urlscan.io logo urlscan.io
SecurityTrails logo

bonusoffer.wf.com Open in urlscan Pro
12.190.116.32  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://u19982634.ct.sendgrid.net/ls/click?upn=9QAluab-2Byq92iZxhrcUwug1ictpQjlzNibctKXHQUytrUHLBL6akTkqhqO909P5joBj6RhQeCPfE4P9UK...
Effective URL: https://bonusoffer.wf.com/updateincome/?e=000005022135872&utm_source=newsletter&utm_medium=email&utm_campaign=control
Submission: On September 16 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 8 domains to perform 19 HTTP transactions. The main IP is 12.190.116.32, located in United States and belongs to HARLANDCLARKE-AS, US. The main domain is bonusoffer.wf.com.
TLS certificate: Issued by Wells Fargo Public Trust Certificatio... on April 15th 2021. Valid for: a year.
This is the only time bonusoffer.wf.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.118.28 11377 (SENDGRID)
8 12.190.116.32 21945 (HARLANDCL...)
3 151.139.239.34 33438 (HIGHWINDS2)
2 172.217.16.136 15169 (GOOGLE)
1 142.250.185.142 15169 (GOOGLE)
2 89.187.169.47 60068 (CDN77 ^_^)
1 52.222.179.44 16509 (AMAZON-02)
1 172.217.19.106 15169 (GOOGLE)
1 142.250.185.163 15169 (GOOGLE)
19 8
1    167.89.118.28 (Las Vegas, United States)

ASN11377 (SENDGRID, US)
PTR: o16789118x28.outbound-mail.sendgrid.net
u19982634.ct.sendgrid.net
8    12.190.116.32 (United States)

ASN21945 (HARLANDCLARKE-AS, US)
bonusoffer.wf.com
3    151.139.239.34 (United States)

ASN33438 (HIGHWINDS2, US)
hclp-hclarke.netdna-ssl.com
2    172.217.16.136 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f136.1e100.net
www.googletagmanager.com
1    142.250.185.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f14.1e100.net
www.google-analytics.com
2    89.187.169.47 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com
a.omappapi.com
1    52.222.179.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-179-44.ham50.r.cloudfront.net
api.omappapi.com
1    172.217.19.106 (United States)

ASN15169 (GOOGLE, US)
PTR: muc03s07-in-f106.1e100.net
fonts.googleapis.com
1    142.250.185.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f3.1e100.net
fonts.gstatic.com
Domain Requested by
8 bonusoffer.wf.com bonusoffer.wf.com
3 hclp-hclarke.netdna-ssl.com bonusoffer.wf.com
2 a.omappapi.com bonusoffer.wf.com
a.omappapi.com
2 www.googletagmanager.com bonusoffer.wf.com
www.googletagmanager.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com a.omappapi.com
1 api.omappapi.com a.omappapi.com
1 www.google-analytics.com www.googletagmanager.com
1 u19982634.ct.sendgrid.net 1 redirects
19 9

This site contains links to these domains. Also see Links.

Domain
www.wellsfargo.com
Subject Issuer Validity Valid
bonusoffer.wf.com
Wells Fargo Public Trust Certification Authority 01 G2		 2021-04-15 -
2022-03-21		 a year crt.sh
*.netdna-ssl.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-22 -
2022-03-18		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
a.omappapi.com
R3		 2021-08-24 -
2021-11-22		 3 months crt.sh
api.opmnstr.com
Amazon		 2021-03-11 -
2022-04-09		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://bonusoffer.wf.com/updateincome/?e=000005022135872&utm_source=newsletter&utm_medium=email&utm_campaign=control
Frame ID: 8044F444AD0335A5219AB3AA5E78382D
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Wells Fargo

