urlscan.io logo urlscan.io
SecurityTrails logo

csfedportal-ext.wellsfargo.com Open in urlscan Pro
159.45.14.26  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://tpcp.wf.com/
Effective URL: https://csfedportal-ext.wellsfargo.com/login/login.fcc?TYPE=33554433&REALMOID=06-586ed7e9-9fa7-4047-85a7-d1cf97da7091&GUID=&SMAUTHREASO...
Submission Tags: falconsandbox
Submission: On November 23 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 10 HTTP transactions. The main IP is 159.45.14.26, located in United States and belongs to WELLSFARGO-10837, US. The main domain is csfedportal-ext.wellsfargo.com.
TLS certificate: Issued by Wells Fargo Public Trust Certificatio... on September 24th 2019. Valid for: 2 years.
This is the only time csfedportal-ext.wellsfargo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 161.71.19.237 14340 (SALESFORCE)
1 9 159.45.14.26 10837 (WELLSFARG...)
10 2
Apex Domain
Subdomains		 Transfer
9 wellsfargo.com
csfedportal-ext.wellsfargo.com
28 KB
3 wf.com
tpcp.wf.com
7 KB
10 2
Domain Requested by
9 csfedportal-ext.wellsfargo.com 1 redirects csfedportal-ext.wellsfargo.com
3 tpcp.wf.com 1 redirects tpcp.wf.com
10 2

This site contains no links.

Subject Issuer Validity Valid
tpcp.wf.com
Wells Fargo Public Trust Certification Authority 01 G2		 2020-04-03 -
2022-04-08		 2 years crt.sh
csfedportal-ext.wellsfargo.com
Wells Fargo Public Trust Certification Authority 01 G2		 2019-09-24 -
2021-12-07		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://csfedportal-ext.wellsfargo.com/login/login.fcc?TYPE=33554433&REALMOID=06-586ed7e9-9fa7-4047-85a7-d1cf97da7091&GUID=&SMAUTHREASON=0&METHOD=POST&SMAGENTNAME=-SM-wiRQZh0GJ6exbj22s9c%2fBMeToFxjU7P0RovB6i0uie6sD2OhEx5reVdioFVmcGAU8ZbAhIq%2b0X%2bRMw0vRCLUpI%2fk6Iv1rG%2bmDc5SRZmzdlWUHVx8rckfN9YYot3W924i&TARGET=-SM-HTTPS%3a%2f%2fcsfedportal--ext%2ewellsfargo%2ecom%2faffwebservices%2fpublic%2fsaml2sso%3fSPID%3dhttps%3a%2f%2ftpcp%2ewf%2ecom
Frame ID: 993E7DD5EF46CAD610FCABA29BD16BB5
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://tpcp.wf.com/ HTTP 301
    https://tpcp.wf.com/s/ Page URL
  2. https://tpcp.wf.com/saml/authn-request.jsp?saml_request_id=_2CAAAAXaGjjHxME8wNHYwMDAwMDBDYVJBAAA... Page URL
  3. https://csfedportal-ext.wellsfargo.com/affwebservices/public/saml2sso?SPID=https://tpcp.wf.com HTTP 302
    https://csfedportal-ext.wellsfargo.com/login/login.fcc?TYPE=33554433&REALMOID=06-586ed7e9-9fa7-4047-85a7-d1cf97da70... Page URL

