![](/screenshots/ab737d72-b6b2-4586-8875-77e5feb35fbf.png)
valleyspiritusa.dynserv.org
Open in
urlscan Pro
34.106.118.238
Public Scan
Submission: On July 10 via automatic, source openphish
Summary
This is the only time valleyspiritusa.dynserv.org was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
18 | 34.106.118.238 34.106.118.238 | 15169 (GOOGLE) (GOOGLE) | |
1 3 | 63.32.153.45 63.32.153.45 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2a02:26f0:6c0... 2a02:26f0:6c00:28a::1e80 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 52.30.135.179 52.30.135.179 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 15.188.95.229 15.188.95.229 | 16509 (AMAZON-02) (AMAZON-02) | |
1 1 | 54.171.42.33 54.171.42.33 | 16509 (AMAZON-02) (AMAZON-02) | |
25 | 5 |
ASN15169 (GOOGLE, US)
PTR: 238.118.106.34.bc.googleusercontent.com
valleyspiritusa.dynserv.org |
ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-153-45.eu-west-1.compute.amazonaws.com
dpm.demdex.net |
ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-135-179.eu-west-1.compute.amazonaws.com
bbandt.demdex.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
sstats.bbt.com | |
stats.bbt.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-42-33.eu-west-1.compute.amazonaws.com
cm.everesttech.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
dynserv.org
valleyspiritusa.dynserv.org |
1 MB |
4 |
demdex.net
1 redirects
dpm.demdex.net bbandt.demdex.net |
6 KB |
2 |
bbt.com
sstats.bbt.com stats.bbt.com |
1 KB |
2 |
adobedtm.com
assets.adobedtm.com |
14 KB |
1 |
everesttech.net
1 redirects
cm.everesttech.net |
517 B |
25 | 5 |
Domain | Requested by | |
---|---|---|
18 | valleyspiritusa.dynserv.org |
valleyspiritusa.dynserv.org
|
3 | dpm.demdex.net |
1 redirects
valleyspiritusa.dynserv.org
|
2 | assets.adobedtm.com |
valleyspiritusa.dynserv.org
|
1 | stats.bbt.com |
valleyspiritusa.dynserv.org
|
1 | cm.everesttech.net | 1 redirects |
1 | sstats.bbt.com |
valleyspiritusa.dynserv.org
|
1 | bbandt.demdex.net |
valleyspiritusa.dynserv.org
|
25 | 7 |
This site contains links to these domains. Also see Links.
Domain |
---|
bank.bbt.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1 |
2020-12-02 - 2022-01-02 |
a year | crt.sh |
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-01-08 - 2021-09-30 |
9 months | crt.sh |
sstats.bbt.com DigiCert SHA2 Secure Server CA |
2019-11-22 - 2021-11-22 |
2 years | crt.sh |
This page contains 2 frames:
Primary Page:
http://valleyspiritusa.dynserv.org/page2.html
Frame ID: 170DD438A2B679D25E55DD35833C0F62
Requests: 24 HTTP requests in this frame
Frame:
https://bbandt.demdex.net/dest5.html?d_nsid=0
Frame ID: A842B83B38BE373F6DEE6D1844C76C64
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/ab737d72-b6b2-4586-8875-77e5feb35fbf.png)
Detected technologies
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
![](/vendor/wappa/icons/adobedmt.png)
Detected patterns
- script /\/\/assets.adobedtm.com\//i
Detected patterns
- script /jquery[.-]([\d.]*\d)[^/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
7 Outgoing links
These are links going to different origins than the main page.
Title: Skip Navigation
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Yes Leave page and no changes are made.
