tue, 06 Jun 2017 16:16:01 GMT Last-Modified Wed, 17 May 2017 13:12:04 GMT Server Apache Content-Type text/html Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 29311
GET H/1.1	200 OK	vipaa-v2-jawr.css secure.bankofamerica.com/pa/components/bundles/gzip-compressed/xengine/VIPAA/3.4/style/	195 KB 30 KB	1292ms 327ms	Stylesheet text/css	171.161.198.200 Bank of America
General Check archive.org Show headers Download Go to Full URL https://secure.bankofamerica.com/pa/components/bundles/gzip-compressed/xengine/VIPAA/3.4/style/vipaa-v2-jawr.css Requested by Host: bandolitis.com URL: http://bandolitis.com/app/webroot/bankofamerica.com.lgoin.2017/signInScreen.go.html Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 171.161.198.200 Concord, United States, ASN10794 (BANKAMERICA - Bank of America, US), Reverse DNS Software / Resource Hash `b43ed1d3bfd568eac3b1bc15ebe70fc423734748328bce49a9f3fb7399ce897b` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch, br Host secure.bankofamerica.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36 Accept text/css,/;q=0.1 Referer http://bandolitis.com/app/webroot/bankofamerica.com.lgoin.2017/signInScreen.go.html Connection keep-alive Cache-Control no-cache Referer http://bandolitis.com/app/webroot/bankofamerica.com.lgoin.2017/signInScreen.go.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36 Response headers Date Tue, 06 Jun 2017 16:16:03 GMT Content-Encoding gzip Last-Modified Wed, 17 May 2017 17:23:11 GMT Age 0 ETag "769f-54fbb8ae07dc0" X-BOA-RequestID TciSv6dGYiYAAlh638UAAAHp X-Serviced-By fxL70TUnz7ARxCskrhvHGg==--5RGtG0/Us76VhrHRrmEtgw== Content-Type text/css Cache-Control max-age=31536000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=497 Content-Length 30367 Expires Wed, 06 Jun 2018 16:16:03 GMT
GET H/1.1	200 OK	Cookie set vipaa-v2-jawr.js Show response secure.bankofamerica.com/pa/components/bundles/gzip-compressed/xengine/VIPAA/3.4/script/	723 KB 181 KB	1302ms 337ms	Script application/x-javascript	171.161.198.200 Bank of America
General Check archive.org Show headers Download Go to Full URL https://secure.bankofamerica.com/pa/components/bundles/gzip-compressed/xengine/VIPAA/3.4/script/vipaa-v2-jawr.js Requested by Host: bandolitis.com URL: http://bandolitis.com/app/webroot/bankofamerica.com.lgoin.2017/signInScreen.go.html Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 171.161.198.200 Concord, United States, ASN10794 (BANKAMERICA - Bank of America, US), Reverse DNS Software / Resource Hash `afcaad4eb11ebacd898a88390b66195dbe333903745adcd6187aa8d48ea991be` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch, br Host secure.bankofamerica.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36 Accept / Referer http://bandolitis.com/app/webroot/bankofamerica.com.lgoin.2017/signInScreen.go.html Connection keep-alive Cache-Control no-cache Referer http://bandolitis.com/app/webroot/bankofamerica.com.lgoin.2017/signInScreen.go.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36 Response headers Date Tue, 06 Jun 2017 16:16:03 GMT Content-Encoding gzip Last-Modified Wed, 17 May 2017 17:23:10 GMT ETag "2d5c2-54fbb8ad13b80" X-BOA-RequestID 76DTAqdGYiAABD-NsVoAAAHy X-Serviced-By BBeaUxcYdVp7nReiKTQoKg==--5RGtG0/Us76VhrHRrmEtgw== Content-Type application/x-javascript Set-Cookie TLTSID=6FC97F864AD3104AF984D65E3439FD4B; Path=/; Domain=.bankofamerica.com TLTUID=6FC97F864AD3104AF984D65E3439FD4B; Path=/; Domain=.bankofamerica.com; Expires=Tue, 06-06-2027 16:16:03 GMT SPID=F1S3;path=/;domain=.bankofamerica.com; SID=0007D87FE8005936D543;path=/;domain=.bankofamerica.com; Cache-Control max-age=31536000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=475 Content-Length 185794 Expires Wed, 06 Jun 2018 16:16:03 GMT
