urlscan.io logo urlscan.io
SecurityTrails logo

homeloans.wellsfargo.com.pagescdn.com Open in urlscan Pro
2606:4700:4400::ac40:9047  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://homeloans.wellsfargo.com.pagescdn.com/
Effective URL: https://homeloans.wellsfargo.com.pagescdn.com/
Submission: On November 23 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 8 domains to perform 22 HTTP transactions. The main IP is 2606:4700:4400::ac40:9047, located in United States and belongs to CLOUDFLARENET, US. The main domain is homeloans.wellsfargo.com.pagescdn.com.
TLS certificate: Issued by WE1 on October 29th 2024. Valid for: 3 months.
This is the only time homeloans.wellsfargo.com.pagescdn.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Wells Fargo (Banking)

Domain & IP information

IP Address AS Autonomous System
11 2606:4700:440... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 108.138.26.73 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
22 9
11    2606:4700:4400::ac40:9047 (United States)

ASN13335 (CLOUDFLARENET, US)
homeloans.wellsfargo.com.pagescdn.com
2    2606:4700::6812:bb1f (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
3    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    108.138.26.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-26-73.fra56.r.cloudfront.net
api.mapbox.com
1    2606:4700::6811:35f (United States)

ASN13335 (CLOUDFLARENET, US)
www.yext-pixel.com
Apex Domain
Subdomains		 Transfer
11 pagescdn.com
homeloans.wellsfargo.com.pagescdn.com
393 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
292 KB
2 mapbox.com
api.mapbox.com — Cisco Umbrella Rank: 3894
197 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 318
3 KB
1 yext-pixel.com
www.yext-pixel.com — Cisco Umbrella Rank: 34251
593 B
1 google.de
www.google.de — Cisco Umbrella Rank: 10745
63 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 135
560 B
1 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 4108
22 8
Domain Requested by
11 homeloans.wellsfargo.com.pagescdn.com homeloans.wellsfargo.com.pagescdn.com
3 www.googletagmanager.com homeloans.wellsfargo.com.pagescdn.com
www.googletagmanager.com
2 api.mapbox.com homeloans.wellsfargo.com.pagescdn.com
2 cdn.jsdelivr.net homeloans.wellsfargo.com.pagescdn.com
1 www.yext-pixel.com homeloans.wellsfargo.com.pagescdn.com
1 www.google.de homeloans.wellsfargo.com.pagescdn.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
22 8

This site contains links to these domains. Also see Links.

Domain
www.wellsfargo.com
Subject Issuer Validity Valid
homeloans.wellsfargo.com.pagescdn.com
WE1		 2024-10-29 -
2025-01-27		 3 months crt.sh
*.jsdelivr.net
Sectigo RSA Domain Validation Secure Server CA		 2024-05-04 -
2025-05-04		 a year crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.google.de
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
api.mapbox.com
Amazon RSA 2048 M03		 2024-10-05 -
2025-11-02		 a year crt.sh
www.yext-pixel.com
WE1		 2024-11-04 -
2025-02-02		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://homeloans.wellsfargo.com.pagescdn.com/
Frame ID: 45E4E72FC6CBECE0C76CDC3096A873DA
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

All Wells Fargo Home Mortgage Consultants | Mortgage, Home Mortgage Loans, Check Rates

Page URL History Show full URLs

  1. http://homeloans.wellsfargo.com.pagescdn.com/ HTTP 307
    https://homeloans.wellsfargo.com.pagescdn.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • mapbox-gl.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

22
Requests

100 %
HTTPS

88 %
IPv6

8
Domains

8
Subdomains

9
IPs

3
Countries

886 kB
Transfer

2875 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://homeloans.wellsfargo.com.pagescdn.com/ HTTP 307
    https://homeloans.wellsfargo.com.pagescdn.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
homeloans.wellsfargo.com.pagescdn.com/
Redirect Chain
  • http://homeloans.wellsfargo.com.pagescdn.com/
  • https://homeloans.wellsfargo.com.pagescdn.com/
119 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://homeloans.wellsfargo.com.pagescdn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9047 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0419b175ba41f0a1153a625183e9cfeeeb8e389becebf07d7ea409daf2284cc9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
137
alt-svc
h3=":443"; ma=86400
body-hash
1zgxfE5NF+hxjunGGTyGlqAf6DHCWyTMtpHIJihloWN3m4GRK/SQX6EU8L3HJjX++W6sQ/URR50VTVCSCs9KpA==
cache-control
max-age=0, s-maxage=3600, must-revalidate
cf-cache-status
HIT
cf-ray
8e6e265d59512bb8-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 23 Nov 2024 03:42:32 GMT
etag
W/"BxjLEhKMcNj_Tg5ryzoVcghKPNoVqLOJtRku2V_keDzyG7VOqE0J3rilCL3UETh+6iFtmWuNjB_+P+l7k05jfQ=="
last-modified
Fri, 22 Nov 2024 21:29:39 GMT
owner
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 google
x-yext-serving-tags
static_file
x-yext-site
ne2

