calculodeestructuras.cl
Open in
urlscan Pro
190.105.239.73
Malicious Activity!
Public Scan
Submission: On September 27 via api from CA
Summary
This is the only time calculodeestructuras.cl was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Bank of America (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 190.105.239.73 190.105.239.73 | 52270 (X-Host SRL) (X-Host SRL) | |
8 | 171.161.203.200 171.161.203.200 | 10794 (BANKAMERICA) (BANKAMERICA - Bank of America) | |
1 | 66.117.29.3 66.117.29.3 | 15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.) | |
11 | 3 |
ASN52270 (X-Host SRL, AR)
PTR: servercl07.outservers.net
calculodeestructuras.cl |
ASN10794 (BANKAMERICA - Bank of America, US)
secure.bankofamerica.com |
ASN15224 (OMNITURE - Adobe Systems Inc., US)
bankofamerica.tt.omtrdc.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
bankofamerica.com
secure.bankofamerica.com |
327 KB |
2 |
calculodeestructuras.cl
calculodeestructuras.cl |
92 KB |
1 |
omtrdc.net
bankofamerica.tt.omtrdc.net |
1000 B |
11 | 3 |
Domain | Requested by | |
---|---|---|
8 | secure.bankofamerica.com |
calculodeestructuras.cl
secure.bankofamerica.com |
2 | calculodeestructuras.cl |
secure.bankofamerica.com
|
1 | bankofamerica.tt.omtrdc.net |
secure.bankofamerica.com
|
11 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.bankofamerica.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
secure.bankofamerica.com Symantec Class 3 EV SSL CA - G3 |
2017-08-07 - 2018-10-22 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://calculodeestructuras.cl/test/Clean%20_%20Base64/Clean%20_bankofamerica07fulleditions-dl/
Frame ID: 17616.1
Requests: 11 HTTP requests in this frame
2 Outgoing links
These are links going to different origins than the main page.
Title: Privacy & Security
Search URL Search Domain Scan URL
Title: Equal Housing Lender
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
/
calculodeestructuras.cl/test/Clean%20_%20Base64/Clean%20_bankofamerica07fulleditions-dl/ |
9 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vipaa-v2-jawr.css
secure.bankofamerica.com/pa/components/bundles/gzip-compressed/xengine/VIPAA/4.4.1/style/ |
220 KB 34 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vipaa-v2-jawr.js
secure.bankofamerica.com/pa/components/bundles/gzip-compressed/xengine/VIPAA/4.4.1/script/ |
904 KB 236 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bac_reg_logo_tmp_250X69.gif
secure.bankofamerica.com/content/images/ContextualSiteGraphics/Logos/en_US/ |
4 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
json
bankofamerica.tt.omtrdc.net/m2/bankofamerica/mbox/ |
2 KB 1000 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fsd-secure-esp-sprite.png
secure.bankofamerica.com/pa/components/modules/header-module/2.8/graphic/ |
473 B 473 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cnx-regular.woff
calculodeestructuras.cl/test/Clean%20_%20Base64/Clean%20_bankofamerica07fulleditions-dl/Include/Font/ |
82 KB 82 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
help-qm-fsd.png
secure.bankofamerica.com/pa/global-assets/1.0/graphic/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sign-in-sprite.png
secure.bankofamerica.com/pa/global-assets/1.0/graphic/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gfootb-static-sprite.png
secure.bankofamerica.com/pa/components/modules/global-footer-module/2.5/graphic/ |
48 KB 48 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gfoot-home-icon.png
secure.bankofamerica.com/pa/components/modules/global-footer-module/2.5/graphic/ |
144 B 144 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Bank of America (Banking)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
calculodeestructuras.cl/ | Name: mbox Value: session#c714f303fb3148848b2bdcd15517ab08#1506492131|PC#c714f303fb3148848b2bdcd15517ab08.26_17#1569735071 |
|
calculodeestructuras.cl/ | Name: PHPSESSID Value: mpnb1o1r8n48ge5pn6u5a9mgu3 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bankofamerica.tt.omtrdc.net
calculodeestructuras.cl
secure.bankofamerica.com
171.161.203.200
190.105.239.73
66.117.29.3
1172386e1cd9f7fd9d7646df035d93473bbbf19e1b325fc54d9c2aa76e5a7a80
2a1b1589e316d02ab75481e7aa88c9975afd2e87f17982fb6d38b6ebe2425a4c
355e78a384ccb1dcee77a4faef5c41fc256ac5e9e925a2ec00008ba64175c24f
356f6a4b970db38271eda4bfed6ede51d779fc620d26dbeea83c2f7155e85253
3f7e3f9cb36f8e47819402a386240b8531c334afbb0df6857df1fb28f6e2b5ec
6faff1c939a50b046b98c124b959cb7cba4782252358581a19cbb06e9896afdc
8c37fb372596058d87dd9208541c49b020d0e840e4f3a5baa27d39be2dc70b01
a8bc6337547a246ef75d1ae66d7ec8a0ed6171c1ba49804a403124e27c8e8452
ca3205c6a4eecfd67ad990b62b10e19f601230a2a5b2791676089e82836763f4
de32bf4a937833b31c39054bca8c41822e4fc471ae6fd9f158ed2713c11624c2
e1ac56ae25629e508f729b799d563d71920902a4cb26cf3bb602beb3e368775e