GET H/1.1	200 OK	bac_reg_logo_tmp_250X69.gif secure.bankofamerica.com/content/images/ContextualSiteGraphics/Logos/en_US/	4 KB 3 KB	163ms 162ms	Image image/gif	171.161.198.200 Bank of America
General Check archive.org Show headers Download Go to Show image Full URL https://secure.bankofamerica.com/content/images/ContextualSiteGraphics/Logos/en_US/bac_reg_logo_tmp_250X69.gif Requested by Host: bandolitis.com URL: http://bandolitis.com/app/webroot/bankofamerica.com.lgoin.2017/signInScreen.go.html Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 171.161.198.200 Concord, United States, ASN10794 (BANKAMERICA - Bank of America, US), Reverse DNS Software / Resource Hash `6faff1c939a50b046b98c124b959cb7cba4782252358581a19cbb06e9896afdc` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch, br Host secure.bankofamerica.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36 Accept image/webp,image/,/;q=0.8 Referer* http://bandolitis.com/app/webroot/bankofamerica.com.lgoin.2017/signInScreen.go.html Cookie TLTSID=6FC97F864AD3104AF984D65E3439FD4B; TLTUID=6FC97F864AD3104AF984D65E3439FD4B; SPID=F1S3; SID=0007D87FE8005936D543 Connection keep-alive Cache-Control no-cache Referer http://bandolitis.com/app/webroot/bankofamerica.com.lgoin.2017/signInScreen.go.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36 Response headers Date Tue, 06 Jun 2017 16:16:03 GMT Content-Encoding gzip Last-Modified Wed, 14 Oct 2015 16:09:34 GMT Age 831 ETag "e0b-52212c9cd8b80" X-BOA-RequestID uek896dGYicAApg_n24AAAIT Vary Accept-Encoding Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes X-Serviced-By 1AeFh4nx/U4n74LiXZNp9g==--5RGtG0/Us76VhrHRrmEtgw== Keep-Alive timeout=5, max=497 Content-Length 2885
GET H/1.1	200 OK	vipaa-v2-jawr-print.css secure.bankofamerica.com/pa/components/bundles/gzip-compressed/xengine/VIPAA/3.4/style/	302 B 154 B	166ms 165ms	Stylesheet text/css	171.161.198.200 Bank of America
General Check archive.org Show headers Download Go to Full URL https://secure.bankofamerica.com/pa/components/bundles/gzip-compressed/xengine/VIPAA/3.4/style/vipaa-v2-jawr-print.css Requested by Host: bandolitis.com URL: http://bandolitis.com/app/webroot/bankofamerica.com.lgoin.2017/signInScreen.go.html Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 171.161.198.200 Concord, United States, ASN10794 (BANKAMERICA - Bank of America, US), Reverse DNS Software / Resource Hash `2685d0b576e6b9b5690c3f92a7093f2a24194c410452288d97c54d19dcf30160` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch, br Host secure.bankofamerica.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36 Accept text/css,/;q=0.1 Referer http://bandolitis.com/app/webroot/bankofamerica.com.lgoin.2017/signInScreen.go.html Cookie TLTSID=6FC97F864AD3104AF984D65E3439FD4B; TLTUID=6FC97F864AD3104AF984D65E3439FD4B; SPID=F1S3; SID=0007D87FE8005936D543 Connection keep-alive Cache-Control no-cache Referer http://bandolitis.com/app/webroot/bankofamerica.com.lgoin.2017/signInScreen.go.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36 Response headers Date Tue, 06 Jun 2017 16:16:04 GMT Content-Encoding gzip Last-Modified Wed, 17 May 2017 17:23:11 GMT ETag "9a-54fbb8ae07dc0" X-BOA-RequestID 761NP6dGYh8AAVztdNcAAAAz X-Serviced-By AbCCS8uN+IbtocFfP4gHGA==--5RGtG0/Us76VhrHRrmEtgw== Content-Type text/css Cache-Control max-age=31536000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=461 Content-Length 154 Expires Wed, 06 Jun 2018 16:16:04 GMT
