URL: http://woodartpaint.ro/elicva/
Submission: On July 20 via manual from RO — Scanned from DE

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 28 HTTP transactions. The main IP is 89.35.77.223, located in Romania and belongs to ACTIVENET-AS Str. Rusu Sirianu nr 8, RO. The main domain is woodartpaint.ro.
This is the only time woodartpaint.ro was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Wells Fargo (Banking)

Domain & IP information

IP Address AS Autonomous System
20 89.35.77.223 49302 (ACTIVENET...)
8 104.90.110.107 16625 (AKAMAI-AS)
28 2
Apex Domain
Subdomains
Transfer
20 woodartpaint.ro
woodartpaint.ro
595 KB
8 wellsfargomedia.com
www17.wellsfargomedia.com — Cisco Umbrella Rank: 23514
195 KB
28 2
Domain Requested by
20 woodartpaint.ro woodartpaint.ro
8 www17.wellsfargomedia.com woodartpaint.ro
28 2
Subject Issuer Validity Valid
www17.wellsfargomedia.com
DigiCert TLS RSA SHA256 2020 CA1
2022-06-09 -
2023-06-11
a year crt.sh

This page contains 1 frames:

Primary Page: http://woodartpaint.ro/elicva/
Frame ID: 5D8EA14FA58E75B6FB7D5A6F446F3361
Requests: 28 HTTP requests in this frame

Screenshot

Page Title

Wells Fargo Bank | Financial Services & Online Banking

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

29 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

790 kB
Transfer

783 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
woodartpaint.ro/elicva/
99 KB
99 KB
Document
General
Full URL
http://woodartpaint.ro/elicva/
Protocol
HTTP/1.1
Server
89.35.77.223 , Romania, ASN49302 (ACTIVENET-AS Str. Rusu Sirianu nr 8, RO),
Reverse DNS
cp1.activ.net
Software
Apache /
Resource Hash
241531371660d7025470c1503f434382ecef99223c188ba9069118ddcc9e9d76

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Wed, 20 Jul 2022 07:07:33 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Transfer-Encoding
chunked
X-Robots-Tag
noindex
ps-homepage.css
woodartpaint.ro/elicva/docs/
124 KB
124 KB
Stylesheet
General
Full URL
http://woodartpaint.ro/elicva/docs/ps-homepage.css
Requested by
Host: woodartpaint.ro
URL: http://woodartpaint.ro/elicva/
Protocol
HTTP/1.1
Server
89.35.77.223 , Romania, ASN49302 (ACTIVENET-AS Str. Rusu Sirianu nr 8, RO),
Reverse DNS
cp1.activ.net
Software
Apache /
Resource Hash
922f8bac0ca83a00db37ecd136c4c24aca250b6a0451cab38854aa94475d6ae6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://woodartpaint.ro/elicva/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 07:07:34 GMT
Last-Modified
Tue, 22 Mar 2022 06:14:08 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
X-Robots-Tag
noindex
Keep-Alive
timeout=5, max=100
Content-Length
126927
wf_logo_220x23.png
woodartpaint.ro/elicva/docs/
2 KB
2 KB
Image
General
Full URL
http://woodartpaint.ro/elicva/docs/wf_logo_220x23.png
Requested by
Host: woodartpaint.ro
URL: http://woodartpaint.ro/elicva/
Protocol
HTTP/1.1
Server
89.35.77.223 , Romania, ASN49302 (ACTIVENET-AS Str. Rusu Sirianu nr 8, RO),
Reverse DNS
cp1.activ.net
Software
Apache /
Resource Hash
0d7727e08780a04f9c86fca16ed264664eea2b161744cfb70836880bf04fc1ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://woodartpaint.ro/elicva/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 07:07:34 GMT
Last-Modified
Tue, 22 Mar 2022 06:15:00 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
X-Robots-Tag
noindex
Keep-Alive
timeout=5, max=100
Content-Length
1710
WF_ActiveCash_Collateral_Front_RGB_Flag_080521.png
woodartpaint.ro/elicva/docs/
1 KB
1 KB
Image
General
Full URL
http://woodartpaint.ro/elicva/docs/WF_ActiveCash_Collateral_Front_RGB_Flag_080521.png
Requested by
Host: woodartpaint.ro
URL: http://woodartpaint.ro/elicva/
Protocol
HTTP/1.1
Server
89.35.77.223 , Romania, ASN49302 (ACTIVENET-AS Str. Rusu Sirianu nr 8, RO),
Reverse DNS
cp1.activ.net
Software
Apache /
Resource Hash
54264d71e311145234fec5c3cb4c16c1a6175468e47b736faf907c45196ad83e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://woodartpaint.ro/elicva/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 07:07:34 GMT
Last-Modified
Tue, 22 Mar 2022 06:15:00 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
X-Robots-Tag
noindex
Keep-Alive
timeout=5, max=100
Content-Length
1090
WF_Reflect_Collateral_Front_RGB_Flag_080221.png
woodartpaint.ro/elicva/docs/
946 B
1 KB
Image
General
Full URL
http://woodartpaint.ro/elicva/docs/WF_Reflect_Collateral_Front_RGB_Flag_080221.png
Requested by
Host: woodartpaint.ro
URL: http://woodartpaint.ro/elicva/
Protocol
HTTP/1.1
Server
89.35.77.223 , Romania, ASN49302 (ACTIVENET-AS Str. Rusu Sirianu nr 8, RO),
Reverse DNS
cp1.activ.net
Software
Apache /
Resource Hash
53762f78b3d8d7dffc2e4387a438f7f8f00a32dfcf3625e7b1ae27e450c83cb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://woodartpaint.ro/elicva/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 07:07:34 GMT
Last-Modified
Tue, 22 Mar 2022 06:15:02 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
X-Robots-Tag
noindex
Keep-Alive
timeout=5, max=100
Content-Length
946
Hotesl_com_Rewards_Collateral_Front_RGB.png
woodartpaint.ro/elicva/docs/
1 KB
1 KB
Image
General
Full URL
http://woodartpaint.ro/elicva/docs/Hotesl_com_Rewards_Collateral_Front_RGB.png
Requested by
Host: woodartpaint.ro
URL: http://woodartpaint.ro/elicva/
Protocol
HTTP/1.1
Server
89.35.77.223 , Romania, ASN49302 (ACTIVENET-AS Str. Rusu Sirianu nr 8, RO),
Reverse DNS
cp1.activ.net
Software
Apache /
Resource Hash
200ddc6302725381b0c7fbbbdb64433e6791dc8202e7d193d63c4324bf1f6873