Redirect headers

Location
https://homeloans.wellsfargo.com.pagescdn.com/
Non-Authoritative-Reason
HttpsUpgrades
slick.min.css
cdn.jsdelivr.net/npm/@accessible360/accessible-slick@1.0.1/slick/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@accessible360/accessible-slick@1.0.1/slick/slick.min.css
Requested by
Host: homeloans.wellsfargo.com.pagescdn.com
URL: https://homeloans.wellsfargo.com.pagescdn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50ec747afc45612c45573a7101ecf9adf6dee6e98c2620b22ee3f70144f9548e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://homeloans.wellsfargo.com.pagescdn.com/

Response headers

access-control-expose-headers
*
content-encoding
br
cf-cache-status
HIT
etag
W/"52f-q8u1k4Favfj04+j5ZL8NM5iwr5s"
age
1290473
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MaYA3QXygaUOIug%2BQKXiRGuf%2FJkQ0mpo4m48ma8Iz4ngR2GoOFUdpqwTENmSKdElt6KzrTrsHK4obwcv0a1cJ5rNxdvZRl%2B2WSc9SmNZz1Dms%2Bn8%2Flw6DxtDTMJZaKOYBSV7Diprgb2as1NaSjg%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443"; ma=86400
x-cache
HIT, HIT
date
Sat, 23 Nov 2024 03:42:32 GMT
content-type
text/css; charset=utf-8
x-served-by
cache-fra-etou8220045-FRA, cache-lga21932-LGA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e6e265dca4135f7-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
487
server
cloudflare
x-jsd-version
1.0.1
slick-theme.min.css
cdn.jsdelivr.net/npm/@accessible360/accessible-slick@1.0.1/slick/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@accessible360/accessible-slick@1.0.1/slick/slick-theme.min.css
Requested by
Host: homeloans.wellsfargo.com.pagescdn.com
URL: https://homeloans.wellsfargo.com.pagescdn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa4bc789142ca61c2faae60acec10c04360e92f0995c4bc6d29b076e39d09e2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://homeloans.wellsfargo.com.pagescdn.com/

Response headers

access-control-expose-headers
*
content-encoding
br
cf-cache-status
HIT
etag
W/"e78-GSpdD6zlcDZcJq8wQ37oh81KRNs"
age
1038021
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p2FfcZ3EeW3BbQiqykJ1cMA1BbOccIwJS2JQUSTxlO1J0rje5zV79DbHefVYLixVNyOXts6qzKm41aE7dDwmfl9mVtcUL3zlLRCHb94%2F%2BeCCQKa%2FBH%2BvpTSC75GfzSUMjmd6%2ByfI4K6p8G9WK7A%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443"; ma=86400
x-cache
HIT, HIT
date
Sat, 23 Nov 2024 03:42:32 GMT
content-type
text/css; charset=utf-8
x-served-by
cache-fra-etou8220056-FRA, cache-lga21924-LGA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e6e265dca4335f7-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
1039
server
cloudflare
x-jsd-version
1.0.1
en.f3e35d8f.js
homeloans.wellsfargo.com.pagescdn.com/permanent-b0b701/primary/locationList/ 		937 KB
244 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://homeloans.wellsfargo.com.pagescdn.com/permanent-b0b701/primary/locationList/en.f3e35d8f.js
Requested by
Host: homeloans.wellsfargo.com.pagescdn.com
URL: https://homeloans.wellsfargo.com.pagescdn.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9047 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd69bb832b090eabbe625e10821f927e162c5c007ac94a4c6e115353e5440a33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://homeloans.wellsfargo.com.pagescdn.com/