Page URL History Show full URLs

  1. https://u19982634.ct.sendgrid.net/ls/click?upn=9QAluab-2Byq92iZxhrcUwug1ictpQjlzNibctKXHQUytrUHLBL6akTkqhqO909... HTTP 302
    https://bonusoffer.wf.com/updateincome/?e=000005022135872&utm_source=newsletter&utm_medium=email&utm_c... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

100 %
HTTPS

0 %
IPv6

8
Domains

9
Subdomains

8
IPs

2
Countries

290 kB
Transfer

808 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://u19982634.ct.sendgrid.net/ls/click?upn=9QAluab-2Byq92iZxhrcUwug1ictpQjlzNibctKXHQUytrUHLBL6akTkqhqO909P5joBj6RhQeCPfE4P9UKHqnGCp-2Bg1DXZSvAsS7FOjJewETPpK1JTjyJ8A9Zmutn0pbbA0K5hdlk-2FD6a3wB0HXSrraca7-2B4Rh0FBHTj0omCSpeo-3D9tK2_UzEXIiuenWqPAL-2B-2BElEnkXVYcvAHeTmXXmyanjMKXQKubZHFoImwUdm-2FZEY39FGgZmVPXR2YEm8NgepqKVVZ678Bsxcej8CUETvTtvwf3GU8szh33b5yop8vhOMv0WOpu-2B8Evpu2pSVaqLCKiWHi5Cj62unePzqeeIHEPnsOfC8nRS-2B7C5Fqk39aHmUGZ8b8IdJibzUu69VtzKocQzColKaYOWSogTZNutMLdzT8tYF71L9ZZG7ONiXCK6jQFHq-2FDnA0bDuQBA-2ButnCUbZ95N66HRAeUjNreLIOjWZ2eCdLV5n3R1uOQDKShSz1p7-2B4Ul58wFKzmRtqC8KZuJcQRpmdRfUMy6FZ8EppjW9mTN8L-2FYrf054lYMbP7NFcZ-2BiAePXuN2kRZFC0PQmg5v-2BxUhnDB1XJPQsQGOMl87ThHJr-2F60-2FJ8a-2BSkl9pU1KKgN-2FLHPwsm93SmTDtyTWixB7KgQce8Hwv7OERUsLCe2cy8r3mC6WZUJwpf6arH8a0P9TFxBkXV6wcYg58f-2B4X7vVZZM7Pyrd9qhitM3AaRxV0f0rWVvjlzA1uLtWMNSI2zAAts HTTP 302
    https://bonusoffer.wf.com/updateincome/?e=000005022135872&utm_source=newsletter&utm_medium=email&utm_campaign=control Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
bonusoffer.wf.com/updateincome/
Redirect Chain
  • https://u19982634.ct.sendgrid.net/ls/click?upn=9QAluab-2Byq92iZxhrcUwug1ictpQjlzNibctKXHQUytrUHLBL6akTkqhqO909P5joBj6RhQeCPfE4P9UKHqnGCp-2Bg1DXZSvAsS7FOjJewETPpK1JTjyJ8A9Zmutn0pbbA0K5hdlk-2FD6a3wB0...
  • https://bonusoffer.wf.com/updateincome/?e=000005022135872&utm_source=newsletter&utm_medium=email&utm_campaign=control
13 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bonusoffer.wf.com/updateincome/?e=000005022135872&utm_source=newsletter&utm_medium=email&utm_campaign=control
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
12.190.116.32 , United States, ASN21945 (HARLANDCLARKE-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
6fc408338be4c06a098573d862780cd174d66576658c224a3411718b0124f6f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options Sameorigin
X-Xss-Protection 1; mode=block

Request headers

Host
bonusoffer.wf.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Thu, 16 Sep 2021 22:59:57 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000
X-XSS-Protection
1; mode=block
X-Frame-Options
Sameorigin
X-Robots-Tag
noindex, nofollow
Vary
Accept-Encoding
Content-Encoding
gzip
Keep-Alive
timeout=15, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html;charset=UTF-8
Set-Cookie
BIGipServer~OPENSTACK-VIPS~POOL-BONUSOFFER.WF.COM-80=!hsOw9yAYzweO9p33UIp1RjQeO8DgS025JIwHAGLoHMD/I8EXZWplrNl6rWUd1xJ7ZmyE2ZZ5bhlBuys=; path=/; Httponly; Secure

