smac-ky.com Open in urlscan Pro
208.117.27.65 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://smac-ky.com/Wells/1e1847362f111385ee0ee75316b5de0d/identitywells.html
Submission: On November 07 via automatic, source openphish (November 7th 2021, 1:27:38 am UTC) — Scanned from DE

Summary HTTP 25 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 25 HTTP transactions. The main IP is 208.117.27.65, located in United States and belongs to STEADFAST, US. The main domain is smac-ky.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on October 27th 2021. Valid for: 3 months.

This is the only time smac-ky.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Wells Fargo (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1	208.117.27.65 208.117.27.65	32748 (STEADFAST) (STEADFAST)
24	159.45.2.180 159.45.2.180	10837 (WELLSFARG...) (WELLSFARGO-10837)
25	3

1 208.117.27.65 (United States)

ASN32748 (STEADFAST, US)
PTR: ip65.208-117-27.static.steadfastdns.net

smac-ky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 159.45.2.180 (United States)

ASN10837 (WELLSFARGO-10837, US)

oam.wellsfargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	wellsfargo.com oam.wellsfargo.com	70 KB
1	smac-ky.com smac-ky.com	250 KB
25	2

	Domain	Requested by
24	oam.wellsfargo.com	smac-ky.com
1	smac-ky.com
25	2

This site contains links to these domains. Also see Links.

Domain
www.wellsfargo.com

Subject Issuer	Validity	Valid
smac-ky.com cPanel, Inc. Certification Authority	`2021-10-27` - `2022-01-25`	3 months	crt.sh
oam.wellsfargo.com DigiCert EV RSA CA G2	`2020-07-09` - `2022-07-14`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://smac-ky.com/Wells/1e1847362f111385ee0ee75316b5de0d/identitywells.html
Frame ID: 41C92411899708387419F93885C55461
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Wells Fargo Find Your Username

Page Statistics

25
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

320 kB
Transfer

455 kB
Size

0
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.wellsfargo.com/

Search URL Search Domain Scan URL

URL: https://www.wellsfargo.com/security/security-online-banking
Title: Online Security

Search URL Search Domain Scan URL

URL: http://www.wellsfargo.com/privacy-security/
Title: Privacy, Security & Legal

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request identitywells.html Show response
smac-ky.com/Wells/1e1847362f111385ee0ee75316b5de0d/ 250 KB
250 KB 467ms
252ms Document
text/html 208.117.27.65
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://smac-ky.com/Wells/1e1847362f111385ee0ee75316b5de0d/identitywells.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 208.117.27.65 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip65.208-117-27.static.steadfastdns.net
Software: Apache /
Resource Hash: dbc76a852b2ca20de8148db43cd2a59160004d122b89edd74c288d47a00cdb83

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Sun, 07 Nov 2021 01:27:32 GMT
Server: Apache
Last-Modified: Sat, 06 Nov 2021 20:50:48 GMT
Accept-Ranges: bytes
Content-Length: 255912
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK credentials.css
oam.wellsfargo.com/oamo/static/css/credentials/ 245 B
937 B 531ms
151ms Stylesheet
text/css 159.45.2.180
WELLSFARGO-10837

General

Check archive.org

Show headers Download Go to

Full URL

https://oam.wellsfargo.com/oamo/static/css/credentials/credentials.css?v=5C689CB6B5

Requested by

Host: smac-ky.com
URL: https://smac-ky.com/Wells/1e1847362f111385ee0ee75316b5de0d/identitywells.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.2.180 , United States, ASN10837 (WELLSFARGO-10837, US),

Reverse DNS

Software

KONICHIWA/1.1 /

Resource Hash

5c38b99055f7da6824bb50339b4ea10065344a781a03a43ab0f0fe43f22b02fa

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://smac-ky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 01:27:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 163
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 06 Oct 2021 02:41:16 GMT
Server: KONICHIWA/1.1
X-Frame-Options: SAMEORIGIN
ETag: "f5-5cda61486c75d-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css
Cache-Control: max-age=86400
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100