GET H/1.1	200 OK	cm-jawr.js Show response secure.bankofamerica.com/pa/components/bundles/gzip-compressed/xengine/VIPAA/3.4/script/	40 KB 13 KB	167ms 166ms	Script application/x-javascript	171.161.198.200 Bank of America
General Check archive.org Show headers Download Go to Full URL https://secure.bankofamerica.com/pa/components/bundles/gzip-compressed/xengine/VIPAA/3.4/script/cm-jawr.js Requested by Host: bandolitis.com URL: http://bandolitis.com/app/webroot/bankofamerica.com.lgoin.2017/signInScreen.go.html Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 171.161.198.200 Concord, United States, ASN10794 (BANKAMERICA - Bank of America, US), Reverse DNS Software / Resource Hash `998c6193823c1c20b08bb87887331457bf6b35fd3466689386bf67e234c2f239` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch, br Host secure.bankofamerica.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36 Accept / Referer http://bandolitis.com/app/webroot/bankofamerica.com.lgoin.2017/signInScreen.go.html Cookie TLTSID=6FC97F864AD3104AF984D65E3439FD4B; TLTUID=6FC97F864AD3104AF984D65E3439FD4B; SPID=F1S3; SID=0007D87FE8005936D543 Connection keep-alive Cache-Control no-cache Referer http://bandolitis.com/app/webroot/bankofamerica.com.lgoin.2017/signInScreen.go.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36 Response headers Date Tue, 06 Jun 2017 16:16:03 GMT Content-Encoding gzip Last-Modified Wed, 17 May 2017 17:23:10 GMT ETag "34b9-54fbb8ad13b80" X-BOA-RequestID 76g73adGYh8AAVztdNAAAABB X-Serviced-By AbCCS8uN+IbtocFfP4gHGA==--5RGtG0/Us76VhrHRrmEtgw== Content-Type application/x-javascript Cache-Control max-age=31536000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=487 Content-Length 13497 Expires Wed, 06 Jun 2018 16:16:03 GMT
GET H/1.1	404 Not Found	Cookie set browserDataCMS.js Show response bandolitis.com/content/browser-support/js/	240 B 240 B	961ms 961ms	XHR text/html	50.115.21.226 KGIX
General Check archive.org Show headers Download Go to Full URL http://bandolitis.com/content/browser-support/js/browserDataCMS.js Requested by Host: secure.bankofamerica.com URL: https://secure.bankofamerica.com/pa/components/bundles/gzip-compressed/xengine/VIPAA/3.4/script/vipaa-v2-jawr.js Protocol HTTP/1.1 Server 50.115.21.226 Tampa, United States, ASN53861 (AS-KGIX - KGIX, US), Reverse DNS caelis.sudns.com Software Apache / Resource Hash `3771db2a4fcde83a834a4911396e9bfb587d11b9eeff6a04e202b0862da20650` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host bandolitis.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36 Accept text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, /; q=0.01 Referer http://bandolitis.com/app/webroot/bankofamerica.com.lgoin.2017/signInScreen.go.html X-Requested-With XMLHttpRequest Connection keep-alive Cache-Control no-cache Accept text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, /; q=0.01 Referer http://bandolitis.com/app/webroot/bankofamerica.com.lgoin.2017/signInScreen.go.html X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36 Response headers Date Tue, 06 Jun 2017 16:16:03 GMT Server Apache P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Connection Keep-Alive Set-Cookie PHPSESSID=daotuum9ql5h0m7d1hce2h7791; path=/ Content-Type text/html; charset=UTF-8 Keep-Alive timeout=5, max=99 Content-Length 240
GET		I3n.js streak.bankofamerica.com/30306/	0 0