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

34 kB
Transfer

54 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://tpcp.wf.com/ HTTP 301
    https://tpcp.wf.com/s/ Page URL
  2. https://tpcp.wf.com/saml/authn-request.jsp?saml_request_id=_2CAAAAXaGjjHxME8wNHYwMDAwMDBDYVJBAAAA5N_luk6bMG29qfjzZegDrarsYes-qQjJxReAMYmVm_S4ZiMJ4jKUTEa1-0s4Iey4G8qXhdBJ2ZnR2hWNpEZtG5hQzHM79TayA25fXztYLHG_CNqOIxdMB9P5WSv8YSKHLXXd3GIskov12J_Q7JVl6wKkqZtX4maoJiXmZJVyUqxBQVwd6XuSf3G7evXDHnHBU4ZzVv_DAws9RNYZKuGWuwPilHFOZ-SY4Qmtv6PPE0xIJsUKBmYuelDRfTwetwFzng&saml_acs=https%3A%2F%2Ftpcp.wf.com%2Flogin&saml_binding_type=HttpPost&Issuer=https%3A%2F%2Ftpcp.wf.com&samlSsoConfig=0LE6g000000ghVw&RelayState=%2Fs%2F Page URL
  3. https://csfedportal-ext.wellsfargo.com/affwebservices/public/saml2sso?SPID=https://tpcp.wf.com HTTP 302
    https://csfedportal-ext.wellsfargo.com/login/login.fcc?TYPE=33554433&REALMOID=06-586ed7e9-9fa7-4047-85a7-d1cf97da7091&GUID=&SMAUTHREASON=0&METHOD=POST&SMAGENTNAME=-SM-wiRQZh0GJ6exbj22s9c%2fBMeToFxjU7P0RovB6i0uie6sD2OhEx5reVdioFVmcGAU8ZbAhIq%2b0X%2bRMw0vRCLUpI%2fk6Iv1rG%2bmDc5SRZmzdlWUHVx8rckfN9YYot3W924i&TARGET=-SM-HTTPS%3a%2f%2fcsfedportal--ext%2ewellsfargo%2ecom%2faffwebservices%2fpublic%2fsaml2sso%3fSPID%3dhttps%3a%2f%2ftpcp%2ewf%2ecom Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://tpcp.wf.com/ HTTP 301
  • https://tpcp.wf.com/s/

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
tpcp.wf.com/s/
Redirect Chain
  • https://tpcp.wf.com/
  • https://tpcp.wf.com/s/
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpcp.wf.com/s/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.19.237 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
lo2.4.0p11n0000008cc1saa.00d1n000002qxi8uai.gslb.siteforce.com
Software
/
Resource Hash
3863fbcc6de4cb68e2aa693b34d9a4fd8d675538d9754d5d7336cebc96ab1ab7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
tpcp.wf.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 23 Nov 2020 18:27:14 GMT
X-B3-TraceId
dcdd0aa988a811b2
X-B3-SpanId
dcdd0aa988a811b2
X-B3-Sampled
0
Cache-Control
no-cache,must-revalidate,max-age=0,no-store,private
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Content-Security-Policy
upgrade-insecure-requests
Referrer-Policy
origin-when-cross-origin
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Transfer-Encoding
chunked

Redirect headers

Date
Mon, 23 Nov 2020 18:27:14 GMT
X-B3-TraceId
67e9a3ba12e64a37
X-B3-SpanId
67e9a3ba12e64a37
X-B3-Sampled
0
Cache-Control
no-cache,must-revalidate,max-age=0,no-store,private
Expires
Thu, 01 Jan 1970 00:00:00 GMT
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Content-Security-Policy
upgrade-insecure-requests
Referrer-Policy
origin-when-cross-origin
Location
https://tpcp.wf.com/s/
Transfer-Encoding
chunked
authn-request.jsp
tpcp.wf.com/saml/ 		7 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpcp.wf.com/saml/authn-request.jsp?saml_request_id=_2CAAAAXaGjjHxME8wNHYwMDAwMDBDYVJBAAAA5N_luk6bMG29qfjzZegDrarsYes-qQjJxReAMYmVm_S4ZiMJ4jKUTEa1-0s4Iey4G8qXhdBJ2ZnR2hWNpEZtG5hQzHM79TayA25fXztYLHG_CNqOIxdMB9P5WSv8YSKHLXXd3GIskov12J_Q7JVl6wKkqZtX4maoJiXmZJVyUqxBQVwd6XuSf3G7evXDHnHBU4ZzVv_DAws9RNYZKuGWuwPilHFOZ-SY4Qmtv6PPE0xIJsUKBmYuelDRfTwetwFzng&saml_acs=https%3A%2F%2Ftpcp.wf.com%2Flogin&saml_binding_type=HttpPost&Issuer=https%3A%2F%2Ftpcp.wf.com&samlSsoConfig=0LE6g000000ghVw&RelayState=%2Fs%2F
Requested by
Host: tpcp.wf.com
URL: https://tpcp.wf.com/s/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.19.237 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
lo2.4.0p11n0000008cc1saa.00d1n000002qxi8uai.gslb.siteforce.com
Software
/
Resource Hash
a15f70b06f8c34cff8e417086951a4c48a81d70bc85f28ab38673fdd8189971e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
tpcp.wf.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://tpcp.wf.com/s/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://tpcp.wf.com/s/

