urlscan.io logo urlscan.io
SecurityTrails logo

connect.secure.wellsfargo.com Open in urlscan Pro
159.45.66.156  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://mail2.mywellsfargorewards.com/T/v40000016ac14a1a82a6f3116e96c65220/ac66bec149814bcc0000021ef3a0bcc3/ac66bec1-4981-4bcc-9684-ee...
Effective URL: https://connect.secure.wellsfargo.com/auth/login/rewards
Submission: On May 16 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 8 domains to perform 38 HTTP transactions. The main IP is 159.45.66.156, located in United States and belongs to WELLSFARGO-4196 - Wells Fargo & Company, US. The main domain is connect.secure.wellsfargo.com.
TLS certificate: Issued by DigiCert Global CA G2 on February 7th 2019. Valid for: 2 years.
This is the only time connect.secure.wellsfargo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 159.127.187.86 19137 (EPSILON-I...)
23 159.127.184.145 19137 (EPSILON-I...)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 159.45.66.156 4196 (WELLSFARG...)
4 159.45.2.156 10837 (WELLSFARG...)
3 159.45.66.178 4196 (WELLSFARG...)
3 159.45.170.156 10837 (WELLSFARG...)
38 9
1    159.127.187.86 (United States)

ASN19137 (EPSILON-INTERACTIVE - Epsilon Interactive LLC, US)
mail2.mywellsfargorewards.com
23    159.127.184.145 (United States)

ASN19137 (EPSILON-INTERACTIVE - Epsilon Interactive LLC, US)
gofarrewards.wf.com
2    2a00:1450:4001:81f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    2a00:1450:4001:824::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
1    2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
1    2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
2    159.45.66.156 (United States)

ASN4196 (WELLSFARGO-4196 - Wells Fargo & Company, US)
connect.secure.wellsfargo.com
4    159.45.2.156 (Concord, United States)

ASN10837 (WELLSFARGO-10837 - Wells Fargo & Company, US)
connect.secure.wellsfargo.com
3    159.45.66.178 (United States)

ASN4196 (WELLSFARGO-4196 - Wells Fargo & Company, US)
static.wellsfargo.com
3    159.45.170.156 (United States)

ASN10837 (WELLSFARGO-10837 - Wells Fargo & Company, US)
connect.secure.wellsfargo.com
Domain Requested by
23 gofarrewards.wf.com gofarrewards.wf.com
9 connect.secure.wellsfargo.com gofarrewards.wf.com
connect.secure.wellsfargo.com
3 static.wellsfargo.com connect.secure.wellsfargo.com
static.wellsfargo.com
2 www.google-analytics.com 1 redirects gofarrewards.wf.com
1 www.google.de
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 www.googletagmanager.com gofarrewards.wf.com
1 mail2.mywellsfargorewards.com 1 redirects
38 9

This site contains links to these domains. Also see Links.

Domain
www.wellsfargo.com
oam.wellsfargo.com
gofarrewards.wf.com
Subject Issuer Validity Valid
gofarrewards.wf.com
Wells Fargo Public Trust Certification Authority 01 G2		 2018-01-19 -
2020-01-20		 2 years crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-04-30 -
2019-07-23		 3 months crt.sh
www.google.de
Google Internet Authority G3		 2019-04-16 -
2019-07-09		 3 months crt.sh
connect.secure.wellsfargo.com
DigiCert Global CA G2		 2019-02-07 -
2021-02-07		 2 years crt.sh
static.wellsfargo.com
DigiCert Global CA G2		 2019-02-07 -
2021-02-07		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://connect.secure.wellsfargo.com/auth/login/rewards
Frame ID: 1D201A718DC4F784A4797C7EF6B0E491
Requests: 46 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://mail2.mywellsfargorewards.com/T/v40000016ac14a1a82a6f3116e96c65220/ac66bec149814bcc0000021ef3a0bcc3/ac66be... HTTP 302
    https://gofarrewards.wf.com/ Page URL
  2. https://connect.secure.wellsfargo.com/auth/login/rewards Page URL

Page Statistics

38
Requests

100 %
HTTPS

45 %
IPv6

8
Domains

9
Subdomains

9
IPs

3
Countries

2645 kB
Transfer

3459 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://mail2.mywellsfargorewards.com/T/v40000016ac14a1a82a6f3116e96c65220/ac66bec149814bcc0000021ef3a0bcc3/ac66bec1-4981-4bcc-9684-ee3113bf1f60?__dU__=v0G4RBKTXg2Gvyyum6Zv_iEzL_CV_jZhKoMq710zowEArZxpI6zvwq9A== HTTP 302
    https://gofarrewards.wf.com/ Page URL
  2. https://connect.secure.wellsfargo.com/auth/login/rewards Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://mail2.mywellsfargorewards.com/T/v40000016ac14a1a82a6f3116e96c65220/ac66bec149814bcc0000021ef3a0bcc3/ac66bec1-4981-4bcc-9684-ee3113bf1f60?__dU__=v0G4RBKTXg2Gvyyum6Zv_iEzL_CV_jZhKoMq710zowEArZxpI6zvwq9A== HTTP 302
  • https://gofarrewards.wf.com/
Request Chain 25
  • https://www.google-analytics.com/r/collect?v=1&_v=j75&a=780231821&t=pageview&_s=1&dl=https%3A%2F%2Fgofarrewards.wf.com%2F%23utm_source%3DRewards%2520Statement%26utm_medium%3DEmail%26utm_content%3DExplore%2520Button%26utm_campaign%3D2019-APRIL&dp=https%3A%2F%2Fgofarrewards.wf.com%2F%23%2Flogin%3Futm_source%3DRewards%2520Statement%26utm_medium%3DEmail%26utm_content%3DExplore%2520Button%26utm_campaign%3D2019-APRIL&ul=en-us&de=UTF-8&dt=Redirect&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBACEABH~&jid=1221515275&gjid=561045134&cid=24067485.1558023011&tid=UA-54242036-2&_gid=1770058873.1558023011&_r=1&cg4=MEMBER%20GROUP%20Un-Authenticated&z=350846212 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-54242036-2&cid=24067485.1558023011&jid=1221515275&_gid=1770058873.1558023011&gjid=561045134&_v=j75&z=350846212 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-54242036-2&cid=24067485.1558023011&jid=1221515275&_v=j75&z=350846212 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-54242036-2&cid=24067485.1558023011&jid=1221515275&_v=j75&z=350846212&slf_rd=1&random=3604574389