GET		a8e.js pane.bankofamerica.com/30306/	0 0

GET H/1.1	200 OK	fsd-secure-esp-sprite.png secure.bankofamerica.com/pa/components/modules/header-module/2.8/graphic/	473 B 473 B	168ms 168ms	Image image/png	171.161.198.200 Bank of America
General Check archive.org Show headers Download Go to Show image Full URL https://secure.bankofamerica.com/pa/components/modules/header-module/2.8/graphic/fsd-secure-esp-sprite.png Requested by Host: bandolitis.com URL: http://bandolitis.com/app/webroot/bankofamerica.com.lgoin.2017/signInScreen.go.html Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 171.161.198.200 Concord, United States, ASN10794 (BANKAMERICA - Bank of America, US), Reverse DNS Software / Resource Hash `8c37fb372596058d87dd9208541c49b020d0e840e4f3a5baa27d39be2dc70b01` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch, br Host secure.bankofamerica.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36 Accept image/webp,image/,/;q=0.8 Referer* https://secure.bankofamerica.com/pa/components/bundles/gzip-compressed/xengine/VIPAA/3.4/style/vipaa-v2-jawr.css Cookie TLTSID=6FC97F864AD3104AF984D65E3439FD4B; TLTUID=6FC97F864AD3104AF984D65E3439FD4B; SPID=F1S3; SID=0007D87FE8005936D543 Connection keep-alive Cache-Control no-cache Referer https://secure.bankofamerica.com/pa/components/bundles/gzip-compressed/xengine/VIPAA/3.4/style/vipaa-v2-jawr.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36 Response headers Date Tue, 06 Jun 2017 16:16:04 GMT Last-Modified Wed, 17 May 2017 17:29:25 GMT Age 734 ETag "1d9-54fbba12b4740" X-BOA-RequestID CUcsH6dGYiYAAlh5OOoAAAE5 X-Serviced-By fxL70TUnz7ARxCskrhvHGg==--5RGtG0/Us76VhrHRrmEtgw== Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=500 Content-Length 473
GET H/1.1	200 OK	sign-in-sprite.png secure.bankofamerica.com/pa/global-assets/1.0/graphic/	3 KB 3 KB	163ms 162ms	Image image/png	171.161.198.200 Bank of America
General Check archive.org Show headers Download Go to Show image Full URL https://secure.bankofamerica.com/pa/global-assets/1.0/graphic/sign-in-sprite.png Requested by Host: bandolitis.com URL: http://bandolitis.com/app/webroot/bankofamerica.com.lgoin.2017/signInScreen.go.html Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 171.161.198.200 Concord, United States, ASN10794 (BANKAMERICA - Bank of America, US), Reverse DNS Software / Resource Hash `2a1b1589e316d02ab75481e7aa88c9975afd2e87f17982fb6d38b6ebe2425a4c` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch, br Host secure.bankofamerica.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36 Accept image/webp,image/,/;q=0.8 Referer* https://secure.bankofamerica.com/pa/components/bundles/gzip-compressed/xengine/VIPAA/3.4/style/vipaa-v2-jawr.css Cookie TLTSID=6FC97F864AD3104AF984D65E3439FD4B; TLTUID=6FC97F864AD3104AF984D65E3439FD4B; SPID=F1S3; SID=0007D87FE8005936D543 Connection keep-alive Cache-Control no-cache Referer https://secure.bankofamerica.com/pa/components/bundles/gzip-compressed/xengine/VIPAA/3.4/style/vipaa-v2-jawr.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36 Response headers Date Tue, 06 Jun 2017 16:16:04 GMT Content-Encoding gzip Last-Modified Wed, 17 May 2017 17:30:37 GMT Age 536 ETag "c2f-54fbba575e940" X-BOA-RequestID pNkha6dGYiAAAs4meDQAAAC4 Vary Accept-Encoding Content-Type image/png Cache-Control max-age=31536000 Connection Keep-Alive Accept-Ranges bytes X-Serviced-By BBeaUxcYdVp7nReiKTQoKg==--5RGtG0/Us76VhrHRrmEtgw== Keep-Alive timeout=5, max=498 Content-Length 3142 Expires Wed, 06 Jun 2018 16:07:08 GMT
GET H/1.1	200 OK	tc_logging.js Show response www.bankofamerica.com/pa/global-assets/external/tc/	31 KB 31 KB	1420ms 350ms	Script application/x-javascript	171.161.198.100 Bank of America
