thinkinghatsdev.com.au
Open in
urlscan Pro
103.9.168.9
Malicious Activity!
Public Scan
Submission: On July 21 via automatic, source openphish
Summary
This is the only time thinkinghatsdev.com.au was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Wells Fargo (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 103.9.168.9 103.9.168.9 | 45638 (SYNERGYWH...) (SYNERGYWHOLESALE-AP SYNERGY WHOLESALE PTY LTD) | |
20 | 104.109.70.200 104.109.70.200 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 159.45.2.156 159.45.2.156 | 10837 (WELLSFARG...) (WELLSFARGO-10837 - Wells Fargo & Company) | |
1 | 159.45.2.145 159.45.2.145 | 10837 (WELLSFARG...) (WELLSFARGO-10837 - Wells Fargo & Company) | |
26 | 5 |
ASN45638 (SYNERGYWHOLESALE-AP SYNERGY WHOLESALE PTY LTD, AU)
PTR: c4s2-1e-syd.hosting-services.net.au
thinkinghatsdev.com.au |
ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-70-200.deploy.static.akamaitechnologies.com
www01.wellsfargomedia.com | |
www04.wellsfargomedia.com |
ASN10837 (WELLSFARGO-10837 - Wells Fargo & Company, US)
connect.secure.wellsfargo.com |
ASN10837 (WELLSFARGO-10837 - Wells Fargo & Company, US)
www.wellsfargo.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
20 |
wellsfargomedia.com
www01.wellsfargomedia.com www04.wellsfargomedia.com |
371 KB |
2 |
wellsfargo.com
static.wellsfargo.com Failed www.wellsfargo.com Failed connect.secure.wellsfargo.com |
20 KB |
1 |
thinkinghatsdev.com.au
thinkinghatsdev.com.au |
12 KB |
26 | 3 |
Domain | Requested by | |
---|---|---|
18 | www01.wellsfargomedia.com |
thinkinghatsdev.com.au
|
2 | www04.wellsfargomedia.com |
thinkinghatsdev.com.au
|
1 | connect.secure.wellsfargo.com |
thinkinghatsdev.com.au
|
1 | www.wellsfargo.com |
thinkinghatsdev.com.au
|
1 | thinkinghatsdev.com.au | |
0 | static.wellsfargo.com Failed |
thinkinghatsdev.com.au
|
26 | 6 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www01.wellsfargomedia.com GeoTrust RSA CA 2018 |
2019-02-19 - 2020-05-20 |
a year | crt.sh |
connect.secure.wellsfargo.com DigiCert Global CA G2 |
2019-02-07 - 2021-02-07 |
2 years | crt.sh |
www.wellsfargo.com DigiCert Global CA G2 |
2019-02-08 - 2021-02-08 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
http://thinkinghatsdev.com.au/newstartauto/wells/wellsfargo.htm
Frame ID: 753648B83301C0DC46A8525F81B09F51
Requests: 26 HTTP requests in this frame
16 Outgoing links
These are links going to different origins than the main page.
Title: Enroll
Search URL Search Domain Scan URL
Title: Learn More
Search URL Search Domain Scan URL
Title: Learn More
Search URL Search Domain Scan URL
Title: Finish Application/Check Status
Search URL Search Domain Scan URL
Title: Digital Investing Plus Advice
Search URL Search Domain Scan URL
Title: Open an Intuitive Investor� Account
Search URL Search Domain Scan URL
Title: Employer Plan 401(k) Sign On
Search URL Search Domain Scan URL
Title: Conversations Magazine
Search URL Search Domain Scan URL
Title: Contact Abbot Downing
Search URL Search Domain Scan URL
Title: Sign On to Go Far Rewards
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
26 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
wellsfargo.htm
thinkinghatsdev.com.au/newstartauto/wells/ |
60 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
utag.sync.js
static.wellsfargo.com/tracking/toppages/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
homepage_ret.css
www.wellsfargo.com/css/home/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
homepage-horz-logo.svg
www01.wellsfargomedia.com/assets/images/css/template/homepage/ |
5 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
homepage-lock.svg
www04.wellsfargomedia.com/assets/images/css/template/homepage/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
homepage-signon-lock.svg
www01.wellsfargomedia.com/assets/images/css/template/homepage/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wfi111_ph_hph_default1_1200x532.jpg
www01.wellsfargomedia.com/assets/images/homepage/ |
56 KB 57 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wfi000_lg_b-wf-stagecoach_rednoborder_1200x532.gif
www01.wellsfargomedia.com/assets/images/contextual/banner/enterprise/1200x532/ |
29 KB 29 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
task-icon-checking-50x50.png
www01.wellsfargomedia.com/assets/images/contextual/banner/checking/50x50/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
task-icon-credit-50x50.png
www01.wellsfargomedia.com/assets/images/contextual/banner/credit-card/50x50/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
