httpverify.duckdns.org Open in urlscan Pro
52.40.133.3  Malicious Activity! Public Scan

URL: https://httpverify.duckdns.org/wellsfargo/card.htm
Submission: On December 09 via automatic, source openphish — Scanned from DE

Summary

This website contacted 6 IPs in 2 countries across 3 domains to perform 11 HTTP transactions. The main IP is 52.40.133.3, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is httpverify.duckdns.org.
TLS certificate: Issued by cPanel, Inc. Certification Authority on December 8th 2022. Valid for: 3 months.
This is the only time httpverify.duckdns.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Wells Fargo (Banking)

Domain & IP information

IP Address AS Autonomous System
3 52.40.133.3 16509 (AMAZON-02)
3 23.205.234.180 16625 (AKAMAI-AS)
2 23.36.162.72 20940 (AKAMAI-ASN1)
2 23.205.226.231 16625 (AKAMAI-AS)
1 23.36.162.77 20940 (AKAMAI-ASN1)
11 6
Apex Domain
Subdomains
Transfer
5 wellsfargomedia.com
www10.wellsfargomedia.com — Cisco Umbrella Rank: 16025
www15.wellsfargomedia.com — Cisco Umbrella Rank: 25297
52 KB
3 wellsfargo.com
static.wellsfargo.com — Cisco Umbrella Rank: 12036
oam.wellsfargo.com — Cisco Umbrella Rank: 81169
59 KB
3 duckdns.org
httpverify.duckdns.org
27 KB
11 3
Domain Requested by
3 www10.wellsfargomedia.com httpverify.duckdns.org
3 httpverify.duckdns.org httpverify.duckdns.org
2 www15.wellsfargomedia.com www10.wellsfargomedia.com
2 static.wellsfargo.com httpverify.duckdns.org
1 oam.wellsfargo.com httpverify.duckdns.org
11 5

This site contains links to these domains. Also see Links.

Domain
www.wellsfargo.com
Subject Issuer Validity Valid
httpverify.duckdns.org
cPanel, Inc. Certification Authority
2022-12-08 -
2023-03-08
3 months crt.sh
www10.wellsfargomedia.com
DigiCert TLS RSA SHA256 2020 CA1
2022-04-05 -
2023-04-05
a year crt.sh
static.wellsfargo.com
DigiCert EV RSA CA G2
2022-10-12 -
2023-10-12
a year crt.sh
www15.wellsfargomedia.com
DigiCert TLS RSA SHA256 2020 CA1
2022-11-14 -
2023-11-16
a year crt.sh
oam.wellsfargo.com
DigiCert EV RSA CA G2
2022-10-12 -
2023-10-12
a year crt.sh

This page contains 1 frames:

Primary Page: https://httpverify.duckdns.org/wellsfargo/card.htm
Frame ID: 02A04F1860EE69E7133DCD22BBFD7805
Requests: 12 HTTP requests in this frame

Screenshot

Page Title

Wells Fargo - Please confirm your identity

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

11
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

5
Subdomains

6
IPs

2
Countries

138 kB
Transfer

465 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request card.htm
httpverify.duckdns.org/wellsfargo/
25 KB
26 KB
Document
General
Full URL
https://httpverify.duckdns.org/wellsfargo/card.htm
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.40.133.3 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-40-133-3.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
81782c7d38aaacce4433ef24ba72c51e2db0bc844ba05a7c07c4f3aa95626340