Response headers

x-yext-site
ne2
owner
content-encoding
gzip
cf-cache-status
MISS
etag
W/"hnHkheCaHTaxfoAl7dVNmdOjy3IHKOvsnhD6ldcJmq6fJwoy9_nDbKWuPPm_rDvfXmsZxtNQGh2RTCDO39iAig=="
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
x-yext-serving-tags
static_file
date
Sat, 23 Nov 2024 03:42:32 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
last-modified
Tue, 19 Nov 2024 15:41:16 GMT
priority
u=3,i=?0
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000
via
1.1 google
cf-ray
8e6e265def849f30-FRA
body-hash
YOPcEGBBGNotO4WFFDO8oGM6pdV9FHlPjqvpM0obpiD3tT9N8zJUTDi2h0ppffVZKih4wP9QguFfpWY6ACvDQg==
server
cloudflare
header-logo.13d5c016.svg
homeloans.wellsfargo.com.pagescdn.com/permanent-b0b701/assets/images/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://homeloans.wellsfargo.com.pagescdn.com/permanent-b0b701/assets/images/header-logo.13d5c016.svg
Requested by
Host: homeloans.wellsfargo.com.pagescdn.com
URL: https://homeloans.wellsfargo.com.pagescdn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9047 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de2b6f920e61ea51c2b8e6ba0b7eb5bc379396a907f2f4e6a2507ceab167f2ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://homeloans.wellsfargo.com.pagescdn.com/

Response headers

x-yext-site
ne2
owner
content-encoding
gzip
cf-cache-status
MISS
etag
W/"75l5FY_izqRHSfHBZ1Ay7eUEg8hHFYX5BclzgrpX6nV2vA0S3e63sUkCl4+8CJFHVDlwHdkgj6ImAikmqC2eig=="
alt-svc
h3=":443"; ma=86400
x-yext-serving-tags
static_file
date
Sat, 23 Nov 2024 03:42:32 GMT
content-type
image/svg+xml
vary
Accept-Encoding
last-modified
Tue, 19 Nov 2024 15:41:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000
via
1.1 google
cf-ray
8e6e265d89612bb8-FRA
body-hash
gk9nKdW9wU3esG3HNDFTdm6v6BU9a4q9Jp5iQ6+NKvJlb12za4hEqqiZpVi9rHijLS93JmNS46plfFtVBgM8pA==
server
cloudflare
ajax-loader.4b01ca50.gif
homeloans.wellsfargo.com.pagescdn.com/permanent-b0b701/assets/modules/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://homeloans.wellsfargo.com.pagescdn.com/permanent-b0b701/assets/modules/ajax-loader.4b01ca50.gif
Requested by
Host: homeloans.wellsfargo.com.pagescdn.com
URL: https://homeloans.wellsfargo.com.pagescdn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9047 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aebc793d0064383ee6b1625bf3bb32532ec30a5c12bf9117066107d412119123
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://homeloans.wellsfargo.com.pagescdn.com/

Response headers

x-yext-site
ne2
owner
cf-cache-status
MISS
etag
W/"Jw7lKFfQAXwAbvEIgY1McZwPtvaHIPHn5ktviEaiLDK2Pt09lNnlrahJ7eDTvmvwezXqGTV6yy0xWV4DqICfIw=="
alt-svc
h3=":443"; ma=86400
x-yext-serving-tags
static_file
date
Sat, 23 Nov 2024 03:42:32 GMT
content-type
image/gif
vary
Accept-Encoding
last-modified
Tue, 19 Nov 2024 15:41:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000
via
1.1 google
cf-ray
8e6e265d89622bb8-FRA
body-hash
b+zIdUOgH1lfE/r6MQ8241kKadxF+1CRO8Fcj+b68X0PRZ3jem3yshDlYoOKhZ4z/tKzwhTVZrKOB5XlboEf7A==
server
cloudflare
geolocate.7b9dc1e6.svg
homeloans.wellsfargo.com.pagescdn.com/permanent-b0b701/assets/images/ 		703 B
823 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://homeloans.wellsfargo.com.pagescdn.com/permanent-b0b701/assets/images/geolocate.7b9dc1e6.svg
Requested by
Host: homeloans.wellsfargo.com.pagescdn.com
URL: https://homeloans.wellsfargo.com.pagescdn.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9047 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56ab987f7acbac2df1268106437ef23be76429a6cfaed5f1f748741debe0a65a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://homeloans.wellsfargo.com.pagescdn.com/