Response headers

Date
Mon, 23 Nov 2020 18:27:14 GMT
X-B3-TraceId
5c6e0494a83ad3d8
X-B3-SpanId
5c6e0494a83ad3d8
X-B3-Sampled
0
Cache-Control
no-cache,must-revalidate,max-age=0,no-store,private
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Content-Security-Policy
upgrade-insecure-requests
Referrer-Policy
origin-when-cross-origin
Content-Type
text/html;charset=UTF-8
Pragma
no-cache
Vary
Accept-Encoding
Content-Encoding
gzip
Transfer-Encoding
chunked
Primary Request login.fcc
csfedportal-ext.wellsfargo.com/login/
Redirect Chain
  • https://csfedportal-ext.wellsfargo.com/affwebservices/public/saml2sso?SPID=https://tpcp.wf.com
  • https://csfedportal-ext.wellsfargo.com/login/login.fcc?TYPE=33554433&REALMOID=06-586ed7e9-9fa7-4047-85a7-d1cf97da7091&GUID=&SMAUTHREASON=0&METHOD=POST&SMAGENTNAME=-SM-wiRQZh0GJ6exbj22s9c%2fBMeToFxj...
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csfedportal-ext.wellsfargo.com/login/login.fcc?TYPE=33554433&REALMOID=06-586ed7e9-9fa7-4047-85a7-d1cf97da7091&GUID=&SMAUTHREASON=0&METHOD=POST&SMAGENTNAME=-SM-wiRQZh0GJ6exbj22s9c%2fBMeToFxjU7P0RovB6i0uie6sD2OhEx5reVdioFVmcGAU8ZbAhIq%2b0X%2bRMw0vRCLUpI%2fk6Iv1rG%2bmDc5SRZmzdlWUHVx8rckfN9YYot3W924i&TARGET=-SM-HTTPS%3a%2f%2fcsfedportal--ext%2ewellsfargo%2ecom%2faffwebservices%2fpublic%2fsaml2sso%3fSPID%3dhttps%3a%2f%2ftpcp%2ewf%2ecom
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.45.14.26 , United States, ASN10837 (WELLSFARGO-10837, US),
Reverse DNS
Software
/
Resource Hash
fa2937b21677c037f6581d7d7dd96dfaa1dee53893f7d0650099453a04dd97f2

Request headers

Host
csfedportal-ext.wellsfargo.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://tpcp.wf.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
csfedportal-ext-sv_443_infra_2=!Aza6qAu217OLjnAG1e5oXvASMVHfiH+OE572ct1Xi8OEQqH3LlZYkX+I+lmlFvWzagnZBDb0z8a4Kc4=; TS01ebcc80=011a85ef9b2707ff88d8e42aff9670f868d41c787d0c6dbfd660d668049a58b04b954962215e96180d742e67eee89731633896e22deefea088d164f707330b706e5d5fc846; csfedportal-ext-sv_443_infra_1=!ZTc9dtNIOvz/d0cG1e5oXvASMVHfiJMCh6rzCZtFBfmJx/3WtCGk5/+SmeEBGC/KSlWLobkSC8PRgGg=
Upgrade-Insecure-Requests
1
Origin
https://tpcp.wf.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://tpcp.wf.com/