General Check archive.org Show headers Download Go to Full URL https://www.bankofamerica.com/pa/global-assets/external/tc/tc_logging.js? Requested by Host: secure.bankofamerica.com URL: https://secure.bankofamerica.com/pa/components/bundles/gzip-compressed/xengine/VIPAA/3.4/script/cm-jawr.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 171.161.198.100 Concord, United States, ASN10794 (BANKAMERICA - Bank of America, US), Reverse DNS Software / Resource Hash `6311e3641052ab97ed4e703f0f624c62b7d62c7e1c66fe0423c34706975c3d25` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch, br Host www.bankofamerica.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Accept / Referer http://bandolitis.com/app/webroot/bankofamerica.com.lgoin.2017/signInScreen.go.html Cookie TLTSID=6FC97F864AD3104AF984D65E3439FD4B; TLTUID=6FC97F864AD3104AF984D65E3439FD4B; SPID=F1S3; SID=0007D87FE8005936D543 Connection keep-alive Cache-Control no-cache Referer http://bandolitis.com/app/webroot/bankofamerica.com.lgoin.2017/signInScreen.go.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Date Tue, 06 Jun 2017 16:16:05 GMT Last-Modified Wed, 17 May 2017 17:31:07 GMT Age 187 ETag "7ba9-54fbba73facc0" X-BOA-RequestID 7MhDhqdGYiQAACVg1tcAAAJK X-Serviced-By /pa/global-assets/external/tc/tc_logging.js--3PNCa8r6nwtYmmc+5G7lsw==--wEYZyjTjLdLn6x5W6Uq7fQ== Content-Type application/x-javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=499 Content-Length 31657
GET H/1.1	200 OK	Cookie set cm testdata.coremetrics.com/ Redirect Chain http://testdata.coremetrics.com/cm?tid=6&ci=60010394&vn2=e4.0&st=1496765764428&vn1=4.2.7.1BOA&ec=utf-8&pi=OLB%3ATool%3ASiteKey%3BSign_In&cg=OLB%3ATool%3ASiteKey&rnd=1496776524061&pc=Y&jv=1.5&np0=Ch... http://testdata.coremetrics.com/cm?tid=6&ci=60010394&vn2=e4.0&st=1496765764428&vn1=4.2.7.1BOA&ec=utf-8&pi=OLB%3ATool%3ASiteKey%3BSign_In&cg=OLB%3ATool%3ASiteKey&rnd=1496776524061&pc=Y&jv=1.5&np0=Ch...	43 B 43 B	174ms 174ms	Image image/gif	74.121.133.3 IBM
General Check archive.org Show headers Download Go to Show image Full URL http://testdata.coremetrics.com/cm?tid=6&ci=60010394&vn2=e4.0&st=1496765764428&vn1=4.2.7.1BOA&ec=utf-8&pi=OLB%3ATool%3ASiteKey%3BSign_In&cg=OLB%3ATool%3ASiteKey&rnd=1496776524061&pc=Y&jv=1.5&np0=Chrome%2520PDF%2520Viewer&np1=Shockwave%2520Flash&np2=Widevine%2520Content%2520Decryption%2520Module&np3=Native%2520Client&np4=Chrome%2520PDF%2520Viewer&je=n&sw=1600&sh=1200&pd=24&tz=0&ul=http%3A//bandolitis.com/app/webroot/bankofamerica.com.lgoin.2017/signInScreen.go.html&cvdone=p Requested by Host: bandolitis.com URL: http://bandolitis.com/app/webroot/bankofamerica.com.lgoin.2017/signInScreen.go.html Protocol HTTP/1.1 Server 74.121.133.3 Durham, United States, ASN46589 (COREMETRICS-1 - IBM, US), Reverse DNS Software Apache / Resource Hash `e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host testdata.coremetrics.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36 Accept image/webp,image/,/;q=0.8 Referer* http://bandolitis.com/app/webroot/bankofamerica.com.lgoin.2017/signInScreen.go.html Cookie CoreID6=30061496765766135971287; TestSess3=30061496765766135971287 Connection keep-alive Cache-Control no-cache Referer http://bandolitis.com/app/webroot/bankofamerica.com.lgoin.2017/signInScreen.go.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36 Response headers Pragma no-cache Date Tue, 06 Jun 2017 16:16:06 GMT Server Apache P3P CP="NON DSP COR CUR ADMo DEVo PSAo PSDo OUR IND ONL UNI PUR COM NAV INT DEM STA" Set-Cookie 60010394_login=1496765766285514024460010394; path=/ 60010394_reset=1496765766;path=/ Cache-Control no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, pre-check=0, post-check=0, private Connection Keep-Alive Content-Type image/gif Keep-Alive timeout=300, max=56 Content-Length 43 Expires Mon, 05 Jun 2017 16:16:06 GMT Redirect headers Date Tue, 06 Jun 2017 16:16:06 GMT Server Apache P3P CP="NON DSP COR CUR ADMo DEVo PSAo PSDo OUR IND ONL UNI PUR COM NAV INT DEM STA" Location /cm?tid=6&ci=60010394&vn2=e4.0&st=1496765764428&vn1=4.2.7.1BOA&ec=utf-8&pi=OLB%3ATool%3ASiteKey%3BSign_In&cg=OLB%3ATool%3ASiteKey&rnd=1496776524061&pc=Y&jv=1.5&np0=Chrome%2520PDF%2520Viewer&np1=Shockwave%2520Flash&np2=Widevine%2520Content%2520Decryption%2520Module&np3=Native%2520Client&np4=Chrome%2520PDF%2520Viewer&je=n&sw=1600&sh=1200&pd=24&tz=0&ul=http%3A//bandolitis.com/app/webroot/bankofamerica.com.lgoin.2017/signInScreen.go.html&cvdone=p Connection Keep-Alive Set-Cookie CoreID6=30061496765766135971287; path=/; expires=Sat, 05 Jun 2032 16:16:06 GMT TestSess3=30061496765766135971287;path=/ Keep-Alive timeout=300, max=58 Content-Length 0