GET
H/1.1 200
OK theme.osmp.css
oam.wellsfargo.com/oamo/static/css/osmp/ 13 KB
3 KB 501ms
120ms Stylesheet
text/css 159.45.2.180
WELLSFARGO-10837

General

Check archive.org

Show headers Download Go to

Full URL

https://oam.wellsfargo.com/oamo/static/css/osmp/theme.osmp.css?v=5C689CB6B5

Requested by

Host: smac-ky.com
URL: https://smac-ky.com/Wells/1e1847362f111385ee0ee75316b5de0d/identitywells.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.2.180 , United States, ASN10837 (WELLSFARGO-10837, US),

Reverse DNS

Software

KONICHIWA/1.1 /

Resource Hash

80c5f7839d1c7ec199e248535938a064e8fa87dfc4d5ef48b8b59f0515779928

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://smac-ky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 01:27:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 1949
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 06 Oct 2021 04:53:08 GMT
Server: KONICHIWA/1.1
X-Frame-Options: SAMEORIGIN
ETag: "34a9-5cda7ec21854e-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css
Cache-Control: max-age=86400
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=97

GET
H/1.1 200
OK theme.osmp.header.css
oam.wellsfargo.com/oamo/static/css/osmp/ 2 KB
1 KB 500ms
119ms Stylesheet
text/css 159.45.2.180
WELLSFARGO-10837

General

Check archive.org

Show headers Download Go to

Full URL

https://oam.wellsfargo.com/oamo/static/css/osmp/theme.osmp.header.css?v=5C689CB6B5

Requested by

Host: smac-ky.com
URL: https://smac-ky.com/Wells/1e1847362f111385ee0ee75316b5de0d/identitywells.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.2.180 , United States, ASN10837 (WELLSFARGO-10837, US),

Reverse DNS

Software

KONICHIWA/1.1 /

Resource Hash

f20007e3c12b9e4da4216a6b87b5af8044d65c9180d4250df3250fc5b30d2c05

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://smac-ky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 01:27:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 546
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 06 Oct 2021 02:41:38 GMT
Server: KONICHIWA/1.1
X-Frame-Options: SAMEORIGIN
ETag: "7fa-5cda615d7d034-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css
Cache-Control: max-age=86400
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=97

GET
H/1.1 200
OK theme.osmp.footer.css
oam.wellsfargo.com/oamo/static/css/osmp/ 1 KB
1 KB 502ms
120ms Stylesheet
text/css 159.45.2.180
WELLSFARGO-10837

General

Check archive.org

Show headers Download Go to

Full URL

https://oam.wellsfargo.com/oamo/static/css/osmp/theme.osmp.footer.css?v=5C689CB6B5

Requested by

Host: smac-ky.com
URL: https://smac-ky.com/Wells/1e1847362f111385ee0ee75316b5de0d/identitywells.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.2.180 , United States, ASN10837 (WELLSFARGO-10837, US),

Reverse DNS

Software

KONICHIWA/1.1 /

Resource Hash

5f0744f9c0bcf55875dea07a7c6735e8fa73dca86dd3f8301c4dc1ca85433039

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://smac-ky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 01:27:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 395
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 06 Oct 2021 02:41:16 GMT
Server: KONICHIWA/1.1
X-Frame-Options: SAMEORIGIN
ETag: "547-5cda61486ea85-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css
Cache-Control: max-age=86400
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=95

GET
H/1.1 200
OK theme.osmp.input.css
oam.wellsfargo.com/oamo/static/css/osmp/ 1 KB
1 KB 505ms
121ms Stylesheet
text/css 159.45.2.180
WELLSFARGO-10837

General

Check archive.org

Show headers Download Go to

Full URL

https://oam.wellsfargo.com/oamo/static/css/osmp/theme.osmp.input.css?v=5C689CB6B5

Requested by

Host: smac-ky.com
URL: https://smac-ky.com/Wells/1e1847362f111385ee0ee75316b5de0d/identitywells.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.2.180 , United States, ASN10837 (WELLSFARGO-10837, US),