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://woodartpaint.ro/elicva/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 07:07:34 GMT
Last-Modified
Tue, 22 Mar 2022 06:15:04 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
X-Robots-Tag
noindex
Keep-Alive
timeout=5, max=100
Content-Length
1150
loading.gif
woodartpaint.ro/elicva/docs/
11 KB
11 KB
Image
General
Full URL
http://woodartpaint.ro/elicva/docs/loading.gif
Requested by
Host: woodartpaint.ro
URL: http://woodartpaint.ro/elicva/
Protocol
HTTP/1.1
Server
89.35.77.223 , Romania, ASN49302 (ACTIVENET-AS Str. Rusu Sirianu nr 8, RO),
Reverse DNS
cp1.activ.net
Software
Apache /
Resource Hash
56b3e240b40cfcdf91da5d87f90aa4741f6f70e720a6763bc001d793fcb3d122

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://woodartpaint.ro/elicva/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 07:07:34 GMT
Last-Modified
Mon, 21 Mar 2022 21:15:30 GMT
Server
Apache
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
X-Robots-Tag
noindex
Keep-Alive
timeout=5, max=99
Content-Length
10859
jquery_site.js
woodartpaint.ro/elicva/docs/
95 KB
95 KB
Script
General
Full URL
http://woodartpaint.ro/elicva/docs/jquery_site.js
Requested by
Host: woodartpaint.ro
URL: http://woodartpaint.ro/elicva/
Protocol
HTTP/1.1
Server
89.35.77.223 , Romania, ASN49302 (ACTIVENET-AS Str. Rusu Sirianu nr 8, RO),
Reverse DNS
cp1.activ.net
Software
Apache /
Resource Hash
cc9d921050c998d698b8a912782a76f2f832a86ffa99538e5f3b707041d14380

