URL: http://wellsfargogorewards.com/jvhnfsxdkt/uiwdjkhawm246318
Submission Tags: @ecarlesi threat phishing bankofamerica Search All
Submission: On January 26 via api from IT — Scanned from IT

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 15 HTTP transactions. The main IP is 2606:4700:3033::ac43:c9ce, located in United States and belongs to CLOUDFLARENET, US. The main domain is wellsfargogorewards.com.
This is the only time wellsfargogorewards.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 2a03:2880:f17... 32934 (FACEBOOK)
15 3
Apex Domain
Subdomains
Transfer
12 wellsfargogorewards.com
wellsfargogorewards.com
156 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
89 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
15 3
Domain Requested by
12 wellsfargogorewards.com wellsfargogorewards.com
2 connect.facebook.net wellsfargogorewards.com
connect.facebook.net
1 www.facebook.com connect.facebook.net
15 3

This site contains links to these domains. Also see Links.

Domain
pnnwjvmj.dragonfly-uk.com
oefiqniq.marieposamedien.com
xrpzatgw.ydsghl.com
rpgmaldf.kelin020.com
ywxltbfx.monikasolanki.com
snwhbrlw.panpacificleasing.com
hypovxfo.dcdsports.com
jzvwyxef.alcoholvip.com
vlixgqhs.bigindiashop.com
fwiwddqe.ytjyzz.com
sgkkzmwh.houseofsoforte.com
jccsqknz.sdfuerkang.com
beunntud.020tckj.com
rmvoqdqi.mieshelimage.com
triaihda.jinqiaojt.com
aibfscap.yusykt.com
jghyyzqa.vrwxu.com
xlcrebqt.bigskymail.com
gqfmorhp.heivamaohi.com
gmrbhshq.metaskesici.com
pwymvtlj.mxsy-cn.com
womiqxuf.barelraspa.com
qvextdfr.whmcyuanlin.com
cktqvosu.jzsm0991.com
fbqlwrfm.lapalopalo.com
pzplgysf.monstaleasing.com
xktmleje.hnyhysy.com
yzssqxck.weiqijr.com
gahanwox.azavrental.com
gxulsoda.ferezcat.com
qkasqhtq.c-gngw.com
whvvamdm.koreatownmovie.com
suonbbin.xqttb.com
ryzylpji.kelin020.com
ociathrv.matakichownki.com
jeszyihm.fengyanzs.com
ajuhsyxi.sjysk.com
nkelafxc.thunp.com
ghkcebwe.northwoodsappraisal.com
tzikimmo.andreykolchanov.com
ttcsgtvw.gouxiangba.com
epkmtiba.sxzxsp.com
halzipjd.pexware.com
frasjazc.derbytex.com
vfdapryv.ange-guide.com
ebbhdbwh.easybuyland.com
ubrdroox.wingerimp.com
fusjitdf.xingfenka.com
rhermtkg.chinawechongcao.com
hhejrahv.beichuner.com
eddxvibq.gempickers.com
fvxwmnjq.sousaku-kyo.com
acfuzvjs.maruten5.com
rwyktxep.mauimediaproductions.com
tlhprjnr.lftjgs.com
srfceyfl.andremazur.com
peuuyryy.jbcombindia.com
tskymcnd.icbdoilstore.com
uildsoxi.szlishang.com
gjntlshe.lqsfzc.com
xreluaku.30mn2yg.com
bphzscou.jv90.com
mvlbljrm.faradweb.com
tqrxjtae.simplycleanwindows.com
gbidpixj.qatarsuperrich.com
iblkyyem.moqie9.com
dfnqurks.diacpes.com
lbeslecg.onlinebook4you.com
fwppksny.23shen.com
owvxvgmq.foxvalleyurgentcare.com
kfifdvtd.hnyhysy.com
yeclvlhg.indiakiteclub.com
xucgkmvi.wjlabor.com
hzbgrzfq.tw7s.com
fxgckcgk.cp-cases.com
rzgvrpum.maustco.com
qzokmqrd.meihuamusic.com
xrzcdkne.shanghaitdl.com
evcpxjui.abc-conduite.com
worptjbe.fanren520.com
lrgdjyuh.espectaculosvimar.com
ybgttdss.mayamurphylaw.com
emkdpogg.cordinazo.com
rgvradea.ghbxgs.com
Subject Issuer Validity Valid
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-11-04 -
2024-02-02
3 months crt.sh

