confirmcard.wellsfargo.com Open in urlscan Pro
159.45.88.61 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://confirmcard.wellsfargo.com/
Submission: On October 21 via automatic, source certstream-suspicious (October 21st 2022, 1:42:16 am UTC) — Scanned from DE

Summary HTTP 27 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 2 domains to perform 27 HTTP transactions. The main IP is 159.45.88.61, located in United States and belongs to WELLSFARGO-4196, US. The main domain is confirmcard.wellsfargo.com.
TLS certificate: Issued by Wells Fargo Public Trust Certificatio... on February 2nd 2022. Valid for: a year.

This is the only time confirmcard.wellsfargo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	159.45.88.61 159.45.88.61	4196 (WELLSFARG...) (WELLSFARGO-4196)
2	23.213.161.211 23.213.161.211	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	100.22.16.82 100.22.16.82	() ()
27	4

18 159.45.88.61 (United States)

ASN4196 (WELLSFARGO-4196, US)

confirmcard.wellsfargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.213.161.211 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-213-161-211.deploy.static.akamaitechnologies.com

connect.secure.wellsfargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 100.22.16.82 (None, )

ASN- ()

pdx-col.eum-appdynamics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	wellsfargo.com confirmcard.wellsfargo.com ort.evetest.wellsfargo.com Failed connect.secure.wellsfargo.com — Cisco Umbrella Rank: 12667	729 KB
1	eum-appdynamics.com pdx-col.eum-appdynamics.com	719 B
27	2

	Domain	Requested by
18	confirmcard.wellsfargo.com	confirmcard.wellsfargo.com
2	connect.secure.wellsfargo.com	confirmcard.wellsfargo.com
1	pdx-col.eum-appdynamics.com	confirmcard.wellsfargo.com
0	ort.evetest.wellsfargo.com Failed	confirmcard.wellsfargo.com
27	4

This site contains links to these domains. Also see Links.

Domain
www.wellsfargo.com

Subject Issuer	Validity	Valid
confirmcard.wellsfargo.com Wells Fargo Public Trust Certification Authority 01 G2	`2022-02-02` - `2023-03-05`	a year	crt.sh
connect.secure.wellsfargo.com DigiCert EV RSA CA G2	`2022-10-11` - `2023-10-11`	a year	crt.sh
*.eum-appdynamics.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-14` - `2023-07-15`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://confirmcard.wellsfargo.com/
Frame ID: 0F08D7908D0B393126023E46F7A5DA2E
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Enhanced Card Activation | Wells Fargo

Detected technologies

AppDynamics (Analytics) Expand

Overall confidence: 100%
Detected patterns

adrum

Page Statistics

27
Requests

78 %
HTTPS

0 %
IPv6

2
Domains

4
Subdomains

4
IPs

2
Countries

729 kB
Transfer

1448 kB
Size

12
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.wellsfargo.com/privacy-security/
Title: Privacy, Cookies, Security & Legal

Search URL Search Domain Scan URL

URL: https://www.wellsfargo.com/privacy-security/notice-of-data-collection/
Title: Notice of Data Collection

Search URL Search Domain Scan URL

URL: https://www.wellsfargo.com/privacy-security/terms/
Title: General Terms of Use

Search URL Search Domain Scan URL

URL: https://www.wellsfargo.com/privacy-security/privacy/online/#adchoices
Title: Ad Choices

Search URL Search Domain Scan URL

URL: https://www.wellsfargo.com/privacy-security/fraud/report/
Title: Report Fraud

Search URL Search Domain Scan URL

URL: https://www.wellsfargo.com/sitemap
Title: Sitemap

Search URL Search Domain Scan URL

URL: https://www.wellsfargo.com/about/?linkLoc=footer
Title: About Wells Fargo

Search URL Search Domain Scan URL

URL: https://www.wellsfargo.com/about/careers/
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.wellsfargo.com/about/diversity/
Title: Diversity and Accessibility

Search URL Search Domain Scan URL

URL: https://www.wellsfargo.com/
Title: Home

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
confirmcard.wellsfargo.com/ 4 KB
8 KB 977ms
191ms Document
text/html 159.45.88.61
WELLSFARGO-4196

General

Check archive.org

Show headers Download Go to

Full URL

https://confirmcard.wellsfargo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.45.88.61 , United States, ASN4196 (WELLSFARGO-4196, US),

Reverse DNS

Software

Resource Hash

9a5d74a25927e02f8c00827181b51c7ed100b6c3d6656e8924d04efb6eb3cfe2

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src https: data:; script-src https://.wellsfargo.com https://.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://.wellsfargo.com: https://.wellsfargomedia.com: 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' .wellsfargo.com; connect-src https://.wellsfargo.com https://.wellsfargo.com: https://.appdynamics.com https://.appdynamics.com:* https://.eum-appdynamics.com: 'self' ; manifest-src https://.wellsfargo.com https://.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp default-src 'none'; font-src https: data:; script-src https://.wellsfargo.com https://.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://.wellsfargo.com: https://.wellsfargomedia.com: 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' .wellsfargo.com; connect-src https://.wellsfargo.com https://.wellsfargo.com: https://.appdynamics.com https://.appdynamics.com:* https://.eum-appdynamics.com: 'self' ; manifest-src https://.wellsfargo.com https://.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1;mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache, no-store, max-age=0
Content-Length: 4575
Content-Security-Policy: default-src 'none'; font-src https: data:; script-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://*.wellsfargo.com:* https://*.wellsfargomedia.com:* 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' *.wellsfargo.com; connect-src https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.appdynamics.com https://*.appdynamics.com:* https://*.eum-appdynamics.com:* 'self' ; manifest-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp default-src 'none'; font-src https: data:; script-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://*.wellsfargo.com:* https://*.wellsfargomedia.com:* 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' *.wellsfargo.com; connect-src https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.appdynamics.com https://*.appdynamics.com:* https://*.eum-appdynamics.com:* 'self' ; manifest-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp
Content-Security-Policy-report-only: default-src 'none'; font-src https: data:; script-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://*.wellsfargo.com:* https://*.wellsfargomedia.com:* 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' *.wellsfargo.com; connect-src https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.appdynamics.com https://*.appdynamics.com:* https://*.eum-appdynamics.com:* 'self' ; manifest-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp
Content-Type: text/html,charset=utf-8
Date: Fri, 21 Oct 2022 01:42:09 GMT
ETag: "0f4f05837c9d81:0"
Expires: -1
Last-Modified: Thu, 15 Sep 2022 19:14:16 GMT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload max-age=63072000; includeSubDomains;
X-Content-Type-Options: nosniff nosniff
X-Frame-Options: SAMEORIGIN SAMEORIGIN
X-Xss-Protection: 1;mode=block 1; mode=block