Redirect headers

Server
nginx
Date
Thu, 16 Sep 2021 23:00:21 GMT
Content-Type
text/html; charset=utf-8
Content-Length
152
Connection
keep-alive
Location
https://bonusoffer.wf.com/updateincome/?e=000005022135872&utm_source=newsletter&utm_medium=email&utm_campaign=control
X-Robots-Tag
noindex, nofollow
style.min.css
bonusoffer.wf.com/assets/templates/p4_income_capture_20/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bonusoffer.wf.com/assets/templates/p4_income_capture_20/css/style.min.css
Requested by
Host: bonusoffer.wf.com
URL: https://bonusoffer.wf.com/updateincome/?e=000005022135872&utm_source=newsletter&utm_medium=email&utm_campaign=control
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
12.190.116.32 , United States, ASN21945 (HARLANDCLARKE-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
6b7a7985dad7b792dec80dbeb4148725fc5090f1f6409854acfa8e6154860dba

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
bonusoffer.wf.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://bonusoffer.wf.com/updateincome/?e=000005022135872&utm_source=newsletter&utm_medium=email&utm_campaign=control
Cookie
BIGipServer~OPENSTACK-VIPS~POOL-BONUSOFFER.WF.COM-80=!hsOw9yAYzweO9p33UIp1RjQeO8DgS025JIwHAGLoHMD/I8EXZWplrNl6rWUd1xJ7ZmyE2ZZ5bhlBuys=
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://bonusoffer.wf.com/updateincome/?e=000005022135872&utm_source=newsletter&utm_medium=email&utm_campaign=control
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 16 Sep 2021 23:00:00 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Feb 2021 14:39:57 GMT
Server
Apache
ETag
"f4cf85a9-1ce6-5ba83ad728940"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Keep-Alive
timeout=15, max=99
Content-Length
2127
responsive.min.css
bonusoffer.wf.com/assets/templates/p4_income_capture_20/css/ 		2 KB
1019 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bonusoffer.wf.com/assets/templates/p4_income_capture_20/css/responsive.min.css
Requested by
Host: bonusoffer.wf.com
URL: https://bonusoffer.wf.com/updateincome/?e=000005022135872&utm_source=newsletter&utm_medium=email&utm_campaign=control
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
12.190.116.32 , United States, ASN21945 (HARLANDCLARKE-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
63c860ebf080d879763f63eb43309be5f2dec73c0291ccbf7a5e4dd7af96c1d3

