bte-obo.wellsfargo.com Open in urlscan Pro
159.45.71.175 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://obo-ite1.wellsfargo.com/
Effective URL:
https://bte-obo.wellsfargo.com/BrokerProtection.html
Submission Tags: @phishunt_io
Submission: On March 19 via api (March 19th 2024, 7:59:37 pm UTC) from DE — Scanned from DE

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 8 HTTP transactions. The main IP is 159.45.71.175, located in Charleston, United States and belongs to WELLSFARGO-4196, US. The main domain is bte-obo.wellsfargo.com.
TLS certificate: Issued by Wells Fargo Public Trust Certificatio... on June 16th 2023. Valid for: a year.

This is the only time bte-obo.wellsfargo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 9	159.45.71.175 159.45.71.175		4196 (WELLSFARG...) (WELLSFARGO-4196)
8	1

9 159.45.71.175 (Charleston, United States) 1 redirects

ASN4196 (WELLSFARGO-4196, US)
PTR: obo-ite1.wellsfargo.com

obo-ite1.wellsfargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bte-obo.wellsfargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	wellsfargo.com 1 redirects obo-ite1.wellsfargo.com bte-obo.wellsfargo.com	17 KB
8	1

	Domain	Requested by
8	bte-obo.wellsfargo.com	bte-obo.wellsfargo.com
1	obo-ite1.wellsfargo.com	1 redirects
8	2

This site contains no links.

Subject Issuer	Validity	Valid
obo-ite1.wellsfargo.com Wells Fargo Public Trust Certification Authority 01 G2	`2023-06-16` - `2024-07-16`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://bte-obo.wellsfargo.com/BrokerProtection.html
Frame ID: 3560E26A50A8F6AFC62B2FED5D0577AB
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Account Login

Page URL History Show full URLs

https://obo-ite1.wellsfargo.com/ HTTP 302
https://bte-obo.wellsfargo.com/BrokerProtection.html Page URL

Detected technologies

RightJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

right\.js

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

1
IPs

1
Countries

16 kB
Transfer

26 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://obo-ite1.wellsfargo.com/ HTTP 302
https://bte-obo.wellsfargo.com/BrokerProtection.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request BrokerProtection.html Show response
bte-obo.wellsfargo.com/
Redirect Chain

https://obo-ite1.wellsfargo.com/
https://bte-obo.wellsfargo.com/BrokerProtection.html

3 KB
2 KB

622ms
159ms

Document
text/html

159.45.71.175
WELLSFARGO-4196

General

Check archive.org

Show headers Download Go to

Full URL

https://bte-obo.wellsfargo.com/BrokerProtection.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.45.71.175 Charleston, United States, ASN4196 (WELLSFARGO-4196, US),

Reverse DNS

obo-ite1.wellsfargo.com

Software

Resource Hash

8775ccef18cc3e7e08bfbfeb6ff3f6947a76db42a429b04dd7655bf7b25773ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 1456
Content-Type: text/html; charset=utf-8
Date: Tue, 19 Mar 2024 19:59:32 GMT
ETag: "d7d-6140440738080"
Keep-Alive: timeout=15, max=99
Last-Modified: Tue, 19 Mar 2024 14:25:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

Redirect headers

Connection: Keep-Alive
Content-Length: 236
Content-Type: text/html; charset=iso-8859-1
Date: Tue, 19 Mar 2024 19:59:31 GMT
Keep-Alive: timeout=15, max=100
Location: https://bte-obo.wellsfargo.com/BrokerProtection.html

GET
H/1.1 200
OK perimeter.css
bte-obo.wellsfargo.com/ 11 KB
2 KB 157ms
156ms Stylesheet
text/css 159.45.71.175
WELLSFARGO-4196

General

Check archive.org

Show headers Download Go to

Full URL

https://bte-obo.wellsfargo.com/perimeter.css

Requested by

Host: bte-obo.wellsfargo.com
URL: https://bte-obo.wellsfargo.com/BrokerProtection.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.45.71.175 Charleston, United States, ASN4196 (WELLSFARGO-4196, US),

Reverse DNS

obo-ite1.wellsfargo.com

Software

Resource Hash

9961010717fd44f6196ee7e4dfe57c42bc0ce3dd8523d0899f1d83448270289f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bte-obo.wellsfargo.com/BrokerProtection.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 19:59:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Tue, 19 Mar 2024 14:25:54 GMT
ETag: "2c8b-6140440738080"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=86400
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=98
Content-Length: 1667
X-XSS-Protection: 1; mode=block
Expires: Wed, 20 Mar 2024 19:59:32 GMT

GET
H/1.1 200
OK style.css
bte-obo.wellsfargo.com/ 2 KB
1 KB 322ms
162ms Stylesheet
text/css 159.45.71.175
WELLSFARGO-4196