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set /
gofarrewards.wf.com/
Redirect Chain
  • http://mail2.mywellsfargorewards.com/T/v40000016ac14a1a82a6f3116e96c65220/ac66bec149814bcc0000021ef3a0bcc3/ac66bec1-4981-4bcc-9684-ee3113bf1f60?__dU__=v0G4RBKTXg2Gvyyum6Zv_iEzL_CV_jZhKoMq710zowEArZ...
  • https://gofarrewards.wf.com/
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gofarrewards.wf.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.127.184.145 , United States, ASN19137 (EPSILON-INTERACTIVE - Epsilon Interactive LLC, US),
Reverse DNS
Software
/
Resource Hash
a4071ef8615e910ec941ab074828b12070039bf31f028693c4a6234774991b1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Host
gofarrewards.wf.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Cache-Control
no-cache, proxy-revalidate, private, no-cache=Set-Cookie
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Expires
-1
Set-Cookie
ASP.NET_SessionId=e3427396fd604f1a886c0f4b86872dfd; path=/; secure; HttpOnly HILT-WFBK_SESSION=!E9PhPm6eMYsJ3rdTf/gakk8axZlhROsJhw+iy0clCAMyQyO4wXUSg8hDUTA4WqEY1KbS3toXaP3+THunT+p0BWa2HlgAFcZuIvxcwPXs; path=/; Httponly; Secure
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Date
Thu, 16 May 2019 16:10:03 GMT
Content-Length
2079

Redirect headers

Location
https://gofarrewards.wf.com/#/login?utm_source=Rewards Statement&utm_medium=Email&utm_content=Explore Button&utm_campaign=2019-APRIL
Cache-Control
no-cache
Content-Length
0
Date
Thu, 16 May 2019 16:10:02 GMT
epsi-min-7e724b6b.js
gofarrewards.wf.com/ 		1 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://gofarrewards.wf.com/epsi-min-7e724b6b.js
Requested by
Host: gofarrewards.wf.com
URL: https://gofarrewards.wf.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.127.184.145 , United States, ASN19137 (EPSILON-INTERACTIVE - Epsilon Interactive LLC, US),
Reverse DNS
Software
/
Resource Hash
d0058ba44c736ee9063134bdd2e56492546aeca9aec5b7eab1ac9c53a7984116
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://gofarrewards.wf.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Last-Modified
Mon, 06 May 2019 14:34:32 GMT
ETag
"4325cfd1184d51:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Cache-Control
public
Date
Thu, 16 May 2019 16:10:03 GMT
Accept-Ranges
bytes
Content-Length
1546245
epsi-min-58a01c6f.css
gofarrewards.wf.com/ 		444 KB
444 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gofarrewards.wf.com/epsi-min-58a01c6f.css
Requested by
Host: gofarrewards.wf.com
URL: https://gofarrewards.wf.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.127.184.145 , United States, ASN19137 (EPSILON-INTERACTIVE - Epsilon Interactive LLC, US),
Reverse DNS
Software
/
Resource Hash
cf857ba191d3dd4f3e95222cf2cc5f9f83314e845fde73a2537cbfd0ca1c31e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://gofarrewards.wf.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Last-Modified
Mon, 06 May 2019 14:34:32 GMT
ETag
"4325cfd1184d51:0"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
public
Date
Thu, 16 May 2019 16:10:03 GMT
Accept-Ranges
bytes
Content-Length
454666
Verdana.woff
gofarrewards.wf.com/fonts/ 		106 KB
107 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gofarrewards.wf.com/fonts/Verdana.woff
Requested by
Host: gofarrewards.wf.com
URL: https://gofarrewards.wf.com/epsi-min-7e724b6b.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.127.184.145 , United States, ASN19137 (EPSILON-INTERACTIVE - Epsilon Interactive LLC, US),
Reverse DNS
Software
/
Resource Hash
d9125659ea5a5c715a5c6e8eb4d06542e8c056f22346320521e9484aa000fe58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://gofarrewards.wf.com/epsi-min-58a01c6f.css
Origin
https://gofarrewards.wf.com

