wellsfard0.com Open in urlscan Pro
2606:4700::6810:f34e  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request login Show response wellsfard0.com/	74 KB 12 KB	1440ms 827ms	Document text/html	2606:4700::6810:f34e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wellsfard0.com/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:f34e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Next.js Resource Hash 992b0e3b9051463a587ae4dc555ee72dec23d56a2b4a803871ef1ab23b3c77dd Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control private cf-cache-status MISS cf-ray 7cdc934c6dbd37ec-FRA content-encoding br content-type text/html; charset=utf-8 date Sat, 27 May 2023 07:34:26 GMT server cloudflare vary Accept-Encoding x-do-app-origin 7861ccef-cbb8-4e4d-bc2c-4dd8f0775607 x-do-orig-status 200 x-powered-by Next.js
GET H2	200	ec70bd28c3629d55.css wellsfard0.com/_next/static/css/	9 KB 1 KB	51ms 50ms	Stylesheet text/css	2606:4700::6810:f34e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wellsfard0.com/_next/static/css/ec70bd28c3629d55.css Requested by Host: wellsfard0.com URL: https://wellsfard0.com/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:f34e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b4d49ad903ce6450f2f54efba11e4f2c7f5a6148acc0c2bd40e0d7f853f118f8 Request headers accept-language de-DE,de;q=0.9 Referer https://wellsfard0.com/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Sat, 27 May 2023 07:34:26 GMT content-encoding br cf-cache-status HIT last-modified Tue, 01 Jan 1980 00:00:01 GMT server cloudflare x-do-app-origin 7861ccef-cbb8-4e4d-bc2c-4dd8f0775607 age 33908 x-do-orig-status 200 etag W/"23bd-49773873e8" vary Accept-Encoding content-type text/css; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 7cdc93519b2d37ec-FRA
GET H2	200	webpack-bb469f829a664d48.js Show response wellsfard0.com/_next/static/chunks/	2 KB 1 KB	48ms 47ms	Script application/javascript	2606:4700::6810:f34e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wellsfard0.com/_next/static/chunks/webpack-bb469f829a664d48.js Requested by Host: wellsfard0.com URL: https://wellsfard0.com/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:f34e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5dfe185409ff8cc0e73ea870cbefbcdac38297bbfa69c545686e536f7c51fa64 Request headers accept-language de-DE,de;q=0.9 Referer https://wellsfard0.com/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Sat, 27 May 2023 07:34:26 GMT content-encoding br cf-cache-status HIT last-modified Tue, 01 Jan 1980 00:00:01 GMT server cloudflare x-do-app-origin 7861ccef-cbb8-4e4d-bc2c-4dd8f0775607 age 207828 x-do-orig-status 200 etag W/"891-49773873e8" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 7cdc93519b2f37ec-FRA
GET H2	200	framework-9b5d6ec4444c80fa.js Show response wellsfard0.com/_next/static/chunks/	138 KB 45 KB	64ms 62ms	Script application/javascript	2606:4700::6810:f34e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wellsfard0.com/_next/static/chunks/framework-9b5d6ec4444c80fa.js Requested by Host: wellsfard0.com URL: https://wellsfard0.com/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:f34e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1aee3a5f0c4b6735edff60d58f20a936ce11e5d4a36a5a76390aeda043ae4048 Request headers accept-language de-DE,de;q=0.9 Referer https://wellsfard0.com/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Sat, 27 May 2023 07:34:26 GMT content-encoding br cf-cache-status HIT last-modified Tue, 01 Jan 1980 00:00:01 GMT server cloudflare x-do-app-origin 7861ccef-cbb8-4e4d-bc2c-4dd8f0775607 age 207828 x-do-orig-status 200 etag W/"228c5-49773873e8" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 7cdc93519b3037ec-FRA