GET
H/1.1 200
OK 2.6d00c224.chunk.css
confirmcard.wellsfargo.com/static/css/ 199 KB
202 KB 278ms
278ms Stylesheet
text/css 159.45.88.61
WELLSFARGO-4196

General

Check archive.org

Show headers Download Go to

Full URL

https://confirmcard.wellsfargo.com/static/css/2.6d00c224.chunk.css

Requested by

Host: confirmcard.wellsfargo.com
URL: https://confirmcard.wellsfargo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.45.88.61 , United States, ASN4196 (WELLSFARGO-4196, US),

Reverse DNS

Software

Resource Hash

2c7604cae45c229be28a382f14cf37d475227fcfee3582d8dc08bb4c86527720

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src https: data:; script-src https://.wellsfargo.com https://.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://.wellsfargo.com: https://.wellsfargomedia.com: 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' .wellsfargo.com; connect-src https://.wellsfargo.com https://.wellsfargo.com: https://.appdynamics.com https://.appdynamics.com:* https://.eum-appdynamics.com: 'self' ; manifest-src https://.wellsfargo.com https://.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp, default-src 'none'; font-src https: data:; script-src https://.wellsfargo.com https://.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://.wellsfargo.com: https://.wellsfargomedia.com: 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' .wellsfargo.com; connect-src https://.wellsfargo.com https://.wellsfargo.com: https://.appdynamics.com https://.appdynamics.com:* https://.eum-appdynamics.com: 'self' ; manifest-src https://.wellsfargo.com https://.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1;mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://confirmcard.wellsfargo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'none'; font-src https: data:; script-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://*.wellsfargo.com:* https://*.wellsfargomedia.com:* 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' *.wellsfargo.com; connect-src https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.appdynamics.com https://*.appdynamics.com:* https://*.eum-appdynamics.com:* 'self' ; manifest-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp, default-src 'none'; font-src https: data:; script-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://*.wellsfargo.com:* https://*.wellsfargomedia.com:* 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' *.wellsfargo.com; connect-src https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.appdynamics.com https://*.appdynamics.com:* https://*.eum-appdynamics.com:* 'self' ; manifest-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubDomains;
X-Content-Type-Options: nosniff, nosniff
Date: Fri, 21 Oct 2022 01:42:09 GMT
Last-Modified: Thu, 15 Sep 2022 19:14:16 GMT
ETag: "0f4f05837c9d81:0"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Security-Policy-report-only: default-src 'none'; font-src https: data:; script-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://*.wellsfargo.com:* https://*.wellsfargomedia.com:* 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' *.wellsfargo.com; connect-src https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.appdynamics.com https://*.appdynamics.com:* https://*.eum-appdynamics.com:* 'self' ; manifest-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp
Content-Type: text/css,charset=utf-8
Cache-Control: no-cache, no-store, max-age=0
Accept-Ranges: bytes
Content-Length: 203934
X-Xss-Protection: 1;mode=block, 1; mode=block
Expires: -1

GET
H/1.1 200
OK main.2db92d0b.chunk.css
confirmcard.wellsfargo.com/static/css/ 80 KB
16 KB 611ms
193ms Stylesheet
text/css 159.45.88.61
WELLSFARGO-4196

General

Check archive.org

Show headers Download Go to

Full URL

https://confirmcard.wellsfargo.com/static/css/main.2db92d0b.chunk.css

Requested by

Host: confirmcard.wellsfargo.com
URL: https://confirmcard.wellsfargo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.45.88.61 , United States, ASN4196 (WELLSFARGO-4196, US),

Reverse DNS

Software

Resource Hash

666759bf619692c48a0e725fe30236b8c747fa681b63c8f2963d8634745b126b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src https: data:; script-src https://.wellsfargo.com https://.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://.wellsfargo.com: https://.wellsfargomedia.com: 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' .wellsfargo.com; connect-src https://.wellsfargo.com https://.wellsfargo.com: https://.appdynamics.com https://.appdynamics.com:* https://.eum-appdynamics.com: 'self' ; manifest-src https://.wellsfargo.com https://.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp, default-src 'none'; font-src https: data:; script-src https://.wellsfargo.com https://.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://.wellsfargo.com: https://.wellsfargomedia.com: 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' .wellsfargo.com; connect-src https://.wellsfargo.com https://.wellsfargo.com: https://.appdynamics.com https://.appdynamics.com:* https://.eum-appdynamics.com: 'self' ; manifest-src https://.wellsfargo.com https://.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1;mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://confirmcard.wellsfargo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; font-src https: data:; script-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://*.wellsfargo.com:* https://*.wellsfargomedia.com:* 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' *.wellsfargo.com; connect-src https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.appdynamics.com https://*.appdynamics.com:* https://*.eum-appdynamics.com:* 'self' ; manifest-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp, default-src 'none'; font-src https: data:; script-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://*.wellsfargo.com:* https://*.wellsfargomedia.com:* 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' *.wellsfargo.com; connect-src https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.appdynamics.com https://*.appdynamics.com:* https://*.eum-appdynamics.com:* 'self' ; manifest-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubDomains;
Date: Fri, 21 Oct 2022 01:42:09 GMT
Content-Security-Policy-report-only: default-src 'none'; font-src https: data:; script-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://*.wellsfargo.com:* https://*.wellsfargomedia.com:* 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' *.wellsfargo.com; connect-src https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.appdynamics.com https://*.appdynamics.com:* https://*.eum-appdynamics.com:* 'self' ; manifest-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp
Content-Length: 14177
X-Xss-Protection: 1;mode=block, 1; mode=block
Pragma: no-cache
Last-Modified: Thu, 15 Sep 2022 19:14:16 GMT
ETag: "0f4f05837c9d81:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: text/css,charset=utf-8
Cache-Control: no-cache, no-store, max-age=0
Accept-Ranges: bytes
Expires: -1

GET
H/1.1 200
OK runtime-main.88c0dcf5.js Show response
confirmcard.wellsfargo.com/static/js/ 2 KB
5 KB 574ms
150ms Script
application/javascript 159.45.88.61
WELLSFARGO-4196

General

Check archive.org

Show headers Download Go to

Full URL

https://confirmcard.wellsfargo.com/static/js/runtime-main.88c0dcf5.js

Requested by

Host: confirmcard.wellsfargo.com
URL: https://confirmcard.wellsfargo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.45.88.61 , United States, ASN4196 (WELLSFARGO-4196, US),

