8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no Open in urlscan Pro
67.23.254.254  Malicious Activity! Public Scan

URL: http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/a/1/kjfar.php?P=N49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgi938945SCDSFGHJSASTYTERSZ%20sdERWAEETRabE%2...
Submission: On September 02 via automatic, source openphish — Scanned from NO

Summary

This website contacted 17 IPs in 3 countries across 10 domains to perform 91 HTTP transactions. The main IP is 67.23.254.254, located in Orlando, United States and belongs to DIMENOC, US. The main domain is 8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no.
This is the only time 8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Wells Fargo (Banking)

Domain & IP information

IP Address AS Autonomous System
6 67.23.254.254 33182 (DIMENOC)
14 159.45.2.178 10837 (WELLSFARG...)
5 159.45.66.145 4196 (WELLSFARG...)
34 23.2.195.4 16625 (AKAMAI-AS)
7 159.45.66.156 4196 (WELLSFARG...)
2 34.248.26.113 16509 (AMAZON-02)
1 34.255.225.203 16509 (AMAZON-02)
2 2.16.186.138 20940 (AKAMAI-ASN1)
1 2 142.250.184.198 15169 (GOOGLE)
3 172.217.23.110 15169 (GOOGLE)
1 1 142.250.185.66 15169 (GOOGLE)
1 2 142.250.185.100 15169 (GOOGLE)
2 142.250.186.163 15169 (GOOGLE)
1 142.250.186.66 15169 (GOOGLE)
1 64.233.167.156 15169 (GOOGLE)
3 52.36.47.22 16509 (AMAZON-02)
1 172.217.18.2 15169 (GOOGLE)
91 17
Apex Domain
Subdomains
Transfer
34 wellsfargomedia.com
www01.wellsfargomedia.com — Cisco Umbrella Rank: 17733
560 KB
28 wellsfargo.com
static.wellsfargo.com — Cisco Umbrella Rank: 13480
www.wellsfargo.com — Cisco Umbrella Rank: 11279
connect.secure.wellsfargo.com — Cisco Umbrella Rank: 12056
rubicon.wellsfargo.com — Cisco Umbrella Rank: 11019
722 KB
6 xzone.no
8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no
67 KB
4 doubleclick.net
2549153.fls.doubleclick.net — Cisco Umbrella Rank: 27323
googleads.g.doubleclick.net — Cisco Umbrella Rank: 44
stats.g.doubleclick.net — Cisco Umbrella Rank: 85
4 KB
3 eum-appdynamics.com
pdx-col.eum-appdynamics.com — Cisco Umbrella Rank: 4173
1 KB
3 google.no
www.google.no — Cisco Umbrella Rank: 32408
adservice.google.no — Cisco Umbrella Rank: 267791
1 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 78
2 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
680 B
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 202
wellsfargobankna.demdex.net — Cisco Umbrella Rank: 10974
3 KB
0 rlcdn.com Failed
api.rlcdn.com Failed
91 10
Domain Requested by
34 www01.wellsfargomedia.com 8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no
www.wellsfargo.com
14 static.wellsfargo.com 8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no
static.wellsfargo.com
7 connect.secure.wellsfargo.com 8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no
connect.secure.wellsfargo.com
www.wellsfargo.com
6 8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no www.wellsfargo.com
8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no
connect.secure.wellsfargo.com
5 www.wellsfargo.com 8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no
3 pdx-col.eum-appdynamics.com connect.secure.wellsfargo.com
3 www.google-analytics.com connect.secure.wellsfargo.com
static.wellsfargo.com
2 www.google.no
2 www.google.com 1 redirects
2 2549153.fls.doubleclick.net 1 redirects static.wellsfargo.com
2 rubicon.wellsfargo.com connect.secure.wellsfargo.com
2 dpm.demdex.net connect.secure.wellsfargo.com
1 adservice.google.no adservice.google.com
1 stats.g.doubleclick.net connect.secure.wellsfargo.com
1 adservice.google.com 2549153.fls.doubleclick.net
1 googleads.g.doubleclick.net 1 redirects
1 wellsfargobankna.demdex.net connect.secure.wellsfargo.com
0 api.rlcdn.com Failed connect.secure.wellsfargo.com
91 18
Subject Issuer Validity Valid
static.wellsfargo.com
DigiCert EV RSA CA G2
2022-05-24 -
2023-05-24
a year crt.sh
www.wellsfargo.com
DigiCert EV RSA CA G2
2022-05-24 -
2023-05-24
a year crt.sh
www01.wellsfargomedia.com
DigiCert TLS RSA SHA256 2020 CA1
2022-03-28 -
2023-03-28
a year crt.sh
connect.secure.wellsfargo.com
DigiCert EV RSA CA G2
2022-06-22 -
2023-06-22
a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1
2021-10-19 -
2022-11-19
a year crt.sh
rubicon.wellsfargo.com
Wells Fargo Public Trust Certification Authority 01 G2
2022-04-06 -
2023-04-06
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-08-15 -
2022-11-07
3 months crt.sh
*.google.com
GTS CA 1C3
2022-08-15 -
2022-11-07
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-08-15 -
2022-11-07
3 months crt.sh
*.eum-appdynamics.com
DigiCert TLS RSA SHA256 2020 CA1
2022-06-14 -
2023-07-15
a year crt.sh
*.google.no
GTS CA 1C3
2022-08-15 -
2022-11-07
3 months crt.sh
www.google.com
GTS CA 1C3
2022-08-15 -
2022-11-07
3 months crt.sh

This page contains 4 frames:

Primary Page: http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/a/1/kjfar.php?P=N49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgi938945SCDSFGHJSASTYTERSZ%20sdERWAEETRabE%20RHTUTYDDNTMEW74342hdfjsixaAI6cEL2k0fCo2dHX4fTgN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgiBOaoweue5_jfncn_Product-UserID&email=
Frame ID: 67BA2C42E665246A4862F8BA0F685395
Requests: 89 HTTP requests in this frame

Frame: http://2549153.fls.doubleclick.net/activityi;dc_pre=COP74v2F9fkCFdZDHQkdp1YBDA;src=2549153;type=allv40;cat=all_a00;ord=5029910366429;gtm=2od8g0;u1=45202110060855191200791075;u5=y;u6=BOB;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=http%3A%2F%2F8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no%2Fa%2F1%2Fkjfar.php%3FP%3DN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgi938945SCDSFGHJSASTYTERSZ%2520sdERWAEETRabE%2520RHTUTYDDNTMEW74342hdfjsixaAI6cEL2k0fCo2dHX4fTgN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgiBOaoweue5_jfncn_Product-UserID%26email%3D
Frame ID: AC398302AEA375DA3B4B159B422476D6
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=COP74v2F9fkCFdZDHQkdp1YBDA;src=2549153;type=allv40;cat=all_a00;ord=5029910366429;gtm=2od8g0;u1=45202110060855191200791075;u5=y;u6=BOB;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=http%3A%2F%2F8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no%2Fa%2F1%2Fkjfar.php%3FP%3DN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgi938945SCDSFGHJSASTYTERSZ%2520sdERWAEETRabE%2520RHTUTYDDNTMEW74342hdfjsixaAI6cEL2k0fCo2dHX4fTgN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgiBOaoweue5_jfncn_Product-UserID%26email%3D
Frame ID: CDB0059912ABDC3B58C7640ABBFB99F4
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.no/ddm/fls/i/dc_pre=COP74v2F9fkCFdZDHQkdp1YBDA;src=2549153;type=allv40;cat=all_a00;ord=5029910366429;gtm=2od8g0;u1=45202110060855191200791075;u5=y;u6=BOB;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=http%3A%2F%2F8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no%2Fa%2F1%2Fkjfar.php%3FP%3DN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgi938945SCDSFGHJSASTYTERSZ%2520sdERWAEETRabE%2520RHTUTYDDNTMEW74342hdfjsixaAI6cEL2k0fCo2dHX4fTgN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgiBOaoweue5_jfncn_Product-UserID%26email%3D
Frame ID: 977E12B27D461EE717C387DF9DEAADCF
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Wells Fargo – Banking, Credit Cards, Loans, Mortgages & More

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Overall confidence: 100%
Detected patterns
  • adrum

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

91
Requests

78 %
HTTPS

0 %
IPv6

10
Domains

18
Subdomains

17
IPs

3
Countries

1359 kB
Transfer

2531 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • http://connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.9828192847642401 HTTP 307
  • https://connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.9828192847642401
Request Chain 32
  • http://connect.secure.wellsfargo.com/PIDO/pic.js?r=0.006584708312144638 HTTP 307
  • https://connect.secure.wellsfargo.com/PIDO/pic.js?r=0.006584708312144638
Request Chain 69
  • http://static.wellsfargo.com/tracking/ga/gtag.js?t=UA-107148943-1 HTTP 307
  • https://static.wellsfargo.com/tracking/ga/gtag.js?t=UA-107148943-1
Request Chain 70
  • http://static.wellsfargo.com/tracking/ga/gtag.js?t=DC-2549153 HTTP 307
  • https://static.wellsfargo.com/tracking/ga/gtag.js?t=DC-2549153
Request Chain 71
  • http://static.wellsfargo.com/tracking/ga/gtag.js?t=AW-984436569 HTTP 307
  • https://static.wellsfargo.com/tracking/ga/gtag.js?t=AW-984436569
Request Chain 75
  • http://2549153.fls.doubleclick.net/activityi;src=2549153;type=allv40;cat=all_a00;ord=5029910366429;gtm=2od8g0;u1=45202110060855191200791075;u5=y;u6=BOB;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=http%3A%2F%2F8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no%2Fa%2F1%2Fkjfar.php%3FP%3DN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgi938945SCDSFGHJSASTYTERSZ%2520sdERWAEETRabE%2520RHTUTYDDNTMEW74342hdfjsixaAI6cEL2k0fCo2dHX4fTgN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgiBOaoweue5_jfncn_Product-UserID%26email%3D HTTP 302
  • http://2549153.fls.doubleclick.net/activityi;dc_pre=COP74v2F9fkCFdZDHQkdp1YBDA;src=2549153;type=allv40;cat=all_a00;ord=5029910366429;gtm=2od8g0;u1=45202110060855191200791075;u5=y;u6=BOB;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=http%3A%2F%2F8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no%2Fa%2F1%2Fkjfar.php%3FP%3DN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgi938945SCDSFGHJSASTYTERSZ%2520sdERWAEETRabE%2520RHTUTYDDNTMEW74342hdfjsixaAI6cEL2k0fCo2dHX4fTgN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgiBOaoweue5_jfncn_Product-UserID%26email%3D
Request Chain 80
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/984436569/?random=1662085230066&cv=9&fst=1662085230066&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2F8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no%2Fa%2F1%2Fkjfar.php&tiba=Wells%20Fargo%20%E2%80%93%20Banking%2C%20Credit%20Cards%2C%20Loans%2C%20Mortgages%20%26%20More&hn=www.google.com&async=1 HTTP 302
  • https://www.google.com/pagead/1p-user-list/984436569/?random=1662085230066&cv=9&fst=1662084000000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8g0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2F8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no%2Fa%2F1%2Fkjfar.php&tiba=Wells%20Fargo%20%E2%80%93%20Banking%2C%20Credit%20Cards%2C%20Loans%2C%20Mortgages%20%26%20More&async=1&is_vtc=1&random=2739683765&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.no/pagead/1p-user-list/984436569/?random=1662085230066&cv=9&fst=1662084000000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8g0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2F8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no%2Fa%2F1%2Fkjfar.php&tiba=Wells%20Fargo%20%E2%80%93%20Banking%2C%20Credit%20Cards%2C%20Loans%2C%20Mortgages%20%26%20More&async=1&is_vtc=1&random=2739683765&resp=GooglemKTybQhCsO&ipr=y

91 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request kjfar.php
8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/a/1/
62 KB
62 KB
Document
General
Full URL
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/a/1/kjfar.php?P=N49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgi938945SCDSFGHJSASTYTERSZ%20sdERWAEETRabE%20RHTUTYDDNTMEW74342hdfjsixaAI6cEL2k0fCo2dHX4fTgN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgiBOaoweue5_jfncn_Product-UserID&email=
Protocol
HTTP/1.1
Server
67.23.254.254 Orlando, United States, ASN33182 (DIMENOC, US),
Reverse DNS
reseller-223.mco2.hostdime.com
Software
Apache /
Resource Hash
e2abb0b11e94d1993d63ba680434ad970acd7333713aeeb3dc84771281af77b9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

Connection
Upgrade, Keep-Alive
Content-Length
63635
Content-Type
text/html; charset=UTF-8
Date
Fri, 02 Sep 2022 02:20:25 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Upgrade
h2,h2c
appdEUMConfig.js
static.wellsfargo.com/assets/js/wfui/appdynamics/
2 KB
1 KB
Script
General
Full URL
https://static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js
Requested by
Host: 8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no
URL: http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/a/1/kjfar.php?P=N49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgi938945SCDSFGHJSASTYTERSZ%20sdERWAEETRabE%20RHTUTYDDNTMEW74342hdfjsixaAI6cEL2k0fCo2dHX4fTgN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgiBOaoweue5_jfncn_Product-UserID&email=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.45.2.178 , United States, ASN10837 (WELLSFARGO-10837, US),
Reverse DNS
Software
/
Resource Hash
52b687a685d2239142be0db5335c5710951ba8c2b39a44431a40f156b4d9312d