GET H2	200	main-3123a443c688934f.js Show response wellsfard0.com/_next/static/chunks/	102 KB 31 KB	94ms 92ms	Script application/javascript	2606:4700::6810:f34e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wellsfard0.com/_next/static/chunks/main-3123a443c688934f.js Requested by Host: wellsfard0.com URL: https://wellsfard0.com/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:f34e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0eed4542b90a01be928023ec3dc7abed45c63ffc8067a496863ecef579d4af9f Request headers accept-language de-DE,de;q=0.9 Referer https://wellsfard0.com/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Sat, 27 May 2023 07:34:26 GMT content-encoding br cf-cache-status HIT last-modified Tue, 01 Jan 1980 00:00:01 GMT server cloudflare x-do-app-origin 7861ccef-cbb8-4e4d-bc2c-4dd8f0775607 age 207828 x-do-orig-status 200 etag W/"199f6-49773873e8" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 7cdc93519b3337ec-FRA
GET H2	200	_app-7e0dffbdb63082b7.js Show response wellsfard0.com/_next/static/chunks/pages/	33 KB 13 KB	57ms 56ms	Script application/javascript	2606:4700::6810:f34e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wellsfard0.com/_next/static/chunks/pages/_app-7e0dffbdb63082b7.js Requested by Host: wellsfard0.com URL: https://wellsfard0.com/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:f34e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0a2f88b46163cbcc1031f9ba819d63b6218fd8bbaca360a3842fc10b003e0c9a Request headers accept-language de-DE,de;q=0.9 Referer https://wellsfard0.com/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Sat, 27 May 2023 07:34:26 GMT content-encoding br cf-cache-status HIT last-modified Tue, 01 Jan 1980 00:00:01 GMT server cloudflare x-do-app-origin 7861ccef-cbb8-4e4d-bc2c-4dd8f0775607 age 207828 x-do-orig-status 200 etag W/"82c8-49773873e8" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 7cdc93519b3537ec-FRA
GET H2	200	217-fc4ca4bc23c5eb89.js Show response wellsfard0.com/_next/static/chunks/	13 KB 6 KB	50ms 48ms	Script application/javascript	2606:4700::6810:f34e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wellsfard0.com/_next/static/chunks/217-fc4ca4bc23c5eb89.js Requested by Host: wellsfard0.com URL: https://wellsfard0.com/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:f34e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1f6db8541d75dcacbef78c15894ebc5f8e5d184fb74527ce5a98d8e6a9ec3cd8 Request headers accept-language de-DE,de;q=0.9 Referer https://wellsfard0.com/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Sat, 27 May 2023 07:34:26 GMT content-encoding br cf-cache-status HIT last-modified Tue, 01 Jan 1980 00:00:01 GMT server cloudflare x-do-app-origin 7861ccef-cbb8-4e4d-bc2c-4dd8f0775607 age 207828 x-do-orig-status 200 etag W/"33ed-49773873e8" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 7cdc93519b3737ec-FRA
GET H2	200	669-99f2ccaabdd8667f.js Show response wellsfard0.com/_next/static/chunks/	44 KB 15 KB	52ms 51ms	Script application/javascript	2606:4700::6810:f34e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wellsfard0.com/_next/static/chunks/669-99f2ccaabdd8667f.js Requested by Host: wellsfard0.com URL: https://wellsfard0.com/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:f34e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 36ceab4c1dc7b887fb547237b17f88b64ffbf3c54bc34be10c540d619b4a795d Request headers accept-language de-DE,de;q=0.9 Referer https://wellsfard0.com/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Sat, 27 May 2023 07:34:26 GMT content-encoding br cf-cache-status HIT last-modified Tue, 01 Jan 1980 00:00:01 GMT server cloudflare x-do-app-origin 7861ccef-cbb8-4e4d-bc2c-4dd8f0775607 age 207828 x-do-orig-status 200 etag W/"af9a-49773873e8" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 7cdc93519b3937ec-FRA