Response headers

Date
Mon, 23 Nov 2020 18:27:15 GMT
Cache-Control
no-store
Content-type
text/html;charset=UTF-8
Content-Length
3063

Redirect headers

Cache-control
no-store
Location
/login/login.fcc?TYPE=33554433&REALMOID=06-586ed7e9-9fa7-4047-85a7-d1cf97da7091&GUID=&SMAUTHREASON=0&METHOD=POST&SMAGENTNAME=-SM-wiRQZh0GJ6exbj22s9c%2fBMeToFxjU7P0RovB6i0uie6sD2OhEx5reVdioFVmcGAU8ZbAhIq%2b0X%2bRMw0vRCLUpI%2fk6Iv1rG%2bmDc5SRZmzdlWUHVx8rckfN9YYot3W924i&TARGET=-SM-HTTPS%3a%2f%2fcsfedportal--ext%2ewellsfargo%2ecom%2faffwebservices%2fpublic%2fsaml2sso%3fSPID%3dhttps%3a%2f%2ftpcp%2ewf%2ecom
Content-Length
0
Set-Cookie
csfedportal-ext-sv_443_infra_2=!Aza6qAu217OLjnAG1e5oXvASMVHfiH+OE572ct1Xi8OEQqH3LlZYkX+I+lmlFvWzagnZBDb0z8a4Kc4=; path=/; Httponly; Secure TS01ebcc80=011a85ef9b2707ff88d8e42aff9670f868d41c787d0c6dbfd660d668049a58b04b954962215e96180d742e67eee89731633896e22deefea088d164f707330b706e5d5fc846; Path=/ csfedportal-ext-sv_443_infra_1=!ZTc9dtNIOvz/d0cG1e5oXvASMVHfiJMCh6rzCZtFBfmJx/3WtCGk5/+SmeEBGC/KSlWLobkSC8PRgGg=; path=/; Httponly; Secure
login.css
csfedportal-ext.wellsfargo.com/login/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://csfedportal-ext.wellsfargo.com/login/css/login.css
Requested by
Host: csfedportal-ext.wellsfargo.com
URL: https://csfedportal-ext.wellsfargo.com/login/login.fcc?TYPE=33554433&REALMOID=06-586ed7e9-9fa7-4047-85a7-d1cf97da7091&GUID=&SMAUTHREASON=0&METHOD=POST&SMAGENTNAME=-SM-wiRQZh0GJ6exbj22s9c%2fBMeToFxjU7P0RovB6i0uie6sD2OhEx5reVdioFVmcGAU8ZbAhIq%2b0X%2bRMw0vRCLUpI%2fk6Iv1rG%2bmDc5SRZmzdlWUHVx8rckfN9YYot3W924i&TARGET=-SM-HTTPS%3a%2f%2fcsfedportal--ext%2ewellsfargo%2ecom%2faffwebservices%2fpublic%2fsaml2sso%3fSPID%3dhttps%3a%2f%2ftpcp%2ewf%2ecom
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.45.14.26 , United States, ASN10837 (WELLSFARGO-10837, US),
Reverse DNS
Software
/
Resource Hash
2ace0e4dace33dfbbc263cbbcb6c3742f414fca88f1ecee31a77181da1db5b34
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=63072000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://csfedportal-ext.wellsfargo.com/login/login.fcc?TYPE=33554433&REALMOID=06-586ed7e9-9fa7-4047-85a7-d1cf97da7091&GUID=&SMAUTHREASON=0&METHOD=POST&SMAGENTNAME=-SM-wiRQZh0GJ6exbj22s9c%2fBMeToFxjU7P0RovB6i0uie6sD2OhEx5reVdioFVmcGAU8ZbAhIq%2b0X%2bRMw0vRCLUpI%2fk6Iv1rG%2bmDc5SRZmzdlWUHVx8rckfN9YYot3W924i&TARGET=-SM-HTTPS%3a%2f%2fcsfedportal--ext%2ewellsfargo%2ecom%2faffwebservices%2fpublic%2fsaml2sso%3fSPID%3dhttps%3a%2f%2ftpcp%2ewf%2ecom
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains;
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 17 Apr 2019 14:29:44 GMT
X-Frame-Options
SAMEORIGIN
ETag
"03c1e02af5d41:0"
Vary
Accept-Encoding
Content-Type
text/css
Date
Mon, 23 Nov 2020 18:27:15 GMT
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Accept-Ranges
bytes
Content-Length
1527
X-Xss-Protection
1; mode=block
cs_functions.js