Reverse DNS

Software

KONICHIWA/1.1 /

Resource Hash

784bf4aa7c36d37d2b84163901bbf5148b14f3e69bd6357d39c46860c2806543

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://smac-ky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 01:27:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 401
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 06 Oct 2021 04:53:14 GMT
Server: KONICHIWA/1.1
X-Frame-Options: SAMEORIGIN
ETag: "503-5cda7ec830885-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css
Cache-Control: max-age=86400
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=97

GET
H/1.1 200
OK theme.osmp.button.css
oam.wellsfargo.com/oamo/static/css/osmp/ 4 KB
2 KB 538ms
135ms Stylesheet
text/css 159.45.2.180
WELLSFARGO-10837

General

Check archive.org

Show headers Download Go to

Full URL

https://oam.wellsfargo.com/oamo/static/css/osmp/theme.osmp.button.css?v=5C689CB6B5

Requested by

Host: smac-ky.com
URL: https://smac-ky.com/Wells/1e1847362f111385ee0ee75316b5de0d/identitywells.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.2.180 , United States, ASN10837 (WELLSFARGO-10837, US),

Reverse DNS

Software

KONICHIWA/1.1 /

Resource Hash

8bd6dfbd3189012715af6d73dfdbb0956536221d5cc0c5bd04a49216a2448845

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://smac-ky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 01:27:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 875
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 06 Oct 2021 02:41:16 GMT
Server: KONICHIWA/1.1
X-Frame-Options: SAMEORIGIN
ETag: "1063-5cda61486e69d-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css
Cache-Control: max-age=86400
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=95

GET
H/1.1 200
OK theme.osmp.loadingaction.css
oam.wellsfargo.com/oamo/static/css/osmp/ 991 B
1 KB 620ms
119ms Stylesheet
text/css 159.45.2.180
WELLSFARGO-10837

General

Check archive.org

Show headers Download Go to

Full URL

https://oam.wellsfargo.com/oamo/static/css/osmp/theme.osmp.loadingaction.css?v=5C689CB6B5

Requested by

Host: smac-ky.com
URL: https://smac-ky.com/Wells/1e1847362f111385ee0ee75316b5de0d/identitywells.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.2.180 , United States, ASN10837 (WELLSFARGO-10837, US),

Reverse DNS

Software

KONICHIWA/1.1 /

Resource Hash

61a7ed250cf75e92062fc589fc424c9cf5bd857ef37bbc8b36aaa54cd2de700b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://smac-ky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 01:27:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 324
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 06 Oct 2021 04:53:11 GMT
Server: KONICHIWA/1.1
X-Frame-Options: SAMEORIGIN
ETag: "3df-5cda7ec4a12e4-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css
Cache-Control: max-age=86400
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=97

GET
H/1.1 200
OK theme.osmp.balloon.css
oam.wellsfargo.com/oamo/static/css/osmp/ 3 KB
1 KB 621ms
120ms Stylesheet
text/css 159.45.2.180
WELLSFARGO-10837

General

Check archive.org

Show headers Download Go to

Full URL

https://oam.wellsfargo.com/oamo/static/css/osmp/theme.osmp.balloon.css?v=5C689CB6B5

Requested by

Host: smac-ky.com
URL: https://smac-ky.com/Wells/1e1847362f111385ee0ee75316b5de0d/identitywells.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.2.180 , United States, ASN10837 (WELLSFARGO-10837, US),

Reverse DNS

Software

KONICHIWA/1.1 /

Resource Hash

b504e0022bc90bc8e77af06a4ff8b079369b3edbc2ba9643b361365c76fcd30f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://smac-ky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 01:27:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 675
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 06 Oct 2021 04:53:08 GMT
Server: KONICHIWA/1.1
X-Frame-Options: SAMEORIGIN
ETag: "bf1-5cda7ec21854e-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css
Cache-Control: max-age=86400
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=95

GET
H/1.1 200
OK theme.osmp.lightbox.css
oam.wellsfargo.com/oamo/static/css/osmp/ 1 KB
1 KB 623ms
122ms Stylesheet
text/css 159.45.2.180
WELLSFARGO-10837

General

Check archive.org

Show headers Download Go to

Full URL

https://oam.wellsfargo.com/oamo/static/css/osmp/theme.osmp.lightbox.css?v=5C689CB6B5

