dream1now.com Open in urlscan Pro
104.21.9.225 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://dream1now.com/
Submission Tags: #phishing @ecarlesi Search All
Submission: On November 10 via api (November 10th 2022, 9:34:46 am UTC) from FI — Scanned from FI

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 12 HTTP transactions. The main IP is 104.21.9.225, located in Shahr, Iran, Islamic Republic Of and belongs to CLOUDFLARENET, US. The main domain is dream1now.com.
TLS certificate: Issued by E1 on November 9th 2022. Valid for: 3 months.

This is the only time dream1now.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Bank of America (Banking)

Domain & IP information

	IP Address		AS Autonomous System
12	104.21.9.225 104.21.9.225		13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	1

12 104.21.9.225 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

dream1now.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	dream1now.com dream1now.com	522 KB
12	1

	Domain	Requested by
12	dream1now.com	dream1now.com
12	1

This site contains no links.

Subject Issuer	Validity	Valid
*.dream1now.com E1	`2022-11-09` - `2023-02-07`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://dream1now.com/
Frame ID: 853209836BA4AE2BA57E3C9B80B8D02B
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bank of America - Banking, Credit Cards, Loans and Merrill Investing

Page Statistics

12
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

522 kB
Transfer

519 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response dream1now.com/	2 KB 1 KB	608ms 123ms	Document text/html	104.21.9.225 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dream1now.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.9.225 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0b84ac95f61bcf2132286adec0c7f3e5535b8d5d426bec8a0eec3d479c251e4b` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language fi-FI,fi;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 767dcb391a9db336-PRG content-encoding br content-type text/html; charset=UTF-8 date Thu, 10 Nov 2022 09:34:42 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jxfSFGKHwEtJxjfw3G4j6PZmLn8HnlL0A%2FPYgtMjmB2maULj%2F3PIP6R%2Bbx9sjG5VcZBEC%2F9b2TAGDn1jKthqwICW4N1LyCLi4F4e%2FG5y0kHjmjlkvX73NVpsG%2BrimKNS"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	style.css dream1now.com/css/	824 B 680 B	117ms 114ms	Stylesheet text/css	104.21.9.225 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dream1now.com/css/style.css Requested by Host: dream1now.com URL: https://dream1now.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.9.225 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2dbacd10301cd4773d61b86689e25f711d48f9a2d5bfb1fd5dcd185ff80c9f1e` Request headers accept-language fi-FI,fi;q=0.9 Referer https://dream1now.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 10 Nov 2022 09:34:42 GMT content-encoding br cf-cache-status MISS last-modified Wed, 09 Nov 2022 21:18:23 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"338-5ed103257b8b8-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fsby4uHl6AwzToJwRf7gf5U3ewXu9IIxbnG3QuRxBpEYeEtNBkpgFOZbDeDQ9jAqfnyjeSmbTOR0j7YrUpqRF28nP%2FxT7kmOlWMNTgygSRFY%2FlisPPmMSzXxWewtuvDJ"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 767dcb39fcc8b336-PRG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	Screenshot_1.png dream1now.com/img/	4 KB 4 KB	121ms 119ms	Image image/png	104.21.9.225 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dream1now.com/img/Screenshot_1.png Requested by Host: dream1now.com URL: https://dream1now.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.9.225 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f4007cd1fa3b61a956ed754859cb46e3d4e03f365151e227fed971f70a298ebe` Request headers accept-language fi-FI,fi;q=0.9 Referer https://dream1now.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 10 Nov 2022 09:34:42 GMT cf-cache-status MISS last-modified Wed, 09 Nov 2022 21:18:31 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "ebe-5ed1032ce5f1f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tq%2FI%2FyPumDQ23sb9pJAi66pKUmJoWVt2%2BwpDTFyaOYVR2YKE5TcNWgPqfoajiZM8TeOTMjhtFg7Lz1PS5pR6ZQuLOSvlUwNKBntX0NbN1qIcS4ojRqn2Mqoi4o1Xxsy8"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 767dcb39fccab336-PRG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 3774
GET H2	200	Screenshot_2.png dream1now.com/img/	989 B 1 KB	132ms 130ms	Image image/png	104.21.9.225 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dream1now.com/img/Screenshot_2.png Requested by Host: dream1now.com URL: https://dream1now.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.9.225 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `9f2e7ea72ae132cc4182ecb186939c4cdf429447e8c4ed024b06f68129ba924e` Request headers accept-language fi-FI,fi;q=0.9 Referer https://dream1now.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 10 Nov 2022 09:34:42 GMT cf-cache-status MISS last-modified Wed, 09 Nov 2022 21:18:31 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "3dd-5ed1032d832b2" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E4x1LYOVQAD4ks6TtntiQdB3A8CAltIoanhwTOaJCrR4Oq00OgITaEmToxQfA6dBf1RAobp6j5kjWvmqlnkoA0TBQ12seWtWvbu7tWxvWa1dFCiJM9H7z%2FdvimrWzvSE"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 767dcb3a3d56b336-PRG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 989
GET H2	200	Screenshot_3.png dream1now.com/img/	3 KB 4 KB	120ms 118ms	Image image/png	104.21.9.225 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dream1now.com/img/Screenshot_3.png Requested by Host: dream1now.com URL: https://dream1now.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.9.225 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2426227635564bf63526bd66126ee0ef1f004196ad625fa2519d1662311e06bc` Request headers accept-language fi-FI,fi;q=0.9 Referer https://dream1now.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 10 Nov 2022 09:34:42 GMT cf-cache-status MISS last-modified Wed, 09 Nov 2022 21:18:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "d01-5ed1032e22585" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eKVN2vxSfBqwt0usWDs0bVghMbYsT7jQsLErfDtlT7O3WJwItOe9RI2Od1YYL1jxAcT06EkJRXagoJZjgaYh0RM3FOQ6E8Kly9w7eBs1Xl0vJYUUrH9JEeeS3GmUg3nC"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 767dcb3a3d59b336-PRG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 3329