Reverse DNS

Software

Resource Hash

f4414dd69af578ae1cc99baa9daea73de231e9c85eeb684546b4b24d5cc2fbae

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src https: data:; script-src https://.wellsfargo.com https://.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://.wellsfargo.com: https://.wellsfargomedia.com: 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' .wellsfargo.com; connect-src https://.wellsfargo.com https://.wellsfargo.com: https://.appdynamics.com https://.appdynamics.com:* https://.eum-appdynamics.com: 'self' ; manifest-src https://.wellsfargo.com https://.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp, default-src 'none'; font-src https: data:; script-src https://.wellsfargo.com https://.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://.wellsfargo.com: https://.wellsfargomedia.com: 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' .wellsfargo.com; connect-src https://.wellsfargo.com https://.wellsfargo.com: https://.appdynamics.com https://.appdynamics.com:* https://.eum-appdynamics.com: 'self' ; manifest-src https://.wellsfargo.com https://.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1;mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://confirmcard.wellsfargo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'none'; font-src https: data:; script-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://*.wellsfargo.com:* https://*.wellsfargomedia.com:* 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' *.wellsfargo.com; connect-src https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.appdynamics.com https://*.appdynamics.com:* https://*.eum-appdynamics.com:* 'self' ; manifest-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp, default-src 'none'; font-src https: data:; script-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://*.wellsfargo.com:* https://*.wellsfargomedia.com:* 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' *.wellsfargo.com; connect-src https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.appdynamics.com https://*.appdynamics.com:* https://*.eum-appdynamics.com:* 'self' ; manifest-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubDomains;
X-Content-Type-Options: nosniff, nosniff
Date: Fri, 21 Oct 2022 01:42:09 GMT
Last-Modified: Thu, 15 Sep 2022 19:14:16 GMT
ETag: "0f4f05837c9d81:0"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Security-Policy-report-only: default-src 'none'; font-src https: data:; script-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://*.wellsfargo.com:* https://*.wellsfargomedia.com:* 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' *.wellsfargo.com; connect-src https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.appdynamics.com https://*.appdynamics.com:* https://*.eum-appdynamics.com:* 'self' ; manifest-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp
Content-Type: application/javascript,charset=utf-8
Cache-Control: no-cache, no-store, max-age=0
Accept-Ranges: bytes
Content-Length: 2348
X-Xss-Protection: 1;mode=block, 1; mode=block
Expires: -1

GET
H/1.1 200
OK 2.cfbec9cf.chunk.js Show response
confirmcard.wellsfargo.com/static/js/ 651 KB
207 KB 1001ms
575ms Script
application/javascript 159.45.88.61
WELLSFARGO-4196

General

Check archive.org

Show headers Download Go to

Full URL

https://confirmcard.wellsfargo.com/static/js/2.cfbec9cf.chunk.js

Requested by

Host: confirmcard.wellsfargo.com
URL: https://confirmcard.wellsfargo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.45.88.61 , United States, ASN4196 (WELLSFARGO-4196, US),

Reverse DNS

Software

Resource Hash

ab38621e55b805d723875e4a55075df51d8d456f6cb5311a6d280decc5b3cf96

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src https: data:; script-src https://.wellsfargo.com https://.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://.wellsfargo.com: https://.wellsfargomedia.com: 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' .wellsfargo.com; connect-src https://.wellsfargo.com https://.wellsfargo.com: https://.appdynamics.com https://.appdynamics.com:* https://.eum-appdynamics.com: 'self' ; manifest-src https://.wellsfargo.com https://.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp, default-src 'none'; font-src https: data:; script-src https://.wellsfargo.com https://.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://.wellsfargo.com: https://.wellsfargomedia.com: 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' .wellsfargo.com; connect-src https://.wellsfargo.com https://.wellsfargo.com: https://.appdynamics.com https://.appdynamics.com:* https://.eum-appdynamics.com: 'self' ; manifest-src https://.wellsfargo.com https://.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1;mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://confirmcard.wellsfargo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; font-src https: data:; script-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://*.wellsfargo.com:* https://*.wellsfargomedia.com:* 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' *.wellsfargo.com; connect-src https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.appdynamics.com https://*.appdynamics.com:* https://*.eum-appdynamics.com:* 'self' ; manifest-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp, default-src 'none'; font-src https: data:; script-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://*.wellsfargo.com:* https://*.wellsfargomedia.com:* 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' *.wellsfargo.com; connect-src https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.appdynamics.com https://*.appdynamics.com:* https://*.eum-appdynamics.com:* 'self' ; manifest-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubDomains;
Date: Fri, 21 Oct 2022 01:42:10 GMT
Content-Security-Policy-report-only: default-src 'none'; font-src https: data:; script-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://*.wellsfargo.com:* https://*.wellsfargomedia.com:* 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' *.wellsfargo.com; connect-src https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.appdynamics.com https://*.appdynamics.com:* https://*.eum-appdynamics.com:* 'self' ; manifest-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp
Content-Length: 209395
X-Xss-Protection: 1;mode=block, 1; mode=block
Pragma: no-cache
Last-Modified: Thu, 15 Sep 2022 19:14:16 GMT
ETag: "0f4f05837c9d81:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: application/javascript,charset=utf-8
Cache-Control: no-cache, no-store, max-age=0
Accept-Ranges: bytes
Expires: -1

GET
H/1.1 200
OK main.e21cad15.chunk.js Show response
confirmcard.wellsfargo.com/static/js/ 160 KB
66 KB 622ms
196ms Script
application/javascript 159.45.88.61
WELLSFARGO-4196

General

Check archive.org

Show headers Download Go to

Full URL

https://confirmcard.wellsfargo.com/static/js/main.e21cad15.chunk.js

Requested by

Host: confirmcard.wellsfargo.com
URL: https://confirmcard.wellsfargo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.45.88.61 , United States, ASN4196 (WELLSFARGO-4196, US),

Reverse DNS

Software

Resource Hash

ec55d9f713e15dd2f74af09a2df8419c4d65aed9bca5533b94f647dc4c502f2e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src https: data:; script-src https://.wellsfargo.com https://.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://.wellsfargo.com: https://.wellsfargomedia.com: 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' .wellsfargo.com; connect-src https://.wellsfargo.com https://.wellsfargo.com: https://.appdynamics.com https://.appdynamics.com:* https://.eum-appdynamics.com: 'self' ; manifest-src https://.wellsfargo.com https://.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp, default-src 'none'; font-src https: data:; script-src https://.wellsfargo.com https://.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://.wellsfargo.com: https://.wellsfargomedia.com: 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' .wellsfargo.com; connect-src https://.wellsfargo.com https://.wellsfargo.com: https://.appdynamics.com https://.appdynamics.com:* https://.eum-appdynamics.com: 'self' ; manifest-src https://.wellsfargo.com https://.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1;mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://confirmcard.wellsfargo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; font-src https: data:; script-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://*.wellsfargo.com:* https://*.wellsfargomedia.com:* 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' *.wellsfargo.com; connect-src https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.appdynamics.com https://*.appdynamics.com:* https://*.eum-appdynamics.com:* 'self' ; manifest-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp, default-src 'none'; font-src https: data:; script-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://*.wellsfargo.com:* https://*.wellsfargomedia.com:* 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' *.wellsfargo.com; connect-src https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.appdynamics.com https://*.appdynamics.com:* https://*.eum-appdynamics.com:* 'self' ; manifest-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubDomains;
Date: Fri, 21 Oct 2022 01:42:09 GMT
Content-Security-Policy-report-only: default-src 'none'; font-src https: data:; script-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://*.wellsfargo.com:* https://*.wellsfargomedia.com:* 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' *.wellsfargo.com; connect-src https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.appdynamics.com https://*.appdynamics.com:* https://*.eum-appdynamics.com:* 'self' ; manifest-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp
Content-Length: 65371
X-Xss-Protection: 1;mode=block, 1; mode=block
Pragma: no-cache
Last-Modified: Thu, 15 Sep 2022 19:14:16 GMT
ETag: "0f4f05837c9d81:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: application/javascript,charset=utf-8
Cache-Control: no-cache, no-store, max-age=0
Accept-Ranges: bytes
Expires: -1