General

Check archive.org

Show headers Download Go to

Full URL

https://bte-obo.wellsfargo.com/style.css

Requested by

Host: bte-obo.wellsfargo.com
URL: https://bte-obo.wellsfargo.com/BrokerProtection.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.45.71.175 Charleston, United States, ASN4196 (WELLSFARGO-4196, US),

Reverse DNS

obo-ite1.wellsfargo.com

Software

Resource Hash

cee3e57f12ba6f519429b8bf6de4a4278c5417b7316d4fd78bbf22b5d7b86a1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bte-obo.wellsfargo.com/BrokerProtection.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 19:59:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Tue, 19 Mar 2024 14:25:54 GMT
ETag: "927-6140440738080"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=86400
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=97
Content-Length: 791
X-XSS-Protection: 1; mode=block
Expires: Wed, 20 Mar 2024 19:59:32 GMT

GET
H/1.1 200
OK brokerDealerConsolidation.js Show response
bte-obo.wellsfargo.com/js/ 2 KB
1 KB 474ms
151ms Script
application/x-javascript 159.45.71.175
WELLSFARGO-4196

General

Check archive.org

Show headers Download Go to

Full URL

https://bte-obo.wellsfargo.com/js/brokerDealerConsolidation.js

Requested by

Host: bte-obo.wellsfargo.com
URL: https://bte-obo.wellsfargo.com/BrokerProtection.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.45.71.175 Charleston, United States, ASN4196 (WELLSFARGO-4196, US),

Reverse DNS

obo-ite1.wellsfargo.com

Software

Resource Hash

b2b6db96dd8797986ed4c19a07cf2e1513c6bb96862b822c33bdae617e70f56c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bte-obo.wellsfargo.com/BrokerProtection.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 19:59:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Tue, 19 Mar 2024 14:25:54 GMT
ETag: "67c-6140440738080"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=96
Content-Length: 584
X-XSS-Protection: 1; mode=block
Expires: Wed, 20 Mar 2024 19:59:32 GMT

GET
H/1.1 200
OK btn_back.gif
bte-obo.wellsfargo.com/images/ 294 B
748 B 604ms
161ms Image
image/gif 159.45.71.175
WELLSFARGO-4196

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bte-obo.wellsfargo.com/images/btn_back.gif

Requested by

Host: bte-obo.wellsfargo.com
URL: https://bte-obo.wellsfargo.com/BrokerProtection.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.45.71.175 Charleston, United States, ASN4196 (WELLSFARGO-4196, US),

Reverse DNS

obo-ite1.wellsfargo.com

Software

Resource Hash

066fc2067a640bf830d813db8b66978aaf2eac75bacc5bde0a43ca7cc1c126f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bte-obo.wellsfargo.com/BrokerProtection.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 19:59:33 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Tue, 19 Mar 2024 14:25:54 GMT
ETag: "126-6140440738080"
Content-Type: image/gif
Cache-Control: max-age=86400
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 294
X-XSS-Protection: 1; mode=block
Expires: Wed, 20 Mar 2024 19:59:33 GMT

GET
H/1.1 200
OK btn_login.gif
bte-obo.wellsfargo.com/images/ 321 B
774 B 616ms
150ms Image
image/gif 159.45.71.175
WELLSFARGO-4196

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bte-obo.wellsfargo.com/images/btn_login.gif

Requested by

Host: bte-obo.wellsfargo.com
URL: https://bte-obo.wellsfargo.com/BrokerProtection.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.45.71.175 Charleston, United States, ASN4196 (WELLSFARGO-4196, US),

Reverse DNS

obo-ite1.wellsfargo.com

Software

Resource Hash

7c9c30d0a8dd041a63f4ed0db5813769d4c0f2358c94903096ba4800782f0f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bte-obo.wellsfargo.com/BrokerProtection.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 19:59:33 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Tue, 19 Mar 2024 14:25:54 GMT
ETag: "141-6140440738080"
Content-Type: image/gif
Cache-Control: max-age=86400
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 321
X-XSS-Protection: 1; mode=block
Expires: Wed, 20 Mar 2024 19:59:33 GMT

GET
H/1.1 200
OK copyright.js Show response
bte-obo.wellsfargo.com/ 181 B
683 B 151ms
151ms Script
application/x-javascript 159.45.71.175
WELLSFARGO-4196

General

Check archive.org

Show headers Download Go to

Full URL

https://bte-obo.wellsfargo.com/copyright.js

Requested by

Host: bte-obo.wellsfargo.com
URL: https://bte-obo.wellsfargo.com/BrokerProtection.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.45.71.175 Charleston, United States, ASN4196 (WELLSFARGO-4196, US),

Reverse DNS

obo-ite1.wellsfargo.com

Software

Resource Hash

5dfa599660a9073d4497a48dbe5ae7d1c452711a6058e93b9040dfa4c33b0278

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bte-obo.wellsfargo.com/BrokerProtection.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 19:59:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Tue, 19 Mar 2024 14:25:54 GMT
ETag: "b5-6140440738080"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=95
Content-Length: 169
X-XSS-Protection: 1; mode=block
Expires: Wed, 20 Mar 2024 19:59:33 GMT