Response headers

x-yext-site
ne2
owner
content-encoding
gzip
cf-cache-status
MISS
etag
W/"tGEssUx9Ntg5XP5RRECbLmTz9FikcYEwPuJ56pWzE23H8O5artRswwxiCqaPj88gDXAHV4EtJUYNKWxrrf7ydA=="
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
x-yext-serving-tags
static_file
date
Sat, 23 Nov 2024 03:42:32 GMT
content-type
image/svg+xml
vary
Accept-Encoding
last-modified
Tue, 19 Nov 2024 15:41:16 GMT
priority
u=2,i
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000
via
1.1 google
cf-ray
8e6e265def829f30-FRA
accept-ranges
bytes
content-length
372
body-hash
5RbOBlWk6NkvBPu/Z2YLiEVpPdzmtacOIFaX1aUpe0DvVMLFwEyHU6epIKmfwFvQL9Yrh2/U75eLDyeHv6ZEAg==
server
cloudflare
gtm.js
www.googletagmanager.com/ 		265 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W7LML6J
Requested by
Host: homeloans.wellsfargo.com.pagescdn.com
URL: https://homeloans.wellsfargo.com.pagescdn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dc5a97737e37f3450cc7a52f51ff86aa0bdb68653c3599cab48a9847eaa7c494
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://homeloans.wellsfargo.com.pagescdn.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Sat, 23 Nov 2024 03:42:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 23 Nov 2024 03:42:32 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sat, 23 Nov 2024 03:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
89472
x-xss-protection
0
server
Google Tag Manager
icons.10228a1c.svg
homeloans.wellsfargo.com.pagescdn.com/permanent-b0b701/assets/modules/ 		8 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://homeloans.wellsfargo.com.pagescdn.com/permanent-b0b701/assets/modules/icons.10228a1c.svg
Requested by
Host: homeloans.wellsfargo.com.pagescdn.com
URL: https://homeloans.wellsfargo.com.pagescdn.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9047 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e78053ce158ddef2e1014dbfc5dcb15c0816ecaabd4c7a19a4747b27a6a8335
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://homeloans.wellsfargo.com.pagescdn.com/

Response headers

x-yext-site
ne2
owner
content-encoding
gzip
cf-cache-status
MISS
etag
W/"MX1CyQ13Gl4+CJTAKNPdUUtvG7z_QLZ6LJT5do22amsI8OwzbvEtQG692BrVpXqMVt1jzTC8Cj7ZICpt_HMKLg=="
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
x-yext-serving-tags
static_file
date
Sat, 23 Nov 2024 03:42:32 GMT
content-type
image/svg+xml
vary
Accept-Encoding
last-modified
Tue, 19 Nov 2024 15:41:16 GMT
priority
u=3,i
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000
via
1.1 google
cf-ray
8e6e265def859f30-FRA
body-hash
8P0k80r7DyxFWqu2zw6rqyjM9yQua2KG3eFu/7yVBmreHuJvRXJ5yGiXIrDaHhiOMvURUfX3nwuM18sAdVBv1Q==
server
cloudflare
WellsFargoSans_W_Rg.818b844a.woff
homeloans.wellsfargo.com.pagescdn.com/permanent-b0b701/assets/fonts/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://homeloans.wellsfargo.com.pagescdn.com/permanent-b0b701/assets/fonts/WellsFargoSans_W_Rg.818b844a.woff
Requested by
Host: homeloans.wellsfargo.com.pagescdn.com
URL: https://homeloans.wellsfargo.com.pagescdn.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9047 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d1fe1c01ecd07834a343240c850cc5879662ae5c60e9712ab2524fda4be43e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://homeloans.wellsfargo.com.pagescdn.com
Referer
https://homeloans.wellsfargo.com.pagescdn.com/