GET H2	200	463-4dd4bb77d9429926.js Show response wellsfard0.com/_next/static/chunks/	50 KB 16 KB	94ms 92ms	Script application/javascript	2606:4700::6810:f34e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wellsfard0.com/_next/static/chunks/463-4dd4bb77d9429926.js Requested by Host: wellsfard0.com URL: https://wellsfard0.com/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:f34e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 03a744b7ad8f90d46a86f539ce9bcc9677171afec9580adb7e7d18f444b3cebd Request headers accept-language de-DE,de;q=0.9 Referer https://wellsfard0.com/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Sat, 27 May 2023 07:34:26 GMT content-encoding br cf-cache-status HIT last-modified Tue, 01 Jan 1980 00:00:01 GMT server cloudflare x-do-app-origin 7861ccef-cbb8-4e4d-bc2c-4dd8f0775607 age 207828 x-do-orig-status 200 etag W/"c658-49773873e8" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 7cdc93519b3b37ec-FRA
GET H2	200	995-92300564294beb17.js Show response wellsfard0.com/_next/static/chunks/	7 KB 3 KB	62ms 61ms	Script application/javascript	2606:4700::6810:f34e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wellsfard0.com/_next/static/chunks/995-92300564294beb17.js Requested by Host: wellsfard0.com URL: https://wellsfard0.com/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:f34e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 87d130d32aa8ca4491b10964b399d8a8e6b40efb144a0bdc38e3d2c7f34edae2 Request headers accept-language de-DE,de;q=0.9 Referer https://wellsfard0.com/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Sat, 27 May 2023 07:34:26 GMT content-encoding br cf-cache-status HIT last-modified Tue, 01 Jan 1980 00:00:01 GMT server cloudflare x-do-app-origin 7861ccef-cbb8-4e4d-bc2c-4dd8f0775607 age 207828 x-do-orig-status 200 etag W/"1df4-49773873e8" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 7cdc93519b3c37ec-FRA
GET H2	200	139-b8a39c4557d8f024.js Show response wellsfard0.com/_next/static/chunks/	7 KB 3 KB	94ms 93ms	Script application/javascript	2606:4700::6810:f34e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wellsfard0.com/_next/static/chunks/139-b8a39c4557d8f024.js Requested by Host: wellsfard0.com URL: https://wellsfard0.com/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:f34e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a9473de3164a52c8001382640150b2f66c8549dd6a9c4ea25eb631903855de59 Request headers accept-language de-DE,de;q=0.9 Referer https://wellsfard0.com/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Sat, 27 May 2023 07:34:26 GMT content-encoding br cf-cache-status HIT last-modified Tue, 01 Jan 1980 00:00:01 GMT server cloudflare x-do-app-origin 7861ccef-cbb8-4e4d-bc2c-4dd8f0775607 age 207828 x-do-orig-status 200 etag W/"1b4d-49773873e8" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 7cdc93519b3e37ec-FRA
GET H2	200	785-194388d0a8adb6a6.js Show response wellsfard0.com/_next/static/chunks/	78 KB 27 KB	109ms 108ms	Script application/javascript	2606:4700::6810:f34e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wellsfard0.com/_next/static/chunks/785-194388d0a8adb6a6.js Requested by Host: wellsfard0.com URL: https://wellsfard0.com/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:f34e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b548ced5d5c606131cb8d49dfefc13b58d6a199229365e5b8964ebb1e4d584a5 Request headers accept-language de-DE,de;q=0.9 Referer https://wellsfard0.com/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Sat, 27 May 2023 07:34:26 GMT content-encoding br cf-cache-status HIT last-modified Tue, 01 Jan 1980 00:00:01 GMT server cloudflare x-do-app-origin 7861ccef-cbb8-4e4d-bc2c-4dd8f0775607 age 207828 x-do-orig-status 200 etag W/"1381a-49773873e8" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 7cdc9351db7537ec-FRA
GET H2	200	540-4bf9c355752a0a1d.js Show response wellsfard0.com/_next/static/chunks/	15 KB 5 KB	108ms 107ms	Script application/javascript	2606:4700::6810:f34e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wellsfard0.com/_next/static/chunks/540-4bf9c355752a0a1d.js Requested by Host: wellsfard0.com URL: https://wellsfard0.com/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:f34e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4cc911f4598eda36e066715ee8eaa9747cb7cf78c73c98ddd67cf2022f964583 Request headers accept-language de-DE,de;q=0.9 Referer https://wellsfard0.com/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Sat, 27 May 2023 07:34:26 GMT content-encoding br cf-cache-status HIT last-modified Tue, 01 Jan 1980 00:00:01 GMT server cloudflare x-do-app-origin 7861ccef-cbb8-4e4d-bc2c-4dd8f0775607 age 207828 x-do-orig-status 200 etag W/"3a46-49773873e8" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 7cdc9351db7737ec-FRA
