agp-internet.com Open in urlscan Pro
8.21.33.9  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request verification.php Show response agp-internet.com/gop/of/	33 KB 33 KB	619ms 153ms	Document text/html	8.21.33.9 NET-SECURENET-MTL
General Check archive.org Show headers Download Go to Full URL https://agp-internet.com/gop/of/verification.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 8.21.33.9 , United States, ASN14112 (NET-SECURENET-MTL, CA), Reverse DNS cp1.crosswinds.net Software Apache / Resource Hash ac21ffa8d852cc4b561cf19c6cd982b73e74755be2e4f0dc89e03061354191b2 Request headers Host agp-internet.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 12 Aug 2021 11:09:20 GMT Server Apache Keep-Alive timeout=5, max=100 Connection Keep-Alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	client.css estatements.midlandstatesbank.com/styles/	5 KB 2 KB	623ms 205ms	Stylesheet text/css	12.189.22.64 INFOIMAGE
General Check archive.org Show headers Download Go to Full URL https://estatements.midlandstatesbank.com/styles/client.css Requested by Host: agp-internet.com URL: https://agp-internet.com/gop/of/verification.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 12.189.22.64 , United States, ASN36838 (INFOIMAGE, US), Reverse DNS Software Apache/2.4.29 (Ubuntu) / Resource Hash 12b7eecb79b7fb5ebd3bceefcf678f62d83620900dfc2d56d388425979752ee0 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://agp-internet.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 12 Aug 2021 11:07:30 GMT Content-Encoding gzip Last-Modified Tue, 29 Sep 2020 20:20:32 GMT Server Apache/2.4.29 (Ubuntu) ETag W/"5441-1601410832000-gzip" Vary Accept-Encoding Strict-Transport-Security max-age=15768000 Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 1412
GET H/1.1	200 OK	boxmenu.css estatements.midlandstatesbank.com/styles/	2 KB 796 B	656ms 227ms	Stylesheet text/css	12.189.22.64 INFOIMAGE
General Check archive.org Show headers Download Go to Full URL https://estatements.midlandstatesbank.com/styles/boxmenu.css Requested by Host: agp-internet.com URL: https://agp-internet.com/gop/of/verification.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 12.189.22.64 , United States, ASN36838 (INFOIMAGE, US), Reverse DNS Software Apache/2.4.29 (Ubuntu) / Resource Hash 267f1179716d40d02c10f141eda6d071de12426648539504304149eb3cfcbf91 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://agp-internet.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 12 Aug 2021 11:07:30 GMT Content-Encoding gzip Last-Modified Tue, 29 Sep 2020 20:20:32 GMT Server Apache/2.4.29 (Ubuntu) ETag W/"1785-1601410832000-gzip" Vary Accept-Encoding Strict-Transport-Security max-age=15768000 Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 412
GET H/1.1	200 OK	forms.css estatements.midlandstatesbank.com/styles/	5 KB 1 KB	658ms 228ms	Stylesheet text/css	12.189.22.64 INFOIMAGE
General Check archive.org Show headers Download Go to Full URL https://estatements.midlandstatesbank.com/styles/forms.css Requested by Host: agp-internet.com URL: https://agp-internet.com/gop/of/verification.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 12.189.22.64 , United States, ASN36838 (INFOIMAGE, US), Reverse DNS Software Apache/2.4.29 (Ubuntu) / Resource Hash d8303e7cc49516c09bc145b23ecc0deea5a804a3b6b3e44294755b5e66d6548a Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://agp-internet.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 12 Aug 2021 11:07:30 GMT Content-Encoding gzip Last-Modified Tue, 29 Sep 2020 20:20:32 GMT Server Apache/2.4.29 (Ubuntu) ETag W/"5049-1601410832000-gzip" Vary Accept-Encoding Strict-Transport-Security max-age=15768000 Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 952
GET H/1.1	200 OK	jquery-ui-1.8.9.custom.css estatements.midlandstatesbank.com/styles/jqueryui/themes/ui-lightness/	33 KB 6 KB	664ms 232ms	Stylesheet text/css	12.189.22.64 INFOIMAGE