GET H2	200	Screenshot_4.png dream1now.com/img/	725 B 1 KB	126ms 123ms	Image image/png	104.21.9.225 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dream1now.com/img/Screenshot_4.png Requested by Host: dream1now.com URL: https://dream1now.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.9.225 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `bc0a4073dec94a97a606305f73c1f283efc8c990c70a7075a916576ce252b9fa` Request headers accept-language fi-FI,fi;q=0.9 Referer https://dream1now.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 10 Nov 2022 09:34:42 GMT cf-cache-status MISS last-modified Wed, 09 Nov 2022 21:18:33 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "2d5-5ed1032ec27f9" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1fAkvK7fYh6yzT5A5StWc%2Bqc5KMxK3hbo3IguaW6qet7AA1zyEIXCUbPx%2BdZWhfLdByitvzuA3o0FBX7woRoISmGlTdkLloqPptkvI98Bo%2F6GgZDDR9aWf3s%2BT33EFOo"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 767dcb3a3d5bb336-PRG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 725
GET H2	200	Screenshot_5.png dream1now.com/img/	8 KB 9 KB	102ms 100ms	Image image/png	104.21.9.225 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dream1now.com/img/Screenshot_5.png Requested by Host: dream1now.com URL: https://dream1now.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.9.225 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `774931efdf6b3af64477bdd981cabfe22525136e5545bdbb5836a2d3ea09f4fd` Request headers accept-language fi-FI,fi;q=0.9 Referer https://dream1now.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 10 Nov 2022 09:34:42 GMT cf-cache-status MISS last-modified Wed, 09 Nov 2022 21:18:33 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "21a1-5ed1032f09c93" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CfWruJVn5c6knt%2B0A5p35tzr0%2Bsxj75LcS1plc7TTiODwTWU3GQ%2F7vqB7c3ySAVX2Qy65v5T2CScdn8hphN3Oe0UEcXiGOIRX9O%2B303HKk6%2FUk54xEapP4s9l5YEUp65"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 767dcb3a3d5cb336-PRG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 8609
GET H2	200	Screenshot_7.png dream1now.com/img/	664 B 952 B	125ms 123ms	Image image/png	104.21.9.225 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dream1now.com/img/Screenshot_7.png Requested by Host: dream1now.com URL: https://dream1now.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.9.225 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `9333f73bf884d431a11b9eb18de73854f7261f1b38686df38a91a049b71e9945` Request headers accept-language fi-FI,fi;q=0.9 Referer https://dream1now.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 10 Nov 2022 09:34:42 GMT cf-cache-status MISS last-modified Wed, 09 Nov 2022 21:18:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "298-5ed1032fb5a85" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1NYrmmY06zJAZjLu%2F883a4nBmM1EoOMG%2BoV4N2y7AnEGbtWssqsmEYtZ%2Bj5sXFYp%2FFprvFc4GBX3Ig3OW3P6HYPkbm1BqZXGTiGkCtdNOkqj1SWT%2FljpzwRZGsn71DLc"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 767dcb3a3d5eb336-PRG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 664
GET H2	200	Screenshot_8.png dream1now.com/img/	2 KB 2 KB	130ms 128ms	Image image/png	104.21.9.225 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dream1now.com/img/Screenshot_8.png Requested by Host: dream1now.com URL: https://dream1now.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.9.225 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a683369cafea60ab978816ebbec975ade158da39e97e8e65d4fe56e659d46d5d` Request headers accept-language fi-FI,fi;q=0.9 Referer https://dream1now.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 10 Nov 2022 09:34:42 GMT cf-cache-status MISS last-modified Wed, 09 Nov 2022 21:18:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "7de-5ed1033051e79" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rdOW%2BTQXR8XZe9ji4oJaEXL6ZnUFfDiY19MFOJx1XDe8NjTfjoLjZw1DS9869RYE7GhA7rCE3E1ocEdH%2BFXboDGtEuN%2F7A7NDVSLmin3EiR%2FGo11i2uAWOyJITfbHiFQ"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 767dcb3a3d5fb336-PRG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2014
GET H2	200	Screenshot_6.png dream1now.com/img/	139 KB 139 KB	151ms 149ms	Image image/png	104.21.9.225 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dream1now.com/img/Screenshot_6.png Requested by Host: dream1now.com URL: https://dream1now.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.9.225 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c32405cc040e868e3e4457fabbea43510a8fd965a2be8930dd54230557c5d9f8` Request headers accept-language fi-FI,fi;q=0.9 Referer https://dream1now.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 10 Nov 2022 09:34:42 GMT cf-cache-status MISS last-modified Wed, 09 Nov 2022 21:18:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "22bcb-5ed1032fba8a5" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fT4WRXMA9ZKniw3o%2BScSx66NpoIAzF389TSBx%2FIkf1SubGBq%2Blt7jI6%2BOoN6SZqkf3lhghilV4%2BdApiTHavX5q5H1xfW2nUbXxMWon8kt%2FvGLXwoU8xrIO7TLEWbfoVL"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 767dcb3a3d60b336-PRG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 142283
GET H2	200	Screenshot_9.png dream1now.com/img/	4 KB 4 KB	122ms 121ms	Image image/png	104.21.9.225 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dream1now.com/img/Screenshot_9.png Requested by Host: dream1now.com URL: https://dream1now.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.9.225 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2af2f24de846615b193d7ecaa6bffa63cc15eabba338cb9e5222caa4af51c08f` Request headers accept-language fi-FI,fi;q=0.9 Referer https://dream1now.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 10 Nov 2022 09:34:42 GMT cf-cache-status MISS last-modified Wed, 09 Nov 2022 21:18:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "f3e-5ed1033057c38" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Rtbmvddy4kO4R%2BpwI%2FNSEZSNMZ8fEVWjVD1npmWX%2B09izEkC0W1TcadQazVo9gefg08BnBhBGSnW7CdRBLQ6PNtMD38T76XQgvDy9e8NYcHo22JS%2BGz0U55z%2BRVQ9xY"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 767dcb3a3d61b336-PRG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 3902
GET H2	200	asdasdsd.png dream1now.com/img/	354 KB 355 KB	1082ms 1081ms	Image image/png	104.21.9.225 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dream1now.com/img/asdasdsd.png Requested by Host: dream1now.com URL: https://dream1now.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.9.225 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f53f05a29121db7331c915281d32291b4a26e1b7f629e344791c8d8d1532d73f` Request headers accept-language fi-FI,fi;q=0.9 Referer https://dream1now.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 10 Nov 2022 09:34:43 GMT cf-cache-status MISS last-modified Wed, 09 Nov 2022 21:18:24 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "58839-5ed10326eea1a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QmyYj2vqvz3FvzrvvXdTzd46Psx94ngTQaq0P30BaY%2B8w%2F6CTMoUk5YiS89uVO%2F3OMGPhRjm3Ufiu5DTl1wuiYXOj6XwEG7FDUyh4LTu%2FHIFM8xIlUyNA4lYZPkcKXgs"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 767dcb3a6dcfb336-PRG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 362553

