www.villanives.com
Open in
urlscan Pro
173.199.184.24
Malicious Activity!
Public Scan
Submission: On May 22 via automatic, source openphish
Summary
This is the only time www.villanives.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Wells Fargo (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 11 | 173.199.184.24 173.199.184.24 | 32244 () () | |
10 | 2 |
ASN32244 (,)
PTR: host.pressmax.net
www.villanives.com | |
villanives.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
villanives.com
1 redirects
www.villanives.com villanives.com |
190 KB |
10 | 1 |
Domain | Requested by | |
---|---|---|
10 | www.villanives.com |
1 redirects
www.villanives.com
|
1 | villanives.com |
www.villanives.com
|
10 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://www.villanives.com/wp/wellsfargo/update.html?request_type=LogLogonHandler&location=us_logon1
Frame ID: 5C299068D96C2B8569C8919AD10E9401
Requests: 14 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 12- http://www.villanives.com/assets/images/osmp/loader-sm.gif HTTP 301
- http://villanives.com/assets/images/osmp/loader-sm.gif
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
update.html
www.villanives.com/wp/wellsfargo/ |
24 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.mobileec92.css
www.villanives.com/wp/wellsfargo/css/ |
78 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
desktop-tablet.combinedec92.css
www.villanives.com/wp/wellsfargo/css/ |
129 KB 30 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wf-logo.gif
www.villanives.com/wp/wellsfargo/assets/images/global/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.combinedec92.js
www.villanives.com/wp/wellsfargo/javascript/ |
309 KB 111 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
desktop-tablet.combinedec92.js
www.villanives.com/wp/wellsfargo/javascript/ |
58 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loader-sm.gif
www.villanives.com/wp/wellsfargo/assets/images/osmp/ |
1 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
926 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
btn-icon-search.png
www.villanives.com/wp/wellsfargo/assets/images/osmp/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
428 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg-footer.png
www.villanives.com/wp/wellsfargo/assets/images/osmp/ |
563 B 855 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
43 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
34 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loader-sm.gif
villanives.com/assets/images/osmp/ Redirect Chain
|
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Wells Fargo (Banking)8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery object| jQuery111003412747023299636 object| WF object| utag_data0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
villanives.com
www.villanives.com
173.199.184.24
00ad27c585cb12f51f9087349e4dab2088f70343cfbad5309e204f176969040f
03d86f34db46f2d600926047d935ece5636899bd46cb9ad04d526d11ebd28308
0d4c1faf314c56aa4dcbacb09ef48ca4a69c18501c14092e6e9dddd7382da1cf
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
41f65e2f54a0cdf9aae7a8504590ef6acb2c16ad62f441355d44be2f5ae2f803
5bfcab24a46256e24aa81c6b2eae41344010d13d3445ba2997b8674888d6019c
755a4380b386badbf92bb5fb674942733e09b9df0fea44f39191b0b87ade1b1e
81aac32d4a7ff60babc93d38baaab739c55773843757258afbae01e23288c6cc
ba4129aadbb88a55d41b8a518a59a2fdaaa77f1051ba02762f63c91cbb64464f
bf09007ac554fd6a0e119113238ff10e8c560842c5f53ad031fa6a4859e11542
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5e35268c6ace67d34dcb88594fa3fc43ed095b9f1a7560de8967a2039f39fc4
edc5ee3b590dae17b0eb19063c34680c15ee144d13583d006e6a7976b69cd2db