General Check archive.org Show headers Download Go to Full URL https://estatements.midlandstatesbank.com/styles/jqueryui/themes/ui-lightness/jquery-ui-1.8.9.custom.css Requested by Host: agp-internet.com URL: https://agp-internet.com/gop/of/verification.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 12.189.22.64 , United States, ASN36838 (INFOIMAGE, US), Reverse DNS Software Apache/2.4.29 (Ubuntu) / Resource Hash 5cbf24ab2fbc25fbd01655d1573308da43a0395cebce19dc827a021ba1046b33 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://agp-internet.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 12 Aug 2021 11:07:30 GMT Content-Encoding gzip Last-Modified Tue, 29 Sep 2020 20:20:32 GMT Server Apache/2.4.29 (Ubuntu) ETag W/"34133-1601410832000-gzip" Vary Accept-Encoding Strict-Transport-Security max-age=15768000 Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 6196
GET H/1.1	200 OK	validationEngine.jquery.css estatements.midlandstatesbank.com/styles/	3 KB 1 KB	675ms 238ms	Stylesheet text/css	12.189.22.64 INFOIMAGE
General Check archive.org Show headers Download Go to Full URL https://estatements.midlandstatesbank.com/styles/validationEngine.jquery.css Requested by Host: agp-internet.com URL: https://agp-internet.com/gop/of/verification.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 12.189.22.64 , United States, ASN36838 (INFOIMAGE, US), Reverse DNS Software Apache/2.4.29 (Ubuntu) / Resource Hash c789aeb8a731d6ede52aaf6acb668e81497f2c70ec620732ce919282faef2840 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://agp-internet.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 12 Aug 2021 11:07:30 GMT Content-Encoding gzip Last-Modified Tue, 29 Sep 2020 20:20:32 GMT Server Apache/2.4.29 (Ubuntu) ETag W/"2606-1601410832000-gzip" Vary Accept-Encoding Strict-Transport-Security max-age=15768000 Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 728
GET H/1.1	200 OK	validation.js Show response estatements.midlandstatesbank.com/javascript/	1 KB 884 B	714ms 262ms	Script application/javascript	12.189.22.64 INFOIMAGE
General Check archive.org Show headers Download Go to Full URL https://estatements.midlandstatesbank.com/javascript/validation.js Requested by Host: agp-internet.com URL: https://agp-internet.com/gop/of/verification.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 12.189.22.64 , United States, ASN36838 (INFOIMAGE, US), Reverse DNS Software Apache/2.4.29 (Ubuntu) / Resource Hash 52b0ed391bfebb9288b920480ed8eb5ec773e87eb61f21246dca3165a48e5656 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://agp-internet.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 12 Aug 2021 11:07:30 GMT Content-Encoding gzip Last-Modified Tue, 29 Sep 2020 20:20:32 GMT Server Apache/2.4.29 (Ubuntu) ETag W/"1365-1601410832000-gzip" Vary Accept-Encoding Strict-Transport-Security max-age=15768000 Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 486
GET H/1.1	200 OK	jquery-1.4.4.min.js Show response estatements.midlandstatesbank.com/javascript/jquery/	77 KB 27 KB	856ms 233ms	Script application/javascript	12.189.22.64 INFOIMAGE
General Check archive.org Show headers Download Go to Full URL https://estatements.midlandstatesbank.com/javascript/jquery/jquery-1.4.4.min.js Requested by Host: agp-internet.com URL: https://agp-internet.com/gop/of/verification.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 12.189.22.64 , United States, ASN36838 (INFOIMAGE, US), Reverse DNS Software Apache/2.4.29 (Ubuntu) / Resource Hash 517364f2d45162fb5037437b5b6cb953d00d9b2b3b79ba87d9fe57ea6ee6070c Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://agp-internet.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 12 Aug 2021 11:07:31 GMT Content-Encoding gzip Last-Modified Tue, 29 Sep 2020 20:20:32 GMT Server Apache/2.4.29 (Ubuntu) ETag W/"78601-1601410832000-gzip" Vary Accept-Encoding Strict-Transport-Security max-age=15768000 Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 27073
GET H/1.1	200 OK	jquery-ui-1.8.9.custom.min.js Show response estatements.midlandstatesbank.com/javascript/jquery/	202 KB 51 KB	900ms 244ms	Script application/javascript	12.189.22.64 INFOIMAGE
General Check archive.org Show headers Download Go to Full URL https://estatements.midlandstatesbank.com/javascript/jquery/jquery-ui-1.8.9.custom.min.js Requested by Host: agp-internet.com URL: https://agp-internet.com/gop/of/verification.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 12.189.22.64 , United States, ASN36838 (INFOIMAGE, US), Reverse DNS Software Apache/2.4.29 (Ubuntu) / Resource Hash 14a07d25823f4119e1f55c6ef5a0696f98861baf113aef76519aad93f01a32c5 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://agp-internet.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 12 Aug 2021 11:07:31 GMT Content-Encoding gzip Last-Modified Tue, 29 Sep 2020 20:20:32 GMT Server Apache/2.4.29 (Ubuntu) ETag W/"207146-1601410832000-gzip" Vary Accept-Encoding Strict-Transport-Security max-age=15768000 Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 51785