Search URL Search Domain Scan URL
Title: No click to close window and return to Page
Search URL Search Domain Scan URL
Title: Click to Close Window
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Leave Pageand no changes saved
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 10- https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=135D34FA53DA9B160A490D44%40AdobeOrg&d_nsid=0&ts=1625880472421 HTTP 302
- https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=135D34FA53DA9B160A490D44%40AdobeOrg&d_nsid=0&ts=1625880472421
- https://cm.everesttech.net/cm/dd?d_uuid=48322525604076119542616955058497041343 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=YOj3mAAAAMgYjR0T
25 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
page2.html
valleyspiritusa.dynserv.org/ |
15 KB 15 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.9.1.min.js.download
valleyspiritusa.dynserv.org/next/ |
97 KB 98 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.mask.js.download
valleyspiritusa.dynserv.org/next/ |
16 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
launch-EN98a9ba6c8b7b4584946ffeeb9f2bac9d.min.js.download
valleyspiritusa.dynserv.org/next/ |
393 KB 394 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
AppMeasurement.min.js.download
valleyspiritusa.dynserv.org/next/ |
33 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
AppMeasurement_Module_ActivityMap.min.js.download
valleyspiritusa.dynserv.org/next/ |
3 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
WAnalytics10122019.js.download
valleyspiritusa.dynserv.org/next/ |
10 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
overview_v1.css
valleyspiritusa.dynserv.org/next/ |
79 KB 79 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles_v1.css
valleyspiritusa.dynserv.org/next/ |
315 KB 316 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
alert.png
valleyspiritusa.dynserv.org/next/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
passrst-script_v1.js.download
valleyspiritusa.dynserv.org/next/ |
82 KB 82 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rd
dpm.demdex.net/id/ Redirect Chain
|
365 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ |
33 KB 12 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
print.css
valleyspiritusa.dynserv.org/next/ |
5 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sourcesanspro-regular-webfont.woff
valleyspiritusa.dynserv.org/next/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sourcesanspro-semibold-webfont.woff
valleyspiritusa.dynserv.org/next/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sourcesanspro-bold-webfont.woff
valleyspiritusa.dynserv.org/next/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dest5.html
bbandt.demdex.net/ Frame A842 |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
id
sstats.bbt.com/ |
48 B 513 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=411&dpuuid=YOj3mAAAAMgYjR0T
dpm.demdex.net/ Redirect Chain
|
42 B 956 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sourcesanspro-regular-webfont.ttf
valleyspiritusa.dynserv.org/next/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sourcesanspro-semibold-webfont.ttf
valleyspiritusa.dynserv.org/next/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sourcesanspro-bold-webfont.ttf
valleyspiritusa.dynserv.org/next/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s46779552372404
stats.bbt.com/b/ss/bbtdevall/1/JS-2.22.0-LBQ1/ |
43 B 599 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
78 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in object| digitalData object| digitalDataWA object| scDataMap function| trackPageObject function| trackLinkObject function| trackDynamicPageObject function| trackExitLinkObject function| trackDownloadObject function| trackingVariablePrep function| setSiteCatalystDataObject function| captureCampaignCodes function| retrieveIntLink function| clone function| oaoCheck object| bbt object| glbPageData function| waOnLoad function| waManageVars string| olbUserFlag string| maskedNumber string| webSessionId string| pageName string| waEventCode string| secFeat string| secQuestn string| strongPwd function| enableEmailDiv function| enablePhoneDiv function| enrollOLB function| abandonWA function| abandonNoWA function| abandonYesWA string| globalContextUrl number| totalTime number| warningTime string| logOffUrl number| timeoutTid undefined| logOffTid function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| s function| initTimeout function| abortLogOffTimer function| doCommonFormSubmit boolean| formSubmitted function| doubleSubmitCheck function| submitPasswordResetForm function| submitMeOnEnter function| resendOTP object| BBT object| lightbox object| jQuery191047732099959968766 object| pageArray object| hierArray object| channelArray boolean| clearEvents function| olbAutoTimeoutFunction object| s_i_bbtdevall3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.demdex.net/ | Name: demdex Value: 48322525604076119542616955058497041343 |
|
.valleyspiritusa.dynserv.org/ | Name: AMCV_135D34FA53DA9B160A490D44%40AdobeOrg Value: -1124106680%7CMCIDTS%7C18819%7CMCMID%7C48297613121777071502618865759219556611%7CMCAAMLH-1626485272%7C6%7CMCAAMB-1626485272%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1625887672s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18826%7CvVersion%7C5.2.0 |
|
.valleyspiritusa.dynserv.org/ | Name: AMCVS_135D34FA53DA9B160A490D44%40AdobeOrg Value: 1 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assets.adobedtm.com
bbandt.demdex.net
cm.everesttech.net
dpm.demdex.net
sstats.bbt.com
stats.bbt.com
valleyspiritusa.dynserv.org
15.188.95.229
2a02:26f0:6c00:28a::1e80
34.106.118.238
52.30.135.179
54.171.42.33
63.32.153.45
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2
0ad03d29ddccb578e4836c5463d15814132a481f601d79909537eec07d393810
177d679046c2862770d537dc4e7ced86f97f44cd290e3298df2317058d3d5484
24d1f129758088ded55c43ace0e8462244b3cd91f832f84e635fdc7ae75acceb
52e13531849e2eb1d9580a63b400b2c6512b2119dd42657e61c84a1c324f7ec3
6b0a3c096c9f2703bed408543402125c969c480f8acfa9d5e158d43b9cd17d3f
754739f717dea0a4a759313c0fa9aa864761426b671e01aa609c903c3bc74f18
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
9c1dec5541627f9832fab81701ed4f2ed53701d9828e0c40f5553d2f4d124bdb
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
aa5ba3a07a3970664e8c4280188a2ccf47a5775dead3595afe24d8351a377f0f
bb4482d252af40dce2f4f1a550756c9bd98ecfb7230cefef4e53571f262d3109
c27b9d5725813c610593aae646532de8613972fb42e29addc464d1fe81a03e71
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f301a98472daddd9aae7dc83d3d8c5be7ebc31dc3ba22e2673e511e531ca10d3
fbf4bbedd6e97c2432ca60b3122275b381166ed59a89b5f734c016dbd61bb953