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://woodartpaint.ro/elicva/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 07:07:34 GMT
Last-Modified
Mon, 21 Mar 2022 18:05:18 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
X-Robots-Tag
noindex
Keep-Alive
timeout=5, max=99
Content-Length
97299
wfi_ph_b_mv_0723_3954_b_1700x700.jpg
woodartpaint.ro/elicva/docs/
43 KB
43 KB
Image
General
Full URL
http://woodartpaint.ro/elicva/docs/wfi_ph_b_mv_0723_3954_b_1700x700.jpg
Requested by
Host: woodartpaint.ro
URL: http://woodartpaint.ro/elicva/
Protocol
HTTP/1.1
Server
89.35.77.223 , Romania, ASN49302 (ACTIVENET-AS Str. Rusu Sirianu nr 8, RO),
Reverse DNS
cp1.activ.net
Software
Apache /
Resource Hash
a1be687fbf85cbaa58022c6c60d666602ab0234da2679da270d0b43bdc67fbb8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://woodartpaint.ro/elicva/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 07:07:34 GMT
Last-Modified
Tue, 22 Mar 2022 06:15:10 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
X-Robots-Tag
noindex
Keep-Alive
timeout=5, max=99
Content-Length
43670
wfi000_ic_b-wf_icon_ui_card_gradient_64x64.png
woodartpaint.ro/elicva/docs/
562 B
826 B
Image
General
Full URL
http://woodartpaint.ro/elicva/docs/wfi000_ic_b-wf_icon_ui_card_gradient_64x64.png
Requested by
Host: woodartpaint.ro
URL: http://woodartpaint.ro/elicva/
Protocol
HTTP/1.1
Server
89.35.77.223 , Romania, ASN49302 (ACTIVENET-AS Str. Rusu Sirianu nr 8, RO),
Reverse DNS
cp1.activ.net
Software
Apache /
Resource Hash
9bd4d77dfdadd6574d42e469c1968fffce0422134f4487f1d785367752743f96

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://woodartpaint.ro/elicva/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 07:07:34 GMT
Last-Modified
Tue, 22 Mar 2022 06:15:12 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
X-Robots-Tag
noindex
Keep-Alive
timeout=5, max=99
Content-Length
562
wfi000_ic_b-wf_icon_house_gradient_64x64.png
woodartpaint.ro/elicva/docs/
1004 B
1 KB
Image
General
Full URL
http://woodartpaint.ro/elicva/docs/wfi000_ic_b-wf_icon_house_gradient_64x64.png
Requested by
Host: woodartpaint.ro
URL: http://woodartpaint.ro/elicva/
Protocol
HTTP/1.1
Server
89.35.77.223 , Romania, ASN49302 (ACTIVENET-AS Str. Rusu Sirianu nr 8, RO),
Reverse DNS
cp1.activ.net
Software
Apache /
Resource Hash
8e16030cdf2d91809d0540f79aa3a3be4b83e4a9bf13bd91def3962f1484406f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://woodartpaint.ro/elicva/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 07:07:34 GMT
Last-Modified
Tue, 22 Mar 2022 06:15:12 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
X-Robots-Tag
noindex
Keep-Alive
timeout=5, max=99
Content-Length
1004
first_time_experience-account_summary.png
woodartpaint.ro/elicva/docs/
2 KB
3 KB
Image
General
Full URL
http://woodartpaint.ro/elicva/docs/first_time_experience-account_summary.png
Requested by
Host: woodartpaint.ro
URL: http://woodartpaint.ro/elicva/
Protocol
HTTP/1.1
Server
89.35.77.223 , Romania, ASN49302 (ACTIVENET-AS Str. Rusu Sirianu nr 8, RO),
Reverse DNS
cp1.activ.net
Software
Apache /
Resource Hash
ea103ea932d2ebdd8e57887e4beabb394c21b6f260f49adfa8be4772cb61faec