Request headers

accept-language
no-NO,no;q=0.9
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Fri, 02 Sep 2022 02:20:26 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Thu, 20 Jan 2022 02:38:25 GMT
ETag
W/"61e8cb21-7a0"
Allow
GET, POST, OPTIONS
Access-Control-Allow-Methods
POST
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
homepage_iaoffer.js
www.wellsfargo.com/js/global/
3 KB
2 KB
Script
General
Full URL
https://www.wellsfargo.com/js/global/homepage_iaoffer.js
Requested by
Host: 8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no
URL: http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/a/1/kjfar.php?P=N49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgi938945SCDSFGHJSASTYTERSZ%20sdERWAEETRabE%20RHTUTYDDNTMEW74342hdfjsixaAI6cEL2k0fCo2dHX4fTgN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgiBOaoweue5_jfncn_Product-UserID&email=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.45.66.145 , United States, ASN4196 (WELLSFARGO-4196, US),
Reverse DNS
Software
/
Resource Hash
0155efc4c50ae4da41c1ca1f6407912cbe62c0f7cb77f6464aee5bedf1267cbc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.wellsfargo.com
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Fri, 02 Sep 2022 02:20:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 22 Jul 2022 08:46:20 GMT
X-Frame-Options
SAMEORIGIN
ETag
W/"62da63dc-cb3"
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1800
Transfer-Encoding
chunked
Content-Security-Policy
frame-ancestors 'self' *.wellsfargo.com
Connection
keep-alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Expires
Fri, 02 Sep 2022 02:50:26 GMT
utag.sync.js
static.wellsfargo.com/tracking/toppages/
41 B
472 B
Script
General
Full URL
https://static.wellsfargo.com/tracking/toppages/utag.sync.js
Requested by
Host: 8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no
URL: http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/a/1/kjfar.php?P=N49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgi938945SCDSFGHJSASTYTERSZ%20sdERWAEETRabE%20RHTUTYDDNTMEW74342hdfjsixaAI6cEL2k0fCo2dHX4fTgN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgiBOaoweue5_jfncn_Product-UserID&email=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.45.2.178 , United States, ASN10837 (WELLSFARGO-10837, US),
Reverse DNS
Software
/
Resource Hash
95b962bda7dcd5140caed5bc45236ff538c3d5841c7a91136b751db076d19382
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Fri, 02 Sep 2022 02:20:26 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 14 May 2021 19:00:22 GMT
X-Frame-Options
SAMEORIGIN
ETag
"609ec8c6-29"
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
41
X-XSS-Protection
1; mode=block
homepage_ret.css
www.wellsfargo.com/css/home/
52 KB
10 KB
Stylesheet
General
Full URL
https://www.wellsfargo.com/css/home/homepage_ret.css
Requested by
Host: 8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no
URL: http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/a/1/kjfar.php?P=N49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgi938945SCDSFGHJSASTYTERSZ%20sdERWAEETRabE%20RHTUTYDDNTMEW74342hdfjsixaAI6cEL2k0fCo2dHX4fTgN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgiBOaoweue5_jfncn_Product-UserID&email=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.45.66.145 , United States, ASN4196 (WELLSFARGO-4196, US),
Reverse DNS
Software
/
Resource Hash
d7c059e94b914ac615951283337117c36f9d4e86dfb2c2d97134fe00155419f2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.wellsfargo.com
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Fri, 02 Sep 2022 02:20:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 22 Jul 2022 08:46:22 GMT
X-Frame-Options
SAMEORIGIN
ETag
W/"62da63de-ce4c"
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Content-Type
text/css
Cache-Control
max-age=1800
Transfer-Encoding
chunked
Content-Security-Policy
frame-ancestors 'self' *.wellsfargo.com
Connection
keep-alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Expires
Fri, 02 Sep 2022 02:50:26 GMT
homepage-horz-logo.svg
www01.wellsfargomedia.com/assets/images/css/template/homepage/
5 KB
2 KB
Image
General
Full URL
https://www01.wellsfargomedia.com/assets/images/css/template/homepage/homepage-horz-logo.svg
Requested by
Host: 8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no
URL: http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/a/1/kjfar.php?P=N49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgi938945SCDSFGHJSASTYTERSZ%20sdERWAEETRabE%20RHTUTYDDNTMEW74342hdfjsixaAI6cEL2k0fCo2dHX4fTgN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgiBOaoweue5_jfncn_Product-UserID&email=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.2.195.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-2-195-4.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
780b98a3861aa8d4afe428953ad3b9e988a74cd5f064b4a1eb453f5d901221e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

unused62
8096267
strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
br
x-content-type-options
nosniff
content-length
1977
x-xss-protection
1; mode=block
last-modified
Mon, 24 May 2021 14:15:37 GMT
server
Akamai Resource Optimizer
x-frame-options
SAMEORIGIN
date
Fri, 02 Sep 2022 02:20:26 GMT
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=15381052
etag
"15b8-5895bfcbfa2c0"
accept-ranges
bytes
expires
Mon, 27 Feb 2023 02:51:18 GMT
homepage-lock.svg
www01.wellsfargomedia.com/assets/images/css/template/homepage/
2 KB
975 B
Image
General
Full URL
https://www01.wellsfargomedia.com/assets/images/css/template/homepage/homepage-lock.svg
Requested by
Host: 8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no
URL: http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/a/1/kjfar.php?P=N49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgi938945SCDSFGHJSASTYTERSZ%20sdERWAEETRabE%20RHTUTYDDNTMEW74342hdfjsixaAI6cEL2k0fCo2dHX4fTgN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgiBOaoweue5_jfncn_Product-UserID&email=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.2.195.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-2-195-4.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
7bfab3d904c5effc47fe1577c20615a1efcf84f2a6e1b8e5ccaa501ac657fcab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
br
x-content-type-options
nosniff
last-modified
Tue, 27 Apr 2021 19:13:56 GMT
server
Akamai Resource Optimizer
etag
"6f8-554880386bac0"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=15381053
date
Fri, 02 Sep 2022 02:20:26 GMT
accept-ranges
bytes
vary
Accept-Encoding
content-length
668
x-xss-protection
1; mode=block
expires
Mon, 27 Feb 2023 02:51:19 GMT
homepage-signon-lock.svg
www.wellsfargo.com/assets/images/css/template/homepage/
4 KB
4 KB
Image
General
Full URL
https://www.wellsfargo.com/assets/images/css/template/homepage/homepage-signon-lock.svg
Requested by
Host: 8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no
URL: http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/a/1/kjfar.php?P=N49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgi938945SCDSFGHJSASTYTERSZ%20sdERWAEETRabE%20RHTUTYDDNTMEW74342hdfjsixaAI6cEL2k0fCo2dHX4fTgN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgiBOaoweue5_jfncn_Product-UserID&email=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.45.66.145 , United States, ASN4196 (WELLSFARGO-4196, US),
Reverse DNS
Software
/
Resource Hash
ea4b20ddecd76a86c3dc31d488970cf15e6284756c271b1d983f597652ebeb61
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.wellsfargo.com
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Fri, 02 Sep 2022 02:20:26 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 08 Mar 2019 00:50:27 GMT
X-Frame-Options
SAMEORIGIN
ETag
"5c81bc53-f91"
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Content-Type
image/svg+xml
Cache-Control
max-age=15552000
Content-Security-Policy
frame-ancestors 'self' *.wellsfargo.com
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3985
X-XSS-Protection
1; mode=block
Expires
Wed, 01 Mar 2023 02:20:26 GMT
wfi000_lg_b-wf-stagecoach_rednoborder_1200x532.gif
www01.wellsfargomedia.com/assets/images/contextual/banner/enterprise/1200x532/
27 KB
27 KB
Image
General
Full URL
https://www01.wellsfargomedia.com/assets/images/contextual/banner/enterprise/1200x532/wfi000_lg_b-wf-stagecoach_rednoborder_1200x532.gif
Requested by
Host: 8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no
URL: http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/a/1/kjfar.php?P=N49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgi938945SCDSFGHJSASTYTERSZ%20sdERWAEETRabE%20RHTUTYDDNTMEW74342hdfjsixaAI6cEL2k0fCo2dHX4fTgN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgiBOaoweue5_jfncn_Product-UserID&email=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.2.195.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-2-195-4.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
d03c66ceca785a35e0576fe778a325d183ce317c482faf48f06d371688fd75f0

Request headers

accept-language
no-NO,no;q=0.9
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 02:20:26 GMT
last-modified
Sat, 16 Jul 2022 02:29:02 GMT
server
Akamai Image Manager
etag
"5d04f2a0-73a4"
content-type
image/gif
cache-control
private, no-transform, max-age=15552000
content-length
27216
expires
Wed, 01 Mar 2023 02:20:26 GMT
task_icon_house_50x50.png
www01.wellsfargomedia.com/assets/images/contextual/banner/checking/50x50/
1002 B
1 KB
Image
General
Full URL
https://www01.wellsfargomedia.com/assets/images/contextual/banner/checking/50x50/task_icon_house_50x50.png
Requested by
Host: 8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no
URL: http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/a/1/kjfar.php?P=N49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgi938945SCDSFGHJSASTYTERSZ%20sdERWAEETRabE%20RHTUTYDDNTMEW74342hdfjsixaAI6cEL2k0fCo2dHX4fTgN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgiBOaoweue5_jfncn_Product-UserID&email=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.2.195.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-2-195-4.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
41ace13f2da513c687155c0bc5aeeb5b465a55c90077624895acd8239ae8260b

Request headers

accept-language
no-NO,no;q=0.9
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 02:20:26 GMT
last-modified
Thu, 26 Aug 2021 01:32:31 GMT
server
Akamai Image Manager
etag
"745-5a9edb120b8c5"
content-type
image/png
cache-control
private, no-transform, max-age=15552000
content-length
1002
expires
Wed, 01 Mar 2023 02:20:26 GMT
task_icon_credit-card_50x50.png
www01.wellsfargomedia.com/assets/images/contextual/banner/credit-card/50x50/
815 B
1 KB
Image
General
Full URL
https://www01.wellsfargomedia.com/assets/images/contextual/banner/credit-card/50x50/task_icon_credit-card_50x50.png
Requested by
Host: 8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no
URL: http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/a/1/kjfar.php?P=N49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgi938945SCDSFGHJSASTYTERSZ%20sdERWAEETRabE%20RHTUTYDDNTMEW74342hdfjsixaAI6cEL2k0fCo2dHX4fTgN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgiBOaoweue5_jfncn_Product-UserID&email=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.2.195.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-2-195-4.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
76398f8fc34ee6f4c41af5f7d73cb3ba4ac57d958247134fc2749552a99659c9

Request headers

accept-language
no-NO,no;q=0.9
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 02:20:26 GMT
x-check-cacheable
YES
x-serial
2020
etag
"6d2-5a9edb120b8c5"
content-type
image/png
cache-control
private, no-transform, max-age=15552000
last-modified
Thu, 26 Aug 2021 01:32:29 GMT
content-length
815
server
Akamai Image Manager
expires
Wed, 01 Mar 2023 02:20:26 GMT
task_icon_laptop-50x50.png
www01.wellsfargomedia.com/assets/images/contextual/banner/student-loans/50x50/
540 B
772 B
Image
General
Full URL
https://www01.wellsfargomedia.com/assets/images/contextual/banner/student-loans/50x50/task_icon_laptop-50x50.png
Requested by
Host: 8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no
URL: http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/a/1/kjfar.php?P=N49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgi938945SCDSFGHJSASTYTERSZ%20sdERWAEETRabE%20RHTUTYDDNTMEW74342hdfjsixaAI6cEL2k0fCo2dHX4fTgN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgiBOaoweue5_jfncn_Product-UserID&email=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.2.195.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-2-195-4.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
ae6dd562558a0d6e692c910de53486132faa5c6ae81d0e85d67ba7f26b789a7f

Request headers

accept-language
no-NO,no;q=0.9
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

unused62
8096267
date
Fri, 02 Sep 2022 02:20:26 GMT
x-check-cacheable
YES
x-serial
93
etag
"31a-5a9edb120b4dd"
content-type
image/png
cache-control
private, no-transform, max-age=15552000
last-modified
Thu, 26 Aug 2021 01:38:17 GMT
content-length
540
server
Akamai Image Manager
expires
Wed, 01 Mar 2023 02:20:26 GMT
task-icon-rates-50x50.png
www01.wellsfargomedia.com/assets/images/homepage/
1 KB
2 KB
Image
General
Full URL
https://www01.wellsfargomedia.com/assets/images/homepage/task-icon-rates-50x50.png
Requested by
Host: 8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no
URL: http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/a/1/kjfar.php?P=N49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgi938945SCDSFGHJSASTYTERSZ%20sdERWAEETRabE%20RHTUTYDDNTMEW74342hdfjsixaAI6cEL2k0fCo2dHX4fTgN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgiBOaoweue5_jfncn_Product-UserID&email=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.2.195.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-2-195-4.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
7926323a712a1fa861283bbdbde6f6df758e3a39c418fe1459f2b5dbe18102be

Request headers

accept-language
no-NO,no;q=0.9
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

unused62
8096267
date
Fri, 02 Sep 2022 02:20:26 GMT
last-modified
Thu, 26 Aug 2021 01:49:46 GMT
server
Akamai Image Manager
etag
"a0a-5838a9bd97ac0"
content-type
image/png
cache-control
private, no-transform, max-age=15552000
content-length
1408
expires
Wed, 01 Mar 2023 02:20:26 GMT
FICO-phone-borrowing-and-credit-970x485.jpg
www01.wellsfargomedia.com/assets/images/photography/lifestyle/970x485/
35 KB
35 KB
Image
General
Full URL
https://www01.wellsfargomedia.com/assets/images/photography/lifestyle/970x485/FICO-phone-borrowing-and-credit-970x485.jpg
Requested by
Host: 8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no
URL: http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/a/1/kjfar.php?P=N49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgi938945SCDSFGHJSASTYTERSZ%20sdERWAEETRabE%20RHTUTYDDNTMEW74342hdfjsixaAI6cEL2k0fCo2dHX4fTgN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgiBOaoweue5_jfncn_Product-UserID&email=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.2.195.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-2-195-4.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
e9ecf74092e5fe396ce9fe40ea17070242ed95e6c0b09d595dd4254d8afcabaa

Request headers

accept-language
no-NO,no;q=0.9
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 02:20:26 GMT
last-modified
Thu, 26 Aug 2021 01:34:57 GMT
server
Akamai Image Manager
etag
"8a28-5838a9bd97ac0"
content-type
image/jpeg
cache-control
private, no-transform, max-age=15552000
content-length
35368
expires
Wed, 01 Mar 2023 02:20:26 GMT
home_sprite_image.png
www01.wellsfargomedia.com/assets/images/css/template/homepage/
11 KB
11 KB
Image
General
Full URL
https://www01.wellsfargomedia.com/assets/images/css/template/homepage/home_sprite_image.png
Requested by
Host: 8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no
URL: http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/a/1/kjfar.php?P=N49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgi938945SCDSFGHJSASTYTERSZ%20sdERWAEETRabE%20RHTUTYDDNTMEW74342hdfjsixaAI6cEL2k0fCo2dHX4fTgN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgiBOaoweue5_jfncn_Product-UserID&email=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.2.195.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-2-195-4.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
bad076c316b96cc04b2df0418f986f332e01ff6016eab56fa116a4ef4c9ca594