GET H2	200	643-49ffaa237a345b9d.js Show response wellsfard0.com/_next/static/chunks/	15 KB 6 KB	107ms 106ms	Script application/javascript	2606:4700::6810:f34e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wellsfard0.com/_next/static/chunks/643-49ffaa237a345b9d.js Requested by Host: wellsfard0.com URL: https://wellsfard0.com/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:f34e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3d431fcd761bfbdc9592b3f636c8929ad8aa39ab7475122ce156158a1706dff9 Request headers accept-language de-DE,de;q=0.9 Referer https://wellsfard0.com/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Sat, 27 May 2023 07:34:26 GMT content-encoding br cf-cache-status HIT last-modified Tue, 01 Jan 1980 00:00:01 GMT server cloudflare x-do-app-origin 7861ccef-cbb8-4e4d-bc2c-4dd8f0775607 age 207828 x-do-orig-status 200 etag W/"3cc2-49773873e8" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 7cdc9351db7837ec-FRA
GET H2	200	login-e188e2cc3dd7bed2.js Show response wellsfard0.com/_next/static/chunks/pages/	18 KB 6 KB	109ms 108ms	Script application/javascript	2606:4700::6810:f34e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wellsfard0.com/_next/static/chunks/pages/login-e188e2cc3dd7bed2.js Requested by Host: wellsfard0.com URL: https://wellsfard0.com/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:f34e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f3230308fd8d2a6f29f906267fd919dcd40ce49170d4cb80a8958770cfbaeafd Request headers accept-language de-DE,de;q=0.9 Referer https://wellsfard0.com/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Sat, 27 May 2023 07:34:26 GMT content-encoding br cf-cache-status HIT last-modified Tue, 01 Jan 1980 00:00:01 GMT server cloudflare x-do-app-origin 7861ccef-cbb8-4e4d-bc2c-4dd8f0775607 age 207828 x-do-orig-status 200 etag W/"4957-49773873e8" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 7cdc9351db7937ec-FRA
GET H2	200	_buildManifest.js Show response wellsfard0.com/_next/static/Wx89OweW7YurVUgA_7puO/	2 KB 930 B	108ms 107ms	Script application/javascript	2606:4700::6810:f34e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wellsfard0.com/_next/static/Wx89OweW7YurVUgA_7puO/_buildManifest.js Requested by Host: wellsfard0.com URL: https://wellsfard0.com/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:f34e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cb1c65899416a5dd30a051601a54da6582532262430038f590a2f499a49de446 Request headers accept-language de-DE,de;q=0.9 Referer https://wellsfard0.com/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Sat, 27 May 2023 07:34:26 GMT content-encoding br cf-cache-status HIT last-modified Tue, 01 Jan 1980 00:00:01 GMT server cloudflare x-do-app-origin 7861ccef-cbb8-4e4d-bc2c-4dd8f0775607 age 116378 x-do-orig-status 200 etag W/"97e-49773873e8" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 7cdc9351db7b37ec-FRA
GET H2	200	_ssgManifest.js Show response wellsfard0.com/_next/static/Wx89OweW7YurVUgA_7puO/	76 B 124 B	108ms 107ms	Script application/javascript	2606:4700::6810:f34e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wellsfard0.com/_next/static/Wx89OweW7YurVUgA_7puO/_ssgManifest.js Requested by Host: wellsfard0.com URL: https://wellsfard0.com/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:f34e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e182e3257a3b5564f7bfb9fb1c6a1e13f8f7c9a3fa0dd6e39ccf473ef8d4f960 Request headers accept-language de-DE,de;q=0.9 Referer https://wellsfard0.com/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Sat, 27 May 2023 07:34:26 GMT content-encoding br cf-cache-status HIT last-modified Tue, 01 Jan 1980 00:00:01 GMT server cloudflare x-do-app-origin 7861ccef-cbb8-4e4d-bc2c-4dd8f0775607 age 207828 x-do-orig-status 200 etag W/"4c-49773873e8" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 7cdc9351db7d37ec-FRA