This page contains 2 frames:

Primary Page: http://wellsfargogorewards.com/jvhnfsxdkt/uiwdjkhawm246318
Frame ID: EE4ED3A36DE260B17D359F04268CB160
Requests: 14 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfc83ae4e67160dd80%26domain%3Dwellsfargogorewards.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwellsfargogorewards.com%252Ff97c261248403f18f%26relation%3Dparent.parent&color_scheme=light&container_width=870&height=100&href=https%3A%2F%2Fwellsfargogorewards.com%2F&locale=vi_VN&numposts=10&sdk=joey&width=800
Frame ID: A3D2669475E78B4D11AD3010747BA9B2
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

siler city business taxes clain more on w-2 so i owe taxes for credit

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

15
Requests

13 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

245 kB
Transfer

521 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • http://connect.facebook.net/vi_VN/all.js HTTP 307
  • https://connect.facebook.net/vi_VN/all.js

15 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request uiwdjkhawm246318
wellsfargogorewards.com/jvhnfsxdkt/
25 KB
9 KB
Document
General
Full URL
http://wellsfargogorewards.com/jvhnfsxdkt/uiwdjkhawm246318
Protocol
HTTP/1.1
Server
2606:4700:3033::ac43:c9ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cbe08001e739cd4a4d96b0df20cc4a21a7a4890b7cb6f8c8571416a55f08bcb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
84b73d5ab95b0e91-MXP
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Fri, 26 Jan 2024 08:03:33 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yxzhX3NYlzv19LaGyL0eyIjc8wS8vM8k48LuAcPRSuhe9tzeDyZQ6dKomeu0PhEluoGjC5ItTiOHGUWMy7p4peiuywAMcJ%2FfyfVR4kHcj7wDI6NDR3kd7rrjoFeX25teycEgM09bVuph4H2WKxRiyy5xOS0c1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
style.css
wellsfargogorewards.com/template/en/css/
56 KB
13 KB
Stylesheet
General
Full URL
http://wellsfargogorewards.com/template/en/css/style.css?ogxtx
Requested by
Host: wellsfargogorewards.com
URL: http://wellsfargogorewards.com/jvhnfsxdkt/uiwdjkhawm246318
Protocol
HTTP/1.1
Server
2606:4700:3033::ac43:c9ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e9cb1553fe9f49bc8c44c40b232c4b8e0010cd3778f6b408000d647b99388f0