csfedportal-ext.wellsfargo.com/login/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csfedportal-ext.wellsfargo.com/login/js/cs_functions.js
Requested by
Host: csfedportal-ext.wellsfargo.com
URL: https://csfedportal-ext.wellsfargo.com/login/login.fcc?TYPE=33554433&REALMOID=06-586ed7e9-9fa7-4047-85a7-d1cf97da7091&GUID=&SMAUTHREASON=0&METHOD=POST&SMAGENTNAME=-SM-wiRQZh0GJ6exbj22s9c%2fBMeToFxjU7P0RovB6i0uie6sD2OhEx5reVdioFVmcGAU8ZbAhIq%2b0X%2bRMw0vRCLUpI%2fk6Iv1rG%2bmDc5SRZmzdlWUHVx8rckfN9YYot3W924i&TARGET=-SM-HTTPS%3a%2f%2fcsfedportal--ext%2ewellsfargo%2ecom%2faffwebservices%2fpublic%2fsaml2sso%3fSPID%3dhttps%3a%2f%2ftpcp%2ewf%2ecom
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.45.14.26 , United States, ASN10837 (WELLSFARGO-10837, US),
Reverse DNS
Software
/
Resource Hash
2e6ddacc048ffc357abb9d9bc83ca0c68327cc2551a49080c121ef7d8bc9b830
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=63072000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://csfedportal-ext.wellsfargo.com/login/login.fcc?TYPE=33554433&REALMOID=06-586ed7e9-9fa7-4047-85a7-d1cf97da7091&GUID=&SMAUTHREASON=0&METHOD=POST&SMAGENTNAME=-SM-wiRQZh0GJ6exbj22s9c%2fBMeToFxjU7P0RovB6i0uie6sD2OhEx5reVdioFVmcGAU8ZbAhIq%2b0X%2bRMw0vRCLUpI%2fk6Iv1rG%2bmDc5SRZmzdlWUHVx8rckfN9YYot3W924i&TARGET=-SM-HTTPS%3a%2f%2fcsfedportal--ext%2ewellsfargo%2ecom%2faffwebservices%2fpublic%2fsaml2sso%3fSPID%3dhttps%3a%2f%2ftpcp%2ewf%2ecom
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains;
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 18 Jun 2020 18:33:38 GMT
X-Frame-Options
SAMEORIGIN
ETag
"06d76fb9e45d61:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Date
Mon, 23 Nov 2020 18:27:15 GMT
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Accept-Ranges
bytes
Content-Length
4211
X-Xss-Protection
1; mode=block
pagetext.js
csfedportal-ext.wellsfargo.com/login/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csfedportal-ext.wellsfargo.com/login/js/pagetext.js
Requested by
Host: csfedportal-ext.wellsfargo.com
URL: https://csfedportal-ext.wellsfargo.com/login/login.fcc?TYPE=33554433&REALMOID=06-586ed7e9-9fa7-4047-85a7-d1cf97da7091&GUID=&SMAUTHREASON=0&METHOD=POST&SMAGENTNAME=-SM-wiRQZh0GJ6exbj22s9c%2fBMeToFxjU7P0RovB6i0uie6sD2OhEx5reVdioFVmcGAU8ZbAhIq%2b0X%2bRMw0vRCLUpI%2fk6Iv1rG%2bmDc5SRZmzdlWUHVx8rckfN9YYot3W924i&TARGET=-SM-HTTPS%3a%2f%2fcsfedportal--ext%2ewellsfargo%2ecom%2faffwebservices%2fpublic%2fsaml2sso%3fSPID%3dhttps%3a%2f%2ftpcp%2ewf%2ecom
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.45.14.26 , United States, ASN10837 (WELLSFARGO-10837, US),
Reverse DNS
Software
/
Resource Hash
963c3d878871230b7e0a7da8fa9c36b95dd86e25670b0c24407b4f3fcb52c082