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://woodartpaint.ro/elicva/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 07:07:34 GMT
Last-Modified
Tue, 22 Mar 2022 06:15:14 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
X-Robots-Tag
noindex
Keep-Alive
timeout=5, max=98
Content-Length
2496
wfi_ph_g_1199830824_1600x700.jpg
woodartpaint.ro/elicva/docs/
50 KB
51 KB
Image
General
Full URL
http://woodartpaint.ro/elicva/docs/wfi_ph_g_1199830824_1600x700.jpg
Requested by
Host: woodartpaint.ro
URL: http://woodartpaint.ro/elicva/
Protocol
HTTP/1.1
Server
89.35.77.223 , Romania, ASN49302 (ACTIVENET-AS Str. Rusu Sirianu nr 8, RO),
Reverse DNS
cp1.activ.net
Software
Apache /
Resource Hash
847d9fd6711c60d9fd581952c210c608b072dd6ee265a09ff6e2c811a2f5bc1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://woodartpaint.ro/elicva/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 07:07:34 GMT
Last-Modified
Tue, 22 Mar 2022 06:15:16 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
X-Robots-Tag
noindex
Keep-Alive
timeout=5, max=98
Content-Length
51528
man_on_phone_working_616x353.jpg
woodartpaint.ro/elicva/docs/
27 KB
27 KB
Image
General
Full URL
http://woodartpaint.ro/elicva/docs/man_on_phone_working_616x353.jpg
Requested by
Host: woodartpaint.ro
URL: http://woodartpaint.ro/elicva/
Protocol
HTTP/1.1
Server
89.35.77.223 , Romania, ASN49302 (ACTIVENET-AS Str. Rusu Sirianu nr 8, RO),
Reverse DNS
cp1.activ.net
Software
Apache /
Resource Hash
43c8519af2d895bb25d7f0aad6b5cd1f48576c8950111f34d4270ee79599188f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://woodartpaint.ro/elicva/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 07:07:34 GMT
Last-Modified
Tue, 22 Mar 2022 06:15:16 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
X-Robots-Tag
noindex
Keep-Alive
timeout=5, max=98
Content-Length
27308
couple_consulting_616x353.jpg
woodartpaint.ro/elicva/docs/
15 KB
16 KB
Image
General
Full URL
http://woodartpaint.ro/elicva/docs/couple_consulting_616x353.jpg
Requested by
Host: woodartpaint.ro
URL: http://woodartpaint.ro/elicva/
Protocol
HTTP/1.1
Server
89.35.77.223 , Romania, ASN49302 (ACTIVENET-AS Str. Rusu Sirianu nr 8, RO),
Reverse DNS
cp1.activ.net
Software
Apache /
Resource Hash
353a26fcba41b08c62531bc66778f21c2e4960b5c5bc579704a1852c14698505

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://woodartpaint.ro/elicva/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 07:07:34 GMT
Last-Modified
Tue, 22 Mar 2022 06:15:18 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
X-Robots-Tag
noindex
Keep-Alive
timeout=5, max=97
Content-Length
15636
woman_phone_street_616x353.jpg
woodartpaint.ro/elicva/docs/
37 KB
37 KB
Image
General
Full URL
http://woodartpaint.ro/elicva/docs/woman_phone_street_616x353.jpg
Requested by
Host: woodartpaint.ro
URL: http://woodartpaint.ro/elicva/
Protocol
HTTP/1.1
Server
89.35.77.223 , Romania, ASN49302 (ACTIVENET-AS Str. Rusu Sirianu nr 8, RO),
Reverse DNS
cp1.activ.net
Software
Apache /
Resource Hash
7636534f520bd4e393d4f0f4779d7bb78f10d4bb340a35be5434198a1ad94985

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://woodartpaint.ro/elicva/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 07:07:34 GMT
Last-Modified
Tue, 22 Mar 2022 06:15:18 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
X-Robots-Tag
noindex
Keep-Alive
timeout=5, max=99
Content-Length
38106
personal_small_biz_native_app_balloons.jpg
woodartpaint.ro/elicva/docs/
6 KB
7 KB
Image
General
Full URL
http://woodartpaint.ro/elicva/docs/personal_small_biz_native_app_balloons.jpg
Requested by
Host: woodartpaint.ro
URL: http://woodartpaint.ro/elicva/
Protocol
HTTP/1.1
Server
89.35.77.223 , Romania, ASN49302 (ACTIVENET-AS Str. Rusu Sirianu nr 8, RO),
Reverse DNS
cp1.activ.net
Software
Apache /
Resource Hash
6d1706754008c9678989c935b512d5a8493c60e434b7a4cbbfee13b266951348

