ads2w.com
Open in
urlscan Pro
198.38.90.174
Malicious Activity!
Public Scan
Submission: On September 07 via automatic, source openphish
Summary
This is the only time ads2w.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Wells Fargo (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
15 | 198.38.90.174 198.38.90.174 | 23352 (SERVERCEN...) (SERVERCENTRAL - Server Central Network) | |
15 | 1 |
ASN23352 (SERVERCENTRAL - Server Central Network, US)
ads2w.com |
Domain | Requested by | |
---|---|---|
15 | ads2w.com |
ads2w.com
|
15 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://ads2w.com/reset-Wellsfargo/wellsfargo/confirm.html
Frame ID: 2865.1
Requests: 15 HTTP requests in this frame
Screenshot
Detected technologies
UNIX (Operating Systems) ExpandDetected patterns
- headers server /Unix/i
OpenSSL (Web Server Extensions) Expand
Detected patterns
- headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i
mod_ssl (Web Server Extensions) Expand
Detected patterns
- headers server /mod_ssl(?:\/([\d.]+))?/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
- headers server /mod_ssl(?:\/([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
15 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
confirm.html
ads2w.com/reset-Wellsfargo/wellsfargo/ |
8 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
background.png
ads2w.com/reset-Wellsfargo/wellsfargo/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
white.png
ads2w.com/reset-Wellsfargo/wellsfargo/images/ |
855 B 855 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
header.png
ads2w.com/reset-Wellsfargo/wellsfargo/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
menu.png
ads2w.com/reset-Wellsfargo/wellsfargo/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
menu2.png
ads2w.com/reset-Wellsfargo/wellsfargo/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
topic.png
ads2w.com/reset-Wellsfargo/wellsfargo/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
instruct.png
ads2w.com/reset-Wellsfargo/wellsfargo/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
horizontalline.png
ads2w.com/reset-Wellsfargo/wellsfargo/images/ |
194 B 194 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tinyhorizontalline.png
ads2w.com/reset-Wellsfargo/wellsfargo/images/ |
259 B 259 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
verticalline.png
ads2w.com/reset-Wellsfargo/wellsfargo/images/ |
256 B 256 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
formlist.png
ads2w.com/reset-Wellsfargo/wellsfargo/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
submitbox.png
ads2w.com/reset-Wellsfargo/wellsfargo/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
conti.png
ads2w.com/reset-Wellsfargo/wellsfargo/images/ |
797 B 797 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
downmenu.png
ads2w.com/reset-Wellsfargo/wellsfargo/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Wells Fargo (Banking)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ads2w.com
198.38.90.174
1008e13bb844591360f69c4f5bdfd0c59e1d78a0a56194756e30d6b4303ac05a
14dadd3f4beaa8214f48acf476b8dcddd4101ccfdf6170b4d8da23b1904910b2
20026c7eec802f1c9dc9925fe63cd0fde87f04c2fb3711d57fcc91603e0ffc4b
2f5afb6b4858c218df5dbdbec30aae9b62adbf3fb84ede48d528f5f0e2c00e62
432cd23df2b97fe0ee7ee8f76273ec4b15bb79d584900073a6438ed2fd4447df
5a2e339fd5f9c1108b4daf30f91ed6a099927cb3a53b09aa5df17f1eaf5ca3a3
5e658a62316d7a4719b3362fa1dc753912a6d22c7226a04cd271c7655e52f710
6b7e2492ede25440059c1f49488560dd4471df2ba61bd7684e8ea36dac340b35
762211f62ca1976afc6c149974f7f43ce38ab89853abbc68bb500f84fcbaeb40
b05611d1b5abf7f0d5df543bed1957bc0993d326cab2be3e8df1e3a6a7bdc73b
b3797183c4e372257cbb5620479bbdc97eed2e462a540a53a47e1dad8e64c94b
befd7ed4f7c0b207e73b745e4474104426467af16714c6bcb5d48ac8ce136936
e7f2eff8484a589a80333b8e1b6941e90ee3650cc5408132a859d91a782ee7c6
ef83bd61f55d0ae36de90c929a01c2a54769175def9a13d53f62c39e5febb56f
fc0ea6961bbdeb5902ef50a19063d83cd2454c95eb4023fbde0e12b691b7bfe0