POST csp
ort.evetest.wellsfargo.com/reporting/ 0
0

GET
DATA 200
OK truncated
/ 387 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: edbc244d63fc9a59c97ad9c6965ca2f5d4ce3dc60d8afb5395a4d303ae156a0c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK ecaconfig Show response
confirmcard.wellsfargo.com/ecawebapi/api/ 382 B
3 KB 160ms
160ms XHR
application/json 159.45.88.61
WELLSFARGO-4196

General

Check archive.org

Show headers Download Go to

Full URL

https://confirmcard.wellsfargo.com/ecawebapi/api/ecaconfig?language=en&flowind=U&partner=gpcc&useraction=

Requested by

Host: confirmcard.wellsfargo.com
URL: https://confirmcard.wellsfargo.com/static/js/2.cfbec9cf.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.45.88.61 , United States, ASN4196 (WELLSFARGO-4196, US),

Reverse DNS

Software

Resource Hash

49d7a7ce363727ef00f5089ef73567fa86d3c1dc318c5199f4cef16885ba4854

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src https: data:; script-src https://.wellsfargo.com https://.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://.wellsfargo.com: https://.wellsfargomedia.com: 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' .wellsfargo.com; connect-src https://.wellsfargo.com https://.wellsfargo.com: https://.appdynamics.com https://.appdynamics.com:* https://.eum-appdynamics.com: 'self' ; manifest-src https://.wellsfargo.com https://.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp, default-src 'none'; font-src https: data:; script-src https://.wellsfargo.com https://.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://.wellsfargo.com: https://.wellsfargomedia.com: 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' .wellsfargo.com; connect-src https://.wellsfargo.com https://.wellsfargo.com: https://.appdynamics.com https://.appdynamics.com:* https://.eum-appdynamics.com: 'self' ; manifest-src https://.wellsfargo.com https://.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1;mode=block, 1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://confirmcard.wellsfargo.com/
accept-language: de-DE,de;q=0.9
WF-senderMessageId: dfc74feb-d0ca-4a9f-93b8-ecd7610d13dd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'none'; font-src https: data:; script-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://*.wellsfargo.com:* https://*.wellsfargomedia.com:* 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' *.wellsfargo.com; connect-src https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.appdynamics.com https://*.appdynamics.com:* https://*.eum-appdynamics.com:* 'self' ; manifest-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp, default-src 'none'; font-src https: data:; script-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://*.wellsfargo.com:* https://*.wellsfargomedia.com:* 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' *.wellsfargo.com; connect-src https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.appdynamics.com https://*.appdynamics.com:* https://*.eum-appdynamics.com:* 'self' ; manifest-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubDomains;
X-Content-Type-Options: nosniff, nosniff
Date: Fri, 21 Oct 2022 01:42:10 GMT
api-supported-versions: 1.0
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Security-Policy-report-only: default-src 'none'; font-src https: data:; script-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://*.wellsfargo.com:* https://*.wellsfargomedia.com:* 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' *.wellsfargo.com; connect-src https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.appdynamics.com https://*.appdynamics.com:* https://*.eum-appdynamics.com:* 'self' ; manifest-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp
Content-Type: application/json; charset=utf-8,charset=utf-8
Cache-Control: no-cache, no-store, max-age=0
Content-Length: 382
X-Xss-Protection: 1;mode=block, 1; mode=block
Expires: -1

GET
H/1.1 200
OK switch Show response
confirmcard.wellsfargo.com/ecawebapi/api/ 322 B
3 KB 259ms
259ms XHR
application/json 159.45.88.61
WELLSFARGO-4196

General

Check archive.org

Show headers Download Go to

Full URL

https://confirmcard.wellsfargo.com/ecawebapi/api/switch

Requested by

Host: confirmcard.wellsfargo.com
URL: https://confirmcard.wellsfargo.com/static/js/2.cfbec9cf.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.45.88.61 , United States, ASN4196 (WELLSFARGO-4196, US),

Reverse DNS

Software

Resource Hash

17aa1de3ab95d4b5318bb278a0066b8697df7c3dcc74efea947cb4b13119820a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src https: data:; script-src https://.wellsfargo.com https://.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://.wellsfargo.com: https://.wellsfargomedia.com: 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' .wellsfargo.com; connect-src https://.wellsfargo.com https://.wellsfargo.com: https://.appdynamics.com https://.appdynamics.com:* https://.eum-appdynamics.com: 'self' ; manifest-src https://.wellsfargo.com https://.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp, default-src 'none'; font-src https: data:; script-src https://.wellsfargo.com https://.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://.wellsfargo.com: https://.wellsfargomedia.com: 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' .wellsfargo.com; connect-src https://.wellsfargo.com https://.wellsfargo.com: https://.appdynamics.com https://.appdynamics.com:* https://.eum-appdynamics.com: 'self' ; manifest-src https://.wellsfargo.com https://.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1;mode=block, 1; mode=block

Request headers

WF-senderSubApplicationID: ECA
WF-senderHostName: confirmcard.wellsfargo.com
X-APPCERT-MANUAL: IGTWY
accept-language: de-DE,de;q=0.9
WF-senderMessageId: dfc74feb-d0ca-4a9f-93b8-ecd7610d13dd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Accept: application/json, text/plain, */*
Cache-Control: no-cache
Referer: https://confirmcard.wellsfargo.com/
WF-senderApplicationId: ECA
Partner: gpcc
WF-deliveryChannelType: ECA
WF-creationTimeStamp: 2022-10-21T01:42:11.664Z