Response headers

Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Last-Modified
Mon, 06 May 2019 14:26:52 GMT
ETag
"468acbbf174d51:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/font-woff
Cache-Control
public
Date
Thu, 16 May 2019 16:10:10 GMT
Accept-Ranges
bytes
Content-Length
108916
backToTop.html
gofarrewards.wf.com/angularRoot/modules/layout/ 		173 B
712 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gofarrewards.wf.com/angularRoot/modules/layout/backToTop.html?ver=100a9c00-700c-11e9-b90c-dfd069e8305b
Requested by
Host: gofarrewards.wf.com
URL: https://gofarrewards.wf.com/epsi-min-7e724b6b.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.127.184.145 , United States, ASN19137 (EPSILON-INTERACTIVE - Epsilon Interactive LLC, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
cb20ed245d8bfc7a7c300bef965b40352bac74387bf76beeefc6381f3055f11f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://gofarrewards.wf.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Last-Modified
Mon, 06 May 2019 14:26:51 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"5c9067bf174d51:0"
X-Frame-Options
SAMEORIGIN
Content-Type
text/html
Cache-Control
public
Date
Thu, 16 May 2019 16:10:09 GMT
Accept-Ranges
bytes
Content-Length
173
redirect.html
gofarrewards.wf.com/angularRoot/modules/redirect/ 		218 B
707 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gofarrewards.wf.com/angularRoot/modules/redirect/redirect.html?ver=100a9c00-700c-11e9-b90c-dfd069e8305b
Requested by
Host: gofarrewards.wf.com
URL: https://gofarrewards.wf.com/epsi-min-7e724b6b.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.127.184.145 , United States, ASN19137 (EPSILON-INTERACTIVE - Epsilon Interactive LLC, US),
Reverse DNS
Software
/
Resource Hash
a96153638aa1ee9aad479e737dca0d0a51be2c12bb4632921e0f01224583f41b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://gofarrewards.wf.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Last-Modified
Mon, 06 May 2019 14:26:52 GMT
ETag
"265e7fbf174d51:0"
X-Frame-Options
SAMEORIGIN
Content-Type
text/html
Cache-Control
public
Date
Thu, 16 May 2019 16:10:10 GMT
Accept-Ranges
bytes
Content-Length
218
top_arrow.png
gofarrewards.wf.com/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gofarrewards.wf.com/images/top_arrow.png
Requested by
Host: gofarrewards.wf.com
URL: https://gofarrewards.wf.com/epsi-min-7e724b6b.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.127.184.145 , United States, ASN19137 (EPSILON-INTERACTIVE - Epsilon Interactive LLC, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
c4e11bee57b65d00ec2ecfdb55d06f370ef9bc00dfcb539cea2f60d614dac2d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://gofarrewards.wf.com/epsi-min-58a01c6f.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Last-Modified
Mon, 06 May 2019 14:26:52 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
public
Date
Thu, 16 May 2019 16:10:10 GMT
Accept-Ranges
bytes
Content-Length
1480
ETag
"5eab4c0174d51:0"
GetConfigurations
gofarrewards.wf.com/Home/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gofarrewards.wf.com/Home/GetConfigurations?n=0.5419171370920723
Requested by
Host: gofarrewards.wf.com
URL: https://gofarrewards.wf.com/epsi-min-7e724b6b.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.127.184.145 , United States, ASN19137 (EPSILON-INTERACTIVE - Epsilon Interactive LLC, US),
Reverse DNS
Software
/
Resource Hash
dabad322662e1f6c167fd16a6cdeff96fa5bc51dbc4412b2486b02b27a0c0aeb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://gofarrewards.wf.com/
Origin
https://gofarrewards.wf.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Date
Thu, 16 May 2019 16:10:10 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/json; charset=utf-8
Cache-Control
no-cache, proxy-revalidate, private, no-cache=Set-Cookie
Content-Length
1200
Expires
-1
header.html
gofarrewards.wf.com/angularRoot/modules/layout/ 		20 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gofarrewards.wf.com/angularRoot/modules/layout/header.html?ver=100a9c00-700c-11e9-b90c-dfd069e8305b
Requested by
Host: gofarrewards.wf.com
URL: https://gofarrewards.wf.com/epsi-min-7e724b6b.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.127.184.145 , United States, ASN19137 (EPSILON-INTERACTIVE - Epsilon Interactive LLC, US),
Reverse DNS
Software
/
Resource Hash
449ec72db14f5e0e5ae7b5e508f3852d5b27d5d9350135c25b88426411023530
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://gofarrewards.wf.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Last-Modified
Mon, 06 May 2019 14:26:51 GMT
ETag
"bdf169bf174d51:0"
X-Frame-Options
SAMEORIGIN
Content-Type
text/html
Cache-Control
public
Date
Thu, 16 May 2019 16:10:10 GMT
Accept-Ranges
bytes
Content-Length
20864
footer.html
gofarrewards.wf.com/angularRoot/modules/layout/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gofarrewards.wf.com/angularRoot/modules/layout/footer.html?ver=100a9c00-700c-11e9-b90c-dfd069e8305b
Requested by
Host: gofarrewards.wf.com
URL: https://gofarrewards.wf.com/epsi-min-7e724b6b.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.127.184.145 , United States, ASN19137 (EPSILON-INTERACTIVE - Epsilon Interactive LLC, US),
Reverse DNS
Software
/
Resource Hash
d8227d00a0c03d6ed96f33932c3e42851045f46f808d2407aa6b38b1726d53a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://gofarrewards.wf.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Last-Modified
Mon, 06 May 2019 14:26:51 GMT
ETag
"5c9067bf174d51:0"
X-Frame-Options
SAMEORIGIN
Content-Type
text/html
Cache-Control
public
Date
Thu, 16 May 2019 16:10:10 GMT
Accept-Ranges
bytes
Content-Length
1181
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: gofarrewards.wf.com
URL: https://gofarrewards.wf.com/epsi-min-7e724b6b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
7dff09578729615fcd15c840a32c9f82a33fe2331a851e4ac40be03cb111b3f0
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://gofarrewards.wf.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 02 May 2019 01:33:03 GMT
server
Golfe2
age
2257
date
Thu, 16 May 2019 15:32:33 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17779
expires
Thu, 16 May 2019 17:32:33 GMT
GetProfile
gofarrewards.wf.com/Home/ 		58 B
392 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gofarrewards.wf.com/Home/GetProfile?n=0.7619794474717299
Requested by
Host: gofarrewards.wf.com
URL: https://gofarrewards.wf.com/epsi-min-7e724b6b.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.127.184.145 , United States, ASN19137 (EPSILON-INTERACTIVE - Epsilon Interactive LLC, US),
Reverse DNS
Software
/
Resource Hash
95471c19d520e1cd996b6d6488e8a5c04a43c1fbae46e83953eb4442278a9cb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://gofarrewards.wf.com/
Origin
