eroticzone.net
Open in
urlscan Pro
198.20.106.186
Malicious Activity!
Public Scan
Submission: On February 09 via automatic, source phishtank
Summary
This is the only time eroticzone.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Wells Fargo (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
8 | 198.20.106.186 198.20.106.186 | 32475 (SINGLEHOP...) (SINGLEHOP-LLC - SingleHop) | |
9 | 159.45.66.148 159.45.66.148 | 4196 (WELLSFARG...) (WELLSFARGO-4196 - Wells Fargo & Company) | |
3 | 159.45.170.148 159.45.170.148 | 10837 (WELLSFARG...) (WELLSFARGO-10837 - Wells Fargo & Company) | |
3 | 159.45.170.165 159.45.170.165 | 10837 (WELLSFARG...) (WELLSFARGO-10837 - Wells Fargo & Company) | |
2 | 159.45.66.156 159.45.66.156 | 4196 (WELLSFARG...) (WELLSFARGO-4196 - Wells Fargo & Company) | |
25 | 5 |
ASN32475 (SINGLEHOP-LLC - SingleHop, Inc., US)
PTR: node01.tmdhosting111.eu
eroticzone.net |
ASN4196 (WELLSFARGO-4196 - Wells Fargo & Company, US)
PTR: icomplete.wellsfargo.com
icomplete.wellsfargo.com |
ASN10837 (WELLSFARGO-10837 - Wells Fargo & Company, US)
PTR: icomplete.wellsfargo.com
icomplete.wellsfargo.com |
ASN10837 (WELLSFARGO-10837 - Wells Fargo & Company, US)
PTR: onlineservices.wellsfargo.com
onlineservices.wellsfargo.com |
ASN4196 (WELLSFARGO-4196 - Wells Fargo & Company, US)
PTR: connect.secure.wellsfargo.com
connect.secure.wellsfargo.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
wellsfargo.com
icomplete.wellsfargo.com onlineservices.wellsfargo.com connect.secure.wellsfargo.com |
427 KB |
8 |
eroticzone.net
eroticzone.net |
154 KB |
25 | 2 |
Domain | Requested by | |
---|---|---|
12 | icomplete.wellsfargo.com |
eroticzone.net
icomplete.wellsfargo.com |
8 | eroticzone.net |
eroticzone.net
|
3 | onlineservices.wellsfargo.com |
eroticzone.net
onlineservices.wellsfargo.com |
2 | connect.secure.wellsfargo.com |
onlineservices.wellsfargo.com
connect.secure.wellsfargo.com |
25 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.wellsfargo.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
icomplete.wellsfargo.com Symantec Class 3 Secure Server CA - G4 |
2015-10-14 - 2017-10-14 |
2 years | crt.sh |
onlineservices.wellsfargo.com Symantec Class 3 Secure Server CA - G4 |
2016-09-01 - 2018-09-02 |
2 years | crt.sh |
connect.secure.wellsfargo.com Symantec Class 3 Secure Server CA - G4 |
2016-10-13 - 2018-10-13 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
http://eroticzone.net/wlls/secure.wellsfargo.com/auth/login/Wells%20Fargo%20-%20Security%20-%20Access%20Your%20Account%20Status.html?sslSecuredForm
Frame ID: 7217.1
Requests: 25 HTTP requests in this frame
7 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Online Security
Search URL Search Domain Scan URL
Title: Personal Accounts FAQs
Search URL Search Domain Scan URL
Title: Sign up
Search URL Search Domain Scan URL
Title: Small Business Accounts FAQs
Search URL Search Domain Scan URL
Title: sign up
Search URL Search Domain Scan URL
Title: Privacy, Security & Legal
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
25 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Wells%20Fargo%20-%20Security%20-%20Access%20Your%20Account%20Status.html
eroticzone.net/wlls/secure.wellsfargo.com/auth/login/ |
107 KB 107 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
oas.css
icomplete.wellsfargo.com/oas/css/ |
50 KB 50 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
jQuery.js
icomplete.wellsfargo.com/oas/js/ |
267 KB 267 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
timer.js
icomplete.wellsfargo.com/oas/js/ |
12 KB 12 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
init.js
icomplete.wellsfargo.com/oas/js/ |
6 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
Utility.js
icomplete.wellsfargo.com/oas/js/ |