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'none'; font-src https: data:; script-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://*.wellsfargo.com:* https://*.wellsfargomedia.com:* 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' *.wellsfargo.com; connect-src https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.appdynamics.com https://*.appdynamics.com:* https://*.eum-appdynamics.com:* 'self' ; manifest-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp, default-src 'none'; font-src https: data:; script-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://*.wellsfargo.com:* https://*.wellsfargomedia.com:* 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' *.wellsfargo.com; connect-src https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.appdynamics.com https://*.appdynamics.com:* https://*.eum-appdynamics.com:* 'self' ; manifest-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubDomains;
X-Content-Type-Options: nosniff, nosniff
Date: Fri, 21 Oct 2022 01:42:11 GMT
api-supported-versions: 1.0
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Security-Policy-report-only: default-src 'none'; font-src https: data:; script-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://*.wellsfargo.com:* https://*.wellsfargomedia.com:* 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' *.wellsfargo.com; connect-src https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.appdynamics.com https://*.appdynamics.com:* https://*.eum-appdynamics.com:* 'self' ; manifest-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp
Content-Type: application/json; charset=utf-8,charset=utf-8
Cache-Control: no-cache, no-store, max-age=0
Content-Length: 322
X-Xss-Protection: 1;mode=block, 1; mode=block
Expires: -1

GET
H/1.1 200
OK / Show response
connect.secure.wellsfargo.com/jenny/nd/w-642409/sync/js/ 50 KB
18 KB 728ms
565ms Script
application/javascript 23.213.161.211
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/jenny/nd/w-642409/sync/js/

Requested by

Host: confirmcard.wellsfargo.com
URL: https://confirmcard.wellsfargo.com/static/js/main.e21cad15.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.213.161.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-213-161-211.deploy.static.akamaitechnologies.com

Software

Resource Hash

fedcfb8e2f0b7c29240f138dcfb5d5e5d06f6d7c73bf724aa9a49b39ff349295

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://confirmcard.wellsfargo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Fri, 21 Oct 2022 01:42:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Vary: accept-encoding
X-Frame-Options: DENY
Content-Type: application/javascript;charset=ISO-8859-1
Connection: keep-alive
Content-Length: 16918
X-XSS-Protection: 1; mode=block

GET
H/1.1 404
Not Found WellsFargoSerif_Rg.1307bad2.otf
confirmcard.wellsfargo.com/static/media/ 0
0 143ms
142ms Font
text/html 159.45.88.61
WELLSFARGO-4196

General

Check archive.org

Show headers Download Go to

Full URL

https://confirmcard.wellsfargo.com/static/media/WellsFargoSerif_Rg.1307bad2.otf

Requested by

Host: confirmcard.wellsfargo.com
URL: https://confirmcard.wellsfargo.com/static/css/main.2db92d0b.chunk.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.45.88.61 , United States, ASN4196 (WELLSFARGO-4196, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src https: data:; script-src https://.wellsfargo.com https://.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://.wellsfargo.com: https://.wellsfargomedia.com: 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' .wellsfargo.com; connect-src https://.wellsfargo.com https://.wellsfargo.com: https://.appdynamics.com https://.appdynamics.com:* https://.eum-appdynamics.com: 'self' ; manifest-src https://.wellsfargo.com https://.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://confirmcard.wellsfargo.com/static/css/main.2db92d0b.chunk.css
Origin: https://confirmcard.wellsfargo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Security-Policy: default-src 'none'; font-src https: data:; script-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://*.wellsfargo.com:* https://*.wellsfargomedia.com:* 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' *.wellsfargo.com; connect-src https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.appdynamics.com https://*.appdynamics.com:* https://*.eum-appdynamics.com:* 'self' ; manifest-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp
X-Content-Type-Options: nosniff
Date: Fri, 21 Oct 2022 01:42:11 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/html
X-Cnection: close
Content-Length: 1245
X-Xss-Protection: 1; mode=block

GET
H/1.1 404
Not Found WellsFargoSans_Rg.0fa8f797.otf
confirmcard.wellsfargo.com/static/media/ 0
0 142ms
141ms Font
text/html 159.45.88.61
WELLSFARGO-4196

General

Check archive.org

Show headers Download Go to

Full URL

https://confirmcard.wellsfargo.com/static/media/WellsFargoSans_Rg.0fa8f797.otf

Requested by

Host: confirmcard.wellsfargo.com
URL: https://confirmcard.wellsfargo.com/static/css/main.2db92d0b.chunk.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.45.88.61 , United States, ASN4196 (WELLSFARGO-4196, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src https: data:; script-src https://.wellsfargo.com https://.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://.wellsfargo.com: https://.wellsfargomedia.com: 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' .wellsfargo.com; connect-src https://.wellsfargo.com https://.wellsfargo.com: https://.appdynamics.com https://.appdynamics.com:* https://.eum-appdynamics.com: 'self' ; manifest-src https://.wellsfargo.com https://.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://confirmcard.wellsfargo.com/static/css/main.2db92d0b.chunk.css
Origin: https://confirmcard.wellsfargo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Security-Policy: default-src 'none'; font-src https: data:; script-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://*.wellsfargo.com:* https://*.wellsfargomedia.com:* 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' *.wellsfargo.com; connect-src https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.appdynamics.com https://*.appdynamics.com:* https://*.eum-appdynamics.com:* 'self' ; manifest-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp
X-Content-Type-Options: nosniff
Date: Fri, 21 Oct 2022 01:42:11 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/html
X-Cnection: close
Content-Length: 1245
X-Xss-Protection: 1; mode=block

GET
H/1.1 404
Not Found WellsFargoSans_SBd.14f9aeb5.otf
confirmcard.wellsfargo.com/static/media/ 0
0 140ms
140ms Font
text/html 159.45.88.61
WELLSFARGO-4196

General

Check archive.org

Show headers Download Go to

Full URL

https://confirmcard.wellsfargo.com/static/media/WellsFargoSans_SBd.14f9aeb5.otf

Requested by

Host: confirmcard.wellsfargo.com
URL: https://confirmcard.wellsfargo.com/static/css/main.2db92d0b.chunk.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.45.88.61 , United States, ASN4196 (WELLSFARGO-4196, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src https: data:; script-src https://.wellsfargo.com https://.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://.wellsfargo.com: https://.wellsfargomedia.com: 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' .wellsfargo.com; connect-src https://.wellsfargo.com https://.wellsfargo.com: https://.appdynamics.com https://.appdynamics.com:* https://.eum-appdynamics.com: 'self' ; manifest-src https://.wellsfargo.com https://.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://confirmcard.wellsfargo.com/static/css/main.2db92d0b.chunk.css
Origin: https://confirmcard.wellsfargo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Security-Policy: default-src 'none'; font-src https: data:; script-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://*.wellsfargo.com:* https://*.wellsfargomedia.com:* 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' *.wellsfargo.com; connect-src https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.appdynamics.com https://*.appdynamics.com:* https://*.eum-appdynamics.com:* 'self' ; manifest-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp
X-Content-Type-Options: nosniff
Date: Fri, 21 Oct 2022 01:42:11 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/html
X-Cnection: close
Content-Length: 1245
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK adrum-latest.js Show response
confirmcard.wellsfargo.com/script/ 107 KB
36 KB 155ms
155ms Script
application/javascript 159.45.88.61
WELLSFARGO-4196