Requested by

Host: smac-ky.com
URL: https://smac-ky.com/Wells/1e1847362f111385ee0ee75316b5de0d/identitywells.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.2.180 , United States, ASN10837 (WELLSFARGO-10837, US),

Reverse DNS

Software

KONICHIWA/1.1 /

Resource Hash

a193797b0993aa5f32fad12b74d85b45dd4475e44b7f9c4767edbf8636d9ed02

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://smac-ky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 01:27:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 479
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 06 Oct 2021 02:41:16 GMT
Server: KONICHIWA/1.1
X-Frame-Options: SAMEORIGIN
ETag: "5ae-5cda61486f255-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css
Cache-Control: max-age=86400
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=95

GET
H/1.1 200
OK theme.osmp.pwreset.css
oam.wellsfargo.com/oamo/static/css/osmp/ 2 KB
1 KB 625ms
121ms Stylesheet
text/css 159.45.2.180
WELLSFARGO-10837

General

Check archive.org

Show headers Download Go to

Full URL

https://oam.wellsfargo.com/oamo/static/css/osmp/theme.osmp.pwreset.css?v=5C689CB6B5

Requested by

Host: smac-ky.com
URL: https://smac-ky.com/Wells/1e1847362f111385ee0ee75316b5de0d/identitywells.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.2.180 , United States, ASN10837 (WELLSFARGO-10837, US),

Reverse DNS

Software

KONICHIWA/1.1 /

Resource Hash

3b10ee22dc332651243e2991f4aa5913ca4c1ab8d7615a3fa772101351027c82

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://smac-ky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 01:27:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 597
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 06 Oct 2021 02:41:16 GMT
Server: KONICHIWA/1.1
X-Frame-Options: SAMEORIGIN
ETag: "7eb-5cda61486f63d-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css
Cache-Control: max-age=86400
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=97

GET
H/1.1 200
OK crosspFindUsername.css
oam.wellsfargo.com/oamo/static/css/credentials/ 125 B
850 B 648ms
118ms Stylesheet
text/css 159.45.2.180
WELLSFARGO-10837

General

Check archive.org

Show headers Download Go to

Full URL

https://oam.wellsfargo.com/oamo/static/css/credentials/crosspFindUsername.css?v=5C689CB6B5

Requested by

Host: smac-ky.com
URL: https://smac-ky.com/Wells/1e1847362f111385ee0ee75316b5de0d/identitywells.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.2.180 , United States, ASN10837 (WELLSFARGO-10837, US),

Reverse DNS

Software

KONICHIWA/1.1 /

Resource Hash

888a448b36681a27c54186fde5617555845b1ec07eaaaba469be14cc289422ca

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://smac-ky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 01:27:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 78
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 06 Oct 2021 04:53:14 GMT
Server: KONICHIWA/1.1
X-Frame-Options: SAMEORIGIN
ETag: "7d-5cda7ec82ed2d-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css
Cache-Control: max-age=86400
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=95

GET
H/1.1 200
OK theme.osmp.timeout.css
oam.wellsfargo.com/oamo/static/css/osmp/ 2 KB
1 KB 605ms
134ms Stylesheet
text/css 159.45.2.180
WELLSFARGO-10837

General

Check archive.org

Show headers Download Go to

Full URL

https://oam.wellsfargo.com/oamo/static/css/osmp/theme.osmp.timeout.css?v=5C689CB6B5

Requested by

Host: smac-ky.com
URL: https://smac-ky.com/Wells/1e1847362f111385ee0ee75316b5de0d/identitywells.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.2.180 , United States, ASN10837 (WELLSFARGO-10837, US),

Reverse DNS

Software

KONICHIWA/1.1 /

Resource Hash

409bb0fda65031ecb46a7c70e6e1e9cdec272980903bde0e95861c69676f07bb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://smac-ky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 01:27:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 616
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 06 Oct 2021 02:41:16 GMT
Server: KONICHIWA/1.1
X-Frame-Options: SAMEORIGIN
ETag: "702-5cda61486fa25-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/css
Cache-Control: max-age=86400
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=97