Request headers

accept-language
no-NO,no;q=0.9
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 02:20:26 GMT
x-check-cacheable
YES
x-serial
1247
etag
"5f497e89-2bdd"
content-type
image/png
cache-control
private, no-transform, max-age=15552000
last-modified
Wed, 15 Dec 2021 02:04:14 GMT
content-length
11229
server
Akamai Image Manager
expires
Wed, 01 Mar 2023 02:20:26 GMT
paying-phone-beach-banking-made-easy-970x485.jpg
www01.wellsfargomedia.com/assets/images/photography/lifestyle/970x485/
33 KB
33 KB
Image
General
Full URL
https://www01.wellsfargomedia.com/assets/images/photography/lifestyle/970x485/paying-phone-beach-banking-made-easy-970x485.jpg
Requested by
Host: 8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no
URL: http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/a/1/kjfar.php?P=N49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgi938945SCDSFGHJSASTYTERSZ%20sdERWAEETRabE%20RHTUTYDDNTMEW74342hdfjsixaAI6cEL2k0fCo2dHX4fTgN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgiBOaoweue5_jfncn_Product-UserID&email=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.2.195.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-2-195-4.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
7b1acbecc92198d28a194bab0fa46dd84878d9cb78f3e2bbbd4ba771ef168ebd

Request headers

accept-language
no-NO,no;q=0.9
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 02:20:26 GMT
x-check-cacheable
YES
x-serial
1401
etag
"5c81bc53-8326"
content-type
image/jpeg
cache-control
private, no-transform, max-age=15552000
last-modified
Thu, 02 Dec 2021 11:54:19 GMT
content-length
33574
server
Akamai Image Manager
expires
Wed, 01 Mar 2023 02:20:26 GMT
couple-beach-retirement-970x485.jpg
www01.wellsfargomedia.com/assets/images/photography/lifestyle/970x485/
31 KB
31 KB
Image
General
Full URL
https://www01.wellsfargomedia.com/assets/images/photography/lifestyle/970x485/couple-beach-retirement-970x485.jpg
Requested by
Host: 8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no
URL: http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/a/1/kjfar.php?P=N49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgi938945SCDSFGHJSASTYTERSZ%20sdERWAEETRabE%20RHTUTYDDNTMEW74342hdfjsixaAI6cEL2k0fCo2dHX4fTgN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgiBOaoweue5_jfncn_Product-UserID&email=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.2.195.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-2-195-4.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
f5222890bf5fab537c855a4b7a97289613cab75945f43eaa7949862d8c92b4cf

Request headers

accept-language
no-NO,no;q=0.9
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

unused62
8096267
date
Fri, 02 Sep 2022 02:20:26 GMT
x-check-cacheable
YES
x-serial
1372
etag
"8275-5838a9bd97ac0"
content-type
image/jpeg
cache-control
private, no-transform, max-age=15552000
last-modified
Thu, 26 Aug 2021 01:44:55 GMT
content-length
31944
server
Akamai Image Manager
expires
Wed, 01 Mar 2023 02:20:26 GMT
couple-moving-in-homelending-970x485.jpg
www01.wellsfargomedia.com/assets/images/photography/lifestyle/970x485/
34 KB
34 KB
Image
General
Full URL
https://www01.wellsfargomedia.com/assets/images/photography/lifestyle/970x485/couple-moving-in-homelending-970x485.jpg
Requested by
Host: 8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no
URL: http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/a/1/kjfar.php?P=N49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgi938945SCDSFGHJSASTYTERSZ%20sdERWAEETRabE%20RHTUTYDDNTMEW74342hdfjsixaAI6cEL2k0fCo2dHX4fTgN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgiBOaoweue5_jfncn_Product-UserID&email=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.2.195.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-2-195-4.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
d6fdad356ecabcdcfb77a0486b3e240f450369e0304739e55c71a112d5f3d2df

Request headers

accept-language
no-NO,no;q=0.9
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 02:20:26 GMT
x-check-cacheable
YES
x-serial
1611
etag
"875e-5838a9bd97ac0"
content-type
image/jpeg
cache-control
private, no-transform, max-age=15552000
last-modified
Thu, 26 Aug 2021 01:46:17 GMT
content-length
34654
server
Akamai Image Manager
expires
Wed, 01 Mar 2023 02:20:26 GMT
student-graduation-going-to-college-970x485.jpg
www01.wellsfargomedia.com/assets/images/photography/lifestyle/970x485/
34 KB
35 KB
Image
General
Full URL
https://www01.wellsfargomedia.com/assets/images/photography/lifestyle/970x485/student-graduation-going-to-college-970x485.jpg
Requested by
Host: 8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no
URL: http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/a/1/kjfar.php?P=N49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgi938945SCDSFGHJSASTYTERSZ%20sdERWAEETRabE%20RHTUTYDDNTMEW74342hdfjsixaAI6cEL2k0fCo2dHX4fTgN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgiBOaoweue5_jfncn_Product-UserID&email=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.2.195.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-2-195-4.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
cfd4c24ae595a860f108f4de55ce9a1744bad06d612d508c4d0bf39901b9862c

Request headers

accept-language
no-NO,no;q=0.9
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 02:20:26 GMT
x-check-cacheable
YES
x-serial
974
etag
"891b-5838a9bd97ac0"
content-type
image/jpeg
cache-control
private, no-transform, max-age=15552000
last-modified
Thu, 26 Aug 2021 01:46:15 GMT
content-length
35099
server
Akamai Image Manager
expires
Wed, 01 Mar 2023 02:20:26 GMT
woman-tablet-investing-basics-970x485.jpg
www01.wellsfargomedia.com/assets/images/photography/lifestyle/970x485/
32 KB
32 KB
Image
General
Full URL
https://www01.wellsfargomedia.com/assets/images/photography/lifestyle/970x485/woman-tablet-investing-basics-970x485.jpg
Requested by
Host: 8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no
URL: http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/a/1/kjfar.php?P=N49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgi938945SCDSFGHJSASTYTERSZ%20sdERWAEETRabE%20RHTUTYDDNTMEW74342hdfjsixaAI6cEL2k0fCo2dHX4fTgN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgiBOaoweue5_jfncn_Product-UserID&email=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.2.195.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-2-195-4.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
982003c4cecd7caa0d1b5b8ceb4ee3d9a49263cb37fe56ccf4d5113868fe6741

Request headers

accept-language
no-NO,no;q=0.9
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

unused62
8096267
date
Fri, 02 Sep 2022 02:20:26 GMT
x-check-cacheable
YES
x-serial
1798
etag
"7fe5-5838a9bd97ac0"
content-type
image/jpeg
cache-control
private, no-transform, max-age=15552000
last-modified
Thu, 26 Aug 2021 01:32:48 GMT
content-length
32741
server
Akamai Image Manager
expires
Wed, 01 Mar 2023 02:20:26 GMT
wfic693_ph_b-jk_1027_3356_304x194.jpg
www01.wellsfargomedia.com/assets/images/homepage/
11 KB
11 KB
Image
General
Full URL
https://www01.wellsfargomedia.com/assets/images/homepage/wfic693_ph_b-jk_1027_3356_304x194.jpg
Requested by
Host: 8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no
URL: http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/a/1/kjfar.php?P=N49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgi938945SCDSFGHJSASTYTERSZ%20sdERWAEETRabE%20RHTUTYDDNTMEW74342hdfjsixaAI6cEL2k0fCo2dHX4fTgN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgiBOaoweue5_jfncn_Product-UserID&email=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.2.195.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-2-195-4.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
81c26be055b396974619967deefc7e5798ce65f07ea0d2a184ef2438ee5c37d4

Request headers

accept-language
no-NO,no;q=0.9
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 02:20:26 GMT
x-check-cacheable
YES
x-serial
1337
etag
"9ba7-5aceb06e0b615"
content-type
image/jpeg
cache-control
private, no-transform, max-age=15552000
last-modified
Thu, 26 Aug 2021 01:32:21 GMT
content-length
11393
server
Akamai Image Manager
expires
Wed, 01 Mar 2023 02:20:26 GMT
login-userprefs.min.js
connect.secure.wellsfargo.com/auth/static/prefs/
264 KB
148 KB
Script
General
Full URL
https://connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
Requested by
Host: 8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no
URL: http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/a/1/kjfar.php?P=N49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgi938945SCDSFGHJSASTYTERSZ%20sdERWAEETRabE%20RHTUTYDDNTMEW74342hdfjsixaAI6cEL2k0fCo2dHX4fTgN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgiBOaoweue5_jfncn_Product-UserID&email=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.45.66.156 , United States, ASN4196 (WELLSFARGO-4196, US),
Reverse DNS
Software
KONICHIWA/1.1 /
Resource Hash
a9304a0a2a197ea99df11195c7661157044f9846e2863a4e4fc0663776700747
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Fri, 02 Sep 2022 02:20:27 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST
Connection
keep-alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Allow
GET, POST, OPTIONS
Last-Modified
Wed, 24 Aug 2022 01:39:13 GMT
Server
KONICHIWA/1.1
X-Frame-Options
SAMEORIGIN
ETag
W/"63058141-172f"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Content-Type
application/javascript; charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Content-Security-Policy
default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Expires
0
jquery.min.js
www.wellsfargo.com/js/vendor/
95 KB
33 KB
Script
General
Full URL
https://www.wellsfargo.com/js/vendor/jquery.min.js
Requested by
Host: 8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no
URL: http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/a/1/kjfar.php?P=N49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgi938945SCDSFGHJSASTYTERSZ%20sdERWAEETRabE%20RHTUTYDDNTMEW74342hdfjsixaAI6cEL2k0fCo2dHX4fTgN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgiBOaoweue5_jfncn_Product-UserID&email=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.45.66.145 , United States, ASN4196 (WELLSFARGO-4196, US),
Reverse DNS
Software
/
Resource Hash
3c536cede8c67b4bda531f82b77f3678e52026398492010245d3870c87a1623e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.wellsfargo.com
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Fri, 02 Sep 2022 02:20:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 22 Jul 2022 08:46:20 GMT
X-Frame-Options
SAMEORIGIN
ETag
W/"62da63dc-17d5c"
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1800
Transfer-Encoding
chunked
Content-Security-Policy
frame-ancestors 'self' *.wellsfargo.com
Connection
keep-alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Expires
Fri, 02 Sep 2022 02:50:26 GMT
homepage_per.js
www.wellsfargo.com/js/global/
77 KB
21 KB
Script
General
Full URL
https://www.wellsfargo.com/js/global/homepage_per.js
Requested by
Host: 8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no
URL: http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/a/1/kjfar.php?P=N49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgi938945SCDSFGHJSASTYTERSZ%20sdERWAEETRabE%20RHTUTYDDNTMEW74342hdfjsixaAI6cEL2k0fCo2dHX4fTgN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgiBOaoweue5_jfncn_Product-UserID&email=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.45.66.145 , United States, ASN4196 (WELLSFARGO-4196, US),
Reverse DNS
Software
/
Resource Hash
7cf613ae2a54653f340d959397825ff3bc818f37f8757f7f10167f648e4a3060
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.wellsfargo.com
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Fri, 02 Sep 2022 02:20:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 22 Jul 2022 08:46:28 GMT
X-Frame-Options
SAMEORIGIN
ETag
W/"62da63e4-133d8"
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1800
Transfer-Encoding
chunked
Content-Security-Policy
frame-ancestors 'self' *.wellsfargo.com
Connection
keep-alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Expires
Fri, 02 Sep 2022 02:50:26 GMT
offers
8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/target/
808 B
996 B
XHR
General
Full URL
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/target/offers?contentIdList=WF_CON_HP_PRIMARY_BNR_1&pageID=per_home&language=en
Requested by
Host: www.wellsfargo.com
URL: https://www.wellsfargo.com/js/global/homepage_iaoffer.js
Protocol
HTTP/1.1
Server
67.23.254.254 Orlando, United States, ASN33182 (DIMENOC, US),
Reverse DNS
reseller-223.mco2.hostdime.com
Software
Apache /
Resource Hash
8e33419228d18b065817e0f34dfed2202cc29ca4401d434b0a442d0829633890

Request headers

accept-language
no-NO,no;q=0.9
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/a/1/kjfar.php?P=N49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgi938945SCDSFGHJSASTYTERSZ%20sdERWAEETRabE%20RHTUTYDDNTMEW74342hdfjsixaAI6cEL2k0fCo2dHX4fTgN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgiBOaoweue5_jfncn_Product-UserID&email=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Fri, 02 Sep 2022 02:20:26 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
808
Content-Type
text/html; charset=UTF-8
homepage-magnifying-glass.png
www01.wellsfargomedia.com/assets/images/css/template/homepage/
292 B
520 B
Image
General
Full URL
https://www01.wellsfargomedia.com/assets/images/css/template/homepage/homepage-magnifying-glass.png
Requested by
Host: www.wellsfargo.com
URL: https://www.wellsfargo.com/css/home/homepage_ret.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.2.195.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-2-195-4.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
33b92421ed8061f976e181bdcc26c325efe73e6b1abd8755b5d85b16c7fe50ea

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://www.wellsfargo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

unused62
8096267
date
Fri, 02 Sep 2022 02:20:26 GMT
x-check-cacheable
YES
x-serial
1349
etag
"59c2114b-12e"
content-type
image/png
cache-control
private, no-transform, max-age=15552000
last-modified
Tue, 26 Oct 2021 06:55:53 GMT
content-length
292
server
Akamai Image Manager
expires
Wed, 01 Mar 2023 02:20:26 GMT
alert-icon.svg
www01.wellsfargomedia.com/assets/images/css/template/homepage/
2 KB
1 KB
Image
General
Full URL
https://www01.wellsfargomedia.com/assets/images/css/template/homepage/alert-icon.svg
Requested by
Host: www.wellsfargo.com
URL: https://www.wellsfargo.com/css/home/homepage_ret.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.2.195.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-2-195-4.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
649dcf3e5665f599b97ab67a10b75f7f1246378806c243c22a6a4130aa12e622
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://www.wellsfargo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 18 Aug 2022 09:04:50 GMT
server
Akamai Resource Optimizer
etag
"5ebe9271-731"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=15541430
date
Fri, 02 Sep 2022 02:20:26 GMT
accept-ranges
bytes
vary
Accept-Encoding
content-length
736
x-xss-protection
1; mode=block
expires
Tue, 28 Feb 2023 23:24:16 GMT
chevron-right-blue.png
www01.wellsfargomedia.com/assets/images/css/template/
169 B
372 B
Image
General
Full URL
https://www01.wellsfargomedia.com/assets/images/css/template/chevron-right-blue.png
Requested by
Host: www.wellsfargo.com
URL: https://www.wellsfargo.com/css/home/homepage_ret.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.2.195.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-2-195-4.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
3e72471278601589c8718b1a74e9d45144e597ed2cdeafd3274ff95a9c93c6e7