GET H/1.1	200 OK	jquery.validationEngine.js Show response estatements.midlandstatesbank.com/javascript/jquery/	26 KB 7 KB	893ms 236ms	Script application/javascript	12.189.22.64 INFOIMAGE
General Check archive.org Show headers Download Go to Full URL https://estatements.midlandstatesbank.com/javascript/jquery/jquery.validationEngine.js Requested by Host: agp-internet.com URL: https://agp-internet.com/gop/of/verification.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 12.189.22.64 , United States, ASN36838 (INFOIMAGE, US), Reverse DNS Software Apache/2.4.29 (Ubuntu) / Resource Hash 7a299721e644822017dc072948c1648965d727b1ce54c8ba86518e3fd0744c62 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://agp-internet.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 12 Aug 2021 11:07:31 GMT Content-Encoding gzip Last-Modified Tue, 29 Sep 2020 20:20:32 GMT Server Apache/2.4.29 (Ubuntu) ETag W/"26723-1601410832000-gzip" Vary Accept-Encoding Strict-Transport-Security max-age=15768000 Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 6472
GET H/1.1	200 OK	jquery.validationEngine-en.js Show response estatements.midlandstatesbank.com/javascript/jquery/	2 KB 1 KB	895ms 231ms	Script application/javascript	12.189.22.64 INFOIMAGE
General Check archive.org Show headers Download Go to Full URL https://estatements.midlandstatesbank.com/javascript/jquery/jquery.validationEngine-en.js Requested by Host: agp-internet.com URL: https://agp-internet.com/gop/of/verification.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 12.189.22.64 , United States, ASN36838 (INFOIMAGE, US), Reverse DNS Software Apache/2.4.29 (Ubuntu) / Resource Hash 5ca61b01d51eea297c875f363b1d42d5eaccfed0a16452a8c49741c203a28e94 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://agp-internet.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 12 Aug 2021 11:07:31 GMT Content-Encoding gzip Last-Modified Tue, 29 Sep 2020 20:20:32 GMT Server Apache/2.4.29 (Ubuntu) ETag W/"2323-1601410832000-gzip" Vary Accept-Encoding Strict-Transport-Security max-age=15768000 Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 771
GET DATA	200 OK	truncated /	6 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c13ae3a103d8431dacfc0cd6a58c3e8970ba005e87b0799fe66d72217389a307 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	8 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c074e76dd727cfac94a3bd569636f9f6fbd2110ec2f2613fa460df9687dd26b7 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/jpeg

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Office 365 (Online)

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| is_empty function| not_match function| has_character function| has_digit_only function| has_invalid_char function| is_currancy function| is_invalid_email function| has_lower_case function| has_upper_case function| has_digit function| is_invalid_password function| has_repeated_char function| simple_check function| $ function| jQuery function| DP_jQuery_1628766560591 function| highlightMenu

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

agp-internet.com
estatements.midlandstatesbank.com
12.189.22.64
8.21.33.9
12b7eecb79b7fb5ebd3bceefcf678f62d83620900dfc2d56d388425979752ee0
14a07d25823f4119e1f55c6ef5a0696f98861baf113aef76519aad93f01a32c5
267f1179716d40d02c10f141eda6d071de12426648539504304149eb3cfcbf91
517364f2d45162fb5037437b5b6cb953d00d9b2b3b79ba87d9fe57ea6ee6070c
52b0ed391bfebb9288b920480ed8eb5ec773e87eb61f21246dca3165a48e5656
5ca61b01d51eea297c875f363b1d42d5eaccfed0a16452a8c49741c203a28e94
5cbf24ab2fbc25fbd01655d1573308da43a0395cebce19dc827a021ba1046b33
7a299721e644822017dc072948c1648965d727b1ce54c8ba86518e3fd0744c62
ac21ffa8d852cc4b561cf19c6cd982b73e74755be2e4f0dc89e03061354191b2
c074e76dd727cfac94a3bd569636f9f6fbd2110ec2f2613fa460df9687dd26b7
c13ae3a103d8431dacfc0cd6a58c3e8970ba005e87b0799fe66d72217389a307
c789aeb8a731d6ede52aaf6acb668e81497f2c70ec620732ce919282faef2840
d8303e7cc49516c09bc145b23ecc0deea5a804a3b6b3e44294755b5e66d6548a