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=63072000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://csfedportal-ext.wellsfargo.com/login/login.fcc?TYPE=33554433&REALMOID=06-586ed7e9-9fa7-4047-85a7-d1cf97da7091&GUID=&SMAUTHREASON=0&METHOD=POST&SMAGENTNAME=-SM-wiRQZh0GJ6exbj22s9c%2fBMeToFxjU7P0RovB6i0uie6sD2OhEx5reVdioFVmcGAU8ZbAhIq%2b0X%2bRMw0vRCLUpI%2fk6Iv1rG%2bmDc5SRZmzdlWUHVx8rckfN9YYot3W924i&TARGET=-SM-HTTPS%3a%2f%2fcsfedportal--ext%2ewellsfargo%2ecom%2faffwebservices%2fpublic%2fsaml2sso%3fSPID%3dhttps%3a%2f%2ftpcp%2ewf%2ecom
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains;
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 05 May 2020 21:40:52 GMT
X-Frame-Options
SAMEORIGIN
ETag
"0ca45d92523d61:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Date
Mon, 23 Nov 2020 18:27:15 GMT
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Accept-Ranges
bytes
Content-Length
3916
X-Xss-Protection
1; mode=block
logo_wf_48x48.gif
csfedportal-ext.wellsfargo.com/login/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csfedportal-ext.wellsfargo.com/login/images/logo_wf_48x48.gif
Requested by
Host: csfedportal-ext.wellsfargo.com
URL: https://csfedportal-ext.wellsfargo.com/login/login.fcc?TYPE=33554433&REALMOID=06-586ed7e9-9fa7-4047-85a7-d1cf97da7091&GUID=&SMAUTHREASON=0&METHOD=POST&SMAGENTNAME=-SM-wiRQZh0GJ6exbj22s9c%2fBMeToFxjU7P0RovB6i0uie6sD2OhEx5reVdioFVmcGAU8ZbAhIq%2b0X%2bRMw0vRCLUpI%2fk6Iv1rG%2bmDc5SRZmzdlWUHVx8rckfN9YYot3W924i&TARGET=-SM-HTTPS%3a%2f%2fcsfedportal--ext%2ewellsfargo%2ecom%2faffwebservices%2fpublic%2fsaml2sso%3fSPID%3dhttps%3a%2f%2ftpcp%2ewf%2ecom
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.45.14.26 , United States, ASN10837 (WELLSFARGO-10837, US),
Reverse DNS
Software
/
Resource Hash
d001fcef1d6762586dfcf2cdac547a186d3bfa1d903887d1ff83a2a54491aadf
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=63072000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://csfedportal-ext.wellsfargo.com/login/login.fcc?TYPE=33554433&REALMOID=06-586ed7e9-9fa7-4047-85a7-d1cf97da7091&GUID=&SMAUTHREASON=0&METHOD=POST&SMAGENTNAME=-SM-wiRQZh0GJ6exbj22s9c%2fBMeToFxjU7P0RovB6i0uie6sD2OhEx5reVdioFVmcGAU8ZbAhIq%2b0X%2bRMw0vRCLUpI%2fk6Iv1rG%2bmDc5SRZmzdlWUHVx8rckfN9YYot3W924i&TARGET=-SM-HTTPS%3a%2f%2fcsfedportal--ext%2ewellsfargo%2ecom%2faffwebservices%2fpublic%2fsaml2sso%3fSPID%3dhttps%3a%2f%2ftpcp%2ewf%2ecom
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains;
X-Content-Type-Options
nosniff
Last-Modified
Wed, 17 Apr 2019 14:29:44 GMT
ETag
"03c1e02af5d41:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Date
Mon, 23 Nov 2020 18:27:15 GMT
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Accept-Ranges
bytes
Content-Length
1525
X-Xss-Protection
1; mode=block
tpcp.wf.com.js
csfedportal-ext.wellsfargo.com/login/js/pagetexts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csfedportal-ext.wellsfargo.com/login/js/pagetexts/tpcp.wf.com.js
Requested by
Host: csfedportal-ext.wellsfargo.com
URL: https://csfedportal-ext.wellsfargo.com/login/js/pagetext.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.45.14.26 , United States, ASN10837 (WELLSFARGO-10837, US),