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://wellsfargogorewards.com/jvhnfsxdkt/uiwdjkhawm246318
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 26 Jan 2024 08:03:33 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Last-Modified
Fri, 13 Oct 2023 02:19:57 GMT
Server
cloudflare
ETag
W/"6528a94d-e137"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RfFLxMpqB0abh9w1ydf7DMTSNw%2FxIxbyec3Yw4EMAjbIJJ2wYsy%2BiMtI5hyE22O65V%2BWRCk3eMFpn%2FPW0mWUszoTFyPpMHvfjVnASbvPBVldXXiH0H0KJol0n%2FEQXheK5v82r2zeQPtYNoOE4t3uQSSkpa3Ugw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=43200
CF-RAY
84b73d7609420e91-MXP
Expires
Fri, 26 Jan 2024 20:03:33 GMT
8225.jpg
wellsfargogorewards.com/upluds/news/
6 KB
6 KB
Image
General
Full URL
http://wellsfargogorewards.com/upluds/news/8225.jpg
Requested by
Host: wellsfargogorewards.com
URL: http://wellsfargogorewards.com/jvhnfsxdkt/uiwdjkhawm246318
Protocol
HTTP/1.1
Server
2606:4700:3033::ac43:c9ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86e1b5c5b339a01157089bf6e369e8624e8f2e78b6b72c6e4b271fcc3a24a415
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://wellsfargogorewards.com/jvhnfsxdkt/uiwdjkhawm246318
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 26 Jan 2024 08:03:33 GMT
Referrer-Policy
same-origin
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mq95ggwcy91266pEv6HJA3N%2F17KUCcHv2En7x%2F92RmUGtvbZ5QLZHCJ%2Bwpug%2BlEVYXLevlXiDfulWDm2psDtmWMCXwHVYlwj6VGvWTtGxb%2B%2BVfQf7ooxebBakZ%2Fah%2Fb0aVX4jctFLKWowgQTFSfyPieWJ7iFNg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html; charset=UTF-8
Cache-Control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
CF-RAY
84b73d762fdd59a1-MXP
alt-svc
h3=":443"; ma=86400
Content-Length
6381
Expires
Thu, 01 Jan 1970 00:00:01 GMT
xpalzyoj[list:id].jpg
wellsfargogorewards.com/upluds/news/
3 KB
3 KB
Image
General
Full URL
http://wellsfargogorewards.com/upluds/news/xpalzyoj[list:id].jpg
Requested by
Host: wellsfargogorewards.com
URL: http://wellsfargogorewards.com/jvhnfsxdkt/uiwdjkhawm246318
Protocol
HTTP/1.1
Server
2606:4700:3033::ac43:c9ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c93c03a48f20cc59ff6752874c4eee0c2a831caf74fdbd24d715237bbd4889e8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://wellsfargogorewards.com/jvhnfsxdkt/uiwdjkhawm246318
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 26 Jan 2024 08:03:33 GMT
Referrer-Policy
same-origin
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=89WO6Yq1P9%2FiG54G%2FhRYr%2Fr%2BekjYdCxaAKXHtXX6flLc30rKV7nbrW8Vp3GUrXb8EFB1tqK3o6Klx7qhblunzUoGUFYg0jv8MDNi1gOH4uUMlRIyb5gNNY6zi7p41YVPBAlHKcfyEBKGGn7Yfp1WrI%2FTAUEcvg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html; charset=UTF-8
Cache-Control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
CF-RAY
84b73d762915523d-MXP
alt-svc
h3=":443"; ma=86400
Content-Length
6381
Expires
Thu, 01 Jan 1970 00:00:01 GMT
jdznyhss[list:id].jpg
wellsfargogorewards.com/upluds/news/
485 B
485 B
Image
General
Full URL
http://wellsfargogorewards.com/upluds/news/jdznyhss[list:id].jpg
Requested by
Host: wellsfargogorewards.com
URL: http://wellsfargogorewards.com/jvhnfsxdkt/uiwdjkhawm246318
Protocol
HTTP/1.1
Server
2606:4700:3033::ac43:c9ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef2a1579fefd40c013bef68a8b71234ce7ff2f7dc467e8ee5bb92a87f44fe73a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://wellsfargogorewards.com/jvhnfsxdkt/uiwdjkhawm246318
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 26 Jan 2024 08:03:33 GMT
Referrer-Policy
same-origin
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2BPZdRMQXwkAmkAVidMzCA98ysUdvxAWypnaMVA4SfqCBt8zMk7Z9FDgfb6DFyQKkTiUQUdn%2FJOWbwv8b7%2FMMjXyKTBGebyAjEjkaoFr3kHGlh4zsCPsTOouyGe0eh347iwpY7Ef0xXrLw5NFSZ345Yy9%2FHEEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html; charset=UTF-8
Cache-Control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
CF-RAY
84b73d762f640e3e-MXP
alt-svc
h3=":443"; ma=86400
Content-Length
6381
Expires
Thu, 01 Jan 1970 00:00:01 GMT
vbcbntec.jpg
wellsfargogorewards.com/upluds/news/
6 KB
6 KB
Image
General
Full URL
http://wellsfargogorewards.com/upluds/news/vbcbntec.jpg
Requested by
Host: wellsfargogorewards.com
URL: http://wellsfargogorewards.com/jvhnfsxdkt/uiwdjkhawm246318
Protocol
HTTP/1.1
Server
2606:4700:3033::ac43:c9ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e2b47f74f46f3c68efc0e4236367bb23f69d11a43cac73d4273568a4cc2bbfc
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://wellsfargogorewards.com/jvhnfsxdkt/uiwdjkhawm246318
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 26 Jan 2024 08:03:33 GMT
Referrer-Policy
same-origin
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fp1s25iQm1t1T2b6zu5v6HxzN9m5Sd5xY5JikBPF%2B7e11lUqlnnBt6pHlgnxMApMvAb%2BBA1%2BrHSDisCaIz8icVJA0c7iWvMDOkasKqb4zegcxNppAdBW3QkhRYmLHIP%2BRK7h1yVHJaf2OvZQ1c%2FIuB%2Fx0uz98A%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html; charset=UTF-8
Cache-Control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
CF-RAY
84b73d762e68374f-MXP
alt-svc
h3=":443"; ma=86400
Content-Length
6381
Expires
Thu, 01 Jan 1970 00:00:01 GMT
foaqxpbz.jpg
wellsfargogorewards.com/upluds/news/
60 KB
61 KB
Image
General
Full URL
http://wellsfargogorewards.com/upluds/news/foaqxpbz.jpg
Requested by
Host: wellsfargogorewards.com
URL: http://wellsfargogorewards.com/jvhnfsxdkt/uiwdjkhawm246318
Protocol
HTTP/1.1
Server
2606:4700:3033::ac43:c9ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b861a352a66a7f66083300426d2819c5fb752e39a6086813e822547c0cfb88

