a2plcpnl0512.prod.iad2.secureserver.net
Open in
urlscan Pro
198.71.236.10
Malicious Activity!
Public Scan
Submission: On August 16 via api from CA
Summary
TLS certificate: Issued by Starfield Secure Certificate Authorit... on January 21st 2018. Valid for: 2 years.
This is the only time a2plcpnl0512.prod.iad2.secureserver.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Access Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 198.71.236.10 198.71.236.10 | 26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com) | |
33 | 149.126.77.67 149.126.77.67 | 19551 (INCAPSULA) (INCAPSULA - Incapsula Inc) | |
1 2 | 2a00:1450:400... 2a00:1450:4001:815::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 2a00:1450:400... 2a00:1450:400c:c04::9d | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
37 | 4 |
ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: a2plcpnl0512.prod.iad2.secureserver.net
a2plcpnl0512.prod.iad2.secureserver.net |
ASN19551 (INCAPSULA - Incapsula Inc, US)
PTR: 149.126.77.67.ip.incapdns.net
diamondonline.diamondbank.com |
ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com |
ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
33 |
diamondbank.com
diamondonline.diamondbank.com |
98 KB |
2 |
google-analytics.com
1 redirects
www.google-analytics.com |
18 KB |
2 |
secureserver.net
a2plcpnl0512.prod.iad2.secureserver.net |
11 KB |
1 |
doubleclick.net
stats.g.doubleclick.net |
102 B |
37 | 4 |
Domain | Requested by | |
---|---|---|
33 | diamondonline.diamondbank.com |
a2plcpnl0512.prod.iad2.secureserver.net
|
2 | www.google-analytics.com |
1 redirects
a2plcpnl0512.prod.iad2.secureserver.net
|
2 | a2plcpnl0512.prod.iad2.secureserver.net |
a2plcpnl0512.prod.iad2.secureserver.net
|
1 | stats.g.doubleclick.net |
a2plcpnl0512.prod.iad2.secureserver.net
|
37 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.diamondbank.com |
diamondonline.diamondbank.com |
www.youtube.com |
www.diamondbankng.blogspot.com |
www.twitter.com |
www.facebook.com |
plus.google.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.prod.iad2.secureserver.net Starfield Secure Certificate Authority - G2 |
2018-01-21 - 2020-01-21 |
2 years | crt.sh |
diamondonline.diamondbank.com DigiCert SHA2 Extended Validation Server CA |
2019-05-31 - 2020-06-18 |
a year | crt.sh |
*.google-analytics.com Google Internet Authority G3 |
2019-07-29 - 2019-10-21 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2019-07-29 - 2019-10-27 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://a2plcpnl0512.prod.iad2.secureserver.net/~estaegyptadmin/estaegypt/templates/beez5/loginpage/mapids.php
Frame ID: C3EA59316D6674935E1F7C5D1902EB88
Requests: 37 HTTP requests in this frame
Screenshot
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Page Statistics
9 Outgoing links
These are links going to different origins than the main page.
Title: cr2.com
Search URL Search Domain Scan URL
Title: Already Registered?