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://www.wellsfargo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

unused62
8096267
date
Fri, 02 Sep 2022 02:20:26 GMT
last-modified
Thu, 26 Aug 2021 01:36:39 GMT
server
Akamai Image Manager
etag
"3fc-4dd7c48542580"
content-type
image/png
cache-control
private, no-transform, max-age=15552000
content-length
169
expires
Wed, 01 Mar 2023 02:20:26 GMT
wellsfargosans-rg.woff2
www01.wellsfargomedia.com/assets/fonts/
22 KB
22 KB
Font
General
Full URL
https://www01.wellsfargomedia.com/assets/fonts/wellsfargosans-rg.woff2
Requested by
Host: www.wellsfargo.com
URL: https://www.wellsfargo.com/css/home/homepage_ret.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.2.195.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-2-195-4.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
631f3b6267a831a8d67c45e480b5d5a2601f10ff8708bcf3a45a41b377a129cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.wellsfargo.com/
Origin
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
x-content-type-options
nosniff
last-modified
Fri, 03 Sep 2021 13:01:20 GMT
etag
"61321ca0-5798"
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=10119080
date
Fri, 02 Sep 2022 02:20:26 GMT
accept-ranges
bytes
content-length
22424
x-xss-protection
1; mode=block
expires
Wed, 28 Dec 2022 05:11:46 GMT
icn-uti-checkbox.svg
www01.wellsfargomedia.com/assets/images/css/template/homepage/
728 B
643 B
Image
General
Full URL
https://www01.wellsfargomedia.com/assets/images/css/template/homepage/icn-uti-checkbox.svg
Requested by
Host: www.wellsfargo.com
URL: https://www.wellsfargo.com/css/home/homepage_ret.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.2.195.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-2-195-4.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
d6f9a6d48f3d43b2f7004bb3f1bea032abe36c545087c45907bf36f6d1949bc6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://www.wellsfargo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
br
x-content-type-options
nosniff
last-modified
Sun, 28 Aug 2022 05:12:06 GMT
server
Akamai Resource Optimizer
etag
"5c81bc53-2d8"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=15541430
date
Fri, 02 Sep 2022 02:20:26 GMT
accept-ranges
bytes
vary
Accept-Encoding
content-length
340
x-xss-protection
1; mode=block
expires
Tue, 28 Feb 2023 23:24:16 GMT
atadun.js
connect.secure.wellsfargo.com/auth/static/prefs/
1 KB
1 KB
Script
General
Full URL
https://connect.secure.wellsfargo.com/auth/static/prefs/atadun.js
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.45.66.156 , United States, ASN4196 (WELLSFARGO-4196, US),
Reverse DNS
Software
KONICHIWA/1.1 /
Resource Hash
43dd833f33570535401d009e6b6f9cde54bdac4e210fc6c89cfdcfcbaa9fc903
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Fri, 02 Sep 2022 02:20:28 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST
Connection
keep-alive
X-XSS-Protection
1; mode=block
Allow
GET, POST, OPTIONS
Last-Modified
Wed, 24 Aug 2022 01:39:12 GMT
Server
KONICHIWA/1.1
X-Frame-Options
SAMEORIGIN
ETag
W/"63058140-4a0"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1800
Content-Security-Policy
default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
glu.js
connect.secure.wellsfargo.com/AIDO/
65 KB
30 KB
Script
General
Full URL
https://connect.secure.wellsfargo.com/AIDO/glu.js
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.45.66.156 , United States, ASN4196 (WELLSFARGO-4196, US),
Reverse DNS
Software
KONICHIWA/1.1 /
Resource Hash
ec6343cf635afa21759e508cd2d388939035aad58ed76e2f25db0722f5d44299
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Fri, 02 Sep 2022 02:20:28 GMT
Content-Encoding
gzip
PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Transfer-Encoding
chunked
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Access-Control-Allow-Methods
GET, OPTIONS
Connection
keep-alive
X-XSS-Protection
1; mode=block
Server
KONICHIWA/1.1
Pragma
no-cache
max-age
0
Vary
Origin
Strict-Transport-Security
max-age=86400
Content-Type
application/x-javascript
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Expires
-1
mint.js
connect.secure.wellsfargo.com/AIDO/
Redirect Chain
  • http://connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.9828192847642401
  • https://connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.9828192847642401
81 KB
31 KB
Script
General
Full URL
https://connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.9828192847642401
Requested by
Host: 8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no
URL: http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/a/1/kjfar.php?P=N49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgi938945SCDSFGHJSASTYTERSZ%20sdERWAEETRabE%20RHTUTYDDNTMEW74342hdfjsixaAI6cEL2k0fCo2dHX4fTgN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgiBOaoweue5_jfncn_Product-UserID&email=
Protocol
HTTP/1.1
Server
159.45.66.156 , United States, ASN4196 (WELLSFARGO-4196, US),
Reverse DNS
Software
KONICHIWA/1.1 /
Resource Hash
bba812edb81013a25bbdca7801e892f85b38580456227b4c1878b5bd0f8aee6b
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 02 Sep 2022 02:20:28 GMT
Content-Encoding
gzip
Server
KONICHIWA/1.1
max-age
0
Strict-Transport-Security
max-age=86400
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Expires
-1
Cache-Control
no-cache, no-store, must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/x-javascript
X-XSS-Protection
1; mode=block
PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))

Redirect headers

Location
https://connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.9828192847642401
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
pic.js
connect.secure.wellsfargo.com/PIDO/
Redirect Chain
  • http://connect.secure.wellsfargo.com/PIDO/pic.js?r=0.006584708312144638
  • https://connect.secure.wellsfargo.com/PIDO/pic.js?r=0.006584708312144638
73 KB
33 KB
Script
General
Full URL
https://connect.secure.wellsfargo.com/PIDO/pic.js?r=0.006584708312144638
Requested by
Host: 8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no
URL: http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/a/1/kjfar.php?P=N49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgi938945SCDSFGHJSASTYTERSZ%20sdERWAEETRabE%20RHTUTYDDNTMEW74342hdfjsixaAI6cEL2k0fCo2dHX4fTgN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgiBOaoweue5_jfncn_Product-UserID&email=
Protocol
HTTP/1.1
Server
159.45.66.156 , United States, ASN4196 (WELLSFARGO-4196, US),
Reverse DNS
Software
KONICHIWA/1.1 /
Resource Hash
bac7d14e724e890def62967d796be6d0f77e6c144cb304e2e69d3ed1fc66cf0d
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 02 Sep 2022 02:20:28 GMT
Content-Encoding
gzip
Server
KONICHIWA/1.1
max-age
0
Strict-Transport-Security
max-age=86400
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Expires
-1
Cache-Control
no-cache, no-store, must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/x-javascript
X-XSS-Protection
1; mode=block
PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))

Redirect headers

Location
https://connect.secure.wellsfargo.com/PIDO/pic.js?r=0.006584708312144638
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
utag.js
static.wellsfargo.com/tracking/toppages/
213 KB
56 KB
Script
General
Full URL
https://static.wellsfargo.com/tracking/toppages/utag.js
Requested by
Host: 8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no
URL: http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/a/1/kjfar.php?P=N49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgi938945SCDSFGHJSASTYTERSZ%20sdERWAEETRabE%20RHTUTYDDNTMEW74342hdfjsixaAI6cEL2k0fCo2dHX4fTgN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgiBOaoweue5_jfncn_Product-UserID&email=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.45.2.178 , United States, ASN10837 (WELLSFARGO-10837, US),
Reverse DNS
Software
/
Resource Hash
239e29799eeeff643c07466d40772fc803f95137942aa6517b145d6d862217b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Fri, 02 Sep 2022 02:20:28 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 09 Feb 2022 01:06:32 GMT
X-Frame-Options
SAMEORIGIN
ETag
W/"62031398-353cc"
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1800
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
s.gif
8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/assets/images/global/
808 B
808 B
Image
General
Full URL
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/assets/images/global/s.gif?log=1&cb=1662085226606&jsLogging=iaCallLog
Requested by
Host: 8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no
URL: http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/a/1/kjfar.php?P=N49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgi938945SCDSFGHJSASTYTERSZ%20sdERWAEETRabE%20RHTUTYDDNTMEW74342hdfjsixaAI6cEL2k0fCo2dHX4fTgN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgiBOaoweue5_jfncn_Product-UserID&email=
Protocol
HTTP/1.1
Server
67.23.254.254 Orlando, United States, ASN33182 (DIMENOC, US),
Reverse DNS
reseller-223.mco2.hostdime.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/a/1/kjfar.php?P=N49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgi938945SCDSFGHJSASTYTERSZ%20sdERWAEETRabE%20RHTUTYDDNTMEW74342hdfjsixaAI6cEL2k0fCo2dHX4fTgN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgiBOaoweue5_jfncn_Product-UserID&email=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Fri, 02 Sep 2022 02:20:28 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
s.gif
8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/assets/images/global/
808 B
1 KB
XHR
General
Full URL
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/assets/images/global/s.gif?Log=1&Program=EventReporting&Event=IADefaultOffer&pageID=per_home&EventDesc=DisplayCMSDefaultOffer&offerType=cmsDefault&cb=1662085228112
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
Protocol
HTTP/1.1
Server
67.23.254.254 Orlando, United States, ASN33182 (DIMENOC, US),
Reverse DNS
reseller-223.mco2.hostdime.com
Software
Apache /
Resource Hash
8e33419228d18b065817e0f34dfed2202cc29ca4401d434b0a442d0829633890

Request headers

Accept
*/*
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/a/1/kjfar.php?P=N49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgi938945SCDSFGHJSASTYTERSZ%20sdERWAEETRabE%20RHTUTYDDNTMEW74342hdfjsixaAI6cEL2k0fCo2dHX4fTgN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgiBOaoweue5_jfncn_Product-UserID&email=
X-Requested-With
XMLHttpRequest
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Upgrade
h2,h2c
Date
Fri, 02 Sep 2022 02:20:28 GMT
Server
Apache
Connection
Upgrade, Keep-Alive
Keep-Alive
timeout=5, max=100
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
icon-marquee-dot-active.svg
www01.wellsfargomedia.com/assets/images/css/template/homepage/
578 B
602 B
Image
General
Full URL
https://www01.wellsfargomedia.com/assets/images/css/template/homepage/icon-marquee-dot-active.svg
Requested by
Host: www.wellsfargo.com
URL: https://www.wellsfargo.com/css/home/homepage_ret.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.2.195.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-2-195-4.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
004590468c4ed29e2b9ac5192217c685059d0d623e4398c49cdb4a0b5a386831
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://www.wellsfargo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 31 Aug 2022 08:48:28 GMT
server
Akamai Resource Optimizer
etag
"5c81bc53-242"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=15541430
date
Fri, 02 Sep 2022 02:20:28 GMT
accept-ranges
bytes
vary
Accept-Encoding
content-length
299
x-xss-protection
1; mode=block
expires
Tue, 28 Feb 2023 23:24:18 GMT
icon-marquee-dot-inactive.svg
www01.wellsfargomedia.com/assets/images/css/template/homepage/
587 B
618 B
Image
General
Full URL
https://www01.wellsfargomedia.com/assets/images/css/template/homepage/icon-marquee-dot-inactive.svg
Requested by
Host: www.wellsfargo.com
URL: https://www.wellsfargo.com/css/home/homepage_ret.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.2.195.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-2-195-4.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
16b5311ddbd849fd1808d3d855f79d9640417d7c65714ffec6f6bb6f17416883
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://www.wellsfargo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

unused62
8096267
strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
br
x-content-type-options
nosniff
content-length
297
x-xss-protection
1; mode=block
last-modified
Fri, 26 Mar 2021 00:24:06 GMT
server
Akamai Resource Optimizer
x-frame-options
SAMEORIGIN
date
Fri, 02 Sep 2022 02:20:28 GMT
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=15541430
etag
"24b-5838a9bd97ac0"
accept-ranges
bytes
expires
Tue, 28 Feb 2023 23:24:18 GMT
truncated
/
89 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23

Request headers

accept-language
no-NO,no;q=0.9
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type
image/png
accounts-cache.js
connect.secure.wellsfargo.com/accounts/static/7M/accounts/short/
1 KB
1 KB
Script
General
Full URL
https://connect.secure.wellsfargo.com/accounts/static/7M/accounts/short/accounts-cache.js
Requested by
Host: www.wellsfargo.com
URL: https://www.wellsfargo.com/js/global/homepage_per.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.45.66.156 , United States, ASN4196 (WELLSFARGO-4196, US),
Reverse DNS
Software
KONICHIWA/1.1 /
Resource Hash
f524345f75bc7c15f2e285e525e04299dc22c27c014abe55c337dbc3a690b82c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Fri, 02 Sep 2022 02:20:29 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 05 Aug 2022 17:13:34 GMT
Server
KONICHIWA/1.1
X-Frame-Options
SAMEORIGIN
ETag
W/"62ed4fbe-497"
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1800
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
s.gif
8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/assets/images/global/
808 B
1015 B
XHR
General
Full URL
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/assets/images/global/s.gif?log=1&pid=222-147047-64&pageUrl=http%3A%2F%2F8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no%2Fa%2F1%2Fkjfar.php%3FP%3DN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgi938945SCDSFGHJSASTYTERSZ%2520sdERWAEETRabE%2520RHTUTYDDNTMEW74342hdfjsixaAI6cEL2k0fCo2dHX4fTgN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgiBOaoweue5_jfncn_Product-UserID%26email%3D&cb=1662085228985&event=PageLoad&eventDescription=DisplayMarqueeCarouselItem&clist=84-146961-16~91-146911-32
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
Protocol
HTTP/1.1
Server
67.23.254.254 Orlando, United States, ASN33182 (DIMENOC, US),
Reverse DNS
reseller-223.mco2.hostdime.com
Software
Apache /
Resource Hash
8e33419228d18b065817e0f34dfed2202cc29ca4401d434b0a442d0829633890

Request headers

Accept
*/*
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/a/1/kjfar.php?P=N49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgi938945SCDSFGHJSASTYTERSZ%20sdERWAEETRabE%20RHTUTYDDNTMEW74342hdfjsixaAI6cEL2k0fCo2dHX4fTgN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgiBOaoweue5_jfncn_Product-UserID&email=
X-Requested-With
XMLHttpRequest
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Fri, 02 Sep 2022 02:20:29 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
s.gif
8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/assets/images/global/
808 B
1 KB
XHR
General
Full URL
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/assets/images/global/s.gif?log=1&pid=222-147047-64&pageUrl=http%3A%2F%2F8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no%2Fa%2F1%2Fkjfar.php%3FP%3DN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgi938945SCDSFGHJSASTYTERSZ%2520sdERWAEETRabE%2520RHTUTYDDNTMEW74342hdfjsixaAI6cEL2k0fCo2dHX4fTgN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgiBOaoweue5_jfncn_Product-UserID%26email%3D&cb=1662085228986&event=PageLoad&eventDescription=DisplayRibbonCarouselItem&clist=84-147031-16~91-146912-32
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
Protocol
HTTP/1.1
Server
67.23.254.254 Orlando, United States, ASN33182 (DIMENOC, US),
Reverse DNS
reseller-223.mco2.hostdime.com
Software
Apache /
Resource Hash
8e33419228d18b065817e0f34dfed2202cc29ca4401d434b0a442d0829633890