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://woodartpaint.ro/elicva/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 07:07:34 GMT
Last-Modified
Tue, 22 Mar 2022 06:15:20 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
X-Robots-Tag
noindex
Keep-Alive
timeout=5, max=96
Content-Length
6552
Navtive_App_Phone_Personal.png
woodartpaint.ro/elicva/docs/
15 KB
15 KB
Image
General
Full URL
http://woodartpaint.ro/elicva/docs/Navtive_App_Phone_Personal.png
Requested by
Host: woodartpaint.ro
URL: http://woodartpaint.ro/elicva/
Protocol
HTTP/1.1
Server
89.35.77.223 , Romania, ASN49302 (ACTIVENET-AS Str. Rusu Sirianu nr 8, RO),
Reverse DNS
cp1.activ.net
Software
Apache /
Resource Hash
ecfea4fcc40f95576acdf90df879a5bed9a1c481a69c127d940c616e5332cc98

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://woodartpaint.ro/elicva/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 07:07:34 GMT
Last-Modified
Tue, 22 Mar 2022 06:15:20 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
X-Robots-Tag
noindex
Keep-Alive
timeout=5, max=98
Content-Length
15388
volunteers_cars_616x353.jpg
woodartpaint.ro/elicva/docs/
29 KB
29 KB
Image
General
Full URL
http://woodartpaint.ro/elicva/docs/volunteers_cars_616x353.jpg
Requested by
Host: woodartpaint.ro
URL: http://woodartpaint.ro/elicva/
Protocol
HTTP/1.1
Server
89.35.77.223 , Romania, ASN49302 (ACTIVENET-AS Str. Rusu Sirianu nr 8, RO),
Reverse DNS
cp1.activ.net
Software
Apache /
Resource Hash
a5bcbe6002a1fbae84d43160b1f45c3686d5c35e7fda458e9f4b3fd2dacfe3e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://woodartpaint.ro/elicva/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 07:07:34 GMT
Last-Modified
Tue, 22 Mar 2022 06:15:20 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
X-Robots-Tag
noindex
Keep-Alive
timeout=5, max=97
Content-Length
29240
woman_in_office_616x353.jpg
woodartpaint.ro/elicva/docs/
31 KB
31 KB
Image
General
Full URL
http://woodartpaint.ro/elicva/docs/woman_in_office_616x353.jpg
Requested by
Host: woodartpaint.ro
URL: http://woodartpaint.ro/elicva/
Protocol
HTTP/1.1
Server
89.35.77.223 , Romania, ASN49302 (ACTIVENET-AS Str. Rusu Sirianu nr 8, RO),
Reverse DNS
cp1.activ.net
Software
Apache /
Resource Hash
d7651b47c8d449b7311d15e9625df3514e7c0278ff059392189e608b5a9113a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://woodartpaint.ro/elicva/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 07:07:34 GMT
Last-Modified
Tue, 22 Mar 2022 06:15:22 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
X-Robots-Tag
noindex
Keep-Alive
timeout=5, max=98
Content-Length
31450
responsive-sprite-v1.png
www17.wellsfargomedia.com/assets/images/sprite/
99 KB
100 KB
Image
General
Full URL
https://www17.wellsfargomedia.com/assets/images/sprite/responsive-sprite-v1.png
Requested by
Host: woodartpaint.ro
URL: http://woodartpaint.ro/elicva/docs/ps-homepage.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.110.107 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-110-107.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d605af4f7b02c347ef005d929e84903ea94596d6d0d4575e050216e870000e4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://woodartpaint.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
x-content-type-options
nosniff
last-modified
Fri, 14 Jan 2022 21:15:10 GMT
etag
"61e1e7de-18d4a"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=15465513
date
Wed, 20 Jul 2022 07:07:34 GMT
accept-ranges
bytes
content-length
101706
x-xss-protection
1; mode=block
expires
Sun, 15 Jan 2023 07:06:07 GMT
wellsfargosans-rg.woff2
www17.wellsfargomedia.com/assets/fonts/
22 KB
22 KB
Font
General
Full URL
https://www17.wellsfargomedia.com/assets/fonts/wellsfargosans-rg.woff2
Requested by
Host: woodartpaint.ro
URL: http://woodartpaint.ro/elicva/docs/ps-homepage.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.110.107 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-110-107.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
631f3b6267a831a8d67c45e480b5d5a2601f10ff8708bcf3a45a41b377a129cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://woodartpaint.ro/
Origin
http://woodartpaint.ro
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
x-content-type-options
nosniff
last-modified
Fri, 03 Sep 2021 13:01:20 GMT
etag
"61321ca0-5798"
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=13909112
date
Wed, 20 Jul 2022 07:07:34 GMT
accept-ranges
bytes
content-length
22424
x-xss-protection
1; mode=block
expires
Wed, 28 Dec 2022 06:46:06 GMT
wellsfargosans-sbd.woff2
www17.wellsfargomedia.com/assets/fonts/
22 KB
22 KB
Font
General
Full URL
https://www17.wellsfargomedia.com/assets/fonts/wellsfargosans-sbd.woff2
Requested by
Host: woodartpaint.ro