Reverse DNS
Software
/
Resource Hash
5af0ce708126f206f6bf70507f1c99dcf9c0050e6efe719af99fa5ce11c11a8a
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=63072000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://csfedportal-ext.wellsfargo.com/login/login.fcc?TYPE=33554433&REALMOID=06-586ed7e9-9fa7-4047-85a7-d1cf97da7091&GUID=&SMAUTHREASON=0&METHOD=POST&SMAGENTNAME=-SM-wiRQZh0GJ6exbj22s9c%2fBMeToFxjU7P0RovB6i0uie6sD2OhEx5reVdioFVmcGAU8ZbAhIq%2b0X%2bRMw0vRCLUpI%2fk6Iv1rG%2bmDc5SRZmzdlWUHVx8rckfN9YYot3W924i&TARGET=-SM-HTTPS%3a%2f%2fcsfedportal--ext%2ewellsfargo%2ecom%2faffwebservices%2fpublic%2fsaml2sso%3fSPID%3dhttps%3a%2f%2ftpcp%2ewf%2ecom
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains;
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 10 Sep 2020 02:01:02 GMT
X-Frame-Options
SAMEORIGIN
ETag
"0353c1687d61:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Date
Mon, 23 Nov 2020 18:27:15 GMT
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Accept-Ranges
bytes
Content-Length
1427
X-Xss-Protection
1; mode=block
stagecoachsignature.gif
csfedportal-ext.wellsfargo.com/login/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csfedportal-ext.wellsfargo.com/login/images/stagecoachsignature.gif
Requested by
Host: csfedportal-ext.wellsfargo.com
URL: https://csfedportal-ext.wellsfargo.com/login/login.fcc?TYPE=33554433&REALMOID=06-586ed7e9-9fa7-4047-85a7-d1cf97da7091&GUID=&SMAUTHREASON=0&METHOD=POST&SMAGENTNAME=-SM-wiRQZh0GJ6exbj22s9c%2fBMeToFxjU7P0RovB6i0uie6sD2OhEx5reVdioFVmcGAU8ZbAhIq%2b0X%2bRMw0vRCLUpI%2fk6Iv1rG%2bmDc5SRZmzdlWUHVx8rckfN9YYot3W924i&TARGET=-SM-HTTPS%3a%2f%2fcsfedportal--ext%2ewellsfargo%2ecom%2faffwebservices%2fpublic%2fsaml2sso%3fSPID%3dhttps%3a%2f%2ftpcp%2ewf%2ecom
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.45.14.26 , United States, ASN10837 (WELLSFARGO-10837, US),
Reverse DNS
Software
/
Resource Hash
be1f95064f293d670633e4786a1d6cb76597808879e7bc8450e9ffdce29f6951
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=63072000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://csfedportal-ext.wellsfargo.com/login/login.fcc?TYPE=33554433&REALMOID=06-586ed7e9-9fa7-4047-85a7-d1cf97da7091&GUID=&SMAUTHREASON=0&METHOD=POST&SMAGENTNAME=-SM-wiRQZh0GJ6exbj22s9c%2fBMeToFxjU7P0RovB6i0uie6sD2OhEx5reVdioFVmcGAU8ZbAhIq%2b0X%2bRMw0vRCLUpI%2fk6Iv1rG%2bmDc5SRZmzdlWUHVx8rckfN9YYot3W924i&TARGET=-SM-HTTPS%3a%2f%2fcsfedportal--ext%2ewellsfargo%2ecom%2faffwebservices%2fpublic%2fsaml2sso%3fSPID%3dhttps%3a%2f%2ftpcp%2ewf%2ecom
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains;
X-Content-Type-Options
nosniff
Last-Modified
Wed, 17 Apr 2019 14:29:44 GMT
ETag
"03c1e02af5d41:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Date
Mon, 23 Nov 2020 18:27:16 GMT
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Accept-Ranges
bytes
Content-Length
8514
X-Xss-Protection
1; mode=block
gradient.gif