Request headers

Accept
*/*
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/a/1/kjfar.php?P=N49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgi938945SCDSFGHJSASTYTERSZ%20sdERWAEETRabE%20RHTUTYDDNTMEW74342hdfjsixaAI6cEL2k0fCo2dHX4fTgN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgiBOaoweue5_jfncn_Product-UserID&email=
X-Requested-With
XMLHttpRequest
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Upgrade
h2,h2c
Date
Fri, 02 Sep 2022 02:20:29 GMT
Server
Apache
Connection
Upgrade, Keep-Alive
Keep-Alive
timeout=5, max=100
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
vyHb
connect.secure.wellsfargo.com/AIDO/
90 B
861 B
Script
General
Full URL
https://connect.secure.wellsfargo.com/AIDO/vyHb?d=ZW5jZEBDUmd2NnY1ZDMxRy9ueSsyVzlheWxWaVFNdG5HU1VlblM4Zm1zOC9aUmZST3JKT0Nhd3R0dFN5MWRYd2tpZ05NQ1dSbEgxRE51Q3RINE1hSDRHT2dyeDdLeGZRQ1YzUDBUYTJHcFdlVzFaNCsrNDZyaitlVEtKM3NqdEdZQXZwL1U0ZFl2dTgrUkZPb05FY3JQVWlUYVpwTEFQcGt1T0FCV0FDSXdYMkMyTDF0TDV1RGdGQTdTNUQxaUtYV1NkU1dITW9KcHVGeTlHd0YwU1crTHhPMW5idGVHL1lHVHhNMHNhWnJBdEN0Q0R1MmhNeGp6b3FYSmJuOUpSU3lubWJMQldVaXJ3b0NtU3VDTWlEQTkrYTQzVnpYZno1Y0ErOGE1UE82dGE4SVI5YzFUTFJBTkV6em5wQlpZTEZXVEtTbDFQcEM1UGlid211bHBLOE1TTGczTGVGUHRSQW4rUzBBaGFLUC9zd2FhYW16dDc0R3NjMDQvS3N2UlNIMk9mV29kNzkxNHBQUnRtUGdQb2VSaFlWdGxTWFdEcFZsRnJLQzZxMk8yNXJFcHgwQURTVVdtZDhERWovTWU2c3JFaEVLZUt6dlE1aDVLQmt1OTlzMzBsNG41QVRtL0JnQlY2YStnSVA2NEwrRC9jTHVPM1Z6RlRzNWhycW1QOUE1RlhrQ0VvNE1zSzBjTXI5QUxGQ2VlWHVQU2JaK3lDdjNvUkpCc3c1Mm9UOUZYcTJGbWt1VUZrbzkySC85T20yMkxhdjFlOSs3WTRvN3lMUjBZZ0s0Kys1SDdnbjhMV2s5dWNBTnVqbHQ3R2ZqWmRuZEoyTUR5K3QzNHhRMU96czBkcjFRfGNlOGVmODlmZWMzZGQ3ZjM5NjI4MmNhYjEyODEyZTQ0YTViZTUwOTMyOTQ3MWVkNjZlNTkyZjI4ZTgyZmUyYWJiNzJkOTQwYWRjOTNiZTg2NzBmZmZhOTIyMTJmMWRjNzc3MjhjYTI5OTQ2NTM5OGQ2ZTU0OGVmMjNkNGVjYmU4NzA3NDk4M2YyMTI3ZWZkNjUyMGUyNjI4NDQyNWExYjRmODQ0MGIxNDdkYjBmNWEwNmY1ZmVlNjk1Y2MzMmY3ZjU0ODU2OTcxM2VkMWMwZDFkMmI2YTkwNjI0OTg1MTVmNDI4MmZmMjM0MjA0YjEyOGM5N2Y4YjFjOWEwNzNkYjY5NjFmZjQzZmE1YTM4OTljMTY0ZmI0MGEwYmNkOWYyNzJiY2RmYTA1ODk0OWM4OWIzMjg4NTE5ZTA0NDMzNGVkZTYyMTZhNDdlMzg4ZjU2MDc2ZGNkNjlmOGU4NTJkNzgyNjYwYTAyNDY0NGU1NzMyMTQzZjUyOTRiNTE5NWQ1ZjA2M2MwZTVhYTRiZmRhMjhiNzA1MWRhZDM2YzQwM2NmNjE5ZTU1NWM4ZGFjMDBhMjIzOWNiZDJlMzU0OTkyYWJiZTI5ZWNjYTQ3ODFiOGM1NjA0YjJiNjJiMDY1ZTcyODFiNGM4NjM5MjU5ZmE0ODYyZDE1YjU3MTYwYmJkMmY1fDAwZWUwYjYyZWNhYWM4OWY%3D&cid=15%2C16&si=2&e=http%3A%2F%2F8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no&t=jsonp&c=lv_ucquzysngckod&eu=http%3A%2F%2F8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no%2Fa%2F1%2Fkjfar.php
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/AIDO/glu.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.45.66.156 , United States, ASN4196 (WELLSFARGO-4196, US),
Reverse DNS
Software
KONICHIWA/1.1 /
Resource Hash
bf237dbb690185287d8b42ba4a0b97fb4c506b310b36d6532c059079ff9e5df1
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 02 Sep 2022 02:20:29 GMT
Server
KONICHIWA/1.1
max-age
0
Vary
Accept-Encoding
Connection
keep-alive
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Expires
-1
Cache-Control
no-cache, no-store, must-revalidate
Strict-Transport-Security
max-age=86400
Content-Type
text/javascript
Content-Length
90
X-XSS-Protection
1; mode=block
PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
6825911_gettyimages-1153899955_img_hph_1200x532.jpg
www01.wellsfargomedia.com/assets/images/homepage/
44 KB
45 KB
Image
General
Full URL
https://www01.wellsfargomedia.com/assets/images/homepage/6825911_gettyimages-1153899955_img_hph_1200x532.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.2.195.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-2-195-4.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
25a7b2470715372a0a94a6537d9bace902f317e038645f4cc867552e42e0162a

Request headers

accept-language
no-NO,no;q=0.9
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

unused62
8096267
date
Fri, 02 Sep 2022 02:20:29 GMT
last-modified
Thu, 26 Aug 2021 01:33:53 GMT
server
Akamai Image Manager
etag
"e10b-5bf55c8330276"
content-type
image/jpeg
cache-control
private, no-transform, max-age=15552000
content-length
45290
expires
Wed, 01 Mar 2023 02:20:29 GMT
wfic765_pg_1200x532.jpg
www01.wellsfargomedia.com/assets/images/homepage/
56 KB
56 KB
Image
General
Full URL
https://www01.wellsfargomedia.com/assets/images/homepage/wfic765_pg_1200x532.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.2.195.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-2-195-4.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
8d065126eb6eef432a47f7597e58dca37cc1667e7a20c97ff59ed73ff6fbf4fb

Request headers

accept-language
no-NO,no;q=0.9
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 02:20:29 GMT
x-check-cacheable
YES
x-serial
806
etag
"edb9-5b5fcbf910579"
content-type
image/jpeg
cache-control
private, no-transform, max-age=15552000
last-modified
Thu, 26 Aug 2021 01:40:23 GMT
content-length
57291
server
Akamai Image Manager
expires
Wed, 01 Mar 2023 02:20:29 GMT
task-icon-maa-50x50.png
www01.wellsfargomedia.com/assets/images/homepage/
961 B
1 KB
Image
General
Full URL
https://www01.wellsfargomedia.com/assets/images/homepage/task-icon-maa-50x50.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.2.195.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-2-195-4.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
42902bf802de1e0edd9d13d02216ec6fb579ebbdc9f8ce045cc1ad37a699e481

Request headers

accept-language
no-NO,no;q=0.9
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 02:20:29 GMT
last-modified
Thu, 26 Aug 2021 01:32:08 GMT
server
Akamai Image Manager
etag
"66b-5c978d2186326"
content-type
image/png
cache-control
private, no-transform, max-age=15552000
content-length
961
expires
Wed, 01 Mar 2023 02:20:29 GMT
woman_checking_tablet_device.jpg
www01.wellsfargomedia.com/assets/images/photography/lifestyle/970x485/
28 KB
29 KB
Image
General
Full URL
https://www01.wellsfargomedia.com/assets/images/photography/lifestyle/970x485/woman_checking_tablet_device.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.2.195.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-2-195-4.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
d510b44eb432254133e3a77667c96ea0eee0a356614ef7938c0cab6b5d7fbcd9

Request headers

accept-language
no-NO,no;q=0.9
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 02:20:29 GMT
x-check-cacheable
YES
x-serial
1730
etag
"7cbf-5b1002fe7391c"
content-type
image/jpeg
cache-control
private, no-transform, max-age=15552000
last-modified
Thu, 26 Aug 2021 01:32:10 GMT
content-length
29069
server
Akamai Image Manager
expires
Wed, 01 Mar 2023 02:20:29 GMT
6818104_gettyimages-890847206_489_234.jpg
www01.wellsfargomedia.com/assets/images/homepage/
14 KB
15 KB
Image
General
Full URL
https://www01.wellsfargomedia.com/assets/images/homepage/6818104_gettyimages-890847206_489_234.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.2.195.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-2-195-4.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
599e3c4b198d28b925b6eff10db70dcd5c9b44f3b0da091cdd35cc8245fe4b66

Request headers

accept-language
no-NO,no;q=0.9
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 02:20:29 GMT
last-modified
Tue, 28 Jun 2022 02:05:43 GMT
server
Akamai Image Manager
etag
"606ce813-7237"
content-type
image/jpeg
cache-control
private, no-transform, max-age=15552000
content-length
14770
expires
Wed, 01 Mar 2023 02:20:29 GMT
wfi111_ph_hre_default1_304x194.jpg
www01.wellsfargomedia.com/assets/images/homepage/
10 KB
10 KB
Image
General
Full URL
https://www01.wellsfargomedia.com/assets/images/homepage/wfi111_ph_hre_default1_304x194.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.2.195.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-2-195-4.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
2af5bcc0ab347f0e039ec86b4f0a5f2fb506ef539c284331b5e8e78f3f94badc

Request headers

accept-language
no-NO,no;q=0.9
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 02:20:29 GMT
x-check-cacheable
YES
x-serial
1182
etag
"596d0956-2c51"
content-type
image/jpeg
cache-control
private, no-transform, max-age=15552000
last-modified
Mon, 06 Dec 2021 02:32:22 GMT
content-length
10061
server
Akamai Image Manager
expires
Wed, 01 Mar 2023 02:20:29 GMT
wfi111_ph_hre_default3_304x194.jpg
www01.wellsfargomedia.com/assets/images/homepage/
14 KB
14 KB
Image
General
Full URL
https://www01.wellsfargomedia.com/assets/images/homepage/wfi111_ph_hre_default3_304x194.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.2.195.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-2-195-4.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
34f5250710ce0ee2c5bdf5a5ff1a071a61b8c171b7f0ab96bf6deb935483a3d1

Request headers

accept-language
no-NO,no;q=0.9
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 02:20:29 GMT
last-modified
Thu, 26 Aug 2021 01:32:33 GMT
server
Akamai Image Manager
etag
"3852-5548803b48180"
content-type
image/jpeg
cache-control
private, no-transform, max-age=15552000
content-length
14418
expires
Wed, 01 Mar 2023 02:20:29 GMT
wells-fargo-volunteer-gardening_414x240.jpg
www01.wellsfargomedia.com/assets/images/photography/lifestyle/
25 KB
25 KB
Image
General
Full URL
https://www01.wellsfargomedia.com/assets/images/photography/lifestyle/wells-fargo-volunteer-gardening_414x240.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.2.195.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-2-195-4.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
4519a61d26f153bd19bda2ffdca5d102c56d61f6f5ef6f29727ca878f6ea1947

Request headers

accept-language
no-NO,no;q=0.9
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

unused62
8096267
date
Fri, 02 Sep 2022 02:20:29 GMT
x-check-cacheable
YES
x-serial
1242
etag
"6b61-590dc93c63a80"
content-type
image/jpeg
cache-control
private, no-transform, max-age=15552000
last-modified
Thu, 26 Aug 2021 01:41:38 GMT
content-length
25210
server
Akamai Image Manager
expires
Wed, 01 Mar 2023 02:20:29 GMT
stagecoach-two-drivers-field-green-414x240.jpg
www01.wellsfargomedia.com/assets/images/homepage/
27 KB
28 KB
Image
General
Full URL
https://www01.wellsfargomedia.com/assets/images/homepage/stagecoach-two-drivers-field-green-414x240.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.2.195.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-2-195-4.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
96c235d6343aaa272187a96413ebbd8fa15417c7591c02cf0d79fee2e03dfbbe

Request headers

accept-language
no-NO,no;q=0.9
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 02:20:29 GMT
x-check-cacheable
YES
x-serial
1161
etag
"6d98-5548803e24840"
content-type
image/jpeg
cache-control
private, no-transform, max-age=15552000
last-modified
Thu, 26 Aug 2021 01:41:00 GMT
content-length
28056
server
Akamai Image Manager
expires
Wed, 01 Mar 2023 02:20:29 GMT
redress_414x240.jpg
www01.wellsfargomedia.com/assets/images/homepage/
18 KB
19 KB
Image
General
Full URL
https://www01.wellsfargomedia.com/assets/images/homepage/redress_414x240.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.2.195.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-2-195-4.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
800719eabe4e6ac1b18f4a837f809c3c0c33b8668662139e49bf912ad0b938d2

Request headers

accept-language
no-NO,no;q=0.9
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 02:20:29 GMT
x-check-cacheable
YES
x-serial
1071
etag
"5c756893-7595"
content-type
image/jpeg
cache-control
private, no-transform, max-age=15552000
last-modified
Sat, 04 Dec 2021 22:07:29 GMT
content-length
18724
server
Akamai Image Manager
expires
Wed, 01 Mar 2023 02:20:29 GMT
three-men-volunteer-house-414x240.jpg
www01.wellsfargomedia.com/assets/images/homepage/
24 KB
24 KB
Image
General
Full URL
https://www01.wellsfargomedia.com/assets/images/homepage/three-men-volunteer-house-414x240.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.2.195.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-2-195-4.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
c550a26340fc6971f4767d351ae9c987603d3f5cf3cb18e91e3164d5fdca8be5