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
bonusoffer.wf.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://bonusoffer.wf.com/updateincome/?e=000005022135872&utm_source=newsletter&utm_medium=email&utm_campaign=control
Cookie
BIGipServer~OPENSTACK-VIPS~POOL-BONUSOFFER.WF.COM-80=!hsOw9yAYzweO9p33UIp1RjQeO8DgS025JIwHAGLoHMD/I8EXZWplrNl6rWUd1xJ7ZmyE2ZZ5bhlBuys=
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://bonusoffer.wf.com/updateincome/?e=000005022135872&utm_source=newsletter&utm_medium=email&utm_campaign=control
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 16 Sep 2021 23:00:00 GMT
Content-Encoding
gzip
Last-Modified
Thu, 08 Oct 2020 17:00:06 GMT
Server
Apache
ETag
"f4cf32eb-6bc-5b12bc38c1180"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Keep-Alive
timeout=15, max=98
Content-Length
662
wells-fargo-logo.png
hclp-hclarke.netdna-ssl.com/wf/generic/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hclp-hclarke.netdna-ssl.com/wf/generic/images/wells-fargo-logo.png
Requested by
Host: bonusoffer.wf.com
URL: https://bonusoffer.wf.com/updateincome/?e=000005022135872&utm_source=newsletter&utm_medium=email&utm_campaign=control
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.239.34 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
c9cae2839acfeaadb8a7a835ddec64525b86e018f2a1e0ba88ad5c14a3ed9bb6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bonusoffer.wf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 23:00:25 GMT
last-modified
Wed, 25 Mar 2020 19:13:33 GMT
server
NetDNA-cache/2.2
accept-ranges
bytes
etag
"5e7bad5d-a87"
content-length
2695
content-type
image/png
jquery-3.4.1.min.js
hclp-hclarke.netdna-ssl.com/wf/generic/js/ 		86 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hclp-hclarke.netdna-ssl.com/wf/generic/js/jquery-3.4.1.min.js
Requested by
Host: bonusoffer.wf.com
URL: https://bonusoffer.wf.com/updateincome/?e=000005022135872&utm_source=newsletter&utm_medium=email&utm_campaign=control
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.239.34 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bonusoffer.wf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 23:00:24 GMT
content-encoding
gzip
last-modified
Mon, 22 Jun 2020 17:32:43 GMT
server
NetDNA-cache/2.2
etag
W/"5ef0eb3b-15851"
content-type
application/x-javascript
jquery.validate.min.js
hclp-hclarke.netdna-ssl.com/wf/generic/js/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hclp-hclarke.netdna-ssl.com/wf/generic/js/jquery.validate.min.js
Requested by
Host: bonusoffer.wf.com
URL: https://bonusoffer.wf.com/updateincome/?e=000005022135872&utm_source=newsletter&utm_medium=email&utm_campaign=control
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.239.34 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
5fe55811cab9115f1733276abdc3e822047bd84f6ab9611fe64fcca43261e49f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bonusoffer.wf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 23:00:24 GMT
content-encoding
gzip
last-modified
Tue, 23 Jun 2020 15:30:33 GMT
server
NetDNA-cache/2.2
etag
W/"5ef22019-5415"
content-type
application/x-javascript
autoNumeric.min.js
bonusoffer.wf.com/assets/templates/p4_income_capture_20/js/ 		182 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bonusoffer.wf.com/assets/templates/p4_income_capture_20/js/autoNumeric.min.js
Requested by
Host: bonusoffer.wf.com
URL: https://bonusoffer.wf.com/updateincome/?e=000005022135872&utm_source=newsletter&utm_medium=email&utm_campaign=control
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
12.190.116.32 , United States, ASN21945 (HARLANDCLARKE-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
d97ab7b520265932d4d128c4cf6920d69af8a86656a8ec27024c20e8dd09caa3

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
bonusoffer.wf.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://bonusoffer.wf.com/updateincome/?e=000005022135872&utm_source=newsletter&utm_medium=email&utm_campaign=control
Cookie
BIGipServer~OPENSTACK-VIPS~POOL-BONUSOFFER.WF.COM-80=!hsOw9yAYzweO9p33UIp1RjQeO8DgS025JIwHAGLoHMD/I8EXZWplrNl6rWUd1xJ7ZmyE2ZZ5bhlBuys=
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://bonusoffer.wf.com/updateincome/?e=000005022135872&utm_source=newsletter&utm_medium=email&utm_campaign=control
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 16 Sep 2021 23:00:00 GMT
Content-Encoding
gzip
Last-Modified
Thu, 08 Oct 2020 17:00:06 GMT
Server
Apache
ETag
"f4cf513b-2d8e5-5b12bc38c1180"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Keep-Alive
timeout=15, max=100
Content-Length
40100
utils.min.js
bonusoffer.wf.com/assets/generic/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bonusoffer.wf.com/assets/generic/js/utils.min.js
Requested by
Host: bonusoffer.wf.com
URL: https://bonusoffer.wf.com/updateincome/?e=000005022135872&utm_source=newsletter&utm_medium=email&utm_campaign=control
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
12.190.116.32 , United States, ASN21945 (HARLANDCLARKE-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
555da08b4cc22f74989cb7ef22d459f2d2da96a8db4ac97fabe92ff874d04666