task-icon-student-50x50.png
www01.wellsfargomedia.com/assets/images/contextual/banner/student-loans/50x50/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
task-icon-account-50x50.png
www01.wellsfargomedia.com/assets/images/homepage/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
task-icon-rates-50x50.png
www01.wellsfargomedia.com/assets/images/homepage/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
FICO-phone-borrowing-and-credit-970x485.jpg
www01.wellsfargomedia.com/assets/images/photography/lifestyle/970x485/ |
35 KB 35 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
home-sprite-image.png
www01.wellsfargomedia.com/assets/images/css/template/homepage/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
paying-phone-beach-banking-made-easy-970x485.jpg
www01.wellsfargomedia.com/assets/images/photography/lifestyle/970x485/ |
33 KB 33 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
couple-beach-retirement-970x485.jpg
www01.wellsfargomedia.com/assets/images/photography/lifestyle/970x485/ |
33 KB 33 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
couple-moving-in-homelending-970x485.jpg
www01.wellsfargomedia.com/assets/images/photography/lifestyle/970x485/ |
34 KB 34 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
student-graduation-going-to-college-970x485.jpg
www01.wellsfargomedia.com/assets/images/photography/lifestyle/970x485/ |
34 KB 35 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
woman-tablet-investing-basics-970x485.jpg
www01.wellsfargomedia.com/assets/images/photography/lifestyle/970x485/ |
32 KB 32 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
woman-card-security-center-970x485.jpg
www01.wellsfargomedia.com/assets/images/photography/lifestyle/970x485/ |
34 KB 35 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
homepage_footer_stagecoach.svg
www01.wellsfargomedia.com/assets/images/global/ |
14 KB 7 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
home-sprite-image.png
www04.wellsfargomedia.com/assets/images/css/template/homepage/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login-userprefs.min.js
connect.secure.wellsfargo.com/auth/static/prefs/ |
83 KB 0 |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
jquery-hp.js
www.wellsfargo.com/js/vendor/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
homepage_per.js
www.wellsfargo.com/js/global/ |
83 KB 20 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- static.wellsfargo.com
- URL
- https://static.wellsfargo.com/tracking/toppages/utag.sync.js
- Domain
- www.wellsfargo.com
- URL
- https://www.wellsfargo.com/css/home/homepage_ret.css
- Domain
- www.wellsfargo.com
- URL
- https://www.wellsfargo.com/js/vendor/jquery-hp.js
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Wells Fargo (Banking)4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask object| utag_data0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
connect.secure.wellsfargo.com
static.wellsfargo.com
thinkinghatsdev.com.au
www.wellsfargo.com
www01.wellsfargomedia.com
www04.wellsfargomedia.com
static.wellsfargo.com
www.wellsfargo.com
103.9.168.9
104.109.70.200
159.45.2.145
159.45.2.156
11fa95cade4d31642d17ebba420d3706837b9a91090992b2d2aecc74a6b6ab88
172b637e7559c7d6c2d3dbe28cd5d921d27e63ccff5298481cfc0918508b6e75
51044ed6d500b29e1b81d6d9a3033efd718c9ad62307fe1225baebcc8d5fb813
780b98a3861aa8d4afe428953ad3b9e988a74cd5f064b4a1eb453f5d901221e7
7b1acbecc92198d28a194bab0fa46dd84878d9cb78f3e2bbbd4ba771ef168ebd
7bfab3d904c5effc47fe1577c20615a1efcf84f2a6e1b8e5ccaa501ac657fcab
7f1d06a3ce29e740376e880b0c35d5fb006ddf1773ee0d539e507c31067acbc3
87c33e7fd82ad1d9ccdf87d2bae750853883635723d5c3b27adccccd54493a3a
8e484163d648d7a53f20bc673aeab303c13d0b4b7c704501e72fbdbd979a8faa
8ffc4d6a0d55daee3089560883f6e3c21cbbfef5b674a8dc875d9529e5e5376c
96d9b75e8ad9147b429852dbbe1c79d88d39d1818e4c45ae7386e2403f87134b
982003c4cecd7caa0d1b5b8ceb4ee3d9a49263cb37fe56ccf4d5113868fe6741
ab15ef84ab70a529be42cd80dcf9655f320ad4eaedb6e85a5feccf8755007431
cb4cfd594b2f8e32b89c3cb3ce1e766619a0e8273a8b2eb9148880ee534d7ba5
ccc70b70befcf5d55b4c60b21b6ea4d1631d2564112d4e6a949a1fa6fe8409ed
cede6c6d76d57a1f4da3d157863dc37c7e5a9d63f47b7f0401a985aaeb690f9e
cfd4c24ae595a860f108f4de55ce9a1744bad06d612d508c4d0bf39901b9862c
d6e3a5a263a697df3e5989b893e27ac29972dd9346b01da3e5476becb9a73a25
d6fdad356ecabcdcfb77a0486b3e240f450369e0304739e55c71a112d5f3d2df
e9ecf74092e5fe396ce9fe40ea17070242ed95e6c0b09d595dd4254d8afcabaa
ea4b20ddecd76a86c3dc31d488970cf15e6284756c271b1d983f597652ebeb61