benika.xyz
Open in
urlscan Pro
91.212.150.143
Malicious Activity!
Public Scan
Submission: On October 21 via automatic, source openphish
Summary
This is the only time benika.xyz was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Wells Fargo (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
21 | 91.212.150.143 91.212.150.143 | 43350 (NFORCE) (NFORCE) | |
21 | 1 |
ASN43350 (NFORCE, NL)
PTR: italy.prive-portaal.top
benika.xyz |
Apex Domain Subdomains |
Transfer | |
---|---|---|
21 |
benika.xyz
benika.xyz |
1 MB |
21 | 1 |
Domain | Requested by | |
---|---|---|
21 | benika.xyz |
benika.xyz
|
21 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://benika.xyz/wellsfargoloardbridgeV1/en.php?locan=en&dc=R33kR72CAH7HmfGayV1EhXCdTDfy4FLC8jQoxular2K0e6rFg8Hv52h53hul
Frame ID: 3F95851EB430956B5BB4C57673FE2498
Requests: 21 HTTP requests in this frame
Screenshot
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
en.php
benika.xyz/wellsfargoloardbridgeV1/ |
6 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wstyle.css
benika.xyz/wellsfargoloardbridgeV1/css/ |
15 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jqueryLib.js
benika.xyz/wellsfargoloardbridgeV1/js/ |
85 KB 85 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
actions.js
benika.xyz/wellsfargoloardbridgeV1/js/ |
961 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img1.png
benika.xyz/wellsfargoloardbridgeV1/images/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img2.png
benika.xyz/wellsfargoloardbridgeV1/images/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img3.png
benika.xyz/wellsfargoloardbridgeV1/images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img4.png
benika.xyz/wellsfargoloardbridgeV1/images/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg1.png
benika.xyz/wellsfargoloardbridgeV1/images/ |
663 KB 663 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img5.png
benika.xyz/wellsfargoloardbridgeV1/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img6.png
benika.xyz/wellsfargoloardbridgeV1/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img7.png
benika.xyz/wellsfargoloardbridgeV1/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img8.png
benika.xyz/wellsfargoloardbridgeV1/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img9.png
benika.xyz/wellsfargoloardbridgeV1/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img13.png
benika.xyz/wellsfargoloardbridgeV1/images/ |
40 KB 41 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img10.png
benika.xyz/wellsfargoloardbridgeV1/images/ |
78 KB 78 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img11.png
benika.xyz/wellsfargoloardbridgeV1/images/ |
183 KB 183 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img12.png
benika.xyz/wellsfargoloardbridgeV1/images/ |
198 KB 198 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img14.png
benika.xyz/wellsfargoloardbridgeV1/images/ |
167 KB 167 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img15.png
benika.xyz/wellsfargoloardbridgeV1/images/ |
28 KB 28 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img16.png
benika.xyz/wellsfargoloardbridgeV1/images/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Wells Fargo (Banking)7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| trustedTypes function| $ function| jQuery function| numbersOnly function| digitsOnly function| allowedChars function| isOneOf0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
benika.xyz
91.212.150.143
031bdc9b0a980430a4db4978189164d01bf86997f98f0723c958812427e032f7
16ad2e2383212bcfe8bd540e363da3dd6b20f37ea5e3d0bb63ecb01112e19fb0
1c79c806605391adc56470ecdd5d54e38570c2bd9edd652657287d0b0a955c51
64600a0c892fe631b56e525639780446fa8c7545f5cf83d5c6e5fde046f2c8a3
7097b6699823e9daadf6f95f3d6e3f2173476f04b094aa503e97f1959fff8a5a
75b707d8761e2bfbd25fbd661f290a4f7fd11c48e1bf53a36dc6bd8a0034fa35
7b86b454faa2524a6a1bf12e3f6803de86eee110fb73e19a12fe2cab372ccc35
7d03e6e9257ee978bd1c4347dffdd690a305557a5705d40c1e84e38c7c722687
9c6e7d95e79a4f169ac93a8152277dc280fbb88ffab1487034aa70bee8daf856
a302047041e340c096e9973c621143d0fb69e3cb2b56063b252963bbc13d1804
bdbf1ff8746aa77dd9b7314ae61682e905f8fa2935fc22530b7cfcce428045db
cd42cc3081d1ae6c07a40ce45b6534a7e510e9f859d9e3d91636910ee50ab09e
cf6caebc5481b990b477e48db89750b89ecd1d5d366b167192c61073b4460009
d082c05ab621d5c51f7a8b4f3554e58a37715768a6e0e66994ca32244bb6c60e
dc09c634009d0b39263945dc9eae285c299ce5481ed1b474718cb2893950b037
e7edc0cb372e906c9e0a7a3e42b468918434189ee4c74fe3fb25d8cffe4ea253
edeaa50b3f1c1577c81c70ba67cfacc63b15c292f6440619d55819dcffe90d52
f4bbd5ae1cdd7321608fe7a841415ae511a33ff2b3791200a063849bdf84964e
fb594fb6803b7edb361c10385853be3df83453bfe012485856dbea8774883324
fbfb43267fe0d2390ce147c24d04a796b169570ae9fcaae91b7f9011c0b6524c
ff1f0db1d936c2c720c9e0946007e50e3c34824d555ff3191ead7e06ea7824b7