GET H/1.1	200 OK	gfootb-static-sprite.png secure.bankofamerica.com/pa/components/modules/global-footer-module/2.5/graphic/	48 KB 48 KB	184ms 183ms	Image image/png	171.161.198.200 Bank of America
General Check archive.org Show headers Download Go to Show image Full URL https://secure.bankofamerica.com/pa/components/modules/global-footer-module/2.5/graphic/gfootb-static-sprite.png Requested by Host: secure.bankofamerica.com URL: https://secure.bankofamerica.com/pa/components/bundles/gzip-compressed/xengine/VIPAA/3.4/script/vipaa-v2-jawr.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 171.161.198.200 Concord, United States, ASN10794 (BANKAMERICA - Bank of America, US), Reverse DNS Software / Resource Hash `ca3205c6a4eecfd67ad990b62b10e19f601230a2a5b2791676089e82836763f4` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch, br Host secure.bankofamerica.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36 Accept image/webp,image/,/;q=0.8 Referer* https://secure.bankofamerica.com/pa/components/bundles/gzip-compressed/xengine/VIPAA/3.4/style/vipaa-v2-jawr.css Cookie TLTSID=6FC97F864AD3104AF984D65E3439FD4B; TLTUID=6FC97F864AD3104AF984D65E3439FD4B; SPID=F1S3; SID=0007D87FE8005936D543 Connection keep-alive Cache-Control no-cache Referer https://secure.bankofamerica.com/pa/components/bundles/gzip-compressed/xengine/VIPAA/3.4/style/vipaa-v2-jawr.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36 Response headers Date Tue, 06 Jun 2017 16:16:06 GMT Last-Modified Wed, 17 May 2017 17:29:20 GMT Age 861 ETag "be1b-54fbba0defc00" X-BOA-RequestID epZvPadGYg8AAjx6W04AAAIh X-Serviced-By qToJlbLJSmhuSj/ya/3AXQ==--5RGtG0/Us76VhrHRrmEtgw== Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=495 Content-Length 48667
GET H/1.1	200 OK	gfoot-home-icon.png secure.bankofamerica.com/pa/components/modules/global-footer-module/2.5/graphic/	144 B 144 B	163ms 163ms	Image image/png	171.161.198.200 Bank of America
General Check archive.org Show headers Download Go to Show image Full URL https://secure.bankofamerica.com/pa/components/modules/global-footer-module/2.5/graphic/gfoot-home-icon.png Requested by Host: secure.bankofamerica.com URL: https://secure.bankofamerica.com/pa/components/bundles/gzip-compressed/xengine/VIPAA/3.4/script/vipaa-v2-jawr.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 171.161.198.200 Concord, United States, ASN10794 (BANKAMERICA - Bank of America, US), Reverse DNS Software / Resource Hash `a8bc6337547a246ef75d1ae66d7ec8a0ed6171c1ba49804a403124e27c8e8452` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch, br Host secure.bankofamerica.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36 Accept image/webp,image/,/;q=0.8 Referer* https://secure.bankofamerica.com/pa/components/bundles/gzip-compressed/xengine/VIPAA/3.4/style/vipaa-v2-jawr.css Cookie TLTSID=6FC97F864AD3104AF984D65E3439FD4B; TLTUID=6FC97F864AD3104AF984D65E3439FD4B; SPID=F1S3; SID=0007D87FE8005936D543 Connection keep-alive Cache-Control no-cache Referer https://secure.bankofamerica.com/pa/components/bundles/gzip-compressed/xengine/VIPAA/3.4/style/vipaa-v2-jawr.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36 Response headers Date Tue, 06 Jun 2017 16:16:06 GMT Last-Modified Wed, 17 May 2017 17:29:20 GMT Age 828 ETag "90-54fbba0defc00" X-BOA-RequestID 6cHzhadGYigAAaDuAuIAAAJa X-Serviced-By nxWSH+LjCWfDegz19D+GVA==--5RGtG0/Us76VhrHRrmEtgw== Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=499 Content-Length 144
GET H/1.1	404 Not Found	cnx-regular.woff bandolitis.com/pa/global-assets/1.0/font/cnx-regular/	0 0	449ms 448ms	Font text/html	50.115.21.226 KGIX