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://wellsfargogorewards.com/jvhnfsxdkt/uiwdjkhawm246318
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 26 Jan 2024 08:03:35 GMT
CF-Cache-Status
MISS
Last-Modified
Fri, 26 Jan 2024 08:03:35 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A5spRT6mPZTHzXRUDiCU2OamwjLqBpxMeWu2QcSbWQQ%2BY%2FoBtzxESbfWuq8s%2FsLk1P8RYSTbXsrmYoEf2lEKSnJduwvFYcjlxG9SQzXVhERP6zSkXU0KX%2FbLXiODxTPCpGjf6LWYSJPK3M%2BjKKMUQWcdNC5%2FcA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpg
Vary
Accept-Encoding
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
84b73d7628053754-MXP
alt-svc
h3=":443"; ma=86400
nyjvbdkg.jpg
wellsfargogorewards.com/upluds/news/
39 KB
40 KB
Image
General
Full URL
http://wellsfargogorewards.com/upluds/news/nyjvbdkg.jpg
Requested by
Host: wellsfargogorewards.com
URL: http://wellsfargogorewards.com/jvhnfsxdkt/uiwdjkhawm246318
Protocol
HTTP/1.1
Server
2606:4700:3033::ac43:c9ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1eb3ecdf64cbb16a1fdc15ad2f7e9278d101a577c4443ebea03c581bd7fc21e

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://wellsfargogorewards.com/jvhnfsxdkt/uiwdjkhawm246318
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 26 Jan 2024 08:03:36 GMT
CF-Cache-Status
MISS
Last-Modified
Fri, 26 Jan 2024 08:03:36 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UWylpBYZ%2FVkJ9LruXgCeEzAos9Vqfljrk3y3QLvVKAHWPndvYCY%2BmFzsz08uF7B%2Brik2O3zYTpNQug4x8W0m2ew6Qvjn22YFpyUBnvt3Wwo9XFBzWhl%2Fxf9IxOBseO9AntP%2BHIo24%2BzUldreARBByWs1slaCiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpg
Vary
Accept-Encoding
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
84b73d785d310e91-MXP
alt-svc
h3=":443"; ma=86400
voctfzwm.jpg
wellsfargogorewards.com/upluds/news/
7 KB
8 KB
Image
General
Full URL
http://wellsfargogorewards.com/upluds/news/voctfzwm.jpg
Requested by
Host: wellsfargogorewards.com
URL: http://wellsfargogorewards.com/jvhnfsxdkt/uiwdjkhawm246318
Protocol
HTTP/1.1
Server
2606:4700:3033::ac43:c9ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc1c2b9c73cb5cd6f0af5f0f6b6b3199626e9774e12e8976d2d476e13906b1f4