General

Check archive.org

Show headers Download Go to

Full URL

https://confirmcard.wellsfargo.com/script/adrum-latest.js

Requested by

Host: confirmcard.wellsfargo.com
URL: https://confirmcard.wellsfargo.com/static/js/main.e21cad15.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.45.88.61 , United States, ASN4196 (WELLSFARGO-4196, US),

Reverse DNS

Software

Resource Hash

1b6ed47900ccab396eb193e8e9805fe6e708ec1e28366f17885dc188576d63a8

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src https: data:; script-src https://.wellsfargo.com https://.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://.wellsfargo.com: https://.wellsfargomedia.com: 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' .wellsfargo.com; connect-src https://.wellsfargo.com https://.wellsfargo.com: https://.appdynamics.com https://.appdynamics.com:* https://.eum-appdynamics.com: 'self' ; manifest-src https://.wellsfargo.com https://.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp, default-src 'none'; font-src https: data:; script-src https://.wellsfargo.com https://.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://.wellsfargo.com: https://.wellsfargomedia.com: 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' .wellsfargo.com; connect-src https://.wellsfargo.com https://.wellsfargo.com: https://.appdynamics.com https://.appdynamics.com:* https://.eum-appdynamics.com: 'self' ; manifest-src https://.wellsfargo.com https://.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1;mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://confirmcard.wellsfargo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; font-src https: data:; script-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://*.wellsfargo.com:* https://*.wellsfargomedia.com:* 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' *.wellsfargo.com; connect-src https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.appdynamics.com https://*.appdynamics.com:* https://*.eum-appdynamics.com:* 'self' ; manifest-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp, default-src 'none'; font-src https: data:; script-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://*.wellsfargo.com:* https://*.wellsfargomedia.com:* 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' *.wellsfargo.com; connect-src https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.appdynamics.com https://*.appdynamics.com:* https://*.eum-appdynamics.com:* 'self' ; manifest-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubDomains;
Date: Fri, 21 Oct 2022 01:42:11 GMT
Content-Security-Policy-report-only: default-src 'none'; font-src https: data:; script-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://*.wellsfargo.com:* https://*.wellsfargomedia.com:* 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' *.wellsfargo.com; connect-src https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.appdynamics.com https://*.appdynamics.com:* https://*.eum-appdynamics.com:* 'self' ; manifest-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp
Content-Length: 33878
X-Xss-Protection: 1;mode=block, 1; mode=block
Pragma: no-cache
Last-Modified: Thu, 15 Sep 2022 19:14:16 GMT
ETag: "0f4f05837c9d81:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: application/javascript,charset=utf-8
Cache-Control: no-cache, no-store, max-age=0
Accept-Ranges: bytes
Expires: -1

GET
H/1.1 200
OK masthead-wf-logo-879x92.1e4d6f4c.svg
confirmcard.wellsfargo.com/static/media/ 5 KB
8 KB 184ms
183ms Image
image/svg+xml 159.45.88.61
WELLSFARGO-4196

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://confirmcard.wellsfargo.com/static/media/masthead-wf-logo-879x92.1e4d6f4c.svg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.45.88.61 , United States, ASN4196 (WELLSFARGO-4196, US),

Reverse DNS

Software

Resource Hash

c6ff187a26f683c14b53fba26964ff0c295b7e640c06b0889be8f50b781ec356

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src https: data:; script-src https://.wellsfargo.com https://.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://.wellsfargo.com: https://.wellsfargomedia.com: 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' .wellsfargo.com; connect-src https://.wellsfargo.com https://.wellsfargo.com: https://.appdynamics.com https://.appdynamics.com:* https://.eum-appdynamics.com: 'self' ; manifest-src https://.wellsfargo.com https://.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp, default-src 'none'; font-src https: data:; script-src https://.wellsfargo.com https://.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://.wellsfargo.com: https://.wellsfargomedia.com: 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' .wellsfargo.com; connect-src https://.wellsfargo.com https://.wellsfargo.com: https://.appdynamics.com https://.appdynamics.com:* https://.eum-appdynamics.com: 'self' ; manifest-src https://.wellsfargo.com https://.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1;mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://confirmcard.wellsfargo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'none'; font-src https: data:; script-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://*.wellsfargo.com:* https://*.wellsfargomedia.com:* 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' *.wellsfargo.com; connect-src https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.appdynamics.com https://*.appdynamics.com:* https://*.eum-appdynamics.com:* 'self' ; manifest-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp, default-src 'none'; font-src https: data:; script-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://*.wellsfargo.com:* https://*.wellsfargomedia.com:* 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' *.wellsfargo.com; connect-src https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.appdynamics.com https://*.appdynamics.com:* https://*.eum-appdynamics.com:* 'self' ; manifest-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubDomains;
X-Content-Type-Options: nosniff, nosniff
Date: Fri, 21 Oct 2022 01:42:11 GMT
Last-Modified: Thu, 15 Sep 2022 19:14:16 GMT
ETag: "0f4f05837c9d81:0"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Security-Policy-report-only: default-src 'none'; font-src https: data:; script-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://*.wellsfargo.com:* https://*.wellsfargomedia.com:* 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' *.wellsfargo.com; connect-src https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.appdynamics.com https://*.appdynamics.com:* https://*.eum-appdynamics.com:* 'self' ; manifest-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp
Content-Type: image/svg+xml,charset=utf-8
Cache-Control: no-cache, no-store, max-age=0
Accept-Ranges: bytes
Content-Length: 5571
X-Xss-Protection: 1;mode=block, 1; mode=block
Expires: -1

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 267d09b20ea01ac32b4806b0f10b61e0e2087fd3744c9916ac71d4674429314b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9356302bb3a91c0bfa69663ab57a0c71b08fa3c47aa12ebd33cdc85d7a771897

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK card-cvv-nonamex.84bb5108.png
confirmcard.wellsfargo.com/static/media/ 41 KB
43 KB 305ms
190ms Image
image/png 159.45.88.61
WELLSFARGO-4196

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://confirmcard.wellsfargo.com/static/media/card-cvv-nonamex.84bb5108.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.45.88.61 , United States, ASN4196 (WELLSFARGO-4196, US),