GET H2	200	COB-BOB-IRT-enroll_balloons.jpg www10.wellsfargomedia.com/auth/static/images/	611 KB 613 KB	183ms 40ms	Image image/jpeg	23.201.253.119 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www10.wellsfargomedia.com/auth/static/images/COB-BOB-IRT-enroll_balloons.jpg Requested by Host: wellsfard0.com URL: https://wellsfard0.com/login Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.201.253.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-201-253-119.deploy.static.akamaitechnologies.com Software / Resource Hash b8325d272c72a041414d9fb349e9d4bca5e7fc8ad66f47a719e491960afa5683 Security Headers Name Value Content-Security-Policy default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp Strict-Transport-Security max-age=31536000; includeSubdomains; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://wellsfard0.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubdomains; content-security-policy default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp x-content-type-options nosniff date Sat, 27 May 2023 07:34:26 GMT last-modified Mon, 19 Oct 2020 16:52:53 GMT etag "5f8dc465-98b19" x-frame-options SAMEORIGIN access-control-allow-methods POST content-type image/jpeg allow GET, POST, OPTIONS cache-control max-age=10368000 accept-ranges bytes content-length 625433 x-xss-protection 1; mode=block expires Sun, 24 Sep 2023 07:34:26 GMT
GET H2	200	wellsfargosans-rg.woff2 www15.wellsfargomedia.com/wfui/css/fonts/	22 KB 22 KB	182ms 40ms	Font font/woff2	23.215.20.230 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www15.wellsfargomedia.com/wfui/css/fonts/wellsfargosans-rg.woff2 Requested by Host: wellsfard0.com URL: https://wellsfard0.com/_next/static/css/ec70bd28c3629d55.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.215.20.230 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-215-20-230.deploy.static.akamaitechnologies.com Software / Resource Hash 631f3b6267a831a8d67c45e480b5d5a2601f10ff8708bcf3a45a41b377a129cc Request headers Referer https://wellsfard0.com/ Origin https://wellsfard0.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Sat, 27 May 2023 07:34:27 GMT last-modified Tue, 26 Feb 2019 19:38:34 GMT etag "5c7595ba-5798" content-type font/woff2 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes content-length 22424 expires Sun, 26 May 2024 07:34:27 GMT
GET H2	200	wellsfargoserif-rg.woff2 www15.wellsfargomedia.com/wfui/css/fonts/	26 KB 26 KB	183ms 41ms	Font font/woff2	23.215.20.230 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www15.wellsfargomedia.com/wfui/css/fonts/wellsfargoserif-rg.woff2 Requested by Host: wellsfard0.com URL: https://wellsfard0.com/_next/static/css/ec70bd28c3629d55.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.215.20.230 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-215-20-230.deploy.static.akamaitechnologies.com Software / Resource Hash aeb7b3bfc4281d35b02dfde05ac7a6c0d3daa7f3123b35a9cbd4b5a8e3f3c310 Request headers Referer https://wellsfard0.com/ Origin https://wellsfard0.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Sat, 27 May 2023 07:34:27 GMT last-modified Mon, 11 Mar 2019 20:52:01 GMT etag "5c86ca71-6854" content-type font/woff2 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes content-length 26708 expires Sun, 26 May 2024 07:34:27 GMT