GET
H/1.1 200
OK logo.jpg
bte-obo.wellsfargo.com/images/ 7 KB
7 KB 152ms
151ms Image
image/jpeg 159.45.71.175
WELLSFARGO-4196

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bte-obo.wellsfargo.com/images/logo.jpg

Requested by

Host: bte-obo.wellsfargo.com
URL: https://bte-obo.wellsfargo.com/style.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.45.71.175 Charleston, United States, ASN4196 (WELLSFARGO-4196, US),

Reverse DNS

obo-ite1.wellsfargo.com

Software

Resource Hash

e4ca33f77d0cd4ec59fcab29926edbf630f821cdc51714465a97d870d0e39cc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bte-obo.wellsfargo.com/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 19:59:33 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Tue, 19 Mar 2024 14:25:54 GMT
ETag: "1ae7-6140440738080"
Content-Type: image/jpeg
Cache-Control: max-age=86400
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=98
Content-Length: 6887
X-XSS-Protection: 1; mode=block
Expires: Wed, 20 Mar 2024 19:59:33 GMT

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
obo-ite1.wellsfargo.com/	1969-12-31 23:59:59	Name: wfa-i-bw-web-v-00_1bw_ite_48546_infra_2 Value: !Fujkwl4dUz25PBpNGKKWwjeoP/NSsI/Krr4jhzVQ8vXMcPlc1euiXwJqeU0DCET1M9CyYZb5QFWCUQ==
obo-ite1.wellsfargo.com/	1969-12-31 23:59:59	Name: TS01055d16 Value: 01e03094da6e0be04e84af8b10dc1bc18a0a51fad13c39dc8bb642d1e1a1f693f3e18c4e9a0f9b8737401411f0881928fa4b37395f677f2e0e28d66c0e2d7f36eba99a669b
obo-ite1.wellsfargo.com/	1969-12-31 23:59:59	Name: wfadvisors-ite1_1bw_ite_443_infra_1 Value: !XG8YETkIXcnmB9eL1eJwACkmnfEC1PTizByxqUJWcUpIUcrzl+gLOfXoXmWut12OJjt69Mu9Qcx/Rbw=
bte-obo.wellsfargo.com/	1969-12-31 23:59:59	Name: wfa-i-bw-web-v-00_1bw_ite_48546_infra_2 Value: !7s1YW8IEgkD5TSlNGKKWwjeoP/NSsGFYClfxrQPoScWrhMh4n/rkSB60IDtTj3ejegLi+lMWfT5wtg==
bte-obo.wellsfargo.com/	1969-12-31 23:59:59	Name: TS01055d16 Value: 01e03094da10b31596638434f8f3370580004d5b31e4f6aa70ac54d7a24d16259d9d982af4a34b49b38a1f55ac4ef4ebf1c651341fe4a38d533f16a65993bff10762f90c9b
bte-obo.wellsfargo.com/	1969-12-31 23:59:59	Name: wfadvisors-ite1_1bw_ite_443_infra_1 Value: !lBJ0OjWqKc5NoZqL1eJwACkmnfEC1Lyv/9YkMnA/6RWS1gKYHSf4k8BGCJqkNc4o8COT7McL2PW3H9w=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bte-obo.wellsfargo.com
obo-ite1.wellsfargo.com
159.45.71.175
066fc2067a640bf830d813db8b66978aaf2eac75bacc5bde0a43ca7cc1c126f0
5dfa599660a9073d4497a48dbe5ae7d1c452711a6058e93b9040dfa4c33b0278
7c9c30d0a8dd041a63f4ed0db5813769d4c0f2358c94903096ba4800782f0f27
8775ccef18cc3e7e08bfbfeb6ff3f6947a76db42a429b04dd7655bf7b25773ed
9961010717fd44f6196ee7e4dfe57c42bc0ce3dd8523d0899f1d83448270289f
b2b6db96dd8797986ed4c19a07cf2e1513c6bb96862b822c33bdae617e70f56c
cee3e57f12ba6f519429b8bf6de4a4278c5417b7316d4fd78bbf22b5d7b86a1a
e4ca33f77d0cd4ec59fcab29926edbf630f821cdc51714465a97d870d0e39cc6

bte-obo.wellsfargo.com Open in urlscan Pro 159.45.71.175 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

8 Requests

100 %HTTPS

0 %IPv6

1 Domains

2 Subdomains

1 IPs

1 Countries

16 kBTransfer

26 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

6 Cookies

Security Headers

Indicators

bte-obo.wellsfargo.com Open in urlscan Pro
159.45.71.175 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

1
IPs

1
Countries

16 kB
Transfer

26 kB
Size

6
Cookies

8 HTTP transactions
0 data transactions