Request headers

accept-language
no-NO,no;q=0.9
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 02:20:29 GMT
x-check-cacheable
YES
x-serial
1034
etag
"5eee-5548803e24840"
content-type
image/jpeg
cache-control
private, no-transform, max-age=15552000
last-modified
Thu, 26 Aug 2021 01:32:08 GMT
content-length
24302
server
Akamai Image Manager
expires
Wed, 01 Mar 2023 02:20:29 GMT
woman-sitting-chair-tablet-screenshot-414x240.jpg
www01.wellsfargomedia.com/assets/images/homepage/
12 KB
12 KB
Image
General
Full URL
https://www01.wellsfargomedia.com/assets/images/homepage/woman-sitting-chair-tablet-screenshot-414x240.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.2.195.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-2-195-4.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
3809cf83b36ac6b2f21dc1b73e22d2e594acf734d71e348dbd7f66ea38bfc658

Request headers

accept-language
no-NO,no;q=0.9
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 02:20:29 GMT
x-check-cacheable
YES
x-serial
81
etag
"596d0959-2f6f"
content-type
image/jpeg
cache-control
private, no-transform, max-age=15552000
last-modified
Sun, 26 Dec 2021 03:30:59 GMT
content-length
12143
server
Akamai Image Manager
expires
Wed, 01 Mar 2023 02:20:29 GMT
id
dpm.demdex.net/
382 B
1 KB
XHR
General
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=1BAA15F354F731E60A4C98A4%40AdobeOrg&d_nsid=1&d_coop_unsafe=1&ts=1662085229024
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.26.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-26-113.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
44780a2dbce930ece612e0eecc0ea407b435bbd521879019156f0fed0209d85a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-1-v038-0fa96cdec.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
e6KJK7kXT7c=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
319
Expires
Thu, 01 Jan 1970 00:00:00 UTC
detector-dom.min.js
static.wellsfargo.com/tracking/gb/
333 KB
102 KB
Script
General
Full URL
https://static.wellsfargo.com/tracking/gb/detector-dom.min.js
Requested by
Host: static.wellsfargo.com
URL: https://static.wellsfargo.com/tracking/toppages/utag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.45.2.178 , United States, ASN10837 (WELLSFARGO-10837, US),
Reverse DNS
Software
/
Resource Hash
9a5e8cb8c0d7468337c96ba9de5c90701a038a135975b1f4444bde35cb0eb212
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Fri, 02 Sep 2022 02:20:29 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 13 Apr 2021 21:15:19 GMT
X-Frame-Options
SAMEORIGIN
ETag
W/"607609e7-532b0"
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1800
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
gtag.js
static.wellsfargo.com/tracking/ga/
115 KB
45 KB
Script
General
Full URL
https://static.wellsfargo.com/tracking/ga/gtag.js?id=UA-107148943-1
Requested by
Host: static.wellsfargo.com
URL: https://static.wellsfargo.com/tracking/toppages/utag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.45.2.178 , United States, ASN10837 (WELLSFARGO-10837, US),
Reverse DNS
Software
/
Resource Hash
79f666407709e82d49c80fc330a5a34952fc56f30de257ccc3ae432d87c6fedc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Fri, 02 Sep 2022 02:20:29 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 09 Sep 2021 17:30:40 GMT
X-Frame-Options
SAMEORIGIN
ETag
W/"613a44c0-1ca73"
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1800
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
idl
api.rlcdn.com/api/identity/
0
0

adrum-ext.js
static.wellsfargo.com/assets/js/wfui/appdynamics/
44 KB
14 KB
Script
General
Full URL
https://static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js
Requested by
Host: static.wellsfargo.com
URL: https://static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.45.2.178 , United States, ASN10837 (WELLSFARGO-10837, US),
Reverse DNS
Software
/
Resource Hash
385196f0fce7cea80c2c99d971780ecb73df9dea6e5b2d95d19df3aa849c7b1f

Request headers

accept-language
no-NO,no;q=0.9
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Fri, 02 Sep 2022 02:20:29 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Tue, 09 Mar 2021 18:36:55 GMT
ETag
W/"6047c047-b11c"
Allow
GET, POST, OPTIONS
Access-Control-Allow-Methods
POST
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
runtime.80d5260aef1a12bc638a.js
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/
0
0

vendor.21ae416b3ad99fcd7f4a.chunk.js
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/
0
0

main.1a3449c840a0ecac31c6.chunk.js
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/
0
0

wfui.01083dad213681fca617.chunk.js
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/
0
0

main.a32830a6383d333d8777.chunk.css
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/
0
0

wfui.b63d098a1ca054bb8b08.chunk.css
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/
0
0

ttms.gif
static.wellsfargo.com/tracking/reporting/
43 B
532 B
Image
General
Full URL
https://static.wellsfargo.com/tracking/reporting/ttms.gif?capability=LiveRamp&appId=WWW&wfaCookie=45202110060855191200791075&error=error&pageId=/a/1/kjfar.php&pageType=BROWSER&deviceType=DESKTOP&c_t=BOB
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.45.2.178 , United States, ASN10837 (WELLSFARGO-10837, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Fri, 02 Sep 2022 02:20:29 GMT
_host
wellsfargo.com
X-Content-Type-Options
nosniff
Last-Modified
Thu, 16 Jan 2020 21:55:22 GMT
X-Frame-Options
SAMEORIGIN
ETag
"5e20dbca-2b"
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Access-Control-Allow-Methods
POST
Content-Type
image/gif
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Allow
GET, POST, OPTIONS
Content-Length
43
X-XSS-Protection
1; mode=block
id
dpm.demdex.net/
382 B
1 KB
XHR
General
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=1BAA15F354F731E60A4C98A4%40AdobeOrg&d_nsid=1&d_mid=14758697043514639061718448363829540710&d_coop_unsafe=1&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&d_cid_ic=wfacookieidsync%0145202110060855191200791075%011&ts=1662085229310
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.26.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-26-113.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7dd0ade9deb38d13a04798846beba4e048d65cf8ccf9e678c03184e837887752
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-1-v038-006789e8c.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
o4nPMcKaRjY=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
318
Expires
Thu, 01 Jan 1970 00:00:00 UTC
event
wellsfargobankna.demdex.net/
555 B
1 KB
XHR
General
Full URL
https://wellsfargobankna.demdex.net/event?d_dil_ver=9.5&_ts=1662085229028
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.225.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-225-203.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
5e09f67975ce6cd81939d8f8239c1ac8f495a9203064a07178830b083b9f1510
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-1-v038-014595e4a.edge-irl1.demdex.com 5 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
5vHUFFvxRUY=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
327
Expires
Thu, 01 Jan 1970 00:00:00 UTC
gtag.js
static.wellsfargo.com/tracking/ga/
Redirect Chain
  • http://static.wellsfargo.com/tracking/ga/gtag.js?t=UA-107148943-1
  • https://static.wellsfargo.com/tracking/ga/gtag.js?t=UA-107148943-1
115 KB
45 KB
Script
General
Full URL
https://static.wellsfargo.com/tracking/ga/gtag.js?t=UA-107148943-1
Protocol
HTTP/1.1
Server
159.45.2.178 , United States, ASN10837 (WELLSFARGO-10837, US),
Reverse DNS
Software
/
Resource Hash
79f666407709e82d49c80fc330a5a34952fc56f30de257ccc3ae432d87c6fedc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Fri, 02 Sep 2022 02:20:29 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 09 Sep 2021 17:30:40 GMT
X-Frame-Options
SAMEORIGIN
ETag
W/"613a44c0-1ca73"
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1800
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block

Redirect headers

Location
https://static.wellsfargo.com/tracking/ga/gtag.js?t=UA-107148943-1
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
gtag.js
static.wellsfargo.com/tracking/ga/
Redirect Chain
  • http://static.wellsfargo.com/tracking/ga/gtag.js?t=DC-2549153
  • https://static.wellsfargo.com/tracking/ga/gtag.js?t=DC-2549153
115 KB
45 KB
Script
General
Full URL
https://static.wellsfargo.com/tracking/ga/gtag.js?t=DC-2549153
Protocol
HTTP/1.1
Server
159.45.2.178 , United States, ASN10837 (WELLSFARGO-10837, US),
Reverse DNS
Software
/
Resource Hash
79f666407709e82d49c80fc330a5a34952fc56f30de257ccc3ae432d87c6fedc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Fri, 02 Sep 2022 02:20:29 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 09 Sep 2021 17:30:40 GMT
X-Frame-Options
SAMEORIGIN
ETag
W/"613a44c0-1ca73"
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1800
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block

Redirect headers

Location
https://static.wellsfargo.com/tracking/ga/gtag.js?t=DC-2549153
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
gtag.js
static.wellsfargo.com/tracking/ga/
Redirect Chain
  • http://static.wellsfargo.com/tracking/ga/gtag.js?t=AW-984436569
  • https://static.wellsfargo.com/tracking/ga/gtag.js?t=AW-984436569
115 KB
45 KB
Script
General
Full URL
https://static.wellsfargo.com/tracking/ga/gtag.js?t=AW-984436569
Protocol
HTTP/1.1
Server
159.45.2.178 , United States, ASN10837 (WELLSFARGO-10837, US),
Reverse DNS
Software
/
Resource Hash
79f666407709e82d49c80fc330a5a34952fc56f30de257ccc3ae432d87c6fedc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Fri, 02 Sep 2022 02:20:29 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 09 Sep 2021 17:30:40 GMT
X-Frame-Options
SAMEORIGIN
ETag
W/"613a44c0-1ca73"
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1800
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block

Redirect headers

Location
https://static.wellsfargo.com/tracking/ga/gtag.js?t=AW-984436569
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
cls_report
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/
50 B
1 KB
XHR
General
Full URL
https://rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=11e9e202-2780-480e-a0b8-b31287943f8c%3A0&_cls_v=e5b5e3f0-14e1-4862-b0ec-f16af2c58d84
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-138.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c05059329c081ecc0744410b2a9515ab86fdb568691fce0287a09c579f222faf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubdomains;
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Fri, 02 Sep 2022 02:20:29 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
origin, Accept-Encoding
Content-Length
76
X-XSS-Protection
1; mode=block
adrum-ext.b4436be974de477658d4a93afb752165.js
static.wellsfargo.com/assets/js/wfui/appdynamics/
47 KB
16 KB
Script
General
Full URL
https://static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js
Requested by
Host: static.wellsfargo.com
URL: https://static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.45.2.178 , United States, ASN10837 (WELLSFARGO-10837, US),
Reverse DNS
Software
/
Resource Hash
7f0d10bc282c3d7b0eb4d7527303490f8d3b86a1c65e293c2d9f0793006441e6

Request headers

accept-language
no-NO,no;q=0.9
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Fri, 02 Sep 2022 02:20:29 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Wed, 03 Mar 2021 23:46:24 GMT
ETag
W/"60401fd0-bbed"
Allow
GET, POST, OPTIONS
Access-Control-Allow-Methods
POST
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
ga.js
static.wellsfargo.com/tracking/ga/
48 KB
19 KB
Script
General
Full URL
https://static.wellsfargo.com/tracking/ga/ga.js
Requested by
Host: static.wellsfargo.com
URL: http://static.wellsfargo.com/tracking/ga/gtag.js?t=UA-107148943-1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.45.2.178 , United States, ASN10837 (WELLSFARGO-10837, US),
Reverse DNS
Software
/
Resource Hash
0b2af045acafbdf14516bf55f310568036ace959946d16edb1acebcd58029d22
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Fri, 02 Sep 2022 02:20:29 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 09 Sep 2021 17:30:40 GMT
X-Frame-Options
SAMEORIGIN
ETag
W/"613a44c0-c025"
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1800
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
activityi;dc_pre=COP74v2F9fkCFdZDHQkdp1YBDA;src=2549153;type=allv40;cat=all_a00;ord=5029910366429;gtm=2od8g0;u1=45202110060855191200791075;u5=y;u6=BOB;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=http%3...
2549153.fls.doubleclick.net/ Frame AC39
Redirect Chain
  • http://2549153.fls.doubleclick.net/activityi;src=2549153;type=allv40;cat=all_a00;ord=5029910366429;gtm=2od8g0;u1=45202110060855191200791075;u5=y;u6=BOB;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=http%...
  • http://2549153.fls.doubleclick.net/activityi;dc_pre=COP74v2F9fkCFdZDHQkdp1YBDA;src=2549153;type=allv40;cat=all_a00;ord=5029910366429;gtm=2od8g0;u1=45202110060855191200791075;u5=y;u6=BOB;u8=WWW;u11=...
818 B
1 KB
Document
General
Full URL
http://2549153.fls.doubleclick.net/activityi;dc_pre=COP74v2F9fkCFdZDHQkdp1YBDA;src=2549153;type=allv40;cat=all_a00;ord=5029910366429;gtm=2od8g0;u1=45202110060855191200791075;u5=y;u6=BOB;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=http%3A%2F%2F8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no%2Fa%2F1%2Fkjfar.php%3FP%3DN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgi938945SCDSFGHJSASTYTERSZ%2520sdERWAEETRabE%2520RHTUTYDDNTMEW74342hdfjsixaAI6cEL2k0fCo2dHX4fTgN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgiBOaoweue5_jfncn_Product-UserID%26email%3D?
Requested by
Host: static.wellsfargo.com
URL: http://static.wellsfargo.com/tracking/ga/gtag.js?t=DC-2549153
Protocol
HTTP/1.1
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
5ef1004ddcf84c9bbf326a06fbeaceb776fd2ae9ae0a862ddbc037a08644192a
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

Cache-Control
no-cache, must-revalidate
Content-Encoding
gzip
Content-Length
624
Content-Type
text/html; charset=UTF-8
Cross-Origin-Resource-Policy
cross-origin
Date
Fri, 02 Sep 2022 02:20:30 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
P3P
policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma
no-cache
Server
cafe
Strict-Transport-Security
max-age=21600
Timing-Allow-Origin
*
X-Content-Type-Options
nosniff
X-XSS-Protection
0