Reverse DNS

Software

Resource Hash

15f651b3112a7c236748e50cf09ca65f89d95101d2bdb8aba6ee14b88e393c08

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src https: data:; script-src https://.wellsfargo.com https://.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://.wellsfargo.com: https://.wellsfargomedia.com: 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' .wellsfargo.com; connect-src https://.wellsfargo.com https://.wellsfargo.com: https://.appdynamics.com https://.appdynamics.com:* https://.eum-appdynamics.com: 'self' ; manifest-src https://.wellsfargo.com https://.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp, default-src 'none'; font-src https: data:; script-src https://.wellsfargo.com https://.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://.wellsfargo.com: https://.wellsfargomedia.com: 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' .wellsfargo.com; connect-src https://.wellsfargo.com https://.wellsfargo.com: https://.appdynamics.com https://.appdynamics.com:* https://.eum-appdynamics.com: 'self' ; manifest-src https://.wellsfargo.com https://.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1;mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://confirmcard.wellsfargo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'none'; font-src https: data:; script-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://*.wellsfargo.com:* https://*.wellsfargomedia.com:* 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' *.wellsfargo.com; connect-src https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.appdynamics.com https://*.appdynamics.com:* https://*.eum-appdynamics.com:* 'self' ; manifest-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp, default-src 'none'; font-src https: data:; script-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://*.wellsfargo.com:* https://*.wellsfargomedia.com:* 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' *.wellsfargo.com; connect-src https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.appdynamics.com https://*.appdynamics.com:* https://*.eum-appdynamics.com:* 'self' ; manifest-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubDomains;
X-Content-Type-Options: nosniff, nosniff
Date: Fri, 21 Oct 2022 01:42:11 GMT
Last-Modified: Thu, 15 Sep 2022 19:14:16 GMT
ETag: "0f4f05837c9d81:0"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Security-Policy-report-only: default-src 'none'; font-src https: data:; script-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://*.wellsfargo.com:* https://*.wellsfargomedia.com:* 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' *.wellsfargo.com; connect-src https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.appdynamics.com https://*.appdynamics.com:* https://*.eum-appdynamics.com:* 'self' ; manifest-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp
Content-Type: image/png,charset=utf-8
Cache-Control: no-cache, no-store, max-age=0
Accept-Ranges: bytes
Content-Length: 41574
X-Xss-Protection: 1;mode=block, 1; mode=block
Expires: -1

GET
H/1.1 200
OK WellsFargoSans_W_SBd.ae362c31.woff
confirmcard.wellsfargo.com/static/media/ 27 KB
29 KB 191ms
189ms Font
font/x-woff 159.45.88.61
WELLSFARGO-4196

General

Check archive.org

Show headers Download Go to

Full URL

https://confirmcard.wellsfargo.com/static/media/WellsFargoSans_W_SBd.ae362c31.woff

Requested by

Host: confirmcard.wellsfargo.com
URL: https://confirmcard.wellsfargo.com/static/css/main.2db92d0b.chunk.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.45.88.61 , United States, ASN4196 (WELLSFARGO-4196, US),

Reverse DNS

Software

Resource Hash

178500e4966aa916264480d83ed5def33333cc703ea7e1de1009e057df8eea0d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src https: data:; script-src https://.wellsfargo.com https://.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://.wellsfargo.com: https://.wellsfargomedia.com: 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' .wellsfargo.com; connect-src https://.wellsfargo.com https://.wellsfargo.com: https://.appdynamics.com https://.appdynamics.com:* https://.eum-appdynamics.com: 'self' ; manifest-src https://.wellsfargo.com https://.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp, default-src 'none'; font-src https: data:; script-src https://.wellsfargo.com https://.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://.wellsfargo.com: https://.wellsfargomedia.com: 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' .wellsfargo.com; connect-src https://.wellsfargo.com https://.wellsfargo.com: https://.appdynamics.com https://.appdynamics.com:* https://.eum-appdynamics.com: 'self' ; manifest-src https://.wellsfargo.com https://.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1;mode=block, 1; mode=block

Request headers

Referer: https://confirmcard.wellsfargo.com/static/css/main.2db92d0b.chunk.css
Origin: https://confirmcard.wellsfargo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'none'; font-src https: data:; script-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://*.wellsfargo.com:* https://*.wellsfargomedia.com:* 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' *.wellsfargo.com; connect-src https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.appdynamics.com https://*.appdynamics.com:* https://*.eum-appdynamics.com:* 'self' ; manifest-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp, default-src 'none'; font-src https: data:; script-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://*.wellsfargo.com:* https://*.wellsfargomedia.com:* 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' *.wellsfargo.com; connect-src https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.appdynamics.com https://*.appdynamics.com:* https://*.eum-appdynamics.com:* 'self' ; manifest-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubDomains;
X-Content-Type-Options: nosniff, nosniff
Date: Fri, 21 Oct 2022 01:42:11 GMT
Last-Modified: Thu, 15 Sep 2022 19:14:16 GMT
ETag: "0f4f05837c9d81:0"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Security-Policy-report-only: default-src 'none'; font-src https: data:; script-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://*.wellsfargo.com:* https://*.wellsfargomedia.com:* 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' *.wellsfargo.com; connect-src https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.appdynamics.com https://*.appdynamics.com:* https://*.eum-appdynamics.com:* 'self' ; manifest-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp
Content-Type: font/x-woff,charset=utf-8
Cache-Control: no-cache, no-store, max-age=0
Accept-Ranges: bytes
Content-Length: 27448
X-Xss-Protection: 1;mode=block, 1; mode=block
Expires: -1

GET
H/1.1 200
OK WellsFargoSans_W_Rg.0e3d2c14.woff
confirmcard.wellsfargo.com/static/media/ 27 KB
29 KB 152ms
152ms Font
font/x-woff 159.45.88.61
WELLSFARGO-4196

General

Check archive.org

Show headers Download Go to

Full URL

https://confirmcard.wellsfargo.com/static/media/WellsFargoSans_W_Rg.0e3d2c14.woff

Requested by

Host: confirmcard.wellsfargo.com
URL: https://confirmcard.wellsfargo.com/static/css/main.2db92d0b.chunk.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.45.88.61 , United States, ASN4196 (WELLSFARGO-4196, US),

Reverse DNS

Software

Resource Hash

49306ebc5e31624d95ca16e0be08e32a73d163498e648a926e25f15027d9f5d6

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src https: data:; script-src https://.wellsfargo.com https://.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://.wellsfargo.com: https://.wellsfargomedia.com: 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' .wellsfargo.com; connect-src https://.wellsfargo.com https://.wellsfargo.com: https://.appdynamics.com https://.appdynamics.com:* https://.eum-appdynamics.com: 'self' ; manifest-src https://.wellsfargo.com https://.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp, default-src 'none'; font-src https: data:; script-src https://.wellsfargo.com https://.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://.wellsfargo.com: https://.wellsfargomedia.com: 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' .wellsfargo.com; connect-src https://.wellsfargo.com https://.wellsfargo.com: https://.appdynamics.com https://.appdynamics.com:* https://.eum-appdynamics.com: 'self' ; manifest-src https://.wellsfargo.com https://.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1;mode=block, 1; mode=block