GET
H/1.1 200
OK x-button.png
oam.wellsfargo.com/oamo/static/images/ 2 KB
3 KB 121ms
121ms Image
image/png 159.45.2.180
WELLSFARGO-10837

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oam.wellsfargo.com/oamo/static/images/x-button.png

Requested by

Host: smac-ky.com
URL: https://smac-ky.com/Wells/1e1847362f111385ee0ee75316b5de0d/identitywells.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.2.180 , United States, ASN10837 (WELLSFARGO-10837, US),

Reverse DNS

Software

KONICHIWA/1.1 /

Resource Hash

1e6897f16252610e8ef3db2e7e6e2ad93679362bc33adbb0ea7f4512427b4bf6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://smac-ky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 01:27:33 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Wed, 06 Oct 2021 02:41:16 GMT
Server: KONICHIWA/1.1
ETag: "7b7-5cda6148832a5"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=86400
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=97
Content-Length: 1975
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK hook.down.png
oam.wellsfargo.com/oamo/static/images/ 1 KB
2 KB 145ms
145ms Image
image/png 159.45.2.180
WELLSFARGO-10837

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oam.wellsfargo.com/oamo/static/images/hook.down.png

Requested by

Host: smac-ky.com
URL: https://smac-ky.com/Wells/1e1847362f111385ee0ee75316b5de0d/identitywells.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.2.180 , United States, ASN10837 (WELLSFARGO-10837, US),

Reverse DNS

Software

KONICHIWA/1.1 /

Resource Hash

a05c326b16b3173fbf8e999d38e907d35bb00c0cb245fa675776c9a2fd788e17

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://smac-ky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 01:27:33 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Wed, 06 Oct 2021 02:41:41 GMT
Server: KONICHIWA/1.1
ETag: "499-5cda6160c051a"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=86400
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 1177
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK icon_error.png
oam.wellsfargo.com/oamo/static/images/ 395 B
1 KB 140ms
139ms Image
image/png 159.45.2.180
WELLSFARGO-10837

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oam.wellsfargo.com/oamo/static/images/icon_error.png

Requested by

Host: smac-ky.com
URL: https://smac-ky.com/Wells/1e1847362f111385ee0ee75316b5de0d/identitywells.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.2.180 , United States, ASN10837 (WELLSFARGO-10837, US),

Reverse DNS

Software

KONICHIWA/1.1 /

Resource Hash

00b2519c3ecb866ffc2be3565c3c5199ce0b8f07c7e627404a0253e73f00c83e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://smac-ky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 01:27:33 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Wed, 06 Oct 2021 02:41:38 GMT
Server: KONICHIWA/1.1
ETag: "18b-5cda615d8c264"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=86400
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=97
Content-Length: 395
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK icon_error_12x12.png
oam.wellsfargo.com/oamo/static/images/ 459 B
1 KB 119ms
118ms Image
image/png 159.45.2.180
WELLSFARGO-10837

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oam.wellsfargo.com/oamo/static/images/icon_error_12x12.png

Requested by

Host: smac-ky.com
URL: https://smac-ky.com/Wells/1e1847362f111385ee0ee75316b5de0d/identitywells.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.2.180 , United States, ASN10837 (WELLSFARGO-10837, US),

Reverse DNS

Software

KONICHIWA/1.1 /

Resource Hash

16ac51ca358205cc31371ba5b7d118808effba8849a09a2473c3528edb6c72d9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://smac-ky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 01:27:33 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Wed, 06 Oct 2021 04:52:48 GMT
Server: KONICHIWA/1.1
ETag: "1cb-5cda7eaf54c05"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=86400
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=97
Content-Length: 459
X-XSS-Protection: 1; mode=block

GET
DATA 200
OK truncated
/ 19 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0a646e5aa2bffaf7fe24e63ed8b5b736264707497f2724c53c27995448ead57b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK icn-ind-help-form-darkteal-glob-16x16-000750-v01_00@1x.png
oam.wellsfargo.com/oamo/static/images/ 309 B
1 KB 173ms
118ms Image
image/png 159.45.2.180
WELLSFARGO-10837

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oam.wellsfargo.com/oamo/static/images/icn-ind-help-form-darkteal-glob-16x16-000750-v01_00@1x.png