URL: http://woodartpaint.ro/elicva/docs/ps-homepage.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.110.107 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-110-107.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ab9d8c97b35ed86b6224aca911aa304a0d7dbcbd28e00a4c6585b96e28ed30ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://woodartpaint.ro/
Origin
http://woodartpaint.ro
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
x-content-type-options
nosniff
last-modified
Fri, 03 Sep 2021 13:01:20 GMT
etag
"61321ca0-5848"
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=13909278
date
Wed, 20 Jul 2022 07:07:34 GMT
accept-ranges
bytes
content-length
22600
x-xss-protection
1; mode=block
expires
Wed, 28 Dec 2022 06:48:52 GMT
wellsfargosans-bd.woff2
www17.wellsfargomedia.com/assets/fonts/
22 KB
22 KB
Font
General
Full URL
https://www17.wellsfargomedia.com/assets/fonts/wellsfargosans-bd.woff2
Requested by
Host: woodartpaint.ro
URL: http://woodartpaint.ro/elicva/docs/ps-homepage.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.110.107 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-110-107.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6bc7e16d4b6822a6867d7dd9f9d29f5fd77cd803750b0fe38a92309d9eb00704
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://woodartpaint.ro/
Origin
http://woodartpaint.ro
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
x-content-type-options
nosniff
last-modified
Fri, 03 Sep 2021 13:01:20 GMT
etag
"61321ca0-569c"
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=9322003
date
Wed, 20 Jul 2022 07:07:34 GMT
accept-ranges
bytes
content-length
22172
x-xss-protection
1; mode=block
expires
Sat, 05 Nov 2022 04:34:17 GMT
wellsfargosans-lt.woff2
www17.wellsfargomedia.com/assets/fonts/
21 KB
21 KB
Font
General
Full URL
https://www17.wellsfargomedia.com/assets/fonts/wellsfargosans-lt.woff2
Requested by
Host: woodartpaint.ro
URL: http://woodartpaint.ro/elicva/docs/ps-homepage.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.110.107 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-110-107.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
63673faef8532b2789dee1ac7534f87b1a6a249590acc7da8644beda141794fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://woodartpaint.ro/
Origin
http://woodartpaint.ro
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
x-content-type-options
nosniff
last-modified
Fri, 03 Sep 2021 13:01:20 GMT
etag
"61321ca0-5484"
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=14775595
date
Wed, 20 Jul 2022 07:07:34 GMT
accept-ranges
bytes
content-length
21636
x-xss-protection
1; mode=block
expires
Sat, 07 Jan 2023 07:27:29 GMT
position-1-bg-gradient.png
www17.wellsfargomedia.com/assets/images/homepage/
2 KB
2 KB
Image
General
Full URL
https://www17.wellsfargomedia.com/assets/images/homepage/position-1-bg-gradient.png
Requested by
Host: woodartpaint.ro
URL: http://woodartpaint.ro/elicva/docs/ps-homepage.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.110.107 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-110-107.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
659ec8c02bafa9c286c39731fb1d2d382a7a8dd2ee8cc4132146558dbe27b6a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://woodartpaint.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 07:07:34 GMT
last-modified
Thu, 14 Jul 2022 02:02:37 GMT
server
Akamai Image Manager
etag
"61619278-9f2c"
content-type
image/webp
cache-control
private, no-transform, max-age=2055386
content-length
2330
expires
Sat, 13 Aug 2022 02:04:00 GMT
position-2-bg-gradient.png
www17.wellsfargomedia.com/assets/images/homepage/
2 KB
2 KB
Image
General
Full URL
https://www17.wellsfargomedia.com/assets/images/homepage/position-2-bg-gradient.png
Requested by
Host: woodartpaint.ro
URL: http://woodartpaint.ro/elicva/docs/ps-homepage.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.110.107 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-110-107.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
50ce7b0d954443e5fd62e3cd003bc7124bda0b30dd58d6a66485c72be96959c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://woodartpaint.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 07:07:34 GMT
last-modified
Thu, 14 Jul 2022 02:02:39 GMT
server
Akamai Image Manager
etag
"61619278-cf3e"
content-type
image/webp
cache-control
private, no-transform, max-age=2055224
content-length
2340
expires
Sat, 13 Aug 2022 02:01:18 GMT
position-3-bg-gradient.png
www17.wellsfargomedia.com/assets/images/homepage/
2 KB
2 KB
Image
General
Full URL
https://www17.wellsfargomedia.com/assets/images/homepage/position-3-bg-gradient.png
Requested by
Host: woodartpaint.ro
URL: http://woodartpaint.ro/elicva/docs/ps-homepage.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.110.107 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-110-107.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
10c22e3b130204065c1a61e7995a9defe21f0408801e8b442035a03f8d16ad64