Redirect headers

Cache-Control
no-cache, must-revalidate
Content-Length
0
Content-Type
text/html; charset=UTF-8
Cross-Origin-Resource-Policy
cross-origin
Date
Fri, 02 Sep 2022 02:20:30 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Follow-Only-When-Prerender-Shown
1
Location
http://2549153.fls.doubleclick.net/activityi;dc_pre=COP74v2F9fkCFdZDHQkdp1YBDA;src=2549153;type=allv40;cat=all_a00;ord=5029910366429;gtm=2od8g0;u1=45202110060855191200791075;u5=y;u6=BOB;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=http%3A%2F%2F8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no%2Fa%2F1%2Fkjfar.php%3FP%3DN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgi938945SCDSFGHJSASTYTERSZ%2520sdERWAEETRabE%2520RHTUTYDDNTMEW74342hdfjsixaAI6cEL2k0fCo2dHX4fTgN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgiBOaoweue5_jfncn_Product-UserID%26email%3D?
P3P
policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma
no-cache
Server
cafe
Strict-Transport-Security
max-age=21600
Timing-Allow-Origin
*
X-Content-Type-Options
nosniff
X-XSS-Protection
0
ga_conversion_async.js
static.wellsfargo.com/tracking/ga/
35 KB
14 KB
Script
General
Full URL
https://static.wellsfargo.com/tracking/ga/ga_conversion_async.js
Requested by
Host: static.wellsfargo.com
URL: http://static.wellsfargo.com/tracking/ga/gtag.js?t=AW-984436569
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.45.2.178 , United States, ASN10837 (WELLSFARGO-10837, US),
Reverse DNS
Software
/
Resource Hash
6c771bd1c269646a76015f2f6410a40c031e5adea88f665bfe9ae15a972ab6ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Fri, 02 Sep 2022 02:20:29 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 09 Sep 2021 17:30:40 GMT
X-Frame-Options
SAMEORIGIN
ETag
W/"613a44c0-8c31"
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1800
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
cls_report
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/
4 KB
2 KB
XHR
General
Full URL
https://rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.3.118B100&_cls_s=11e9e202-2780-480e-a0b8-b31287943f8c:0&_cls_v=e5b5e3f0-14e1-4862-b0ec-f16af2c58d84&pid=a5909664-3286-4f24-8097-79013ffc04f4&sn=1&aid=
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-138.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7a58994569d91823ac5c6590e1f3ef3aeecd26c3024cc25ce83b08666578f1ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Strict-Transport-Security
max-age=31536000; includeSubdomains;
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Fri, 02 Sep 2022 02:20:30 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
Access-Control-Allow-Origin
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
origin, Accept-Encoding
Content-Length
969
X-XSS-Protection
1; mode=block
ec.js
static.wellsfargo.com/tracking/ga/
3 KB
2 KB
Script
General
Full URL
https://static.wellsfargo.com/tracking/ga/ec.js
Requested by
Host: static.wellsfargo.com
URL: https://static.wellsfargo.com/tracking/ga/ga.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.45.2.178 , United States, ASN10837 (WELLSFARGO-10837, US),
Reverse DNS
Software
/
Resource Hash
618688d9849fef712931832c71e01be145d1791d6da917a702ab86a74ce66089
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Fri, 02 Sep 2022 02:20:30 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 09 Sep 2021 17:30:40 GMT
X-Frame-Options
SAMEORIGIN
ETag
W/"613a44c0-aed"
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1800
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
collect
www.google-analytics.com/j/
2 B
187 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j92&aip=1&a=1329660992&t=pageview&_s=1&dl=http%3A%2F%2F8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no%2Fa%2F1%2Fkjfar.php&ul=en-us&de=UTF-8&dt=Wells%20Fargo%20%E2%80%93%20Banking%2C%20Credit%20Cards%2C%20Loans%2C%20Mortgages%20%26%20More&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4GBACUALBAAAAC~&jid=589833256&gjid=195233487&cid=270726934.1662085230&tid=UA-107148943-1&_gid=2132437841.1662085230&_r=1&cd1=WWW&cd4=y&cd5=BOB&cd7=DESKTOP&cd8=PRODUCTION&cd9=45202110060855191200791075&cd12=BROWSER&cd22=top-pages&cd23=4.48.0&gtm=2ou8g0&cd35=270726934.1662085230&z=353960047
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 02 Sep 2022 02:20:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.no/pagead/1p-user-list/984436569/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/984436569/?random=1662085230066&cv=9&fst=1662085230066&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=12...
  • https://www.google.com/pagead/1p-user-list/984436569/?random=1662085230066&cv=9&fst=1662084000000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=f...
  • https://www.google.no/pagead/1p-user-list/984436569/?random=1662085230066&cv=9&fst=1662084000000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=fa...
42 B
548 B
Image
General
Full URL
https://www.google.no/pagead/1p-user-list/984436569/?random=1662085230066&cv=9&fst=1662084000000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8g0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2F8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no%2Fa%2F1%2Fkjfar.php&tiba=Wells%20Fargo%20%E2%80%93%20Banking%2C%20Credit%20Cards%2C%20Loans%2C%20Mortgages%20%26%20More&async=1&is_vtc=1&random=2739683765&resp=GooglemKTybQhCsO&ipr=y
Protocol
H2
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Sep 2022 02:20:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 02 Sep 2022 02:20:31 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.no/pagead/1p-user-list/984436569/?random=1662085230066&cv=9&fst=1662084000000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8g0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2F8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no%2Fa%2F1%2Fkjfar.php&tiba=Wells%20Fargo%20%E2%80%93%20Banking%2C%20Credit%20Cards%2C%20Loans%2C%20Mortgages%20%26%20More&async=1&is_vtc=1&random=2739683765&resp=GooglemKTybQhCsO&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
393 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j92&aip=1&a=1329660992&t=timing&_s=2&dl=http%3A%2F%2F8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no%2Fa%2F1%2Fkjfar.php&ul=en-us&de=UTF-8&dt=Wells%20Fargo%20%E2%80%93%20Banking%2C%20Credit%20Cards%2C%20Loans%2C%20Mortgages%20%26%20More&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=3683&pdt=324&dns=0&rrt=0&srt=313&tcp=161&dit=2809&clt=2809&_gst=4574&_gbt=4745&_cst=3302&_cbt=4571&_u=4GBACUALBAAAAC~&jid=&gjid=&cid=270726934.1662085230&tid=UA-107148943-1&_gid=2132437841.1662085230&gtm=2ou8g0&z=790066748
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
no-NO,no;q=0.9
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Sep 2022 22:27:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
13975
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
dc_pre=COP74v2F9fkCFdZDHQkdp1YBDA;src=2549153;type=allv40;cat=all_a00;ord=5029910366429;gtm=2od8g0;u1=45202110060855191200791075;u5=y;u6=BOB;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=http%3A%2F%2F8kw...
adservice.google.com/ddm/fls/i/ Frame CDB0
817 B
1 KB
Document
General
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=COP74v2F9fkCFdZDHQkdp1YBDA;src=2549153;type=allv40;cat=all_a00;ord=5029910366429;gtm=2od8g0;u1=45202110060855191200791075;u5=y;u6=BOB;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=http%3A%2F%2F8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no%2Fa%2F1%2Fkjfar.php%3FP%3DN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgi938945SCDSFGHJSASTYTERSZ%2520sdERWAEETRabE%2520RHTUTYDDNTMEW74342hdfjsixaAI6cEL2k0fCo2dHX4fTgN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgiBOaoweue5_jfncn_Product-UserID%26email%3D
Requested by
Host: 2549153.fls.doubleclick.net
URL: http://2549153.fls.doubleclick.net/activityi;dc_pre=COP74v2F9fkCFdZDHQkdp1YBDA;src=2549153;type=allv40;cat=all_a00;ord=5029910366429;gtm=2od8g0;u1=45202110060855191200791075;u5=y;u6=BOB;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=http%3A%2F%2F8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no%2Fa%2F1%2Fkjfar.php%3FP%3DN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgi938945SCDSFGHJSASTYTERSZ%2520sdERWAEETRabE%2520RHTUTYDDNTMEW74342hdfjsixaAI6cEL2k0fCo2dHX4fTgN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgiBOaoweue5_jfncn_Product-UserID%26email%3D?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
af3f70344218dd2bd28881f842610f87598362af9f7cfbf2c1f2d0b8e9c4462a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
623
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 02 Sep 2022 02:20:30 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/
35 B
100 B
Ping
General
Full URL
https://www.google-analytics.com/collect
Requested by
Host: static.wellsfargo.com
URL: https://static.wellsfargo.com/tracking/ga/ga.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 02 Sep 2022 02:20:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
484 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-107148943-1&cid=270726934.1662085230&jid=589833256&gjid=195233487&_gid=2132437841.1662085230&_u=4GBACUAKBAAAAC~&z=424362083
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.167.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wl-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 02 Sep 2022 02:20:31 GMT
content-type
text/plain
access-control-allow-origin
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
error.gif
pdx-col.eum-appdynamics.com/eumcollector/
26 B
319 B
Image
General
Full URL
https://pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=EUM-AAB-AYP&msg=Assert%20fail%3A%20M50
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.36.47.22 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-36-47-22.us-west-2.compute.amazonaws.com
Software
envoy /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
no-NO,no;q=0.9
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Sep 2022 02:20:31 GMT
x-content-type-options
nosniff
server
envoy
vary
*
content-type
image/gif
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
x-envoy-upstream-service-time
0
access-control-allow-headers
origin, content-type, accept
expires
0
error.gif
pdx-col.eum-appdynamics.com/eumcollector/
26 B
320 B
Image
General
Full URL
https://pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=EUM-AAB-AYP&msg=Assert%20fail%3A%20M51
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.36.47.22 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-36-47-22.us-west-2.compute.amazonaws.com
Software
envoy /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
no-NO,no;q=0.9
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Sep 2022 02:20:31 GMT
x-content-type-options
nosniff
server
envoy
vary
*
content-type
image/gif
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
x-envoy-upstream-service-time
0
access-control-allow-headers
origin, content-type, accept
expires
0
dc_pre=COP74v2F9fkCFdZDHQkdp1YBDA;src=2549153;type=allv40;cat=all_a00;ord=5029910366429;gtm=2od8g0;u1=45202110060855191200791075;u5=y;u6=BOB;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=http%3A%2F%2F8kw...
adservice.google.no/ddm/fls/i/ Frame 977E
194 B
870 B
Document
General
Full URL
https://adservice.google.no/ddm/fls/i/dc_pre=COP74v2F9fkCFdZDHQkdp1YBDA;src=2549153;type=allv40;cat=all_a00;ord=5029910366429;gtm=2od8g0;u1=45202110060855191200791075;u5=y;u6=BOB;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=http%3A%2F%2F8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no%2Fa%2F1%2Fkjfar.php%3FP%3DN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgi938945SCDSFGHJSASTYTERSZ%2520sdERWAEETRabE%2520RHTUTYDDNTMEW74342hdfjsixaAI6cEL2k0fCo2dHX4fTgN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgiBOaoweue5_jfncn_Product-UserID%26email%3D
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=COP74v2F9fkCFdZDHQkdp1YBDA;src=2549153;type=allv40;cat=all_a00;ord=5029910366429;gtm=2od8g0;u1=45202110060855191200791075;u5=y;u6=BOB;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=http%3A%2F%2F8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no%2Fa%2F1%2Fkjfar.php%3FP%3DN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgi938945SCDSFGHJSASTYTERSZ%2520sdERWAEETRabE%2520RHTUTYDDNTMEW74342hdfjsixaAI6cEL2k0fCo2dHX4fTgN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgiBOaoweue5_jfncn_Product-UserID%26email%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
gzip
content-length
177
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 02 Sep 2022 02:20:31 GMT
expires
Fri, 02 Sep 2022 02:20:31 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
adrum
pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/EUM-AAB-AYP/
0
718 B
XHR
General
Full URL
https://pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/EUM-AAB-AYP/adrum
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.36.47.22 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-36-47-22.us-west-2.compute.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 02 Sep 2022 02:20:31 GMT
x-content-type-options
nosniff
server
envoy
vary
*
content-type
text/html
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
x-envoy-upstream-service-time
0
access-control-allow-headers
origin, content-type, accept
expires
0
ga-audiences
www.google.com/ads/
42 B
107 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-107148943-1&cid=270726934.1662085230&jid=589833256&_u=4GBACUAKBAAAAC~&z=469653010
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Sep 2022 02:20:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.no/ads/
42 B
107 B
Image
General
Full URL
https://www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-107148943-1&cid=270726934.1662085230&jid=589833256&_u=4GBACUAKBAAAAC~&z=469653010
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Sep 2022 02:20:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/idl?pid=1317
Domain
connect.secure.wellsfargo.com
URL
https://connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/runtime.80d5260aef1a12bc638a.js
Domain
connect.secure.wellsfargo.com
URL
https://connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/vendor.21ae416b3ad99fcd7f4a.chunk.js
Domain
connect.secure.wellsfargo.com
URL
https://connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/main.1a3449c840a0ecac31c6.chunk.js
Domain
connect.secure.wellsfargo.com
URL
https://connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/wfui.01083dad213681fca617.chunk.js
Domain
connect.secure.wellsfargo.com
URL
https://connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/main.a32830a6383d333d8777.chunk.css
Domain
connect.secure.wellsfargo.com
URL
https://connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/wfui.b63d098a1ca054bb8b08.chunk.css

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Wells Fargo (Banking)