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://wellsfargogorewards.com/jvhnfsxdkt/uiwdjkhawm246318
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 26 Jan 2024 08:03:36 GMT
CF-Cache-Status
MISS
Last-Modified
Fri, 26 Jan 2024 08:03:36 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hPxSxx75r9l0UYedsljG0JhaPu14zBbE68vSAmFwA9A799GQlLkTeLpK5mvKotJq%2BInuFiDONvLl4zuLbD71TLEjujiKxdzx%2FOes9gXUBye6jJUvv3pWoRc3%2Ftj%2FqMvytXJP0%2BKTCK0EMedsQhoM9c4tlMIBhg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpg
Vary
Accept-Encoding
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
84b73d787b470e3e-MXP
alt-svc
h3=":443"; ma=86400
wgbzlxme.jpg
wellsfargogorewards.com/upluds/news/
8 KB
8 KB
Image
General
Full URL
http://wellsfargogorewards.com/upluds/news/wgbzlxme.jpg
Requested by
Host: wellsfargogorewards.com
URL: http://wellsfargogorewards.com/jvhnfsxdkt/uiwdjkhawm246318
Protocol
HTTP/1.1
Server
2606:4700:3033::ac43:c9ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
839985b06773f5db9e6c8b65c3396588b5c7ab62f4f0f0355f2d384641bd7883

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://wellsfargogorewards.com/jvhnfsxdkt/uiwdjkhawm246318
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 26 Jan 2024 08:03:36 GMT
CF-Cache-Status
MISS
Last-Modified
Fri, 26 Jan 2024 08:03:36 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S7inxLogvaySde3v0Yxb2JX8z1Aue16Lc2PZyP0TAESnw4dytnJZLDkaCKxczuuYGI4pukffRu5x5GPeg1qU6u7D0CoCsC2xs4Lh2GPpJB07CJdwjl25CnDLf8MBp%2FkMQdRPf0mJ4Te3NgaFCCXjxitL18JkbA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpg
Vary
Accept-Encoding
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
84b73d788bf359a1-MXP
alt-svc
h3=":443"; ma=86400
all.js
connect.facebook.net/vi_VN/
Redirect Chain
  • http://connect.facebook.net/vi_VN/all.js
  • https://connect.facebook.net/vi_VN/all.js
3 KB
3 KB
Script
General
Full URL
https://connect.facebook.net/vi_VN/all.js
Requested by
Host: wellsfargogorewards.com
URL: http://wellsfargogorewards.com/jvhnfsxdkt/uiwdjkhawm246318
Protocol
H2
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3a6a2310b5cd1d24e9140a773040799047e73f9b6cfb2bf71a8575921c273905
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://wellsfargogorewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 26 Jan 2024 08:03:33 GMT
content-md5
5mn/QxDMOJL8OShhtjYzNQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0"
x-fb-debug
IBn2XfMtZo93VburunOXTo8O471x5oKSfWLKVd1rJYnFAgY5vgDyTm+CwM8h7YzE6YDgaqKM0rvrCYiy4TsIHQ==
x-fb-content-md5
76d4c4b2f1628fb523370f40be1c45ea
cross-origin-opener-policy
same-origin-allow-popups
etag
"4e6ba8aa66d62fe7736a9160018576b2"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
x-frame-options
DENY
timing-allow-origin
*
expires
Fri, 26 Jan 2024 08:05:52 GMT

