ebm.connect.wellsfargoemail.com

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 3 HTTP transactions. The main IP is 207.251.96.248, located in United States and belongs to STEALTH, US. The main domain is ebm.connect.wellsfargoemail.com.
TLS certificate: Issued by Wells Fargo Public Trust Certificatio... on August 30th 2022. Valid for: a year.

This is the only time ebm.connect.wellsfargoemail.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	207.251.96.248 207.251.96.248	8002 (STEALTH) (STEALTH)
2	173.213.4.52 173.213.4.52	53316 (ASN-CHEET...) (ASN-CHEETA-MAIL)
3	2

2 207.251.96.248 (United States) 1 redirects

ASN8002 (STEALTH, US)
PTR: ebm.dillards.wellsfargoemail.com

ebm.connect.wellsfargoemail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.213.4.52 (United States)

ASN53316 (ASN-CHEETA-MAIL, US)

f.connect.wellsfargoemail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	wellsfargoemail.com 1 redirects ebm.connect.wellsfargoemail.com f.connect.wellsfargoemail.com — Cisco Umbrella Rank: 744437	50 KB
3	1

	Domain	Requested by
2	f.connect.wellsfargoemail.com	ebm.connect.wellsfargoemail.com
2	ebm.connect.wellsfargoemail.com	1 redirects
3	2

This site contains no links.

Subject Issuer	Validity	Valid
ebm.connect.wellsfargoemail.com Wells Fargo Public Trust Certification Authority 01 G2	`2022-08-30` - `2023-09-30`	a year	crt.sh
f.connect.wellsfargoemail.com Wells Fargo Public Trust Certification Authority 01 G2	`2022-04-04` - `2023-04-04`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://ebm.connect.wellsfargoemail.com/r/regf2?aid=2082566297&n=60
Frame ID: 6BB5AA81CD33B2474A00DB2FECACE9FE
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Wells Fargo Unsubscribe Page

Page URL History Show full URLs

http://ebm.connect.wellsfargoemail.com/r/regf2?aid=2082566297&n=60 HTTP 302
https://ebm.connect.wellsfargoemail.com/r/regf2?aid=2082566297&n=60 Page URL

Page Statistics

3
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

2
IPs

1
Countries

49 kB
Transfer

49 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ebm.connect.wellsfargoemail.com/r/regf2?aid=2082566297&n=60 HTTP 302
https://ebm.connect.wellsfargoemail.com/r/regf2?aid=2082566297&n=60 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request regf2 Show response ebm.connect.wellsfargoemail.com/r/ Redirect Chain http://ebm.connect.wellsfargoemail.com/r/regf2?aid=2082566297&n=60 https://ebm.connect.wellsfargoemail.com/r/regf2?aid=2082566297&n=60	5 KB 6 KB	1038ms 702ms	Document text/html	207.251.96.248 STEALTH
General Check archive.org Show headers Download Go to Full URL https://ebm.connect.wellsfargoemail.com/r/regf2?aid=2082566297&n=60 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 207.251.96.248 , United States, ASN8002 (STEALTH, US), Reverse DNS ebm.dillards.wellsfargoemail.com Software Apache / Resource Hash `b3c89c152454fb12c8ffec6a2add4554b495aea5c6725894764e296a59641aa3` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection Keep-Alive Content-Type text/html Date Wed, 26 Oct 2022 17:04:34 GMT Keep-Alive timeout=5, max=100 P3P policyref="/w3c/p3p.xml",CP="NON DSP COR CUR ADMo DEVo TAIi IVAi IVDi OUR DELi IND PHY ONL UNI COM NAV DEM" Server Apache Transfer-Encoding chunked Redirect headers Connection Keep-Alive Content-Length 0 Location https://ebm.connect.wellsfargoemail.com/r/regf2?aid=2082566297&n=60 Server BigIP
GET H/1.1	200 OK	wfi000_6720734_WF-Advisors-logo_640x100_v2.jpg f.connect.wellsfargoemail.com/i/38/2082566297/	39 KB 39 KB	764ms 114ms	Image image/jpeg	173.213.4.52 ASN-CHEETA-MAIL
General Check archive.org Show headers Download Go to Show image Full URL https://f.connect.wellsfargoemail.com/i/38/2082566297/wfi000_6720734_WF-Advisors-logo_640x100_v2.jpg Requested by Host: ebm.connect.wellsfargoemail.com URL: https://ebm.connect.wellsfargoemail.com/r/regf2?aid=2082566297&n=60 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 173.213.4.52 , United States, ASN53316 (ASN-CHEETA-MAIL, US), Reverse DNS Software nginx / Resource Hash `35dda35514c7f98884abc393cb9880f0a9048b0da93879d14591e33e4496a1c6` Request headers accept-language de-DE,de;q=0.9 Referer https://ebm.connect.wellsfargoemail.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Wed, 26 Oct 2022 17:04:35 GMT Last-Modified Sat, 30 May 2020 02:29:58 GMT Server nginx ETag "5ed1c526-9c29" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 39977
GET H/1.1	200 OK	wfi000_6720734_WF-Advisors-logo_209x14_v2.png f.connect.wellsfargoemail.com/i/38/2082566297/	4 KB 4 KB	763ms 113ms	Image image/png	173.213.4.52 ASN-CHEETA-MAIL
General Check archive.org Show headers Download Go to Show image Full URL https://f.connect.wellsfargoemail.com/i/38/2082566297/wfi000_6720734_WF-Advisors-logo_209x14_v2.png Requested by Host: ebm.connect.wellsfargoemail.com URL: https://ebm.connect.wellsfargoemail.com/r/regf2?aid=2082566297&n=60 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 173.213.4.52 , United States, ASN53316 (ASN-CHEETA-MAIL, US), Reverse DNS Software nginx / Resource Hash `04b663d3f26d6d651e65a8b080a3889e9c51720e045b7c5f86921264824f2547` Request headers accept-language de-DE,de;q=0.9 Referer https://ebm.connect.wellsfargoemail.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Wed, 26 Oct 2022 17:04:35 GMT Last-Modified Sat, 30 May 2020 02:29:58 GMT Server nginx ETag "5ed1c526-110a" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 4362