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Bank of America (Banking)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dream1now.com
104.21.9.225
0b84ac95f61bcf2132286adec0c7f3e5535b8d5d426bec8a0eec3d479c251e4b
2426227635564bf63526bd66126ee0ef1f004196ad625fa2519d1662311e06bc
2af2f24de846615b193d7ecaa6bffa63cc15eabba338cb9e5222caa4af51c08f
2dbacd10301cd4773d61b86689e25f711d48f9a2d5bfb1fd5dcd185ff80c9f1e
774931efdf6b3af64477bdd981cabfe22525136e5545bdbb5836a2d3ea09f4fd
9333f73bf884d431a11b9eb18de73854f7261f1b38686df38a91a049b71e9945
9f2e7ea72ae132cc4182ecb186939c4cdf429447e8c4ed024b06f68129ba924e
a683369cafea60ab978816ebbec975ade158da39e97e8e65d4fe56e659d46d5d
bc0a4073dec94a97a606305f73c1f283efc8c990c70a7075a916576ce252b9fa
c32405cc040e868e3e4457fabbea43510a8fd965a2be8930dd54230557c5d9f8
f4007cd1fa3b61a956ed754859cb46e3d4e03f365151e227fed971f70a298ebe
f53f05a29121db7331c915281d32291b4a26e1b7f629e344791c8d8d1532d73f

dream1now.com Open in urlscan Pro 104.21.9.225 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

12 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

522 kBTransfer

519 kBSize

0 Cookies

0 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

0 Cookies

Indicators

dream1now.com Open in urlscan Pro
104.21.9.225 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

522 kB
Transfer

519 kB
Size

0
Cookies

12 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!