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
bonusoffer.wf.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://bonusoffer.wf.com/updateincome/?e=000005022135872&utm_source=newsletter&utm_medium=email&utm_campaign=control
Cookie
BIGipServer~OPENSTACK-VIPS~POOL-BONUSOFFER.WF.COM-80=!hsOw9yAYzweO9p33UIp1RjQeO8DgS025JIwHAGLoHMD/I8EXZWplrNl6rWUd1xJ7ZmyE2ZZ5bhlBuys=
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://bonusoffer.wf.com/updateincome/?e=000005022135872&utm_source=newsletter&utm_medium=email&utm_campaign=control
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 16 Sep 2021 23:00:00 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 May 2021 20:24:48 GMT
Server
Apache
ETag
"f4cdc773-1254-5c1af1a494400"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Keep-Alive
timeout=15, max=97
Content-Length
1852
general.min.js
bonusoffer.wf.com/assets/templates/p4_income_capture_20/js/ 		2 KB
953 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bonusoffer.wf.com/assets/templates/p4_income_capture_20/js/general.min.js
Requested by
Host: bonusoffer.wf.com
URL: https://bonusoffer.wf.com/updateincome/?e=000005022135872&utm_source=newsletter&utm_medium=email&utm_campaign=control
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
12.190.116.32 , United States, ASN21945 (HARLANDCLARKE-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
57b3ccadf3ba450af6b05b7ac38b6df9c91f21f52f4af8cc1671bad5338348f2

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
bonusoffer.wf.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://bonusoffer.wf.com/updateincome/?e=000005022135872&utm_source=newsletter&utm_medium=email&utm_campaign=control
Cookie
BIGipServer~OPENSTACK-VIPS~POOL-BONUSOFFER.WF.COM-80=!hsOw9yAYzweO9p33UIp1RjQeO8DgS025JIwHAGLoHMD/I8EXZWplrNl6rWUd1xJ7ZmyE2ZZ5bhlBuys=
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://bonusoffer.wf.com/updateincome/?e=000005022135872&utm_source=newsletter&utm_medium=email&utm_campaign=control
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 16 Sep 2021 23:00:00 GMT
Content-Encoding
gzip
Last-Modified
Thu, 08 Oct 2020 17:00:06 GMT
Server
Apache
ETag
"f4cf5137-669-5b12bc38c1180"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Keep-Alive
timeout=15, max=100
Content-Length
588
validation.min.js
bonusoffer.wf.com/assets/templates/p4_income_capture_20/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bonusoffer.wf.com/assets/templates/p4_income_capture_20/js/validation.min.js
Requested by
Host: bonusoffer.wf.com
URL: https://bonusoffer.wf.com/updateincome/?e=000005022135872&utm_source=newsletter&utm_medium=email&utm_campaign=control
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
12.190.116.32 , United States, ASN21945 (HARLANDCLARKE-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
4cc126f7a93bce0f9b0b8c1b30bb246b8abd325a1b73075a43a8527e36563309