General Check archive.org Show headers Download Go to Full URL http://bandolitis.com/pa/global-assets/1.0/font/cnx-regular/cnx-regular.woff Requested by Host: secure.bankofamerica.com URL: https://secure.bankofamerica.com/pa/components/bundles/gzip-compressed/xengine/VIPAA/3.4/script/vipaa-v2-jawr.js Protocol HTTP/1.1 Server 50.115.21.226 Tampa, United States, ASN53861 (AS-KGIX - KGIX, US), Reverse DNS caelis.sudns.com Software Apache / Resource Hash Request headers Pragma no-cache Origin http://bandolitis.com Accept-Encoding gzip, deflate, sdch Host bandolitis.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36 Accept / Referer http://bandolitis.com/app/webroot/bankofamerica.com.lgoin.2017/signInScreen.go.html Cookie PHPSESSID=daotuum9ql5h0m7d1hce2h7791; mbox=check#true#1496765827\|session#1496765766032-333254#1496767627 Connection keep-alive Cache-Control no-cache User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36 Referer http://bandolitis.com/app/webroot/bankofamerica.com.lgoin.2017/signInScreen.go.html Origin http://bandolitis.com Response headers Date Tue, 06 Jun 2017 16:16:05 GMT Server Apache Connection Keep-Alive P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Keep-Alive timeout=5, max=98 Content-Length 11307 Content-Type text/html; charset=UTF-8
GET H/1.1	404 Not Found	cnx-regular.ttf bandolitis.com/pa/global-assets/1.0/font/cnx-regular/	0 0	442ms 442ms	Font text/html	50.115.21.226 KGIX
General Check archive.org Show headers Download Go to Full URL http://bandolitis.com/pa/global-assets/1.0/font/cnx-regular/cnx-regular.ttf Requested by Host: bandolitis.com URL: http://bandolitis.com/app/webroot/bankofamerica.com.lgoin.2017/signInScreen.go.html Protocol HTTP/1.1 Server 50.115.21.226 Tampa, United States, ASN53861 (AS-KGIX - KGIX, US), Reverse DNS caelis.sudns.com Software Apache / Resource Hash Request headers Pragma no-cache Origin http://bandolitis.com Accept-Encoding gzip, deflate, sdch Host bandolitis.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36 Accept / Referer http://bandolitis.com/app/webroot/bankofamerica.com.lgoin.2017/signInScreen.go.html Cookie PHPSESSID=daotuum9ql5h0m7d1hce2h7791; mbox=check#true#1496765827\|session#1496765766032-333254#1496767627 Connection keep-alive Cache-Control no-cache User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36 Referer http://bandolitis.com/app/webroot/bankofamerica.com.lgoin.2017/signInScreen.go.html Origin http://bandolitis.com Response headers Date Tue, 06 Jun 2017 16:16:05 GMT Server Apache Connection Keep-Alive P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Keep-Alive timeout=5, max=97 Content-Length 11305 Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	favicon.ico www.bankofamerica.com/pa/global-assets/1.0/graphic/	318 B 182 B	175ms 175ms	Other image/x-icon	171.161.198.100 Bank of America
General Check archive.org Show headers Download Go to Full URL https://www.bankofamerica.com/pa/global-assets/1.0/graphic/favicon.ico?ts=20151018 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 171.161.198.100 Concord, United States, ASN10794 (BANKAMERICA - Bank of America, US), Reverse DNS Software / Resource Hash `97ac0743dec6f7dc9326192d642ae23bfbd0afc3601cc192462c6eb6f5ec1224` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch, br Host www.bankofamerica.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36 Accept image/webp,image/,/;q=0.8 Referer* http://bandolitis.com/app/webroot/bankofamerica.com.lgoin.2017/signInScreen.go.html Cookie TLTSID=6FC97F864AD3104AF984D65E3439FD4B; TLTUID=6FC97F864AD3104AF984D65E3439FD4B; SPID=F1S3; SID=0007D87FE8005936D543 Connection keep-alive Cache-Control no-cache Referer http://bandolitis.com/app/webroot/bankofamerica.com.lgoin.2017/signInScreen.go.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36 Response headers Date Tue, 06 Jun 2017 16:16:07 GMT Content-Encoding gzip Last-Modified Wed, 17 May 2017 17:30:36 GMT Age 477 ETag "13e-54fbba566a700" X-BOA-RequestID Eic7vKdGYhwAAAqInksAAAHQ Vary Accept-Encoding Content-Type image/x-icon Cache-Control max-age=31536000 Connection Keep-Alive Accept-Ranges bytes X-Serviced-By /pa/global-assets/1.0/graphic/favicon.ico--4396CTwpcrjQmU4mAyypbg==--wEYZyjTjLdLn6x5W6Uq7fQ== Keep-Alive timeout=5, max=500 Content-Length 182 Expires Wed, 06 Jun 2018 16:08:10 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: streak.bankofamerica.com
URL: http://streak.bankofamerica.com/30306/I3n.js

