dentimplantacademy.com
Open in
urlscan Pro
185.122.201.150
Malicious Activity!
Public Scan
Submission: On November 22 via automatic, source openphish
Summary
This is the only time dentimplantacademy.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Wells Fargo (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
12 | 185.122.201.150 185.122.201.150 | 43260 (DGN) (DGN) | |
1 | 2a00:1450:400... 2a00:1450:4001:821::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
13 | 2 |
ASN43260 (DGN, TR)
PTR: 150.201.122.185.in-addr.arpa.routergate.com
dentimplantacademy.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
dentimplantacademy.com
dentimplantacademy.com |
33 KB |
1 |
google-analytics.com
www.google-analytics.com |
14 KB |
13 | 2 |
Domain | Requested by | |
---|---|---|
12 | dentimplantacademy.com |
dentimplantacademy.com
|
1 | www.google-analytics.com |
dentimplantacademy.com
|
13 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.google-analytics.com Google Internet Authority G3 |
2017-11-01 - 2018-01-24 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://dentimplantacademy.com/tmp/wellsfargo2016/step1.php?cmd=login_submit&id=94ca90e60b2dd7b944947e84e1a43bcb94ca90e60b2dd7b944947e84e1a43bcb&session=94ca90e60b2dd7b944947e84e1a43bcb94ca90e60b2dd7b944947e84e1a43bcb
Frame ID: 20380.1
Requests: 13 HTTP requests in this frame
Screenshot
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
OpenSSL (Web Server Extensions) Expand
Detected patterns
- headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 11- http://www.google-analytics.com/analytics.js HTTP 307
- https://www.google-analytics.com/analytics.js
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
step1.php
dentimplantacademy.com/tmp/wellsfargo2016/ |
14 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
shape1041325109.gif
dentimplantacademy.com/tmp/wellsfargo2016/images/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1.png
dentimplantacademy.com/tmp/wellsfargo2016/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2.png
dentimplantacademy.com/tmp/wellsfargo2016/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
searc.png
dentimplantacademy.com/tmp/wellsfargo2016/images/ |
895 B 895 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3.png
dentimplantacademy.com/tmp/wellsfargo2016/images/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
9.png
dentimplantacademy.com/tmp/wellsfargo2016/images/ |
339 B 339 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
4.png
dentimplantacademy.com/tmp/wellsfargo2016/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
5.png
dentimplantacademy.com/tmp/wellsfargo2016/images/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
6.png
dentimplantacademy.com/tmp/wellsfargo2016/images/ |
439 B 439 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
as.png
dentimplantacademy.com/tmp/wellsfargo2016/images/ |
930 B 930 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
8.png
dentimplantacademy.com/tmp/wellsfargo2016/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ Redirect Chain
|
35 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Wells Fargo (Banking)5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
string| GoogleAnalyticsObject function| ga function| unhideBody object| gaplugins object| gaGlobal2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.dentimplantacademy.com/ | Name: _gid Value: GA1.2.1520577038.1511376201 |
|
.dentimplantacademy.com/ | Name: _ga Value: GA1.2.439929037.1511376201 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
dentimplantacademy.com
www.google-analytics.com
185.122.201.150
2a00:1450:4001:821::200e
089fb9030e37d621ab5dea05f2288e1c9af9978381d4abb994e7959e908974e7
1ec163d192bc0fedc2bef39f9edb62750f0aa5e565f4a825169bf51dba5c58ee
24b4e36399c57af1c91e2fabe7b57227f040776317d6f00950f4f848b984c630
2a7d099e3a29a31477e984d0904e0b6366d9860f3234120ba1d034dec8a493df
374e9ea5715a4a551c3cd035bff0f6ad4d5eec44958b6bdfe0c073600b73acf9
3e28c7f22bd02914f009e4f029f7e5c91e916edfa436bbcf90b3eca8e79c486e
525d8d807882e23133473b8ee01a95092029918b143d70a1edc8d25339162e9b
7728eab1efb9876b19dbe324331bc97a359c3297e6ecbeae42ed6d0e63186fbd
9d25050510d0d09d8f4de1d1b079428e585fc5f3d7f302515d431488333fe8a9
aee8a5706ee111088da035d3424665843e88b11f119587c2d9ffbada14c3f13f
dab770fb756e1e4359508bceaa29f9b8d4f2e5c5b1adcaf7924f4fd9a7e90133
f75166305968966cec482a14f0b116aedb0df4261a17ac48556a440d676ae5a9
f8ef655ef916e39713ede9c6db56d7ca5618bd82cf5ac991dcd013f05e0fdfc7