Redirect headers

Location
https://connect.facebook.net/vi_VN/all.js#xfbml=1
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
update.png
wellsfargogorewards.com/template/en/images/
548 B
548 B
Image
General
Full URL
http://wellsfargogorewards.com/template/en/images/update.png
Requested by
Host: wellsfargogorewards.com
URL: http://wellsfargogorewards.com/template/en/css/style.css?ogxtx
Protocol
HTTP/1.1
Server
2606:4700:3033::ac43:c9ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://wellsfargogorewards.com/template/en/css/style.css?ogxtx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 26 Jan 2024 08:03:34 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2BINKVBN6TYNQ7W3dwjT%2FM0Ub%2FL2pNea9sXpMabYlggbjCUxUDzUl0GVuGu58J0PdZo1KG6shrKvQJbzDLds7aDS%2BRRihUu%2F1HGHYE4STbwLyhJUM%2FODM3nFmsAlaIxCgRSoAPOrGIzehP%2BcmQQoFHuu2YY7ng%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html
Vary
Accept-Encoding
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
84b73d788d06523d-MXP
alt-svc
h3=":443"; ma=86400
view.png
wellsfargogorewards.com/template/en/images/
548 B
548 B
Image
General
Full URL
http://wellsfargogorewards.com/template/en/images/view.png
Requested by
Host: wellsfargogorewards.com
URL: http://wellsfargogorewards.com/template/en/css/style.css?ogxtx
Protocol
HTTP/1.1
Server
2606:4700:3033::ac43:c9ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://wellsfargogorewards.com/template/en/css/style.css?ogxtx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 26 Jan 2024 08:03:34 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z3YImFUTkdqo8mw7YhjY3YNuhy8l7XYuxRp3neZkKTuCA4dTNTQVFDFGLS1hJ4UFBgv7eSz9oR7YV4zXL6710v8cnp4iIU6uyTX40Ub0%2B7KuH12O2rYSLqTOBPY87JrWjl%2BaaM461HlptUXMxVoIkKv5G0gVbA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html
Vary
Accept-Encoding
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
84b73d788969374f-MXP
alt-svc
h3=":443"; ma=86400
all.js
connect.facebook.net/vi_VN/
305 KB
86 KB
Script
General
Full URL
https://connect.facebook.net/vi_VN/all.js?hash=917fffc5a8e6e4d49a6024c824f224d3
Requested by
Host: connect.facebook.net
URL: http://connect.facebook.net/vi_VN/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3da93f8db0506eb903baff62e218e9f73bea98076dadbdea07de6b57781dafb6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://wellsfargogorewards.com/
Origin
http://wellsfargogorewards.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 26 Jan 2024 08:03:33 GMT
content-md5
VfpV2yis10Nfvwrb0djeyw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88069
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
x-fb-debug
oi60oaeMoQ49gZu8HKCi4G+S5YPkLgvzo4Q1K8lhOUdDHKZSq+WBnPdua7srNYYgY09OYq5dDFLBQ9RfujwuQw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
c5399108740008240b849184b0001d15
cross-origin-opener-policy
same-origin-allow-popups
etag
"7ca54b750a5641807520d7d133f21334"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Sat, 25 Jan 2025 07:45:52 GMT
comments.php
www.facebook.com/plugins/ Frame A3D2
0
0
Document
General
Full URL
https://www.facebook.com/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfc83ae4e67160dd80%26domain%3Dwellsfargogorewards.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwellsfargogorewards.com%252Ff97c261248403f18f%26relation%3Dparent.parent&color_scheme=light&container_width=870&height=100&href=https%3A%2F%2Fwellsfargogorewards.com%2F&locale=vi_VN&numposts=10&sdk=joey&width=800
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/all.js?hash=917fffc5a8e6e4d49a6024c824f224d3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
http://wellsfargogorewards.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html;charset=utf-8
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 26 Jan 2024 08:03:36 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options
nosniff
x-fb-debug
hCB1uGtvN/A3JE5yMn6TDYzOT6gyVMT6/5QYVQuHCSbGOd9BBPefvGB/mL6i2YRiew3eqQ+sHghIjANMQF5FoQ==
x-frame-options
DENY
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| FB object| __buffer

0 Cookies

7 Console Messages

Source Level URL
Text
network error URL: http://wellsfargogorewards.com/upluds/news/jdznyhss[list:id].jpg
Message:
Failed to load resource: the server responded with a status of 502 (Bad Gateway)
network error URL: http://wellsfargogorewards.com/upluds/news/8225.jpg
Message:
Failed to load resource: the server responded with a status of 502 (Bad Gateway)
network error URL: http://wellsfargogorewards.com/upluds/news/xpalzyoj[list:id].jpg
Message:
Failed to load resource: the server responded with a status of 502 (Bad Gateway)
network error URL: http://wellsfargogorewards.com/upluds/news/vbcbntec.jpg
Message:
Failed to load resource: the server responded with a status of 502 (Bad Gateway)
network error URL: http://wellsfargogorewards.com/template/en/images/view.png
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://wellsfargogorewards.com/template/en/images/update.png
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.