Requested by

Host: smac-ky.com
URL: https://smac-ky.com/Wells/1e1847362f111385ee0ee75316b5de0d/identitywells.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.2.180 , United States, ASN10837 (WELLSFARGO-10837, US),

Reverse DNS

Software

KONICHIWA/1.1 /

Resource Hash

66045233d2ee1cee32d15db765bf0128a7e1668f893d3b22a52ba501420ebf3b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://smac-ky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 01:27:33 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Wed, 06 Oct 2021 04:53:11 GMT
Server: KONICHIWA/1.1
ETag: "135-5cda7ec4b3fac"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=86400
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=97
Content-Length: 309
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery.min.js Show response
oam.wellsfargo.com/oamo/static/js/ 87 KB
31 KB 127ms
127ms Script
application/javascript 159.45.2.180
WELLSFARGO-10837

General

Check archive.org

Show headers Download Go to

Full URL

https://oam.wellsfargo.com/oamo/static/js/jquery.min.js?v=5C689CB6B5

Requested by

Host: smac-ky.com
URL: https://smac-ky.com/Wells/1e1847362f111385ee0ee75316b5de0d/identitywells.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.2.180 , United States, ASN10837 (WELLSFARGO-10837, US),

Reverse DNS

Software

KONICHIWA/1.1 /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://smac-ky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 01:27:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 30835
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 06 Oct 2021 04:53:11 GMT
Server: KONICHIWA/1.1
X-Frame-Options: SAMEORIGIN
ETag: "15d84-5cda7ec4bdbec-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=86400
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=97

GET
H/1.1 200
OK validation.js Show response
oam.wellsfargo.com/oamo/static/js/ 7 KB
2 KB 120ms
120ms Script
application/javascript 159.45.2.180
WELLSFARGO-10837

General

Check archive.org

Show headers Download Go to

Full URL

https://oam.wellsfargo.com/oamo/static/js/validation.js?v=5C689CB6B5

Requested by

Host: smac-ky.com
URL: https://smac-ky.com/Wells/1e1847362f111385ee0ee75316b5de0d/identitywells.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.2.180 , United States, ASN10837 (WELLSFARGO-10837, US),

Reverse DNS

Software

KONICHIWA/1.1 /

Resource Hash

6f6adf15fc46d77ec7e1d316fb2ff9b4c9636bf7181a1dc73501311f9d45656a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://smac-ky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 01:27:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 1495
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 06 Oct 2021 04:53:11 GMT
Server: KONICHIWA/1.1
X-Frame-Options: SAMEORIGIN
ETag: "1a4c-5cda7ec4bef74-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=86400
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=97

GET
H/1.1 200
OK timeout.js Show response
oam.wellsfargo.com/oamo/static/js/ 10 KB
3 KB 120ms
120ms Script
application/javascript 159.45.2.180
WELLSFARGO-10837

General

Check archive.org

Show headers Download Go to

Full URL

https://oam.wellsfargo.com/oamo/static/js/timeout.js?v=5C689CB6B5

Requested by

Host: smac-ky.com
URL: https://smac-ky.com/Wells/1e1847362f111385ee0ee75316b5de0d/identitywells.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.2.180 , United States, ASN10837 (WELLSFARGO-10837, US),

Reverse DNS

Software

KONICHIWA/1.1 /

Resource Hash

5db875b322de1c9ce7ce0a84feb3fdd7e60c3c826ba9bc9b5b3bf8a242c8d4d8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://smac-ky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 01:27:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 1955
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 06 Oct 2021 04:53:11 GMT
Server: KONICHIWA/1.1
X-Frame-Options: SAMEORIGIN
ETag: "2600-5cda7ec4bef74-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=86400
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=97

GET
H/1.1 200
OK theme.osmp.balloon.js Show response
oam.wellsfargo.com/oamo/static/js/osmp/ 7 KB
2 KB 123ms
123ms Script
application/javascript 159.45.2.180
WELLSFARGO-10837

General

Check archive.org

Show headers Download Go to

Full URL

https://oam.wellsfargo.com/oamo/static/js/osmp/theme.osmp.balloon.js?v=5C689CB6B5