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
bonusoffer.wf.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://bonusoffer.wf.com/updateincome/?e=000005022135872&utm_source=newsletter&utm_medium=email&utm_campaign=control
Cookie
BIGipServer~OPENSTACK-VIPS~POOL-BONUSOFFER.WF.COM-80=!hsOw9yAYzweO9p33UIp1RjQeO8DgS025JIwHAGLoHMD/I8EXZWplrNl6rWUd1xJ7ZmyE2ZZ5bhlBuys=
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://bonusoffer.wf.com/updateincome/?e=000005022135872&utm_source=newsletter&utm_medium=email&utm_campaign=control
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 16 Sep 2021 23:00:00 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Feb 2021 14:39:57 GMT
Server
Apache
ETag
"f4cfea1f-1577-5ba83ad728940"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Keep-Alive
timeout=15, max=99
Content-Length
1906
gtm.js
www.googletagmanager.com/ 		88 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PCJKC4H
Requested by
Host: bonusoffer.wf.com
URL: https://bonusoffer.wf.com/updateincome/?e=000005022135872&utm_source=newsletter&utm_medium=email&utm_campaign=control
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f136.1e100.net
Software
Google Tag Manager /
Resource Hash
b6e0a59c8ee8d1463584ee53851220aa4b6151833780e438e4a2f27ec40d58d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bonusoffer.wf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 23:00:25 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35681
x-xss-protection
0
last-modified
Thu, 16 Sep 2021 21:54:21 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 16 Sep 2021 23:00:25 GMT
WellsFargoSans-Regular.woff2
bonusoffer.wf.com/assets/templates/p4_income_capture_20/fonts/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bonusoffer.wf.com/assets/templates/p4_income_capture_20/fonts/WellsFargoSans-Regular.woff2
Requested by
Host: bonusoffer.wf.com
URL: https://bonusoffer.wf.com/assets/templates/p4_income_capture_20/css/style.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
12.190.116.32 , United States, ASN21945 (HARLANDCLARKE-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
a47ad8c4c3f473e25c91cc23516e8570b841163058ca423245805ecc75f8b897

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://bonusoffer.wf.com
Accept-Encoding
gzip, deflate, br
Host
bonusoffer.wf.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://bonusoffer.wf.com/assets/templates/p4_income_capture_20/css/style.min.css
Cookie
BIGipServer~OPENSTACK-VIPS~POOL-BONUSOFFER.WF.COM-80=!hsOw9yAYzweO9p33UIp1RjQeO8DgS025JIwHAGLoHMD/I8EXZWplrNl6rWUd1xJ7ZmyE2ZZ5bhlBuys=
Connection
keep-alive
Referer
https://bonusoffer.wf.com/assets/templates/p4_income_capture_20/css/style.min.css
Origin
https://bonusoffer.wf.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 16 Sep 2021 23:00:00 GMT
Last-Modified
Thu, 06 Aug 2020 15:54:58 GMT
Server
Apache
ETag
"f4cf26c8-5e2c-5ac37829c1880"
Content-Type
text/plain; charset=UTF-8
Connection
Keep-Alive
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Keep-Alive
timeout=15, max=96
Content-Length
24108
js
www.googletagmanager.com/gtag/ 		128 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NFRGBRW529&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCJKC4H
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f136.1e100.net
Software
Google Tag Manager /
Resource Hash
7429b26b848641782a780ce71171fc4356404e5cac7262b537debe9af08c46db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bonusoffer.wf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 23:00:25 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51103
x-xss-protection
0
expires
Thu, 16 Sep 2021 23:00:25 GMT
collect
www.google-analytics.com/g/ 		0
369 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-NFRGBRW529&gtm=2oe9f0&_p=1962835437&sr=1600x1200&ul=en-us&cid=767872127.1631833225&_s=1&dl=https%3A%2F%2Fbonusoffer.wf.com%2Fupdateincome%2F%3Fe%3D000005022135872%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dcontrol&dt=Wells%20Fargo&sid=1631833225&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NFRGBRW529&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bonusoffer.wf.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 23:00:25 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bonusoffer.wf.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
api.min.js
a.omappapi.com/app/js/ 		206 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.omappapi.com/app/js/api.min.js
Requested by
Host: bonusoffer.wf.com
URL: https://bonusoffer.wf.com/updateincome/?e=000005022135872&utm_source=newsletter&utm_medium=email&utm_campaign=control
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
fcf7342ac0f25805477906cca75be1f284a00b5a973eb70c8011ca60d49dc5ce