csfedportal-ext.wellsfargo.com/login/images/ 		57 B
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csfedportal-ext.wellsfargo.com/login/images/gradient.gif
Requested by
Host: csfedportal-ext.wellsfargo.com
URL: https://csfedportal-ext.wellsfargo.com/login/css/login.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.45.14.26 , United States, ASN10837 (WELLSFARGO-10837, US),
Reverse DNS
Software
/
Resource Hash
c078c48b20681c89f618d3d823b03dbe5246100e48d994d4265aced609a105ff
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=63072000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://csfedportal-ext.wellsfargo.com/login/css/login.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains;
X-Content-Type-Options
nosniff
Last-Modified
Wed, 17 Apr 2019 14:29:44 GMT
ETag
"03c1e02af5d41:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Date
Mon, 23 Nov 2020 18:27:16 GMT
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
Accept-Ranges
bytes
Content-Length
57
X-Xss-Protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| antiClickjack function| appBreadCrumb function| cleanURL function| deleteCookie function| docLoad function| errorLoad function| getCookie function| getURLGetVariable function| isMobile function| mobileRedirect function| replaceContent function| replaceErrors function| trim function| validateForm function| instructions function| footerContent function| isValidTargetDomainAndProtocol function| getTargetDomain function| getTargetProtocol string| cookieDomain string| cookiePrefix string| LLCOOKIE string| accessDeniedText string| badPasswordText string| helpText string| idleTimeoutText string| logoffText string| pageText string| resetPasswordText string| rootProtectionText string| unknownErrorText string| instructionsText string| warningText object| validTargetDomains string| TARGET string| SPID object| regex string| spInvalidEmployeeId string| customErrorSPInvalidEmployeeId string| appCrumb string| logoImage string| logoImageAltText string| copyright string| sitemap string| privacypolicy string| termsofuse string| contact object| footersections string| wffooter string| error_regex boolean| onLoginPage boolean| onErrorPage string| customErrorText1 string| customErrorEmail string| customErrorELID string| customErrorUserNotFound

3 Cookies

Domain/Path Name / Value
csfedportal-ext.wellsfargo.com/ Name: TS01ebcc80
Value: 011a85ef9b2707ff88d8e42aff9670f868d41c787d0c6dbfd660d668049a58b04b954962215e96180d742e67eee89731633896e22deefea088d164f707330b706e5d5fc846
csfedportal-ext.wellsfargo.com/ Name: csfedportal-ext-sv_443_infra_1
Value: !ZTc9dtNIOvz/d0cG1e5oXvASMVHfiJMCh6rzCZtFBfmJx/3WtCGk5/+SmeEBGC/KSlWLobkSC8PRgGg=
csfedportal-ext.wellsfargo.com/ Name: csfedportal-ext-sv_443_infra_2
Value: !Aza6qAu217OLjnAG1e5oXvASMVHfiH+OE572ct1Xi8OEQqH3LlZYkX+I+lmlFvWzagnZBDb0z8a4Kc4=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block