GET H2	200	wellsfargosans-sbd.woff2 www15.wellsfargomedia.com/wfui/css/fonts/	22 KB 22 KB	243ms 101ms	Font font/woff2	23.215.20.230 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www15.wellsfargomedia.com/wfui/css/fonts/wellsfargosans-sbd.woff2 Requested by Host: wellsfard0.com URL: https://wellsfard0.com/_next/static/css/ec70bd28c3629d55.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.215.20.230 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-215-20-230.deploy.static.akamaitechnologies.com Software / Resource Hash ab9d8c97b35ed86b6224aca911aa304a0d7dbcbd28e00a4c6585b96e28ed30ba Request headers Referer https://wellsfard0.com/ Origin https://wellsfard0.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Sat, 27 May 2023 07:34:27 GMT last-modified Tue, 26 Feb 2019 19:38:34 GMT etag "5c7595ba-5848" content-type font/woff2 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes content-length 22600 expires Sun, 26 May 2024 07:34:27 GMT
GET H2	200	COB-BOB-IRT-enroll_park.jpg www10.wellsfargomedia.com/auth/static/images/	644 KB 646 KB	107ms 107ms	Image image/jpeg	23.201.253.119 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www10.wellsfargomedia.com/auth/static/images/COB-BOB-IRT-enroll_park.jpg Requested by Host: wellsfard0.com URL: https://wellsfard0.com/login Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.201.253.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-201-253-119.deploy.static.akamaitechnologies.com Software / Resource Hash 0ec17c78a8c0de92bd385f344308a3e0c715fedbb9b784820bd7aefcfc69c214 Security Headers Name Value Content-Security-Policy default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp Strict-Transport-Security max-age=31536000; includeSubdomains; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://wellsfard0.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubdomains; content-security-policy default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp x-content-type-options nosniff date Sat, 27 May 2023 07:34:27 GMT last-modified Mon, 19 Oct 2020 16:52:53 GMT etag "5f8dc465-a0f77" x-frame-options SAMEORIGIN access-control-allow-methods POST content-type image/jpeg allow GET, POST, OPTIONS cache-control max-age=10368000 accept-ranges bytes content-length 659319 x-xss-protection 1; mode=block expires Sun, 24 Sep 2023 07:34:27 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Wells Fargo (Banking)

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| webpackChunk_N_E object| regeneratorRuntime function| __next_require__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E undefined| __MIDDLEWARE_MANIFEST object| __BUILD_MANIFEST object| __SSG_MANIFEST

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

wellsfard0.com
www10.wellsfargomedia.com
www15.wellsfargomedia.com
23.201.253.119
23.215.20.230
2606:4700::6810:f34e
03a744b7ad8f90d46a86f539ce9bcc9677171afec9580adb7e7d18f444b3cebd
0a2f88b46163cbcc1031f9ba819d63b6218fd8bbaca360a3842fc10b003e0c9a
0ec17c78a8c0de92bd385f344308a3e0c715fedbb9b784820bd7aefcfc69c214
0eed4542b90a01be928023ec3dc7abed45c63ffc8067a496863ecef579d4af9f
1aee3a5f0c4b6735edff60d58f20a936ce11e5d4a36a5a76390aeda043ae4048
1f6db8541d75dcacbef78c15894ebc5f8e5d184fb74527ce5a98d8e6a9ec3cd8
36ceab4c1dc7b887fb547237b17f88b64ffbf3c54bc34be10c540d619b4a795d
3d431fcd761bfbdc9592b3f636c8929ad8aa39ab7475122ce156158a1706dff9
4cc911f4598eda36e066715ee8eaa9747cb7cf78c73c98ddd67cf2022f964583
5dfe185409ff8cc0e73ea870cbefbcdac38297bbfa69c545686e536f7c51fa64
631f3b6267a831a8d67c45e480b5d5a2601f10ff8708bcf3a45a41b377a129cc
87d130d32aa8ca4491b10964b399d8a8e6b40efb144a0bdc38e3d2c7f34edae2
992b0e3b9051463a587ae4dc555ee72dec23d56a2b4a803871ef1ab23b3c77dd
a9473de3164a52c8001382640150b2f66c8549dd6a9c4ea25eb631903855de59
ab9d8c97b35ed86b6224aca911aa304a0d7dbcbd28e00a4c6585b96e28ed30ba
aeb7b3bfc4281d35b02dfde05ac7a6c0d3daa7f3123b35a9cbd4b5a8e3f3c310
b4d49ad903ce6450f2f54efba11e4f2c7f5a6148acc0c2bd40e0d7f853f118f8
b548ced5d5c606131cb8d49dfefc13b58d6a199229365e5b8964ebb1e4d584a5
b8325d272c72a041414d9fb349e9d4bca5e7fc8ad66f47a719e491960afa5683
cb1c65899416a5dd30a051601a54da6582532262430038f590a2f499a49de446
e182e3257a3b5564f7bfb9fb1c6a1e13f8f7c9a3fa0dd6e39ccf473ef8d4f960
f3230308fd8d2a6f29f906267fd919dcd40ce49170d4cb80a8958770cfbaeafd