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://woodartpaint.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 07:07:34 GMT
x-check-cacheable
YES
x-serial
416
etag
"61619278-7b35"
content-type
image/webp
cache-control
private, no-transform, max-age=2055371
last-modified
Thu, 14 Jul 2022 02:02:37 GMT
content-length
2092
server
Akamai Image Manager
expires
Sat, 13 Aug 2022 02:03:45 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Wells Fargo (Banking)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation function| $ function| jQuery

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

woodartpaint.ro
www17.wellsfargomedia.com
104.90.110.107
89.35.77.223
0d7727e08780a04f9c86fca16ed264664eea2b161744cfb70836880bf04fc1ac
10c22e3b130204065c1a61e7995a9defe21f0408801e8b442035a03f8d16ad64
200ddc6302725381b0c7fbbbdb64433e6791dc8202e7d193d63c4324bf1f6873
241531371660d7025470c1503f434382ecef99223c188ba9069118ddcc9e9d76
353a26fcba41b08c62531bc66778f21c2e4960b5c5bc579704a1852c14698505
43c8519af2d895bb25d7f0aad6b5cd1f48576c8950111f34d4270ee79599188f
50ce7b0d954443e5fd62e3cd003bc7124bda0b30dd58d6a66485c72be96959c0
53762f78b3d8d7dffc2e4387a438f7f8f00a32dfcf3625e7b1ae27e450c83cb2
54264d71e311145234fec5c3cb4c16c1a6175468e47b736faf907c45196ad83e
56b3e240b40cfcdf91da5d87f90aa4741f6f70e720a6763bc001d793fcb3d122
631f3b6267a831a8d67c45e480b5d5a2601f10ff8708bcf3a45a41b377a129cc
63673faef8532b2789dee1ac7534f87b1a6a249590acc7da8644beda141794fc
659ec8c02bafa9c286c39731fb1d2d382a7a8dd2ee8cc4132146558dbe27b6a8
6bc7e16d4b6822a6867d7dd9f9d29f5fd77cd803750b0fe38a92309d9eb00704
6d1706754008c9678989c935b512d5a8493c60e434b7a4cbbfee13b266951348
7636534f520bd4e393d4f0f4779d7bb78f10d4bb340a35be5434198a1ad94985
847d9fd6711c60d9fd581952c210c608b072dd6ee265a09ff6e2c811a2f5bc1a
8e16030cdf2d91809d0540f79aa3a3be4b83e4a9bf13bd91def3962f1484406f
922f8bac0ca83a00db37ecd136c4c24aca250b6a0451cab38854aa94475d6ae6
9bd4d77dfdadd6574d42e469c1968fffce0422134f4487f1d785367752743f96
a1be687fbf85cbaa58022c6c60d666602ab0234da2679da270d0b43bdc67fbb8
a5bcbe6002a1fbae84d43160b1f45c3686d5c35e7fda458e9f4b3fd2dacfe3e5
ab9d8c97b35ed86b6224aca911aa304a0d7dbcbd28e00a4c6585b96e28ed30ba
cc9d921050c998d698b8a912782a76f2f832a86ffa99538e5f3b707041d14380
d605af4f7b02c347ef005d929e84903ea94596d6d0d4575e050216e870000e4e
d7651b47c8d449b7311d15e9625df3514e7c0278ff059392189e608b5a9113a1
ea103ea932d2ebdd8e57887e4beabb394c21b6f260f49adfa8be4772cb61faec
ecfea4fcc40f95576acdf90df879a5bed9a1c481a69c127d940c616e5332cc98