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Length
26071
Content-Type
text/html
Date
Fri, 09 Dec 2022 01:25:33 GMT
Keep-Alive
timeout=5, max=100
Last-Modified
Tue, 21 Sep 2021 01:24:08 GMT
Server
Apache
theme.ssep.messaging.css
www10.wellsfargomedia.com/auth/static/css/ssep/
4 KB
1 KB
Stylesheet
General
Full URL
https://www10.wellsfargomedia.com/auth/static/css/ssep/theme.ssep.messaging.css?v=
Requested by
Host: httpverify.duckdns.org
URL: https://httpverify.duckdns.org/wellsfargo/card.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.234.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-234-180.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
750284c53dc79db9ceeae1d6428a2b4ba2e23a40a910218fb16c44c63d7bf109
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://httpverify.duckdns.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains;
date
Fri, 09 Dec 2022 01:25:33 GMT
content-length
842
x-xss-protection
1; mode=block
last-modified
Thu, 01 Dec 2022 21:19:02 GMT
server
Akamai Resource Optimizer
etag
W/"6369c7b7-f0e"
allow
GET, POST, OPTIONS
access-control-allow-methods
POST
content-type
text/css
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=10368000
expires
Sat, 08 Apr 2023 01:25:33 GMT
wf-fonts.css
www10.wellsfargomedia.com/auth/static/css/
4 KB
772 B
Stylesheet
General
Full URL
https://www10.wellsfargomedia.com/auth/static/css/wf-fonts.css?v=
Requested by
Host: httpverify.duckdns.org
URL: https://httpverify.duckdns.org/wellsfargo/card.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.234.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-234-180.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
3a80ebe861b93c47265b21bc70a9fa88fc95e76f39cb291ad05b24597446ef8e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://httpverify.duckdns.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains;
date
Fri, 09 Dec 2022 01:25:33 GMT
content-length
314
x-xss-protection
1; mode=block
last-modified
Wed, 16 Nov 2022 04:23:57 GMT
server
Akamai Resource Optimizer
etag
W/"6369c7b8-edb"
allow
GET, POST, OPTIONS
access-control-allow-methods
POST
content-type
text/css
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=10368000
expires
Sat, 08 Apr 2023 01:25:33 GMT
redesigned.logout.css
www10.wellsfargomedia.com/auth/static/css/ssep/combined/
5 KB
2 KB
Stylesheet
General
Full URL
https://www10.wellsfargomedia.com/auth/static/css/ssep/combined/redesigned.logout.css?v=
Requested by
Host: httpverify.duckdns.org
URL: https://httpverify.duckdns.org/wellsfargo/card.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.234.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-234-180.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
b445132f71a00a242a272030d53a480d5e5977b27cbcb28c131cf8fdb326bd79
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://httpverify.duckdns.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains;
date
Fri, 09 Dec 2022 01:25:33 GMT
content-length
1108
x-xss-protection
1; mode=block
last-modified
Mon, 31 Oct 2022 06:46:21 GMT
server
Akamai Resource Optimizer
etag
W/"63589270-136b"
allow
GET, POST, OPTIONS
access-control-allow-methods
POST
content-type
text/css
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=10368000
expires
Sat, 08 Apr 2023 01:25:33 GMT
utag.136.js
static.wellsfargo.com/tracking/main/
54 KB
5 KB
Script
General
Full URL
https://static.wellsfargo.com/tracking/main/utag.136.js?utv=ut4.88wri7BVgm73UdVGNg6ndy7QmQTMTcYSSfAPsukavoUDdy8zxNgHUugNJcEBtzp6VdR1ZCwtySwsQaA9pHbTSnpZ4vnPyBqmain_201
Requested by
Host: httpverify.duckdns.org
URL: https://httpverify.duckdns.org/wellsfargo/card.htm
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-72.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
eaeccba3d96e1fe1f6a600ab5b9ebb2dc6bf06cac27ce733ce5b74bf3c85887f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://httpverify.duckdns.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Fri, 09 Dec 2022 01:25:33 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Thu, 11 Aug 2022 20:02:46 GMT
ETag
W/"62f56066-d8e3"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1800
Connection
keep-alive
Content-Length
4329
X-XSS-Protection
1; mode=block
utag.js
static.wellsfargo.com/tracking/main/
318 KB
53 KB
Script
General
Full URL
https://static.wellsfargo.com/tracking/main/utag.js
Requested by
Host: httpverify.duckdns.org
URL: https://httpverify.duckdns.org/wellsfargo/card.htm
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-72.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
de30673d7384fd8ccb3a35e96ccc7b0d0799f22912ae5591fcd3d533ad7becf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://httpverify.duckdns.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Fri, 09 Dec 2022 01:25:33 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Wed, 16 Nov 2022 21:08:13 GMT
ETag
W/"6375513d-4f786"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1800
Connection
keep-alive
Content-Length
53951
X-XSS-Protection
1; mode=block
truncated
/
6 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f8cb039a63b11f207edf324bbfdabbbfaa2d421729785dca77020490c293185e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/svg+xml
wellsfargoserif-rg.woff2
www15.wellsfargomedia.com/wfui/css/fonts/
26 KB
26 KB
Font
General
Full URL
https://www15.wellsfargomedia.com/wfui/css/fonts/wellsfargoserif-rg.woff2
Requested by
Host: www10.wellsfargomedia.com
URL: https://www10.wellsfargomedia.com/auth/static/css/wf-fonts.css?v=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.226.231 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-226-231.deploy.static.akamaitechnologies.com
Software
KONICHIWA/2.0 /
Resource Hash
aeb7b3bfc4281d35b02dfde05ac7a6c0d3daa7f3123b35a9cbd4b5a8e3f3c310
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www10.wellsfargomedia.com/
Origin
https://httpverify.duckdns.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
date
Fri, 09 Dec 2022 01:25:33 GMT
x-content-type-options
nosniff
last-modified
Mon, 11 Mar 2019 20:52:01 GMT
server
KONICHIWA/2.0
etag
"6854-583d7be82be40"
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
26708
x-xss-protection
1; mode=block
expires
Sat, 09 Dec 2023 01:25:33 GMT
wellsfargosans-rg.woff2
www15.wellsfargomedia.com/wfui/css/fonts/
22 KB
22 KB
Font
General
Full URL
https://www15.wellsfargomedia.com/wfui/css/fonts/wellsfargosans-rg.woff2
Requested by
Host: www10.wellsfargomedia.com
URL: https://www10.wellsfargomedia.com/auth/static/css/wf-fonts.css?v=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.226.231 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-226-231.deploy.static.akamaitechnologies.com
Software
KONICHIWA/2.0 /
Resource Hash
631f3b6267a831a8d67c45e480b5d5a2601f10ff8708bcf3a45a41b377a129cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www10.wellsfargomedia.com/
Origin
https://httpverify.duckdns.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