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bonusoffer.wf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 23:00:25 GMT
content-encoding
br
cdn-edgestorageid
756
perma-cache
HIT
cdn-storageserver
DE-169
cdn-cachedat
09/16/2021 03:41:28
cdn-pullzone
293267
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
server
BunnyCDN-DE1-756
access-control-allow-origin
*
last-modified
Wed, 15 Sep 2021 17:44:22 GMT
cdn-proxyver
1.0
cdn-fileserver
188
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid
f1c62353886b2e65941b7aadde474112
cdn-requestcountrycode
US
cdn-status
200
cdn-requestpullsuccess
True
17558
api.omappapi.com/v2/embed/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.omappapi.com/v2/embed/17558?d=bonusoffer.wf.com
Requested by
Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-44.ham50.r.cloudfront.net
Software
Pagely Gateway/1.5.1 /
Resource Hash
26d6873e22ebb056962dbdcef31c9d8107f52cc1bb672698e6ccd373342b0066

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bonusoffer.wf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 23:00:25 GMT
content-encoding
gzip
x-cache-config
0 0
x-amz-cf-pop
HAM50-C1
x-cache-status
HIT
x-cache
Miss from cloudfront
access-control-allow-headers
X-CSRF-Token
x-optinmonster-account
2530
x-user-agent
standard--
last-modified
Tue, 07 Sep 2021 14:14:59 GMT
server
Pagely Gateway/1.5.1
etag
W/"dd27fff4cc7579c029c66c21bf11675d"
vary
Accept-Encoding, User-Agent
content-type
application/json
via
1.1 dbf5a139061b80ff53ac8f18a1e0b49f.cloudfront.net (CloudFront)
access-control-expose-headers
X-OptinMonster-Account, X-User-Agent
cache-control
public, max-age=30, stale-while-revalidate=1800
access-control-allow-origin
*
x-amz-cf-id
t2DwlywP1A60wPFG9wMyklpCPodTtPF7JAUkB4YblduX5shOuR6VBQ==
expires
Thu, 16 Sep 2021 22:58:24 GMT
webfont.js
a.omappapi.com/app/js/webfont/1.5.18/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.omappapi.com/app/js/webfont/1.5.18/webfont.js
Requested by
Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bonusoffer.wf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 23:00:25 GMT
content-encoding
br
cdn-edgestorageid
756
perma-cache
HIT
cdn-storageserver
DE-51
cdn-cachedat
08/11/2021 05:08:04
cdn-pullzone
293267
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
server
BunnyCDN-DE1-756
access-control-allow-origin
*
last-modified
Thu, 27 May 2021 17:38:16 GMT
cdn-proxyver
1.0
cdn-fileserver
162
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid
af8ded794284e64a08787f6f94bd2aa1
cdn-requestcountrycode
US
cdn-status
200
cdn-requestpullsuccess
True
css
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400
Requested by
Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/webfont/1.5.18/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.19.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
muc03s07-in-f106.1e100.net
Software
ESF /
Resource Hash
3a57826dd4437403ec9dffe3d8a907466926d7123e4a765ec724d79ae24e1d54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bonusoffer.wf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 16 Sep 2021 22:58:36 GMT
server
ESF
date
Thu, 16 Sep 2021 23:00:26 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 16 Sep 2021 23:00:26 GMT
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v23/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v23/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f3.1e100.net
Software
sffe /
Resource Hash
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bonusoffer.wf.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 04:26:58 GMT
x-content-type-options
nosniff
age
326008
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14440
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:23:25 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Sep 2022 04:26:58 GMT