Response headers

x-yext-site
ne2
owner
cf-cache-status
MISS
etag
W/"XDK9AwofGImh0FyC_UGGKaRLHSyYjCeui7FzHv0tzzVC8v24b4H4IoTja1HvQHhVC7aA88v2QBxWw7NN1n6smQ=="
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
x-yext-serving-tags
static_file
date
Sat, 23 Nov 2024 03:42:32 GMT
content-type
font/woff
vary
Accept-Encoding
last-modified
Tue, 19 Nov 2024 15:41:16 GMT
priority
u=0,i=?0
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000
via
1.1 google
cf-ray
8e6e265e0f909f30-FRA
body-hash
uzExmaJNwpSyZjuWpmlXOhukGyLvBeDQBYZyIldRUBzrQ09peSbXDY/v45xzErK6G+l+6FgGV73JCpxpoCzNNQ==
server
cloudflare
WellsFargoSerif_W_SBd.34ca1965.woff
homeloans.wellsfargo.com.pagescdn.com/permanent-b0b701/assets/fonts/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://homeloans.wellsfargo.com.pagescdn.com/permanent-b0b701/assets/fonts/WellsFargoSerif_W_SBd.34ca1965.woff
Requested by
Host: homeloans.wellsfargo.com.pagescdn.com
URL: https://homeloans.wellsfargo.com.pagescdn.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9047 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ec2417e6ad6c09aa4fd9af03980548789010a82abef69883db23d4f97eb6a6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://homeloans.wellsfargo.com.pagescdn.com
Referer
https://homeloans.wellsfargo.com.pagescdn.com/

Response headers

x-yext-site
ne2
owner
cf-cache-status
MISS
etag
W/"wvxn7_s6LGig3QjmHooXv25SbeI0RIM9ayCvD8YNzKRVVL91VJaLxZUlZGou28RmT068l4KelgXeczk5jfccYQ=="
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
x-yext-serving-tags
static_file
date
Sat, 23 Nov 2024 03:42:32 GMT
content-type
font/woff
vary
Accept-Encoding
last-modified
Tue, 19 Nov 2024 15:41:16 GMT
priority
u=0,i=?0
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000
via
1.1 google
cf-ray
8e6e265e0f929f30-FRA
body-hash
ipNfC7X5LOR9DsJ4XD3CRfS9WmX4FIhApVZVOI+Y79doxt7rop/8jPv1QPeHkkSndjtWASwTbMtPxIgMoyvLYw==
server
cloudflare
WellsFargoSerif_W_Rg.836f19a0.woff
homeloans.wellsfargo.com.pagescdn.com/permanent-b0b701/assets/fonts/ 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://homeloans.wellsfargo.com.pagescdn.com/permanent-b0b701/assets/fonts/WellsFargoSerif_W_Rg.836f19a0.woff
Requested by
Host: homeloans.wellsfargo.com.pagescdn.com
URL: https://homeloans.wellsfargo.com.pagescdn.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9047 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0073555461f30e89de80c22bc4122f9de83efcfbd5145132fda76524dc5b550
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://homeloans.wellsfargo.com.pagescdn.com
Referer
https://homeloans.wellsfargo.com.pagescdn.com/

Response headers

x-yext-site
ne2
owner
cf-cache-status
MISS
etag
W/"RToGIMcHQ7757nYKttbF3Jx9JZNtcVIh3stkw0OqSql62jdLPxRLSrZPai1y_cHTd67YVFMh+xI4FX4WGDAqCQ=="
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
x-yext-serving-tags
static_file
date
Sat, 23 Nov 2024 03:42:32 GMT
content-type
font/woff
vary
Accept-Encoding
last-modified
Tue, 19 Nov 2024 15:41:16 GMT
priority
u=0,i=?0
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000
via
1.1 google
cf-ray
8e6e265e0f939f30-FRA
body-hash
2fAOpFKE3qX6n5qmDq4bwx2lJHzdQZzvauUCGL/NyOwC4iJKxQYZlGpzzBE1CO31XhRzEmxGnYUICkYQWgqFGw==
server
cloudflare
WellsFargoSans_W_Bd.f6806fb9.woff
homeloans.wellsfargo.com.pagescdn.com/permanent-b0b701/assets/fonts/ 		26 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://homeloans.wellsfargo.com.pagescdn.com/permanent-b0b701/assets/fonts/WellsFargoSans_W_Bd.f6806fb9.woff
Requested by
Host: homeloans.wellsfargo.com.pagescdn.com
URL: https://homeloans.wellsfargo.com.pagescdn.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9047 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a52abbd20132bc790ab7524810cec27b716391ef87d029fa701f2607c120dcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://homeloans.wellsfargo.com.pagescdn.com
Referer
https://homeloans.wellsfargo.com.pagescdn.com/