Requested by

Host: smac-ky.com
URL: https://smac-ky.com/Wells/1e1847362f111385ee0ee75316b5de0d/identitywells.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.2.180 , United States, ASN10837 (WELLSFARGO-10837, US),

Reverse DNS

Software

KONICHIWA/1.1 /

Resource Hash

a97c1c9964ab3f108a944821e221c646885f20db74cf6b912066b05d771e60d7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://smac-ky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 01:27:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 1206
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 06 Oct 2021 04:52:48 GMT
Server: KONICHIWA/1.1
X-Frame-Options: SAMEORIGIN
ETag: "1b62-5cda7eaf5c905-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=86400
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=97

GET
H/1.1 200
OK theme.osmp.lightbox.js Show response
oam.wellsfargo.com/oamo/static/js/osmp/ 7 KB
2 KB 119ms
119ms Script
application/javascript 159.45.2.180
WELLSFARGO-10837

General

Check archive.org

Show headers Download Go to

Full URL

https://oam.wellsfargo.com/oamo/static/js/osmp/theme.osmp.lightbox.js?v=5C689CB6B5

Requested by

Host: smac-ky.com
URL: https://smac-ky.com/Wells/1e1847362f111385ee0ee75316b5de0d/identitywells.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.2.180 , United States, ASN10837 (WELLSFARGO-10837, US),

Reverse DNS

Software

KONICHIWA/1.1 /

Resource Hash

91a6ed18ee4ce6197e3bb7b79cba2ad9808fa26e069cfe4e8958725ba4753e71

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://smac-ky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 01:27:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 1239
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 06 Oct 2021 04:52:48 GMT
Server: KONICHIWA/1.1
X-Frame-Options: SAMEORIGIN
ETag: "1b90-5cda7eaf5cced-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=86400
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=97

GET
H/1.1 200
OK crosspChangePasswordIdentifyFull.js Show response
oam.wellsfargo.com/oamo/static/js/ 9 KB
3 KB 135ms
135ms Script
application/javascript 159.45.2.180
WELLSFARGO-10837

General

Check archive.org

Show headers Download Go to

Full URL

https://oam.wellsfargo.com/oamo/static/js/crosspChangePasswordIdentifyFull.js?v=5C689CB6B5

Requested by

Host: smac-ky.com
URL: https://smac-ky.com/Wells/1e1847362f111385ee0ee75316b5de0d/identitywells.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.2.180 , United States, ASN10837 (WELLSFARGO-10837, US),

Reverse DNS

Software

KONICHIWA/1.1 /

Resource Hash

7b19a39b83418adaca42a1450b6968e1de62ed93d3872ff574c0bc53976da6b3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://smac-ky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 01:27:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 2529
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 06 Oct 2021 04:52:26 GMT
Server: KONICHIWA/1.1
X-Frame-Options: SAMEORIGIN
ETag: "251f-5cda7e99c12ce-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=86400
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=97

GET
H/1.1 200
OK crosspFindUsername.js Show response
oam.wellsfargo.com/oamo/static/js/ 12 KB
3 KB 123ms
123ms Script
application/javascript 159.45.2.180
WELLSFARGO-10837

General

Check archive.org

Show headers Download Go to

Full URL

https://oam.wellsfargo.com/oamo/static/js/crosspFindUsername.js?v=5C689CB6B5

Requested by

Host: smac-ky.com
URL: https://smac-ky.com/Wells/1e1847362f111385ee0ee75316b5de0d/identitywells.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.2.180 , United States, ASN10837 (WELLSFARGO-10837, US),

Reverse DNS

Software

KONICHIWA/1.1 /

Resource Hash

096e58712ecfd6c58078153f0c8946ed4d7090850f0c4d65362426b4e8e5acb2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://smac-ky.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 01:27:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 2499
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 06 Oct 2021 04:53:11 GMT
Server: KONICHIWA/1.1
X-Frame-Options: SAMEORIGIN
ETag: "310c-5cda7ec4bbcac-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=86400
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=97