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster object| dataLayer function| $ function| jQuery object| google_tag_manager object| google_tag_data object| gaGlobal function| AutoNumeric function| getURLParameterValue function| setButtonStatus function| formatDate function| formatDateSpanish function| isValidDate function| parseDate function| updateUrlParamsWithDefault function| sendEmail function| offscreenImageLoad function| collapsiblePlusMinusButton function| stickyTab function| smoothScrollTab function| smoothScrollLink function| updateCheckboxFromField function| showIncomeTaxesBlock function| popup function| popup2 string| form string| path boolean| isProcessing string| lang_campaign_offer_notfound string| lang_last_4 string| lang_total_annual string| lang_total_annual_non_taxible string| lang_non_taxible string| lang_wait function| copyLast4 function| getofferDetails function| respond function| do_fail function| decodeHtml function| showOverlay function| onYouTubeIframeAPIReady object| aNFormHandlerMap object| autoNumericGlobalList function| setImmediate function| clearImmediate function| OptinMonsterApp boolean| om_loaded object| om2530_17558 boolean| _omvisitsadded object| _omapp object| omk9tsm0eg9y0fb3o1fu3r object| omp12tsyu9cd4kznjcevb7 object| WebFont

5 Cookies

Domain/Path Name / Value
bonusoffer.wf.com/ Name: BIGipServer~OPENSTACK-VIPS~POOL-BONUSOFFER.WF.COM-80
Value: !hsOw9yAYzweO9p33UIp1RjQeO8DgS025JIwHAGLoHMD/I8EXZWplrNl6rWUd1xJ7ZmyE2ZZ5bhlBuys=
.wf.com/ Name: _ga_NFRGBRW529
Value: GS1.1.1631833225.1.0.1631833225.0
.wf.com/ Name: _ga
Value: GA1.1.767872127.1631833225
bonusoffer.wf.com/ Name: _omappvp
Value: TuDiAA4uQjaZr5xnUl36VLPkC3P3IQObrZ3xKdQ7iVQcszTdnlDlcinYYM8dBttWFGxGflriXSNrGThbza207DKMwxV9wmWK
bonusoffer.wf.com/ Name: _omappvs
Value: 1631833225441

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Frame-Options Sameorigin
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.omappapi.com
api.omappapi.com
bonusoffer.wf.com
fonts.googleapis.com
fonts.gstatic.com
hclp-hclarke.netdna-ssl.com
u19982634.ct.sendgrid.net
www.google-analytics.com
www.googletagmanager.com
12.190.116.32
142.250.185.142
142.250.185.163
151.139.239.34
167.89.118.28
172.217.16.136
172.217.19.106
52.222.179.44
89.187.169.47
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
26d6873e22ebb056962dbdcef31c9d8107f52cc1bb672698e6ccd373342b0066
3a57826dd4437403ec9dffe3d8a907466926d7123e4a765ec724d79ae24e1d54
4cc126f7a93bce0f9b0b8c1b30bb246b8abd325a1b73075a43a8527e36563309
555da08b4cc22f74989cb7ef22d459f2d2da96a8db4ac97fabe92ff874d04666
57b3ccadf3ba450af6b05b7ac38b6df9c91f21f52f4af8cc1671bad5338348f2
5fe55811cab9115f1733276abdc3e822047bd84f6ab9611fe64fcca43261e49f
63c860ebf080d879763f63eb43309be5f2dec73c0291ccbf7a5e4dd7af96c1d3
6b7a7985dad7b792dec80dbeb4148725fc5090f1f6409854acfa8e6154860dba
6fc408338be4c06a098573d862780cd174d66576658c224a3411718b0124f6f7
7429b26b848641782a780ce71171fc4356404e5cac7262b537debe9af08c46db
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a47ad8c4c3f473e25c91cc23516e8570b841163058ca423245805ecc75f8b897
b6e0a59c8ee8d1463584ee53851220aa4b6151833780e438e4a2f27ec40d58d5
c9cae2839acfeaadb8a7a835ddec64525b86e018f2a1e0ba88ad5c14a3ed9bb6
ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4
d97ab7b520265932d4d128c4cf6920d69af8a86656a8ec27024c20e8dd09caa3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fcf7342ac0f25805477906cca75be1f284a00b5a973eb70c8011ca60d49dc5ce