Response headers

x-yext-site
ne2
owner
cf-cache-status
MISS
etag
W/"FqkCGptUlWODn6w7ayHnqaxkjb9BxknfkC8hG+GEGGdFudOt3otegGJ5AB4GoSeCHr_tYU3ffF_k9MZGhrHG+Q=="
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
x-yext-serving-tags
static_file
date
Sat, 23 Nov 2024 03:42:32 GMT
content-type
font/woff
vary
Accept-Encoding
last-modified
Tue, 19 Nov 2024 15:41:16 GMT
priority
u=0,i=?0
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000
via
1.1 google
cf-ray
8e6e265e0f959f30-FRA
body-hash
OWNJXARfq/BeeXq3SRGokzAXZivlGusqFgzNlhC1GCkdCjYTeubYyHngigNfpQygfD4E7DlH/LiuPOG+PDX4ew==
server
cloudflare
js
www.googletagmanager.com/gtag/ 		424 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-7JXJJ2JF12&l=dataLayer&cx=c&gtm=45He4bk0v850416834za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W7LML6J
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c050b6d77d4b7292f82d143472eb173712319d6b22dfce57b3b203247777e01e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://homeloans.wellsfargo.com.pagescdn.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sat, 23 Nov 2024 03:42:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 23 Nov 2024 03:42:32 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
137858
x-xss-protection
0
server
Google Tag Manager
gtm.js
www.googletagmanager.com/ 		193 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-58GG68D&l=dataLayer&gtm=45He4bk0v850416834za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W7LML6J
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5b0b6668d3a59da6c51ce6ea39954a7de76a16c9a50280ed44439fc2337d6900
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://homeloans.wellsfargo.com.pagescdn.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Sat, 23 Nov 2024 03:42:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 23 Nov 2024 03:42:32 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sat, 23 Nov 2024 03:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
71003
x-xss-protection
0
server
Google Tag Manager
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-7JXJJ2JF12&gtm=45je4bk0v9166611554z8850416834za200zb850416834&_p=1732333352623&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=787962596.1732333353&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dl=https%3A%2F%2Fhomeloans.wellsfargo.com.pagescdn.com%2F&dr=&sid=1732333352&sct=1&seg=0&dt=All%20Wells%20Fargo%20Home%20Mortgage%20Consultants%20%7C%20Mortgage%2C%20Home%20Mortgage%20Loans%2C%20Check%20Rates&en=page_view&_fv=1&_nsi=1&_ss=1&ep.gtm_container_id=GTM-W7LML6J&ep.gtm_container_version=16&ep.user_agent_string=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F130.0.0.0%20Safari%2F537.36&ep.client_id_2=not%20set&ep.timestamp=2024-11-23T04%3A42%3A32.720%2B01%3A00&epn.timezone_offset=1&ep.gtm_tag_name=GA4%20-%20Pageview&up.client_id_2=not%20set&up.client_id_string=not%20set&tfd=354
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7JXJJ2JF12&l=dataLayer&cx=c&gtm=45He4bk0v850416834za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://homeloans.wellsfargo.com.pagescdn.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://homeloans.wellsfargo.com.pagescdn.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 23 Nov 2024 03:42:32 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
560 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-7JXJJ2JF12&cid=787962596.1732333353&gtm=45je4bk0v9166611554z8850416834za200zb850416834&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7JXJJ2JF12&l=dataLayer&cx=c&gtm=45He4bk0v850416834za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://homeloans.wellsfargo.com.pagescdn.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://homeloans.wellsfargo.com.pagescdn.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 23 Nov 2024 03:42:32 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7JXJJ2JF12&cid=787962596.1732333353&gtm=45je4bk0v9166611554z8850416834za200zb850416834&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tag_exp=101925629~102067555~102067808~102077855~102081485&z=236801776
Requested by
Host: homeloans.wellsfargo.com.pagescdn.com
URL: https://homeloans.wellsfargo.com.pagescdn.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://homeloans.wellsfargo.com.pagescdn.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Sat, 23 Nov 2024 03:42:32 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
mapbox-gl.css
api.mapbox.com/mapbox-gl-js/v1.13.0/ 		34 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://api.mapbox.com/mapbox-gl-js/v1.13.0/mapbox-gl.css
Requested by
Host: homeloans.wellsfargo.com.pagescdn.com
URL: https://homeloans.wellsfargo.com.pagescdn.com/permanent-b0b701/primary/locationList/en.f3e35d8f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-73.fra56.r.cloudfront.net
Software
/ Express
Resource Hash
735c576dcdec74bb5b5557938b53c8932ee1cfe0197ee59df1531195f61beca0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://homeloans.wellsfargo.com.pagescdn.com/

