group99.net
Open in
urlscan Pro
104.168.58.141
Malicious Activity!
Public Scan
Submission Tags: @ipnigh
Submission: On July 12 via api from GB
Summary
This is the only time group99.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Wells Fargo (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
11 | 104.168.58.141 104.168.58.141 | 36352 (AS-COLOCR...) (AS-COLOCROSSING - ColoCrossing) | |
12 | 2 |
ASN36352 (AS-COLOCROSSING - ColoCrossing, US)
PTR: server.webhostingwithus.com
group99.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
group99.net
group99.net |
139 KB |
0 |
wellsfargo.com
Failed
www.wellsfargo.com Failed |
|
12 | 2 |
Domain | Requested by | |
---|---|---|
11 | group99.net |
group99.net
|
0 | www.wellsfargo.com Failed | |
12 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
1970-01-01 - 1970-01-01 |
a few seconds | crt.sh |
This page contains 1 frames:
Frame:
https://www.wellsfargo.com/goals-credit/smarter-credit/good-credit-habits/
Frame ID: AF476CEB6EF4B0F7A9D51763D68BCDFA
Requests: 12 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
finish.html
group99.net/k/ |
4 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vudu.css
group99.net/k/css/ |
26 KB 26 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wibscreen.css
group99.net/k/css/ |
105 KB 105 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mm.css
group99.net/k/css/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
shim.gif
group99.net/k/img/ |
331 B 331 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_62sq.gif
group99.net/k/img/ |
616 B 857 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
btn_search_white.gif
group99.net/k/img/ |
343 B 343 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tagline_consumer.gif
group99.net/k/img/ |
937 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wibprint.css
group99.net/k/css/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
search_corner.gif
group99.net/k/css/images/ |
347 B 347 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
btn_search_white.gif
group99.net/k/img/ |
343 B 343 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
www.wellsfargo.com/goals-credit/smarter-credit/good-credit-habits/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.wellsfargo.com
- URL
- https://www.wellsfargo.com/goals-credit/smarter-credit/good-credit-habits/
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Wells Fargo (Banking)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
group99.net
www.wellsfargo.com
www.wellsfargo.com
104.168.58.141
2900cd456f4ce61ba29f48fc7086a271d946077efa26c7927c65c19e293120ec
3f32fabf32147846d06d0d451ac9a41dcef278f09683a7b05c95e04f9a055a2e
5dd26d926dda54524ab6d5696e30fa8ae26e5b54895d20a4781d54f4ed5cbf78
ab910b7a15461ccee4ae8a0b83cc6732254f6c69459fd478fa7ad113b0795615
c757116f421565c1ea86e8934fc85e5625dec837dc312dd998b35c1598e2d36d
dcd3ee5e1441dddc80287f758068aee7c31471170744000d1b60799ff5f909cd
ebf4a535fa6a88962621940e780ca0cd6707b6cdaed59f469f0aeada311d09d1
ef81d6e26982cfcdc8ee80a7b7d3553e57b8ddc5d9f92962b115029afc157e71