https://gofarrewards.wf.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Date
Thu, 16 May 2019 16:10:10 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/json; charset=utf-8
Cache-Control
no-cache, proxy-revalidate, private, no-cache=Set-Cookie
Content-Length
58
Expires
-1
GetSonar
gofarrewards.wf.com/Home/ 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gofarrewards.wf.com/Home/GetSonar?n=0.8657254669997969
Requested by
Host: gofarrewards.wf.com
URL: https://gofarrewards.wf.com/epsi-min-7e724b6b.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.127.184.145 , United States, ASN19137 (EPSILON-INTERACTIVE - Epsilon Interactive LLC, US),
Reverse DNS
Software
/
Resource Hash
b32f1891e0ef199c887b595b1cc0c5933cd41048da518f69109205c2bd8b33a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://gofarrewards.wf.com/
Origin
https://gofarrewards.wf.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Date
Thu, 16 May 2019 16:10:10 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/json; charset=utf-8
Cache-Control
no-cache, proxy-revalidate, private, no-cache=Set-Cookie
Content-Length
3281
Expires
-1
GetConfigurations
gofarrewards.wf.com/Home/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gofarrewards.wf.com/Home/GetConfigurations?n=0.706148465380585
Requested by
Host: gofarrewards.wf.com
URL: https://gofarrewards.wf.com/epsi-min-7e724b6b.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.127.184.145 , United States, ASN19137 (EPSILON-INTERACTIVE - Epsilon Interactive LLC, US),
Reverse DNS
Software
/
Resource Hash
dabad322662e1f6c167fd16a6cdeff96fa5bc51dbc4412b2486b02b27a0c0aeb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://gofarrewards.wf.com/
Origin
https://gofarrewards.wf.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Date
Thu, 16 May 2019 16:10:10 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/json; charset=utf-8
Cache-Control
no-cache, proxy-revalidate, private, no-cache=Set-Cookie
Content-Length
1200
Expires
-1
img-wf-logo-large-glob-232x20-1x.png
gofarrewards.wf.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gofarrewards.wf.com/images/img-wf-logo-large-glob-232x20-1x.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.127.184.145 , United States, ASN19137 (EPSILON-INTERACTIVE - Epsilon Interactive LLC, US),
Reverse DNS
Software
/
Resource Hash
1905884317b7966c4f1751ee4cb9b3b1475e09dec8ffab9e6f5cc0a007c68d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://gofarrewards.wf.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Last-Modified
Mon, 06 May 2019 14:26:52 GMT
ETag
"3b87fdbf174d51:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
public
Date
Thu, 16 May 2019 16:10:10 GMT
Accept-Ranges
bytes
Content-Length
2160
img-wf-logo-mob-151x13-1x.png
gofarrewards.wf.com/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gofarrewards.wf.com/images/img-wf-logo-mob-151x13-1x.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.127.184.145 , United States, ASN19137 (EPSILON-INTERACTIVE - Epsilon Interactive LLC, US),
Reverse DNS
Software
/
Resource Hash
eb66c41f539232286423c468a3153035e6c1cc463abbcb8bc83002956942d37b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://gofarrewards.wf.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Last-Modified
Mon, 06 May 2019 14:26:52 GMT
ETag
"3b87fdbf174d51:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
public
Date
Thu, 16 May 2019 16:10:10 GMT
Accept-Ranges
bytes
Content-Length
1414
icn-nav-lock-wht-15x21.svg
gofarrewards.wf.com/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gofarrewards.wf.com/images/icn-nav-lock-wht-15x21.svg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.127.184.145 , United States, ASN19137 (EPSILON-INTERACTIVE - Epsilon Interactive LLC, US),
Reverse DNS
Software
/
Resource Hash
12348979e9e873157ba1b849f4b4426184a41e79d807232d02bb97c61d82f592
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://gofarrewards.wf.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Last-Modified
Mon, 06 May 2019 14:26:52 GMT
ETag
"4e95debf174d51:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Cache-Control
public
Date
Thu, 16 May 2019 16:10:10 GMT
Accept-Ranges
bytes
Content-Length
2266
icn-nav-masthead-nav-more-glob-26x24.svg
gofarrewards.wf.com/images/ 		663 B
993 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gofarrewards.wf.com/images/icn-nav-masthead-nav-more-glob-26x24.svg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.127.184.145 , United States, ASN19137 (EPSILON-INTERACTIVE - Epsilon Interactive LLC, US),
Reverse DNS
Software
/
Resource Hash
dc39c652e3a2f9f14355d229050b63f28ac6ab45547bcd73ed1275adc639fc0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://gofarrewards.wf.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Last-Modified
Mon, 06 May 2019 14:26:52 GMT
ETag
"4e95debf174d51:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Cache-Control
public
Date
Thu, 16 May 2019 16:10:10 GMT
Accept-Ranges
bytes
Content-Length
663
icon_stagecoach.svg
gofarrewards.wf.com/images/ 		107 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gofarrewards.wf.com/images/icon_stagecoach.svg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.127.184.145 , United States, ASN19137 (EPSILON-INTERACTIVE - Epsilon Interactive LLC, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://gofarrewards.wf.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Last-Modified
Mon, 06 May 2019 14:26:52 GMT
ETag
"1058e3bf174d51:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Cache-Control
public
Date
Thu, 16 May 2019 16:10:11 GMT
Accept-Ranges
bytes
Content-Length
341895
gfr_logo_104x15-01.svg
gofarrewards.wf.com/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gofarrewards.wf.com/images/gfr_logo_104x15-01.svg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.127.184.145 , United States, ASN19137 (EPSILON-INTERACTIVE - Epsilon Interactive LLC, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://gofarrewards.wf.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Last-Modified
Mon, 06 May 2019 14:26:52 GMT
ETag
"ed33dcbf174d51:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Cache-Control
public
Date
Thu, 16 May 2019 16:10:11 GMT
Accept-Ranges
bytes
Content-Length
6275
mn-custom-font.woff
gofarrewards.wf.com/fonts/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gofarrewards.wf.com/fonts/mn-custom-font.woff?v=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.127.184.145 , United States, ASN19137 (EPSILON-INTERACTIVE - Epsilon Interactive LLC, US),
Reverse DNS
Software
/
Resource Hash
f99e2b2492583ffdb01497ff9d796b2dc023889cbf5e276a916e7c7027ef9f90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://gofarrewards.wf.com/epsi-min-58a01c6f.css
Origin
https://gofarrewards.wf.com