Search URL Search Domain Scan URL
Title: Request or Forgot Password
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 35- https://www.google-analytics.com/r/collect?v=1&_v=j78&a=887209535&t=pageview&_s=1&dl=https%3A%2F%2Fa2plcpnl0512.prod.iad2.secureserver.net%2F~estaegyptadmin%2Festaegypt%2Ftemplates%2Fbeez5%2Floginpage%2Fmapids.php&ul=en-us&de=UTF-8&dt=DiamondOnline%20-%20login-page&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=617511802&gjid=1996708813&cid=159513370.1565973839&tid=UA-61395810-1&_gid=579063713.1565973839&_r=1&z=1555223071 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-61395810-1&cid=159513370.1565973839&jid=617511802&_gid=579063713.1565973839&gjid=1996708813&_v=j78&z=1555223071
37 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
mapids.php
a2plcpnl0512.prod.iad2.secureserver.net/~estaegyptadmin/estaegypt/templates/beez5/loginpage/ |
59 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
css.jsp
diamondonline.diamondbank.com/html/portal/ |
43 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
css.jsp
diamondonline.diamondbank.com/html/portlet/journal_content/ |
484 B 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.css
diamondonline.diamondbank.com/DBLDiamondLogin-themee/css/ |
260 B 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
OnlineLogo.png
diamondonline.diamondbank.com/DiamondLogin-theme/images/common/ |
12 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login.png
diamondonline.diamondbank.com/html/icons/ |
612 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
add_content.png
diamondonline.diamondbank.com/DBLDiamondLogin-themee/images/dock/ |
733 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
BosChallenge.js
diamondonline.diamondbank.com/dwr/interface/ |
584 B 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
eSUSU%20Ad%20Banner.jpg
a2plcpnl0512.prod.iad2.secureserver.net/DBLDiamondLogin-themee/images/common/ |
2 KB 2 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Complaints.png
diamondonline.diamondbank.com/DiamondLogin-theme/images/common/ |
8 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Trusteer.png
diamondonline.diamondbank.com/DiamondLogin-theme/images/common/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
blogger.png
diamondonline.diamondbank.com/DBLDiamondLogin-themee/images/custom/ |
531 B 877 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
twitter.png
diamondonline.diamondbank.com/DBLDiamondLogin-themee/images/custom/ |
522 B 868 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
facebook.png
diamondonline.diamondbank.com/DBLDiamondLogin-themee/images/custom/ |
414 B 760 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gplus.png
diamondonline.diamondbank.com/DBLDiamondLogin-themee/images/custom/ |
818 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
youtube.png
diamondonline.diamondbank.com/DBLDiamondLogin-themee/images/custom/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
javascript.js
diamondonline.diamondbank.com/DBLDiamondLogin-themee/javascript/ |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
customJS.js
diamondonline.diamondbank.com/html/js/ |
155 B 721 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
base.css
diamondonline.diamondbank.com/DBLDiamondLogin-themee/css/ |
4 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
application.css
diamondonline.diamondbank.com/DBLDiamondLogin-themee/css/ |
16 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
layout.css
diamondonline.diamondbank.com/DBLDiamondLogin-themee/css/ |
2 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
navigation.css
diamondonline.diamondbank.com/DBLDiamondLogin-themee/css/ |
6 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
portlet.css
diamondonline.diamondbank.com/DBLDiamondLogin-themee/css/ |
9 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
forms.css
diamondonline.diamondbank.com/DBLDiamondLogin-themee/css/ |
2 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
custom.css
diamondonline.diamondbank.com/DBLDiamondLogin-themee/css/ |
17 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
green.css
diamondonline.diamondbank.com/DBLDiamondLogin-themee/css/color_schemes/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
orange.css
diamondonline.diamondbank.com/DBLDiamondLogin-themee/css/color_schemes/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
kyc.css
diamondonline.diamondbank.com/DBLDiamondLogin-themee/css/color_schemes/ |
13 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