177 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation string| environment string| appd_key string| appd_js_path string| appDEUMSwitch number| adrum-start-time object| adrum-config boolean| logInfoSwitch number| iaCallTimeout string| accounts_url boolean| hp_prefetch_desktop_value object| utag_data function| domReady object| jsData object| tasInfo string| ATADUN_PATH boolean| isNative string| loginUrlBase object| scriptParent string| loginUrlBaseNoProtocol object| getUrl string| host string| port string| guid function| appendFIDOEligibleInputs function| disableSubmitsCollectUserPrefs function| addLoginFormFieldsAndSubmit function| jsEnabled function| addEvent function| undoSaveUsername function| maskedUsernameChanged function| addScriptElement function| getCookie function| appendHiddenInput function| addCookiesToForm function| setWFACookies function| generateGuid function| brief function| $ function| jQuery object| WF function| GSA_getSearchRootPathPrefix function| GSA_getResourceRootPathPrefix function| GSA_isEmbeddedMode string| ss_form_element string| ss_popup_element object| ss_seq string| ss_g_one_name_to_display string| ss_g_more_names_to_display number| ss_g_max_to_display number| ss_max_to_display number| ss_wait_millisec number| ss_delay_millisec object| ss_gsa_host string| SS_OUTPUT_FORMAT_LEGACY string| SS_OUTPUT_FORMAT_OPEN_SEARCH string| SS_OUTPUT_FORMAT_RICH string| ss_protocol boolean| ss_allow_non_query string| ss_non_query_empty_title boolean| ss_allow_debug object| URI_RE_ object| URI_DISALLOWED_IN_SCHEME_OR_CREDENTIALS_ object| URI_DISALLOWED_IN_PATH_ object| ss_cached object| ss_qbackup object| ss_qshown number| ss_loc number| ss_waiting boolean| ss_painting object| ss_key_handling_queue object| ss_painting_queue boolean| ss_dismissed boolean| ss_panic string| SS_ROW_CLASS string| SS_ROW_SELECTED_CLASS undefined| XH_ieProgId_ number| XML_READY_STATE_UNINITIALIZED number| XML_READY_STATE_LOADING number| XML_READY_STATE_LOADED number| XML_READY_STATE_INTERACTIVE number| XML_READY_STATE_COMPLETED function| XH_XmlHttpInit_ function| XH_XmlHttpCreate function| XH_XmlHttpGET function| XH_XmlHttpPOST function| XH_XmlHttpOpen function| XH_XmlHttpSetRequestHeader function| XH_XmlHttpSend function| XH_XmlHttpAbort object| ss_debug function| ss_composeSuggestUri function| ss_suggest function| ss_processed function| ss_handleAllKey function| ss_handleKey function| ss_isEmbeddedMode_ function| ss_handleQuery function| ss_removeNode_ function| ss_replaceNode_ function| ss_initEmbedMode_ function| ss_sf function| ss_clear function| ss_hide function| ss_show function| ss_showSuggestion function| ss_showRelatedSuggestion function| ss_handleMouseM function| ss_handleMouseC function| ss_countSuggestions function| ss_locateSuggestion function| ss_escape function| ss_escapeDbg function| ss_Debugger function| injectStyles function| injectScripts object| ss_use object| wfLogger object| root string| ndURI number| counter boolean| utag_condload string| new_path object| utag_cfg_ovrd object| userAgentArr object| utag function| isNotUndefinedOrNull function| sendDataToGA boolean| __tealium_twc_switch function| utag_pad function| utag_visitor_id string| gtagRename object| dataLayer function| gtag object| ___sc124934 object| ___so124934 number| CLIWHIT string| PSESSIONID string| SSESSIONID string| LSESSIONID object| __tp number| __gt function| grip undefined| d object| data_dmp object| adobe function| Visitor function| DIL object| s_c_il number| s_c_in function| sendRTTODataToGA string| GTAG_TYPE object| GTAG_CONFIG object| Nf object| Of function| Pf object| google_tag_manager object| _detector undefined| optimizely object| ADRUM object| google_tag_data string| GoogleAnalyticsObject function| ga function| f object| gaplugins object| gaGlobal object| gaData function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO

10 Cookies

Domain/Path Name / Value
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38 Name: _cls_v
Value: e5b5e3f0-14e1-4862-b0ec-f16af2c58d84
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38 Name: _cls_s
Value: 11e9e202-2780-480e-a0b8-b31287943f8c:0
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38 Name: _cls_cfgver
Value: 18d2c6f2
.demdex.net/ Name: demdex
Value: 14744695805011076971717048240105016693
.xzone.no/ Name: AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg
Value: 1
.xzone.no/ Name: AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg
Value: -1124106680%7CMCMID%7C14758697043514639061718448363829540710%7CMCAAMLH-1662690029%7C6%7CMCAAMB-1662690029%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C677917998%7CMCOPTOUT-1662092429s%7CNONE%7CvVersion%7C5.2.0
8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/ Name: _ga
Value: GA1.1.270726934.1662085230
8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/ Name: _gid
Value: GA1.1.2132437841.1662085230
8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/ Name: _gat_gtag_UA_107148943_1
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

14 Console Messages

Source Level URL
Text
javascript error URL: http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/a/1/kjfar.php?P=N49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgi938945SCDSFGHJSASTYTERSZ%20sdERWAEETRabE%20RHTUTYDDNTMEW74342hdfjsixaAI6cEL2k0fCo2dHX4fTgN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgiBOaoweue5_jfncn_Product-UserID&email=
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/idl?pid=1317' from origin 'http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/idl?pid=1317
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/a/1/kjfar.php?P=N49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgi938945SCDSFGHJSASTYTERSZ%20sdERWAEETRabE%20RHTUTYDDNTMEW74342hdfjsixaAI6cEL2k0fCo2dHX4fTgN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgiBOaoweue5_jfncn_Product-UserID&email=
Message:
Access to XMLHttpRequest at 'https://connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/runtime.80d5260aef1a12bc638a.js' from origin 'http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header contains the invalid value 'connect.secure.wellsfargo.com'.
network error URL: https://connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/runtime.80d5260aef1a12bc638a.js
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/a/1/kjfar.php?P=N49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgi938945SCDSFGHJSASTYTERSZ%20sdERWAEETRabE%20RHTUTYDDNTMEW74342hdfjsixaAI6cEL2k0fCo2dHX4fTgN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgiBOaoweue5_jfncn_Product-UserID&email=
Message:
Access to XMLHttpRequest at 'https://connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/vendor.21ae416b3ad99fcd7f4a.chunk.js' from origin 'http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header contains the invalid value 'connect.secure.wellsfargo.com'.
network error URL: https://connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/vendor.21ae416b3ad99fcd7f4a.chunk.js
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/a/1/kjfar.php?P=N49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgi938945SCDSFGHJSASTYTERSZ%20sdERWAEETRabE%20RHTUTYDDNTMEW74342hdfjsixaAI6cEL2k0fCo2dHX4fTgN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgiBOaoweue5_jfncn_Product-UserID&email=
Message:
Access to XMLHttpRequest at 'https://connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/main.1a3449c840a0ecac31c6.chunk.js' from origin 'http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header contains the invalid value 'connect.secure.wellsfargo.com'.
network error URL: https://connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/main.1a3449c840a0ecac31c6.chunk.js
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/a/1/kjfar.php?P=N49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgi938945SCDSFGHJSASTYTERSZ%20sdERWAEETRabE%20RHTUTYDDNTMEW74342hdfjsixaAI6cEL2k0fCo2dHX4fTgN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgiBOaoweue5_jfncn_Product-UserID&email=
Message:
Access to XMLHttpRequest at 'https://connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/wfui.01083dad213681fca617.chunk.js' from origin 'http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header contains the invalid value 'connect.secure.wellsfargo.com'.
network error URL: https://connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/wfui.01083dad213681fca617.chunk.js
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/a/1/kjfar.php?P=N49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgi938945SCDSFGHJSASTYTERSZ%20sdERWAEETRabE%20RHTUTYDDNTMEW74342hdfjsixaAI6cEL2k0fCo2dHX4fTgN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgiBOaoweue5_jfncn_Product-UserID&email=
Message:
Access to XMLHttpRequest at 'https://connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/wfui.b63d098a1ca054bb8b08.chunk.css' from origin 'http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header contains the invalid value 'connect.secure.wellsfargo.com'.
network error URL: https://connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/wfui.b63d098a1ca054bb8b08.chunk.css
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/a/1/kjfar.php?P=N49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgi938945SCDSFGHJSASTYTERSZ%20sdERWAEETRabE%20RHTUTYDDNTMEW74342hdfjsixaAI6cEL2k0fCo2dHX4fTgN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgiBOaoweue5_jfncn_Product-UserID&email=
Message:
Access to XMLHttpRequest at 'https://connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/main.a32830a6383d333d8777.chunk.css' from origin 'http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header contains the invalid value 'connect.secure.wellsfargo.com'.
network error URL: https://connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/main.a32830a6383d333d8777.chunk.css
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2549153.fls.doubleclick.net
8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no
adservice.google.com
adservice.google.no
api.rlcdn.com
connect.secure.wellsfargo.com
dpm.demdex.net
googleads.g.doubleclick.net
pdx-col.eum-appdynamics.com
rubicon.wellsfargo.com
static.wellsfargo.com
stats.g.doubleclick.net
wellsfargobankna.demdex.net
www.google-analytics.com
www.google.com
www.google.no
www.wellsfargo.com
www01.wellsfargomedia.com
api.rlcdn.com
connect.secure.wellsfargo.com
142.250.184.198
142.250.185.100
142.250.185.66
142.250.186.163
142.250.186.66
159.45.2.178
159.45.66.145
159.45.66.156
172.217.18.2
172.217.23.110
2.16.186.138
23.2.195.4
34.248.26.113
34.255.225.203
52.36.47.22
64.233.167.156
67.23.254.254
004590468c4ed29e2b9ac5192217c685059d0d623e4398c49cdb4a0b5a386831
0155efc4c50ae4da41c1ca1f6407912cbe62c0f7cb77f6464aee5bedf1267cbc
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0b2af045acafbdf14516bf55f310568036ace959946d16edb1acebcd58029d22
16b5311ddbd849fd1808d3d855f79d9640417d7c65714ffec6f6bb6f17416883
239e29799eeeff643c07466d40772fc803f95137942aa6517b145d6d862217b5
25a7b2470715372a0a94a6537d9bace902f317e038645f4cc867552e42e0162a
2af5bcc0ab347f0e039ec86b4f0a5f2fb506ef539c284331b5e8e78f3f94badc
33b92421ed8061f976e181bdcc26c325efe73e6b1abd8755b5d85b16c7fe50ea
34f5250710ce0ee2c5bdf5a5ff1a071a61b8c171b7f0ab96bf6deb935483a3d1
3809cf83b36ac6b2f21dc1b73e22d2e594acf734d71e348dbd7f66ea38bfc658
385196f0fce7cea80c2c99d971780ecb73df9dea6e5b2d95d19df3aa849c7b1f
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3c536cede8c67b4bda531f82b77f3678e52026398492010245d3870c87a1623e
3e72471278601589c8718b1a74e9d45144e597ed2cdeafd3274ff95a9c93c6e7
41ace13f2da513c687155c0bc5aeeb5b465a55c90077624895acd8239ae8260b
42902bf802de1e0edd9d13d02216ec6fb579ebbdc9f8ce045cc1ad37a699e481
43dd833f33570535401d009e6b6f9cde54bdac4e210fc6c89cfdcfcbaa9fc903
44780a2dbce930ece612e0eecc0ea407b435bbd521879019156f0fed0209d85a
4519a61d26f153bd19bda2ffdca5d102c56d61f6f5ef6f29727ca878f6ea1947
50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23
52b687a685d2239142be0db5335c5710951ba8c2b39a44431a40f156b4d9312d
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
599e3c4b198d28b925b6eff10db70dcd5c9b44f3b0da091cdd35cc8245fe4b66
5e09f67975ce6cd81939d8f8239c1ac8f495a9203064a07178830b083b9f1510
5ef1004ddcf84c9bbf326a06fbeaceb776fd2ae9ae0a862ddbc037a08644192a
618688d9849fef712931832c71e01be145d1791d6da917a702ab86a74ce66089
631f3b6267a831a8d67c45e480b5d5a2601f10ff8708bcf3a45a41b377a129cc
649dcf3e5665f599b97ab67a10b75f7f1246378806c243c22a6a4130aa12e622
6c771bd1c269646a76015f2f6410a40c031e5adea88f665bfe9ae15a972ab6ab
76398f8fc34ee6f4c41af5f7d73cb3ba4ac57d958247134fc2749552a99659c9
780b98a3861aa8d4afe428953ad3b9e988a74cd5f064b4a1eb453f5d901221e7
7926323a712a1fa861283bbdbde6f6df758e3a39c418fe1459f2b5dbe18102be
79f666407709e82d49c80fc330a5a34952fc56f30de257ccc3ae432d87c6fedc
7a58994569d91823ac5c6590e1f3ef3aeecd26c3024cc25ce83b08666578f1ed
7b1acbecc92198d28a194bab0fa46dd84878d9cb78f3e2bbbd4ba771ef168ebd
7bfab3d904c5effc47fe1577c20615a1efcf84f2a6e1b8e5ccaa501ac657fcab
7cf613ae2a54653f340d959397825ff3bc818f37f8757f7f10167f648e4a3060
7dd0ade9deb38d13a04798846beba4e048d65cf8ccf9e678c03184e837887752
7f0d10bc282c3d7b0eb4d7527303490f8d3b86a1c65e293c2d9f0793006441e6
800719eabe4e6ac1b18f4a837f809c3c0c33b8668662139e49bf912ad0b938d2
81c26be055b396974619967deefc7e5798ce65f07ea0d2a184ef2438ee5c37d4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8d065126eb6eef432a47f7597e58dca37cc1667e7a20c97ff59ed73ff6fbf4fb
8e33419228d18b065817e0f34dfed2202cc29ca4401d434b0a442d0829633890
95b962bda7dcd5140caed5bc45236ff538c3d5841c7a91136b751db076d19382
96c235d6343aaa272187a96413ebbd8fa15417c7591c02cf0d79fee2e03dfbbe
982003c4cecd7caa0d1b5b8ceb4ee3d9a49263cb37fe56ccf4d5113868fe6741
9a5e8cb8c0d7468337c96ba9de5c90701a038a135975b1f4444bde35cb0eb212
a9304a0a2a197ea99df11195c7661157044f9846e2863a4e4fc0663776700747
ae6dd562558a0d6e692c910de53486132faa5c6ae81d0e85d67ba7f26b789a7f
af3f70344218dd2bd28881f842610f87598362af9f7cfbf2c1f2d0b8e9c4462a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bac7d14e724e890def62967d796be6d0f77e6c144cb304e2e69d3ed1fc66cf0d
bad076c316b96cc04b2df0418f986f332e01ff6016eab56fa116a4ef4c9ca594
bba812edb81013a25bbdca7801e892f85b38580456227b4c1878b5bd0f8aee6b
bf237dbb690185287d8b42ba4a0b97fb4c506b310b36d6532c059079ff9e5df1
c05059329c081ecc0744410b2a9515ab86fdb568691fce0287a09c579f222faf
c550a26340fc6971f4767d351ae9c987603d3f5cf3cb18e91e3164d5fdca8be5
cfd4c24ae595a860f108f4de55ce9a1744bad06d612d508c4d0bf39901b9862c
d03c66ceca785a35e0576fe778a325d183ce317c482faf48f06d371688fd75f0
d510b44eb432254133e3a77667c96ea0eee0a356614ef7938c0cab6b5d7fbcd9
d6f9a6d48f3d43b2f7004bb3f1bea032abe36c545087c45907bf36f6d1949bc6
d6fdad356ecabcdcfb77a0486b3e240f450369e0304739e55c71a112d5f3d2df
d7c059e94b914ac615951283337117c36f9d4e86dfb2c2d97134fe00155419f2
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e2abb0b11e94d1993d63ba680434ad970acd7333713aeeb3dc84771281af77b9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9ecf74092e5fe396ce9fe40ea17070242ed95e6c0b09d595dd4254d8afcabaa
ea4b20ddecd76a86c3dc31d488970cf15e6284756c271b1d983f597652ebeb61
ec6343cf635afa21759e508cd2d388939035aad58ed76e2f25db0722f5d44299
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5222890bf5fab537c855a4b7a97289613cab75945f43eaa7949862d8c92b4cf
f524345f75bc7c15f2e285e525e04299dc22c27c014abe55c337dbc3a690b82c