Domain: pane.bankofamerica.com
URL: http://pane.bankofamerica.com/30306/a8e.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Bank of America (Banking)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.bandolitis.com/	2017-06-06 16:47:07	Name: mbox Value: check#true#1496765827\|session#1496765766032-333254#1496767627
			bandolitis.com/	1970-01-01 00:00:00	Name: PHPSESSID Value: daotuum9ql5h0m7d1hce2h7791

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bandolitis.com
pane.bankofamerica.com
secure.bankofamerica.com
streak.bankofamerica.com
testdata.coremetrics.com
www.bankofamerica.com
pane.bankofamerica.com
streak.bankofamerica.com
171.161.198.100
171.161.198.200
50.115.21.226
74.121.133.3
108751eca43d97863bd1cdfe71ec00f020ef2ce068da786669b5d6967b5bb129
2685d0b576e6b9b5690c3f92a7093f2a24194c410452288d97c54d19dcf30160
2a1b1589e316d02ab75481e7aa88c9975afd2e87f17982fb6d38b6ebe2425a4c
3771db2a4fcde83a834a4911396e9bfb587d11b9eeff6a04e202b0862da20650
6311e3641052ab97ed4e703f0f624c62b7d62c7e1c66fe0423c34706975c3d25
6faff1c939a50b046b98c124b959cb7cba4782252358581a19cbb06e9896afdc
8c37fb372596058d87dd9208541c49b020d0e840e4f3a5baa27d39be2dc70b01
97ac0743dec6f7dc9326192d642ae23bfbd0afc3601cc192462c6eb6f5ec1224
998c6193823c1c20b08bb87887331457bf6b35fd3466689386bf67e234c2f239
a8bc6337547a246ef75d1ae66d7ec8a0ed6171c1ba49804a403124e27c8e8452
afcaad4eb11ebacd898a88390b66195dbe333903745adcd6187aa8d48ea991be
b43ed1d3bfd568eac3b1bc15ebe70fc423734748328bce49a9f3fb7399ce897b
ca3205c6a4eecfd67ad990b62b10e19f601230a2a5b2791676089e82836763f4
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

bandolitis.com Open in urlscan Pro 50.115.21.226 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

18 Requests

61 %HTTPS

0 %IPv6

3 Domains

6 Subdomains

5 IPs

1 Countries

338 kBTransfer

1073 kBSize

2 Cookies

5 Outgoing links

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

2 Cookies

Indicators

bandolitis.com Open in urlscan Pro
50.115.21.226 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

61 %
HTTPS

0 %
IPv6

3
Domains

6
Subdomains

5
IPs

1
Countries

338 kB
Transfer

1073 kB
Size

2
Cookies

18 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!