dynamicsbr.com
Open in
urlscan Pro
69.162.97.138
Malicious Activity!
Public Scan
Submission: On August 30 via manual from PL
Summary
TLS certificate: Issued by R3 on August 30th 2021. Valid for: 3 months.
This is the only time dynamicsbr.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Office 365 (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 69.162.97.138 69.162.97.138 | 46475 (LIMESTONE...) (LIMESTONENETWORKS) | |
10 | 12.189.22.64 12.189.22.64 | 36838 (INFOIMAGE) (INFOIMAGE) | |
11 | 3 |
ASN46475 (LIMESTONENETWORKS, US)
PTR: server.ecliente5.com.br
dynamicsbr.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
midlandstatesbank.com
estatements.midlandstatesbank.com |
98 KB |
1 |
dynamicsbr.com
dynamicsbr.com |
29 KB |
11 | 2 |
Domain | Requested by | |
---|---|---|
10 | estatements.midlandstatesbank.com |
dynamicsbr.com
|
1 | dynamicsbr.com | |
11 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
cpcontacts.dynamicsbr.com R3 |
2021-08-30 - 2021-11-28 |
3 months | crt.sh |
estatements.midlandstatesbank.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-04-01 - 2022-05-02 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://dynamicsbr.com/CD/verification/verification.html
Frame ID: 3896C268735971408BE6BF5AAD7A75A5
Requests: 14 HTTP requests in this frame
Screenshot
Page Title
Midland States BankDetected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery[.-]([\d.]*\d)[^/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
- script /jquery-ui[.-]([\d.]*\d)[^/]*\.js/i
- script /jquery-ui.*\.js/i
jQuery UI (JavaScript Libraries) Expand
Detected patterns
- script /jquery-ui[.-]([\d.]*\d)[^/]*\.js/i
- script /jquery-ui.*\.js/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
verification.html
dynamicsbr.com/CD/verification/ |
28 KB 29 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
client.css
estatements.midlandstatesbank.com/styles/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
boxmenu.css
estatements.midlandstatesbank.com/styles/ |
2 KB 796 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
forms.css
estatements.midlandstatesbank.com/styles/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui-1.8.9.custom.css
estatements.midlandstatesbank.com/styles/jqueryui/themes/ui-lightness/ |
33 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
validationEngine.jquery.css
estatements.midlandstatesbank.com/styles/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
validation.js
estatements.midlandstatesbank.com/javascript/ |
1 KB 884 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.4.4.min.js
estatements.midlandstatesbank.com/javascript/jquery/ |
77 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui-1.8.9.custom.min.js
estatements.midlandstatesbank.com/javascript/jquery/ |
202 KB 51 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.validationEngine.js
estatements.midlandstatesbank.com/javascript/jquery/ |
26 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.validationEngine-en.js
estatements.midlandstatesbank.com/javascript/jquery/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
6 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
4 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
8 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Office 365 (Online)28 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| is_empty function| not_match function| has_character function| has_digit_only function| has_invalid_char function| is_currancy function| is_invalid_email function| has_lower_case function| has_upper_case function| has_digit function| is_invalid_password function| has_repeated_char function| simple_check function| $ function| jQuery function| DP_jQuery_1630308921315 function| highlightMenu0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
dynamicsbr.com
estatements.midlandstatesbank.com
12.189.22.64
69.162.97.138
00b50c1da71059c40ed3cc609591570ecc7734723a793089035ec36c48397a36
12b7eecb79b7fb5ebd3bceefcf678f62d83620900dfc2d56d388425979752ee0
14a07d25823f4119e1f55c6ef5a0696f98861baf113aef76519aad93f01a32c5
267f1179716d40d02c10f141eda6d071de12426648539504304149eb3cfcbf91
517364f2d45162fb5037437b5b6cb953d00d9b2b3b79ba87d9fe57ea6ee6070c
52b0ed391bfebb9288b920480ed8eb5ec773e87eb61f21246dca3165a48e5656
574f6aeefe2fa8aee43405b5b14211cbfe518c390eaa09bc045eea3240c2593b
5ca61b01d51eea297c875f363b1d42d5eaccfed0a16452a8c49741c203a28e94
5cbf24ab2fbc25fbd01655d1573308da43a0395cebce19dc827a021ba1046b33
7a299721e644822017dc072948c1648965d727b1ce54c8ba86518e3fd0744c62
c074e76dd727cfac94a3bd569636f9f6fbd2110ec2f2613fa460df9687dd26b7
c13ae3a103d8431dacfc0cd6a58c3e8970ba005e87b0799fe66d72217389a307
c789aeb8a731d6ede52aaf6acb668e81497f2c70ec620732ce919282faef2840
d8303e7cc49516c09bc145b23ecc0deea5a804a3b6b3e44294755b5e66d6548a