7 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
Tip.js
icomplete.wellsfargo.com/oas/js/ |
10 KB 10 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login-userprefs.js
onlineservices.wellsfargo.com/auth/static/prefs/ |
138 KB 30 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_62sq.gif
icomplete.wellsfargo.com/oas/img/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s.gif
icomplete.wellsfargo.com/oas/img/ |
43 B 43 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tealiumUtag.js
eroticzone.net/oas/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s.gif
eroticzone.net/oas/img/ |
1 KB 1 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tip_close.gif
eroticzone.net/wlls/secure.wellsfargo.com/auth/img/ |
1 KB 1 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
conutils-6.2.2.js
onlineservices.wellsfargo.com/auth/static/scripts/ |
10 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
atadun.js
onlineservices.wellsfargo.com/auth/static/prefs/ |
1 KB 526 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
connect.secure.wellsfargo.com/ATADUN/2.2/w/w-642409/sync/js/ |
36 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icn_lock_16x16.gif
icomplete.wellsfargo.com/oas/img/ |
210 B 210 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
btn_blueslice.gif
icomplete.wellsfargo.com/oas/img/ |
152 B 152 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s.gif
eroticzone.net/oas/img/ |
1 KB 1 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tip_close.gif
eroticzone.net/wlls/secure.wellsfargo.com/auth/img/ |
1 KB 1 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tip_default_top.gif
icomplete.wellsfargo.com/oas/img/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tip_above_right_bottom.gif
icomplete.wellsfargo.com/oas/img/ |
658 B 658 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
bwts
eroticzone.net/ |
21 KB 21 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
/
connect.secure.wellsfargo.com/ATADUN/2.2/w/w-642409/init/js/ |
471 B 471 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
eroticzone.net/ |
21 KB 21 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Wells Fargo (Banking)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
connect.secure.wellsfargo.com
eroticzone.net
icomplete.wellsfargo.com
onlineservices.wellsfargo.com
159.45.170.148
159.45.170.165
159.45.66.148
159.45.66.156
198.20.106.186
074c01d24cbe5e33186477cabbe8593ed60582ec5184357aec6ec3dbacc36cbe
075cfd6f18e335fa84d614d8b379013f3fbc8dc4c6eb1fa586774dbc358407df
1d75c1532073401f90f2c4a3135126be6b2cfcd7d24af3da75e393a3c2269a81
3313ac9f2c148df9dc8581ae4d7bb9023c3ef933d1152db47de29e32ec5f67b0
631ae8fdc5bfe075d55a04f409b5288d69c9ca842446b0112f6e059bdccb6909
6b5e7076a0b5326c30144e31e96dc32c269d4c868d097c1adb343a96f94c11a6
7f3f4e11f537ae3829b5e22acd683d497e1ac44c3f95038bec2d8de9057a202c
82701632f4322d33d6b2e189ab7fb1ebd180c08e1697ba20bfac9b1b33980787
83a6b445889cf91de3d7416b6ac9359763e47eeb45cea1834ca828ba14e909eb
8431761f216149bedd1cf1cc7f31fdace35088d665724d65bb2aaf790a836281
956d8075bae2261bf04f32728d09204d3de41a784384aba815a97e67dcaee307
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b21c71fbbfd66a6b1bce20aac2c6f7cc5f1142d5d329b4f4ebead63962f61a26
b2cf1667c260c6e820a8eab8efb0c8ff62cb56d4b0ed938d35962d082e4d7884
ba3025d6b0ca59f44a1133cb4461f245b881a49cc245e6441ff154b5379ba092
bdb3182270ba9850626861aeeae969fc62a1c14d857d174cfb50e9307b98e701
bfbe2f5e682dec791064f2fe62b66402fd1dda711e1d4d3cfb6fb4ba4f1637e2
cbd2b62e344bfed10c8e7becd4434660e310f5221a0ad1c725a475877e7de434
d02392475f1b41fe39f8f25dbfa49c8bd4559001cbae61036f05038f73178f15
d0a06cd2be85fe937b803b44ed4c25de8c46e15bf672c494709f6c2567e21285
dd77bede93256e88a4f6b6b05bca756126011650ce56a2a5e7ea6ecf44941fe2