Response headers

content-encoding
gzip
etag
"998d2c78528574d78874aa5e536ebb31"
age
9852590
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
Uo66axYANM9mBYLBbOyoApcI5HTMBdZrMMTf7ZWN1-ovSVed6Jf5Mg==
date
Thu, 01 Aug 2024 02:52:42 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
last-modified
Thu Nov 19 2020 00:26:07 GMT+0000 (Coordinated Universal Time)
cache-control
max-age=31536000
timing-allow-origin
*
via
1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P7
x-powered-by
Express
mapbox-gl.js
api.mapbox.com/mapbox-gl-js/v1.13.0/ 		749 KB
192 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.mapbox.com/mapbox-gl-js/v1.13.0/mapbox-gl.js
Requested by
Host: homeloans.wellsfargo.com.pagescdn.com
URL: https://homeloans.wellsfargo.com.pagescdn.com/permanent-b0b701/primary/locationList/en.f3e35d8f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-73.fra56.r.cloudfront.net
Software
/ Express
Resource Hash
67571519b155f9aafdbb076634c3be009477c104d867aabdeda4a1c6bac2d650

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://homeloans.wellsfargo.com.pagescdn.com/

Response headers

content-encoding
gzip
etag
"22274132dd96c4ec18572a92f1febe30"
age
27472346
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
xZMWlEryZlD4VYvmEC83UZ4ciYC6ssMJlfq6BGiL34KX3rPalPrjNw==
date
Wed, 10 Jan 2024 04:30:06 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
last-modified
Thu Nov 19 2020 00:26:05 GMT+0000 (Coordinated Universal Time)
cache-control
max-age=31536000
timing-allow-origin
*
via
1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P7
x-powered-by
Express
store_pagespixel
www.yext-pixel.com/ 		43 B
593 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.yext-pixel.com/store_pagespixel?product=storepages&v=1732333353295&pageurl=%2F&pagesReferrer=&businessids=1269185&siteId=22012&isStaging=false&directoryId=State%20-%20City%20Drilldown%20-%20Advisors&directoryPath=Wells%20Fargo%20Home%20Mortgage%20Consultants&eventType=pageview
Requested by
Host: homeloans.wellsfargo.com.pagescdn.com
URL: https://homeloans.wellsfargo.com.pagescdn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:35f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42cb846e07917f6731406e500f24aeb2e88c42cda124eaa59e08c5331cad8bcb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://homeloans.wellsfargo.com.pagescdn.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache, must-revalidate
cf-cache-status
DYNAMIC
pragma
no-cache
cf-ray
8e6e2660da145c4a-FRA
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
content-length
43
date
Sat, 23 Nov 2024 03:42:33 GMT
content-type
image/gif
server
cloudflare
truncated
/ 		38 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/webp
favicon.db9e504f.ico
homeloans.wellsfargo.com.pagescdn.com/permanent-b0b701/assets/images/favicons/primary/ 		15 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://homeloans.wellsfargo.com.pagescdn.com/permanent-b0b701/assets/images/favicons/primary/favicon.db9e504f.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9047 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ec11c487acc7888acbd0d50cf49b4ab3f7d927991516aae140e419f392c2dba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://homeloans.wellsfargo.com.pagescdn.com/

Response headers

x-yext-site
ne2
owner
content-encoding
gzip
cf-cache-status
MISS
etag
W/"PIbM2W5ytYsprBnqPjJ4jxJgliF9NMPgv4WsSM4BdUCbyajoOyUYpaA20IjfcbDHmA1mbqn6K5RpRMutNSrVeg=="
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
x-yext-serving-tags
static_file
date
Sat, 23 Nov 2024 03:42:33 GMT
content-type
image/vnd.microsoft.icon
vary
Accept-Encoding
last-modified
Tue, 19 Nov 2024 15:41:16 GMT
priority
u=1,i
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000
via
1.1 google
cf-ray
8e6e2663baf39f30-FRA
body-hash
Qlxzv5T2d77jI2NSgqmttryYdbJgZ/10Jk9OoiBfDloLcYFsMe3VnIMckOemXhkfRy3A8vdpRDPfHJCa2dVpJg==
server
cloudflare