43 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.jpg
diamondonline.diamondbank.com/DBLDiamondLogin-themee/images/custom/ |
5 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
CHAT.jpg
diamondonline.diamondbank.com/DBLDiamondLogin-themee/images/custom/ |
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tabs_bg.png
diamondonline.diamondbank.com/DBLDiamondLogin-themee/images/application/ |
88 B 433 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Username.png
diamondonline.diamondbank.com/DBLDiamondLogin-themee/images/common/ |
682 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Password.png
diamondonline.diamondbank.com/DBLDiamondLogin-themee/images/common/ |
884 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Login.png
diamondonline.diamondbank.com/DBLDiamondLogin-themee/images/common/ |
103 B 453 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
border.png
diamondonline.diamondbank.com/DBLDiamondLogin-themee/images/custom/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
stats.g.doubleclick.net/r/ Redirect Chain
|
35 B 102 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Access Bank (Banking)22 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask object| Liferay object| themeDisplay string| GoogleAnalyticsObject function| ga function| open_win function| _58_bwSimpleChallengeCheck function| _58_bwCheckTheChallenge function| _58_bwCheckChallenge object| mobileField undefined| text undefined| placedText object| sendPassphraseButton object| diamondLoginSubmitButton object| form string| tip object| google_tag_data object| gaplugins object| gaGlobal object| gaData3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.secureserver.net/ | Name: _gat Value: 1 |
|
.secureserver.net/ | Name: _gid Value: GA1.2.579063713.1565973839 |
|
.secureserver.net/ | Name: _ga Value: GA1.2.159513370.1565973839 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a2plcpnl0512.prod.iad2.secureserver.net
diamondonline.diamondbank.com
stats.g.doubleclick.net
www.google-analytics.com
149.126.77.67
198.71.236.10
2a00:1450:4001:815::200e
2a00:1450:400c:c04::9d
0f0ed284afcf94f728410e720ca9ac84107d90a676864c780b0a3ddd70d8e58b
16a8b6f7e01abd0aada52e3b43fe63634cf0ea4d8afc628567682ed1d7800c91
17043fcae5c8b5a807424d4ab5f863b501709703b6cbea8d38e5818a95507e08
192a15af978f77ad3d3fba09a6b46dffe0986290dfc09073cf7bde3cb30b737c
199e8d617689962a6f0a98e394f1a3bd8b9255ede341e99d93adafc653ff9644
2315861baaba6b1f87b3802ead9f228c4498b715916d909eeed169c3abc84e89
27394a1248b9162f8c1e21f756580686e4b7219929a5b9fe5f5cef69c44643c7
293a56bb8aa544cb1365e658c607e444b6a47cbfcb4e5b749b200d9471955b9b
2ddd73a2f2d03488c1832eecc7cfa74f821f765e98ac54809e651970153cfd01
5b2821e69931b31bb218eacb129f6144d65901b210e41c103c70aecdcc681c63
630bca18023a052207b6d3da4a8bbf7b638391bcde5c773e99eac2122567ad60
65896ac220cc76f6ece9f7ce21ecb426f47381dec13f031acfc0253f9cdfc08b
6fd494df10fdb79f3d5ee48079a1eef29d4c7c2723b81a6e18c316c75a8db43a
7c2d6cac705de2f411130498549b306464d4b41c543670800caf410a18e32784
801e43c0fab218b8b54b46db227bd5edbe5a57446b8aacadb47bfa07cb955499
809a897de4123ac5220cdd64d5e4f837e9cc28f5b99bfc81a41d8a5292b169d6
82d6339f9bfefc4fe44111461e7f125be137cd57513aa8b550d44cdc654d8712
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8d974c1bcee96b20e51f9592222d6b951bac68e12cead57319c6db0bf28af73f
a21bb6be88063aee9efdaa46d183302c38b851fd8c4c9d5b6df22687b050493c
a52160865e930d6eff40b1f88058b4c5d79d05d560e36dfd2b693c5e6c7ca852
a87ba8b481bb69b08386b487f2371cd003b2d35864ea3e29704cfca6e48d09f0
b97d39522a867cd313d93ab881ecdccf3eca0a9d5f3556b82c48413f45c8e46b
c06a52df3361df380a02a45159a0858d6f7cd8cbc3f71ff732a65d6c25ea6af6
cdc8b52c9402b72ef9c698027c0d2ea63058ed98b832a31d3ac57c9e7f8b35ed
cec3748d0c3da4700300d5424aaea375b03550b0ee8b3dd38e242c4022261446
cfd0e68ec42b78ff3f143114b222dec4890d38f42c1bf0dd9f25f489f921737c
d0213ee8e0c3a01711f2c13cdab0beb0833a2d7e46c7a3f44698df53180b82d9
d4203149127d8509d170c24445445ab3cbe40a3151a2f5cc62a2bfce75e47378
d85ce7dc5f9adfb5ace406d7f2ce1d5ebbbf369f985a1eb730ff065f943dbce1
e1b6b195df6f3e6473723210cef3ef97571099c99f896a18184e841fe764c2d5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec0d0192a04f75d40285312a7cf11c0adc9b36562efff98fa9e5bf7c9a7f8bc5
ec4044f92affd923a2e17b3fa41fb10538bd1aaae94ebe006cde42acf8e8fc7e
ec43059b48e1a4aa9662d67edac54b375ef2a4d7dd3f35725ce413d07033460c
f3682106d140ec521150dff535d240334602fcc863c1f0bbdbfc27bd72399f06
fb0380a76b0e6f592719979e2701fa789ace89c936c93d88d4a714b573e12e5c