Response headers

Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Last-Modified
Mon, 06 May 2019 14:26:52 GMT
ETag
"84c7c6bf174d51:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/font-woff
Cache-Control
public
Date
Thu, 16 May 2019 16:10:11 GMT
Accept-Ranges
bytes
Content-Length
17208
glyphicons-halflings-regular.woff2
gofarrewards.wf.com/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gofarrewards.wf.com/fonts/glyphicons-halflings-regular.woff2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.127.184.145 , United States, ASN19137 (EPSILON-INTERACTIVE - Epsilon Interactive LLC, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://gofarrewards.wf.com/epsi-min-58a01c6f.css
Origin
https://gofarrewards.wf.com

Response headers

Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Last-Modified
Mon, 06 May 2019 14:26:52 GMT
ETag
"2366c4bf174d51:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/font-woff
Cache-Control
public
Date
Thu, 16 May 2019 16:10:11 GMT
Accept-Ranges
bytes
Content-Length
18028
Verdana-Bold.woff
gofarrewards.wf.com/fonts/ 		91 KB
92 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gofarrewards.wf.com/fonts/Verdana-Bold.woff
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.127.184.145 , United States, ASN19137 (EPSILON-INTERACTIVE - Epsilon Interactive LLC, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://gofarrewards.wf.com/epsi-min-58a01c6f.css
Origin
https://gofarrewards.wf.com

Response headers

Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Last-Modified
Mon, 06 May 2019 14:26:52 GMT
ETag
"468acbbf174d51:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/font-woff
Cache-Control
public
Date
Thu, 16 May 2019 16:10:11 GMT
Accept-Ranges
bytes
Content-Length
93508
gtm.js
www.googletagmanager.com/ 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T6D4CN
Requested by
Host: gofarrewards.wf.com
URL: https://gofarrewards.wf.com/epsi-min-7e724b6b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
3a0059bc3e7c6c447972e48313417b62307b592360dc8a10d9f7a6b24df6cbd8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://gofarrewards.wf.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 16 May 2019 16:10:11 GMT
content-encoding
br
last-modified
Wed, 15 May 2019 19:53:59 GMT
server
Google Tag Manager (scaffolding)
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
21742
x-xss-protection
0
expires
Thu, 16 May 2019 16:10:11 GMT
getRedirectSettings
gofarrewards.wf.com/home/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gofarrewards.wf.com/home/getRedirectSettings?n=0.6747917531815968
Requested by
Host: gofarrewards.wf.com
URL: https://gofarrewards.wf.com/epsi-min-7e724b6b.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.127.184.145 , United States, ASN19137 (EPSILON-INTERACTIVE - Epsilon Interactive LLC, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://gofarrewards.wf.com/
Origin
https://gofarrewards.wf.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Date
Thu, 16 May 2019 16:10:11 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/json; charset=utf-8
Cache-Control
no-cache, proxy-revalidate, private, no-cache=Set-Cookie
Content-Length
1295
Expires
-1
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j75&a=780231821&t=pageview&_s=1&dl=https%3A%2F%2Fgofarrewards.wf.com%2F%23utm_source%3DRewards%2520Statement%26utm_medium%3DEmail%26utm_content%3DE...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-54242036-2&cid=24067485.1558023011&jid=1221515275&_gid=1770058873.1558023011&gjid=561045134&_v=j75&z=350846212
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-54242036-2&cid=24067485.1558023011&jid=1221515275&_v=j75&z=350846212
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-54242036-2&cid=24067485.1558023011&jid=1221515275&_v=j75&z=350846212&slf_rd=1&random=3604574389
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-54242036-2&cid=24067485.1558023011&jid=1221515275&_v=j75&z=350846212&slf_rd=1&random=3604574389
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gofarrewards.wf.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 May 2019 16:10:11 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 May 2019 16:10:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-54242036-2&cid=24067485.1558023011&jid=1221515275&_v=j75&z=350846212&slf_rd=1&random=3604574389
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Primary Request Cookie set rewards
connect.secure.wellsfargo.com/auth/login/ 		379 KB
237 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/auth/login/rewards
Requested by
Host: gofarrewards.wf.com
URL: https://gofarrewards.wf.com/epsi-min-7e724b6b.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.45.66.156 , United States, ASN4196 (WELLSFARGO-4196 - Wells Fargo & Company, US),
Reverse DNS
Software
KONICHIWA/1.1 /
Resource Hash
3ec00f94fd64f53a87c3b16fd8cf60ea7f4758f376f0dfb3113e619ff85d60f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Host
connect.secure.wellsfargo.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://gofarrewards.wf.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://gofarrewards.wf.com/