unused62
8096267
strict-transport-security
max-age=31536000; includeSubdomains;
date
Fri, 09 Dec 2022 01:25:33 GMT
x-content-type-options
nosniff
last-modified
Tue, 26 Feb 2019 19:38:34 GMT
server
KONICHIWA/2.0
etag
"5798-582d133e56280"
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
22424
x-xss-protection
1; mode=block
expires
Sat, 09 Dec 2023 01:25:33 GMT
icn-ind-help-form-darkteal-glob-16x16-000750-v01_00@1x.png
oam.wellsfargo.com/oamo/static/images/
309 B
1 KB
Image
General
Full URL
https://oam.wellsfargo.com/oamo/static/images/icn-ind-help-form-darkteal-glob-16x16-000750-v01_00@1x.png
Requested by
Host: httpverify.duckdns.org
URL: https://httpverify.duckdns.org/wellsfargo/card.htm
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.77 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-77.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
66045233d2ee1cee32d15db765bf0128a7e1668f893d3b22a52ba501420ebf3b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; style-src 'self' https://wellsfargo.com https://*.wellsfargo.com; report-uri https://ort.wellsfargo.com/reporting/csp
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://httpverify.duckdns.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; style-src 'self' https://wellsfargo.com https://*.wellsfargo.com; report-uri https://ort.wellsfargo.com/reporting/csp
Date
Fri, 09 Dec 2022 01:25:33 GMT
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Thu, 08 Dec 2022 03:50:07 GMT
ETag
"63915eef-135"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
309
X-XSS-Protection
1; mode=block
jquery.js
httpverify.duckdns.org/auth/static/scripts/
0
0
Script
General
Full URL
https://httpverify.duckdns.org/auth/static/scripts/jquery.js?v=
Requested by
Host: httpverify.duckdns.org
URL: https://httpverify.duckdns.org/wellsfargo/card.htm
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.40.133.3 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-40-133-3.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://httpverify.duckdns.org/wellsfargo/card.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Fri, 09 Dec 2022 01:25:33 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
cont.png
httpverify.duckdns.org/wellsfargo/
849 B
1 KB
Image
General
Full URL
https://httpverify.duckdns.org/wellsfargo/cont.png
Requested by
Host: httpverify.duckdns.org
URL: https://httpverify.duckdns.org/wellsfargo/card.htm
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.40.133.3 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-40-133-3.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
f41a968644ee918d074c1982db62b1f15bf048fcd75a562942e4f6649c4be3fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://httpverify.duckdns.org/wellsfargo/card.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Fri, 09 Dec 2022 01:25:34 GMT
Last-Modified
Tue, 21 Sep 2021 01:21:58 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
849

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Wells Fargo (Banking)

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange boolean| utag_condload undefined| new_path object| utag_cfg_ovrd object| utag_data undefined| linkCanonical object| pagesToOptimize object| userAgentArr undefined| schemaDomain undefined| headTag undefined| loadschemaScripts object| dmtElems undefined| pathname undefined| urlArray undefined| url undefined| sRegExInput undefined| MDIGITAL_ON_PREM_PREFIX undefined| linkedIn_www_urlArray undefined| verizon_www_urlArray object| utag undefined| customDMPEvent undefined| getPayload undefined| fireDMPEvent function| isNotUndefinedOrNull function| getDocumentTitleLabel function| sendDataToGA function| closest function| previous_sibling function| getMtgApplyURL function| getMtgApplyAppInviteURL function| getMtgURL function| getMtgRatesURL function| getMtgRatesCalculatorURL function| getMtgRefinancURL function| getMtgFirstTimeHomeBuyerURL function| getMtgResultsURL function| getEquityURL function| getMtgCompareLoansURL function| getMtgComfortZoneURL boolean| __tealium_twc_switch function| utag_pad function| utag_visitor_id string| gtagRename object| dataLayer function| gtag

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: https://httpverify.duckdns.org/auth/static/scripts/jquery.js?v=
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)