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://ebm.connect.wellsfargoemail.com/r/regf2?aid=2082566297&n=60 Message: Mixed Content: The page at 'https://ebm.connect.wellsfargoemail.com/r/regf2?aid=2082566297&n=60' was loaded over HTTPS, but requested an insecure element 'http://f.connect.wellsfargoemail.com/i/38/2082566297/wfi000_6720734_WF-Advisors-logo_640x100_v2.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://ebm.connect.wellsfargoemail.com/r/regf2?aid=2082566297&n=60 Message: Mixed Content: The page at 'https://ebm.connect.wellsfargoemail.com/r/regf2?aid=2082566297&n=60' was loaded over HTTPS, but requested an insecure element 'http://f.connect.wellsfargoemail.com/i/38/2082566297/wfi000_6720734_WF-Advisors-logo_209x14_v2.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://ebm.connect.wellsfargoemail.com/r/regf2?aid=2082566297&n=60(Line 138) Message: Mixed Content: The page at 'https://ebm.connect.wellsfargoemail.com/r/regf2?aid=2082566297&n=60' was loaded over HTTPS, but requested an insecure element 'http://f.connect.wellsfargoemail.com/i/38/2082566297/wfi000_6720734_WF-Advisors-logo_640x100_v2.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://ebm.connect.wellsfargoemail.com/r/regf2?aid=2082566297&n=60(Line 138) Message: Mixed Content: The page at 'https://ebm.connect.wellsfargoemail.com/r/regf2?aid=2082566297&n=60' was loaded over HTTPS, but requested an insecure element 'http://f.connect.wellsfargoemail.com/i/38/2082566297/wfi000_6720734_WF-Advisors-logo_209x14_v2.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ebm.connect.wellsfargoemail.com
f.connect.wellsfargoemail.com
173.213.4.52
207.251.96.248
04b663d3f26d6d651e65a8b080a3889e9c51720e045b7c5f86921264824f2547
35dda35514c7f98884abc393cb9880f0a9048b0da93879d14591e33e4496a1c6
b3c89c152454fb12c8ffec6a2add4554b495aea5c6725894764e296a59641aa3

ebm.connect.wellsfargoemail.com Open in urlscan Pro 207.251.96.248 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

3 Requests

100 %HTTPS

0 %IPv6

1 Domains

2 Subdomains

2 IPs

1 Countries

49 kBTransfer

49 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

0 Cookies

4 Console Messages

Indicators

ebm.connect.wellsfargoemail.com Open in urlscan Pro
207.251.96.248 Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

2
IPs

1
Countries

49 kB
Transfer

49 kB
Size

0
Cookies

3 HTTP transactions
0 data transactions