Response headers

Date
Thu, 16 May 2019 16:10:11 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
-1
Cache-Control
no-cache, no-store, max-age=0
Set-Cookie
ADRUM_BTa=R:28|g:d27cb9d0-b599-4470-b1e2-6e2e6c535aed; Expires=Thu, 16-May-2019 16:10:41 GMT; Path=/; Secure ADRUM_BTa=R:28|g:d27cb9d0-b599-4470-b1e2-6e2e6c535aed|n:customer1_e2ac6dad-45c5-4fb1-ba3e-0fd665d694f7; Expires=Thu, 16-May-2019 16:10:41 GMT; Path=/; Secure ADRUM_BT1=R:28|i:251288; Expires=Thu, 16-May-2019 16:10:41 GMT; Path=/; Secure ADRUM_BT1=R:28|i:251288|e:407; Expires=Thu, 16-May-2019 16:10:41 GMT; Path=/; Secure gingerbread_cookie=638FBD6517512356A709C1A427309E4A; Domain=wellsfargo.com; Path=/auth; Secure; HttpOnly AuthCookie=551178ec-ea7b-4469-96d8-0092c3b5c7ad; Path=/auth; Secure; HttpOnly wfacookie=45201905160910111585993297; domain=.wellsfargo.com; path=/; expires=13 May 2029 16:10:11 GMT; secure=true; HttpOnly AuthCookie=551178ec-ea7b-4469-96d8-0092c3b5c7ad; Path=/auth; Secure; HttpOnly LOGINORIGIN=""; Domain=wellsfargo.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/auth; Secure; HttpOnly ISD_LA_COOKIE=xEwGaEXrSDrrYsVthU/7H4OAcw2ZfzmrkuUOMlSSR5GqFHfBsKjT6p4TciBgo8ZxNYWZO9OYh1MgEAEAAAAB;Secure; path=/; domain=connect.secure.wellsfargo.com; HttpOnly
X-XSS-Protection
1; mode=block
Pragma
no-cache
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Language
en-US
Content-Security-Policy-Report-Only
default-src https: 'unsafe-inline' 'unsafe-eval'; object-src 'none'; img-src https: data:; frame-ancestors 'none'; base-uri 'none'; report-uri https://ort.wellsfargo.com/reporting/csp; report-to https://ort.wellsfargo.com/reporting/csp;
Server
KONICHIWA/1.1
X-UA-Compatible
IE=edge
X-Frame-Options
deny
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
Content-Encoding
gzip
global.css
connect.secure.wellsfargo.com/auth/static/css/altLogin/ 		20 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/auth/static/css/altLogin/global.css
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/login/rewards
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.45.66.156 , United States, ASN4196 (WELLSFARGO-4196 - Wells Fargo & Company, US),
Reverse DNS
Software
KONICHIWA/1.1 /
Resource Hash
ab78c44d5e86c6f0937d203066ebcadbf50c8d63407564a151bdd03701f40a70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://connect.secure.wellsfargo.com/auth/login/rewards
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 16 May 2019 16:10:12 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
6088
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 16 May 2019 03:13:57 GMT
Server
KONICHIWA/1.1
ETag
"4f7f-588f8a82140ba-gzip"
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Content-Type
text/css
Cache-Control
max-age=10368000
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=20
Expires
Fri, 13 Sep 2019 16:10:12 GMT
login-userprefs.min.js
connect.secure.wellsfargo.com/auth/static/prefs/ 		146 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/login/rewards
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.45.2.156 Concord, United States, ASN10837 (WELLSFARGO-10837 - Wells Fargo & Company, US),
Reverse DNS
Software
KONICHIWA/1.1 /
Resource Hash
121c21dc532d5487eee5368da415bc0577b31f384d6db52378e8c2c54c27018f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://connect.secure.wellsfargo.com/auth/login/rewards
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 16 May 2019 16:10:12 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 16 May 2019 03:15:23 GMT
Server
KONICHIWA/1.1
X-Frame-Options
SAMEORIGIN
ETag
W/"1e11-588f8ad435a35"
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/x-javascript; charset=UTF-8
Cache-Control
max-age=1800
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubdomains;
X-XSS-Protection
1; mode=block
Expires
Thu, 16 May 2019 16:40:12 GMT
utag.js
static.wellsfargo.com/tracking/main/ 		188 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.wellsfargo.com/tracking/main/utag.js
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/login/rewards
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.45.66.178 , United States, ASN4196 (WELLSFARGO-4196 - Wells Fargo & Company, US),
Reverse DNS
Software
KONICHIWA/2.0 /
Resource Hash
4556d46bcd71ebb2fa29162ff88860ccf05f0d0f5afd042039bc981b9b702510
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://connect.secure.wellsfargo.com/auth/login/rewards
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 16 May 2019 16:10:13 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
29600
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 10 May 2019 13:00:38 GMT
Server
KONICHIWA/2.0
ETag
"2eebd-588882730e980-gzip"
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Content-Type
application/x-javascript
Cache-Control
max-age=1800
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Expires
Thu, 16 May 2019 16:40:13 GMT
truncated
/ 		12 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f809fa596dc2e66029e195d0aef2d6d7b077ea1f7d145455441ba893875aec41

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e9ad475f9209be58cb639b9c1c24ec14a4e3f8028781dd1f2cefb8ed998ef731

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
17f3818bba16137fba7657230309043ae41cd08a5df25a7c61cd9583291c1354

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		142 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
266a02ed77f632ffe9f96cdfff63e2e79fd5062464f26c770f20d6d91dd54f5c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		467 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5145f5faf6c1269bdd974357ed344b9cd5f4e4cea424c14dd302a9c11a206741

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b319b049366dde73690990738ac5af4fb9937d18abac85b01aaff185b5262868