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d37bd2b0d972b4d93225150196da6b4b0ba8d1daf224b54ccec32ad5632f5a3f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: edc5ee3b590dae17b0eb19063c34680c15ee144d13583d006e6a7976b69cd2db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e6897f16252610e8ef3db2e7e6e2ad93679362bc33adbb0ea7f4512427b4bf6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 212 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8a46f7e1801bbc650201f5fd410d1854ff5e62c284414de48d418bed2f33fc8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1ed889a15705bc76729d29d715c64f3d7f35de2ea519e1d2704924cf40d9e30d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/jpeg

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Wells Fargo (Banking)

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

oam.wellsfargo.com
smac-ky.com
159.45.2.180
208.117.27.65
00b2519c3ecb866ffc2be3565c3c5199ce0b8f07c7e627404a0253e73f00c83e
096e58712ecfd6c58078153f0c8946ed4d7090850f0c4d65362426b4e8e5acb2
0a646e5aa2bffaf7fe24e63ed8b5b736264707497f2724c53c27995448ead57b
16ac51ca358205cc31371ba5b7d118808effba8849a09a2473c3528edb6c72d9
1e6897f16252610e8ef3db2e7e6e2ad93679362bc33adbb0ea7f4512427b4bf6
1ed889a15705bc76729d29d715c64f3d7f35de2ea519e1d2704924cf40d9e30d
3b10ee22dc332651243e2991f4aa5913ca4c1ab8d7615a3fa772101351027c82
409bb0fda65031ecb46a7c70e6e1e9cdec272980903bde0e95861c69676f07bb
5c38b99055f7da6824bb50339b4ea10065344a781a03a43ab0f0fe43f22b02fa
5db875b322de1c9ce7ce0a84feb3fdd7e60c3c826ba9bc9b5b3bf8a242c8d4d8
5f0744f9c0bcf55875dea07a7c6735e8fa73dca86dd3f8301c4dc1ca85433039
61a7ed250cf75e92062fc589fc424c9cf5bd857ef37bbc8b36aaa54cd2de700b
66045233d2ee1cee32d15db765bf0128a7e1668f893d3b22a52ba501420ebf3b
6f6adf15fc46d77ec7e1d316fb2ff9b4c9636bf7181a1dc73501311f9d45656a
784bf4aa7c36d37d2b84163901bbf5148b14f3e69bd6357d39c46860c2806543
7b19a39b83418adaca42a1450b6968e1de62ed93d3872ff574c0bc53976da6b3
80c5f7839d1c7ec199e248535938a064e8fa87dfc4d5ef48b8b59f0515779928
888a448b36681a27c54186fde5617555845b1ec07eaaaba469be14cc289422ca
8a46f7e1801bbc650201f5fd410d1854ff5e62c284414de48d418bed2f33fc8a
8bd6dfbd3189012715af6d73dfdbb0956536221d5cc0c5bd04a49216a2448845
91a6ed18ee4ce6197e3bb7b79cba2ad9808fa26e069cfe4e8958725ba4753e71
a05c326b16b3173fbf8e999d38e907d35bb00c0cb245fa675776c9a2fd788e17
a193797b0993aa5f32fad12b74d85b45dd4475e44b7f9c4767edbf8636d9ed02
a97c1c9964ab3f108a944821e221c646885f20db74cf6b912066b05d771e60d7
b504e0022bc90bc8e77af06a4ff8b079369b3edbc2ba9643b361365c76fcd30f
d37bd2b0d972b4d93225150196da6b4b0ba8d1daf224b54ccec32ad5632f5a3f
dbc76a852b2ca20de8148db43cd2a59160004d122b89edd74c288d47a00cdb83
edc5ee3b590dae17b0eb19063c34680c15ee144d13583d006e6a7976b69cd2db
f20007e3c12b9e4da4216a6b87b5af8044d65c9180d4250df3250fc5b30d2c05
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

smac-ky.com Open in urlscan Pro 208.117.27.65 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

25 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

3 IPs

1 Countries

320 kBTransfer

455 kBSize

0 Cookies

3 Outgoing links

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

smac-ky.com Open in urlscan Pro
208.117.27.65 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

320 kB
Transfer

455 kB
Size

0
Cookies

25 HTTP transactions
6 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!