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Wells Fargo (Banking)

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| Yext object| dataLayer string| YextAnalyticsObject function| ya boolean| IS_PRODUCTION object| PRODUCTION_DOMAINS object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| webpackJsonp object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime function| ga object| gaDevIds object| gaplugins object| soy object| goog function| svg4everybody function| trackConv object| mapboxgl

5 Cookies

Domain/Path Name / Value
.homeloans.wellsfargo.com.pagescdn.com/ Name: __cf_bm
Value: dfSN0JGoy71L7MQ2PKp2be693BwsQksK.iIzjpPkzsA-1732333352-1.0.1.1-CfEd2Q4jmp.pgZlSTEbQ9YlmqYiIKHwq5UEBlpr7dOetGv0qEJQTt.0JGkiihoJS7qyVSfwMImZ8vpbjYwqZEg
.pagescdn.com/ Name: _ga_7JXJJ2JF12
Value: GS1.1.1732333352.1.0.1732333352.60.0.0
.pagescdn.com/ Name: _ga
Value: GA1.1.787962596.1732333353
.www.yext-pixel.com/ Name: __cf_bm
Value: 0s1IGqXdwkRnwqYnFQSuBU9lACck5xIZTMHstRHzI.w-1732333353-1.0.1.1-MMNH8OCGTIXVJXPxn4CQbxUg9Gt4pEAZ6cFKb322KpflqoM8KGjuHqajkbAvA.BsLF1z6zbDIP_y.wkZlqVNauX3Y8hGERlnCs0q0p00XTc
.www.yext-pixel.com/ Name: _cfuvid
Value: kViKI1vpD6qNpgW4yhx187v656bwUMxNBHLUo6e1cDI-1732333353464-0.0.1.1-604800000

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.mapbox.com
cdn.jsdelivr.net
homeloans.wellsfargo.com.pagescdn.com
region1.analytics.google.com
stats.g.doubleclick.net
www.google.de
www.googletagmanager.com
www.yext-pixel.com
108.138.26.73
2001:4860:4802:34::36
2606:4700:4400::ac40:9047
2606:4700::6811:35f
2606:4700::6812:bb1f
2a00:1450:4001:81d::2003
2a00:1450:4001:82a::2008
2a00:1450:400c:c00::9a
0419b175ba41f0a1153a625183e9cfeeeb8e389becebf07d7ea409daf2284cc9
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
0a52abbd20132bc790ab7524810cec27b716391ef87d029fa701f2607c120dcd
0ec2417e6ad6c09aa4fd9af03980548789010a82abef69883db23d4f97eb6a6c
42cb846e07917f6731406e500f24aeb2e88c42cda124eaa59e08c5331cad8bcb
4d1fe1c01ecd07834a343240c850cc5879662ae5c60e9712ab2524fda4be43e2
50ec747afc45612c45573a7101ecf9adf6dee6e98c2620b22ee3f70144f9548e
56ab987f7acbac2df1268106437ef23be76429a6cfaed5f1f748741debe0a65a
5b0b6668d3a59da6c51ce6ea39954a7de76a16c9a50280ed44439fc2337d6900
67571519b155f9aafdbb076634c3be009477c104d867aabdeda4a1c6bac2d650
6e78053ce158ddef2e1014dbfc5dcb15c0816ecaabd4c7a19a4747b27a6a8335
735c576dcdec74bb5b5557938b53c8932ee1cfe0197ee59df1531195f61beca0
8ec11c487acc7888acbd0d50cf49b4ab3f7d927991516aae140e419f392c2dba
aa4bc789142ca61c2faae60acec10c04360e92f0995c4bc6d29b076e39d09e2c
aebc793d0064383ee6b1625bf3bb32532ec30a5c12bf9117066107d412119123
b0073555461f30e89de80c22bc4122f9de83efcfbd5145132fda76524dc5b550
c050b6d77d4b7292f82d143472eb173712319d6b22dfce57b3b203247777e01e
cd69bb832b090eabbe625e10821f927e162c5c007ac94a4c6e115353e5440a33
dc5a97737e37f3450cc7a52f51ff86aa0bdb68653c3599cab48a9847eaa7c494
de2b6f920e61ea51c2b8e6ba0b7eb5bc379396a907f2f4e6a2507ceab167f2ce
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629