dream1now.com
Open in
urlscan Pro
104.21.9.225
Malicious Activity!
Public Scan
Submission Tags: #phishing @ecarlesi Search All
Submission: On November 10 via api from FI — Scanned from FI
Summary
TLS certificate: Issued by E1 on November 9th 2022. Valid for: 3 months.
This is the only time dream1now.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Bank of America (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
12 | 104.21.9.225 104.21.9.225 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
12 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
dream1now.com
dream1now.com |
522 KB |
12 | 1 |
Domain | Requested by | |
---|---|---|
12 | dream1now.com |
dream1now.com
|
12 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.dream1now.com E1 |
2022-11-09 - 2023-02-07 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://dream1now.com/
Frame ID: 853209836BA4AE2BA57E3C9B80B8D02B
Requests: 12 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
dream1now.com/ |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
dream1now.com/css/ |
824 B 680 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Screenshot_1.png
dream1now.com/img/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Screenshot_2.png
dream1now.com/img/ |
989 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Screenshot_3.png
dream1now.com/img/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Screenshot_4.png
dream1now.com/img/ |
725 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Screenshot_5.png
dream1now.com/img/ |
8 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Screenshot_7.png
dream1now.com/img/ |
664 B 952 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Screenshot_8.png
dream1now.com/img/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Screenshot_6.png
dream1now.com/img/ |
139 KB 139 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Screenshot_9.png
dream1now.com/img/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
asdasdsd.png
dream1now.com/img/ |
354 KB 355 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Bank of America (Banking)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
dream1now.com
104.21.9.225
0b84ac95f61bcf2132286adec0c7f3e5535b8d5d426bec8a0eec3d479c251e4b
2426227635564bf63526bd66126ee0ef1f004196ad625fa2519d1662311e06bc
2af2f24de846615b193d7ecaa6bffa63cc15eabba338cb9e5222caa4af51c08f
2dbacd10301cd4773d61b86689e25f711d48f9a2d5bfb1fd5dcd185ff80c9f1e
774931efdf6b3af64477bdd981cabfe22525136e5545bdbb5836a2d3ea09f4fd
9333f73bf884d431a11b9eb18de73854f7261f1b38686df38a91a049b71e9945
9f2e7ea72ae132cc4182ecb186939c4cdf429447e8c4ed024b06f68129ba924e
a683369cafea60ab978816ebbec975ade158da39e97e8e65d4fe56e659d46d5d
bc0a4073dec94a97a606305f73c1f283efc8c990c70a7075a916576ce252b9fa
c32405cc040e868e3e4457fabbea43510a8fd965a2be8930dd54230557c5d9f8
f4007cd1fa3b61a956ed754859cb46e3d4e03f365151e227fed971f70a298ebe
f53f05a29121db7331c915281d32291b4a26e1b7f629e344791c8d8d1532d73f