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
df500743bbedcef7623fdf2ef0c05ca411437c6216674271f4cc8b32f910f96d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1ed889a15705bc76729d29d715c64f3d7f35de2ea519e1d2704924cf40d9e30d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/jpeg
conutils-6.9.0.js
connect.secure.wellsfargo.com/auth/static/scripts/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/auth/static/scripts/conutils-6.9.0.js
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.45.2.156 Concord, United States, ASN10837 (WELLSFARGO-10837 - Wells Fargo & Company, US),
Reverse DNS
Software
KONICHIWA/1.1 /
Resource Hash
7cd2b1ab0ed81ddc453b8da5357fcf7b3cbec29cd139059706a7b0bda253af48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://connect.secure.wellsfargo.com/auth/login/rewards
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 16 May 2019 16:10:13 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
8774
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 16 May 2019 03:15:24 GMT
Server
KONICHIWA/1.1
ETag
"5bd1-588f8ad4963c5-gzip"
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Content-Type
application/x-javascript
Cache-Control
max-age=10368000
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=42
Expires
Fri, 13 Sep 2019 16:10:13 GMT
atadun.js
connect.secure.wellsfargo.com/auth/static/prefs/ 		1023 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/auth/static/prefs/atadun.js
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.45.170.156 , United States, ASN10837 (WELLSFARGO-10837 - Wells Fargo & Company, US),
Reverse DNS
Software
KONICHIWA/1.1 /
Resource Hash
eb0773bab4190baeb667b0079a148b4495acab39ad0b1beeba95d5750afe5eb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://connect.secure.wellsfargo.com/auth/login/rewards
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 16 May 2019 16:10:13 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
541
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 16 May 2019 03:18:36 GMT
Server
KONICHIWA/1.1
ETag
"3ff-588f8b8c096e2-gzip"
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Content-Type
application/x-javascript
Cache-Control
max-age=1800
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=87
Expires
Thu, 16 May 2019 16:40:13 GMT
glu.js
connect.secure.wellsfargo.com/AIDO/ 		0
750 B 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/AIDO/glu.js
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.45.2.156 Concord, United States, ASN10837 (WELLSFARGO-10837 - Wells Fargo & Company, US),
Reverse DNS
Software
KONICHIWA/1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://connect.secure.wellsfargo.com/auth/login/rewards
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 May 2019 16:10:13 GMT
Content-Encoding
gzip
Server
KONICHIWA/1.1
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, OPTIONS
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Access-Control-Allow-Origin
*
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/x-javascript
PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
mint.js
connect.secure.wellsfargo.com/AIDO/ 		0
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.03643671499851364
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/login/rewards
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.45.170.156 , United States, ASN10837 (WELLSFARGO-10837 - Wells Fargo & Company, US),
Reverse DNS
Software
KONICHIWA/1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://connect.secure.wellsfargo.com/auth/login/rewards
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Connection
Keep-Alive
Content-Length
0
Server
KONICHIWA/1.1
pic.js
connect.secure.wellsfargo.com/PIDO/ 		0
750 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/PIDO/pic.js?r=0.4432839649605316
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/login/rewards
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.45.2.156 Concord, United States, ASN10837 (WELLSFARGO-10837 - Wells Fargo & Company, US),
Reverse DNS
Software
KONICHIWA/1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://connect.secure.wellsfargo.com/auth/login/rewards
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 May 2019 16:10:13 GMT
Content-Encoding
gzip
Server
KONICHIWA/1.1
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, OPTIONS
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/x-javascript
PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Expires
0
nd
connect.secure.wellsfargo.com/jenny/ 		43 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/jenny/nd
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/static/prefs/atadun.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.45.170.156 , United States, ASN10837 (WELLSFARGO-10837 - Wells Fargo & Company, US),
Reverse DNS
Software
KONICHIWA/1.1 /
Resource Hash
2dc161bb7de184f1c7d277c2845c25a12d1d8e79d38bb2808ec1fbe90a4cb586

Request headers

Referer
https://connect.secure.wellsfargo.com/auth/login/rewards
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 16 May 2019 16:10:13 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Server
KONICHIWA/1.1
Vary
Accept-Encoding
Content-Type
application/javascript;charset=ISO-8859-1
utag.136.js
static.wellsfargo.com/tracking/main/ 		46 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.wellsfargo.com/tracking/main/utag.136.js?utv=ut4.46.201905091933
Requested by
Host: static.wellsfargo.com
URL: https://static.wellsfargo.com/tracking/main/utag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.45.66.178 , United States, ASN4196 (WELLSFARGO-4196 - Wells Fargo & Company, US),
Reverse DNS
Software
KONICHIWA/2.0 /
Resource Hash
c829523d27ea6a563e486d154119bc96b6e518ab323c1805f54c31e2a1b3e8b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://connect.secure.wellsfargo.com/auth/login/rewards
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 16 May 2019 16:10:13 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
4324
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 10 May 2019 13:00:38 GMT
Server
KONICHIWA/2.0
ETag
"b804-588882730e980-gzip"
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Content-Type
application/x-javascript
Cache-Control
max-age=1800
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Expires
Thu, 16 May 2019 16:40:13 GMT
utag.201.js
static.wellsfargo.com/tracking/main/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.wellsfargo.com/tracking/main/utag.201.js?utv=ut4.46.201804110508
Requested by
Host: static.wellsfargo.com
URL: https://static.wellsfargo.com/tracking/main/utag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.45.66.178 , United States, ASN4196 (WELLSFARGO-4196 - Wells Fargo & Company, US),
Reverse DNS
Software
KONICHIWA/2.0 /
Resource Hash
27548f235307f79e5eac86c5f21d5492e8ec2db63d5eece1b22c34244fff8adc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://connect.secure.wellsfargo.com/auth/login/rewards
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 16 May 2019 16:10:13 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
1336
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 11 Sep 2018 19:01:05 GMT
Server
KONICHIWA/2.0
ETag
"b48-5759d18815e40-gzip"
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Content-Type
application/x-javascript
Cache-Control
max-age=1800
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=98
Expires
Thu, 16 May 2019 16:40:13 GMT

Verdicts & Comments Add Verdict or Comment

129 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| antiClickjack string| webId string| ndURI object| utag_data string| USERPREFS_PATH string| UPRESOURCE_PATH string| ATADUN_PATH string| loginUrlBase object| scriptParent string| loginUrlBaseNoProtocol object| getUrl string| host string| port string| guid function| disableSubmitsCollectUserPrefs function| addLoginFormFieldsAndSubmit function| jsEnabled function| addEvent object| UserPrefsHelper object| collector function| loadUserPrefs function| submitUserPrefs function| getUserPrefsOnPageLoad function| undoSaveUsername function| maskedUsernameChanged function| addScriptElement function| getCookie function| appendHiddenInput function| addCookiesToForm function| generateGuid function| brief object| LoginForm object| Search function| updateCustomSelect function| enrollPrivacySecLinkHandler object| lun3 boolean| isNative object| ndsapi object| nds object| js object| fjs boolean| utag_condload string| new_path object| utag_cfg_ovrd object| userAgentArr undefined| pathname undefined| urlArray undefined| url undefined| sRegExInput object| utag function| utag_pad function| utag_visitor_id string| GoogleAnalyticsObject function| ga function| ndoGetObjectKeys boolean| nsvnspc string| ndjsStaticVersion object| nsvnsp object| nsbdcjm boolean| nsxaihnu number| nsvnspcubw number| nsxaihnuih object| nsbvz object| nsddsnmqk object| nsbdcj object| nsbdcjmeh object| nsbvzmjlwl object| nssqklfjy boolean| nsddsnm string| nsvns string| nsxaihnui number| numQueries object| returned string| version string| nsbtf string| nsxaihn string| nsvnspcu string| nssqkl string| nsbdcjme string| nsbvzmjlw string| nssqklfj object| nsfiln object| nsfilnwmlz function| nsbtfajxw function| nsbtfaj function| nsvnspcub object| nsxai function| nsbtfajx function| ndwts function| nsfilnw function| nssqk function| nssqklf function| nsfilnwm function| nsfilnwml function| HashUtil function| nsfil function| nsbtfajxwq function| nssqklfjyf function| nsxaih function| nsbdcjmehq function| nsbtfa function| nsbvzm function| nsdds function| nsddsn function| nsddsnmqkq function| nsbvzmj function| nsbdc function| nsbvzmjl function| nsddsnmq function| nszqklih function| nsxhe function| nsetvnkqc function| ndwti function| nskayhq function| nsahafnh function| nszqk function| nsxhegjvnp function| nsffz function| nsffzmv function| nsrynaepld function| nsetvnkq function| nsffzm function| nskayh function| nsffzmvnf function| nsetv undefined| d

0 Cookies

1 Console Messages

Source Level URL
Text
console-api info URL: https://gofarrewards.wf.com/epsi-min-7e724b6b.js(Line 108)
Message:
/login

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.secure.wellsfargo.com
gofarrewards.wf.com
mail2.mywellsfargorewards.com
static.wellsfargo.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
159.127.184.145
159.127.187.86
159.45.170.156
159.45.2.156
159.45.66.156
159.45.66.178
2a00:1450:4001:80b::2004
2a00:1450:4001:81c::2003
2a00:1450:4001:81f::200e
2a00:1450:4001:824::2008
2a00:1450:400c:c08::9c
121c21dc532d5487eee5368da415bc0577b31f384d6db52378e8c2c54c27018f
12348979e9e873157ba1b849f4b4426184a41e79d807232d02bb97c61d82f592
17f3818bba16137fba7657230309043ae41cd08a5df25a7c61cd9583291c1354
1905884317b7966c4f1751ee4cb9b3b1475e09dec8ffab9e6f5cc0a007c68d36
1ed889a15705bc76729d29d715c64f3d7f35de2ea519e1d2704924cf40d9e30d
266a02ed77f632ffe9f96cdfff63e2e79fd5062464f26c770f20d6d91dd54f5c
27548f235307f79e5eac86c5f21d5492e8ec2db63d5eece1b22c34244fff8adc
2dc161bb7de184f1c7d277c2845c25a12d1d8e79d38bb2808ec1fbe90a4cb586
3a0059bc3e7c6c447972e48313417b62307b592360dc8a10d9f7a6b24df6cbd8
3ec00f94fd64f53a87c3b16fd8cf60ea7f4758f376f0dfb3113e619ff85d60f4
449ec72db14f5e0e5ae7b5e508f3852d5b27d5d9350135c25b88426411023530
4556d46bcd71ebb2fa29162ff88860ccf05f0d0f5afd042039bc981b9b702510
5145f5faf6c1269bdd974357ed344b9cd5f4e4cea424c14dd302a9c11a206741
7cd2b1ab0ed81ddc453b8da5357fcf7b3cbec29cd139059706a7b0bda253af48
7dff09578729615fcd15c840a32c9f82a33fe2331a851e4ac40be03cb111b3f0
95471c19d520e1cd996b6d6488e8a5c04a43c1fbae46e83953eb4442278a9cb3
a4071ef8615e910ec941ab074828b12070039bf31f028693c4a6234774991b1e
a96153638aa1ee9aad479e737dca0d0a51be2c12bb4632921e0f01224583f41b
ab78c44d5e86c6f0937d203066ebcadbf50c8d63407564a151bdd03701f40a70
b319b049366dde73690990738ac5af4fb9937d18abac85b01aaff185b5262868
b32f1891e0ef199c887b595b1cc0c5933cd41048da518f69109205c2bd8b33a4
c4e11bee57b65d00ec2ecfdb55d06f370ef9bc00dfcb539cea2f60d614dac2d2
c829523d27ea6a563e486d154119bc96b6e518ab323c1805f54c31e2a1b3e8b9
cb20ed245d8bfc7a7c300bef965b40352bac74387bf76beeefc6381f3055f11f
cf857ba191d3dd4f3e95222cf2cc5f9f83314e845fde73a2537cbfd0ca1c31e4
d0058ba44c736ee9063134bdd2e56492546aeca9aec5b7eab1ac9c53a7984116
d8227d00a0c03d6ed96f33932c3e42851045f46f808d2407aa6b38b1726d53a0
d9125659ea5a5c715a5c6e8eb4d06542e8c056f22346320521e9484aa000fe58
dabad322662e1f6c167fd16a6cdeff96fa5bc51dbc4412b2486b02b27a0c0aeb
dc39c652e3a2f9f14355d229050b63f28ac6ab45547bcd73ed1275adc639fc0c
df500743bbedcef7623fdf2ef0c05ca411437c6216674271f4cc8b32f910f96d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9ad475f9209be58cb639b9c1c24ec14a4e3f8028781dd1f2cefb8ed998ef731
eb0773bab4190baeb667b0079a148b4495acab39ad0b1beeba95d5750afe5eb9
eb66c41f539232286423c468a3153035e6c1cc463abbcb8bc83002956942d37b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f809fa596dc2e66029e195d0aef2d6d7b077ea1f7d145455441ba893875aec41
f99e2b2492583ffdb01497ff9d796b2dc023889cbf5e276a916e7c7027ef9f90