Request headers

Referer: https://confirmcard.wellsfargo.com/static/css/main.2db92d0b.chunk.css
Origin: https://confirmcard.wellsfargo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'none'; font-src https: data:; script-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://*.wellsfargo.com:* https://*.wellsfargomedia.com:* 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' *.wellsfargo.com; connect-src https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.appdynamics.com https://*.appdynamics.com:* https://*.eum-appdynamics.com:* 'self' ; manifest-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp, default-src 'none'; font-src https: data:; script-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://*.wellsfargo.com:* https://*.wellsfargomedia.com:* 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' *.wellsfargo.com; connect-src https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.appdynamics.com https://*.appdynamics.com:* https://*.eum-appdynamics.com:* 'self' ; manifest-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubDomains;
X-Content-Type-Options: nosniff, nosniff
Date: Fri, 21 Oct 2022 01:42:11 GMT
Last-Modified: Thu, 15 Sep 2022 19:14:16 GMT
ETag: "0f4f05837c9d81:0"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Security-Policy-report-only: default-src 'none'; font-src https: data:; script-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://*.wellsfargo.com:* https://*.wellsfargomedia.com:* 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' *.wellsfargo.com; connect-src https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.appdynamics.com https://*.appdynamics.com:* https://*.eum-appdynamics.com:* 'self' ; manifest-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp
Content-Type: font/x-woff,charset=utf-8
Cache-Control: no-cache, no-store, max-age=0
Accept-Ranges: bytes
Content-Length: 27248
X-Xss-Protection: 1;mode=block, 1; mode=block
Expires: -1

GET
H/1.1 200
OK WellsFargoSerif_W_Rg.82c551eb.woff
confirmcard.wellsfargo.com/static/media/ 31 KB
34 KB 203ms
181ms Font
font/x-woff 159.45.88.61
WELLSFARGO-4196

General

Check archive.org

Show headers Download Go to

Full URL

https://confirmcard.wellsfargo.com/static/media/WellsFargoSerif_W_Rg.82c551eb.woff

Requested by

Host: confirmcard.wellsfargo.com
URL: https://confirmcard.wellsfargo.com/static/css/main.2db92d0b.chunk.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.45.88.61 , United States, ASN4196 (WELLSFARGO-4196, US),

Reverse DNS

Software

Resource Hash

ad5c529c601c130fb49941db045b584a4b0854bb8317047c7b94dbc8aa1b6800

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src https: data:; script-src https://.wellsfargo.com https://.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://.wellsfargo.com: https://.wellsfargomedia.com: 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' .wellsfargo.com; connect-src https://.wellsfargo.com https://.wellsfargo.com: https://.appdynamics.com https://.appdynamics.com:* https://.eum-appdynamics.com: 'self' ; manifest-src https://.wellsfargo.com https://.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp, default-src 'none'; font-src https: data:; script-src https://.wellsfargo.com https://.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://.wellsfargo.com: https://.wellsfargomedia.com: 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' .wellsfargo.com; connect-src https://.wellsfargo.com https://.wellsfargo.com: https://.appdynamics.com https://.appdynamics.com:* https://.eum-appdynamics.com: 'self' ; manifest-src https://.wellsfargo.com https://.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1;mode=block, 1; mode=block

Request headers

Referer: https://confirmcard.wellsfargo.com/static/css/main.2db92d0b.chunk.css
Origin: https://confirmcard.wellsfargo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'none'; font-src https: data:; script-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://*.wellsfargo.com:* https://*.wellsfargomedia.com:* 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' *.wellsfargo.com; connect-src https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.appdynamics.com https://*.appdynamics.com:* https://*.eum-appdynamics.com:* 'self' ; manifest-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp, default-src 'none'; font-src https: data:; script-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://*.wellsfargo.com:* https://*.wellsfargomedia.com:* 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' *.wellsfargo.com; connect-src https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.appdynamics.com https://*.appdynamics.com:* https://*.eum-appdynamics.com:* 'self' ; manifest-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubDomains;
X-Content-Type-Options: nosniff, nosniff
Date: Fri, 21 Oct 2022 01:42:11 GMT
Last-Modified: Thu, 15 Sep 2022 19:14:16 GMT
ETag: "0f4f05837c9d81:0"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Security-Policy-report-only: default-src 'none'; font-src https: data:; script-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://*.wellsfargo.com:* https://*.wellsfargomedia.com:* 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' *.wellsfargo.com; connect-src https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.appdynamics.com https://*.appdynamics.com:* https://*.eum-appdynamics.com:* 'self' ; manifest-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp
Content-Type: font/x-woff,charset=utf-8
Cache-Control: no-cache, no-store, max-age=0
Accept-Ranges: bytes
Content-Length: 32032
X-Xss-Protection: 1;mode=block, 1; mode=block
Expires: -1

GET
H/1.1 200
OK adrum-ext.ebf1620b3b847dfbf76f6e109dcacd8e.js Show response
confirmcard.wellsfargo.com/script/ 52 KB
19 KB 214ms
195ms Script
application/javascript 159.45.88.61
WELLSFARGO-4196

General

Check archive.org

Show headers Download Go to

Full URL

https://confirmcard.wellsfargo.com/script/adrum-ext.ebf1620b3b847dfbf76f6e109dcacd8e.js

Requested by

Host: confirmcard.wellsfargo.com
URL: https://confirmcard.wellsfargo.com/script/adrum-latest.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.45.88.61 , United States, ASN4196 (WELLSFARGO-4196, US),

Reverse DNS

Software

Resource Hash

e6245f4a9dc4890e7b2a1fda39dfbc71f7f377c0dbc3f357985b1a045a8072a8

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src https: data:; script-src https://.wellsfargo.com https://.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://.wellsfargo.com: https://.wellsfargomedia.com: 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' .wellsfargo.com; connect-src https://.wellsfargo.com https://.wellsfargo.com: https://.appdynamics.com https://.appdynamics.com:* https://.eum-appdynamics.com: 'self' ; manifest-src https://.wellsfargo.com https://.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp, default-src 'none'; font-src https: data:; script-src https://.wellsfargo.com https://.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://.wellsfargo.com: https://.wellsfargomedia.com: 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' .wellsfargo.com; connect-src https://.wellsfargo.com https://.wellsfargo.com: https://.appdynamics.com https://.appdynamics.com:* https://.eum-appdynamics.com: 'self' ; manifest-src https://.wellsfargo.com https://.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1;mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://confirmcard.wellsfargo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; font-src https: data:; script-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://*.wellsfargo.com:* https://*.wellsfargomedia.com:* 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' *.wellsfargo.com; connect-src https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.appdynamics.com https://*.appdynamics.com:* https://*.eum-appdynamics.com:* 'self' ; manifest-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp, default-src 'none'; font-src https: data:; script-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://*.wellsfargo.com:* https://*.wellsfargomedia.com:* 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' *.wellsfargo.com; connect-src https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.appdynamics.com https://*.appdynamics.com:* https://*.eum-appdynamics.com:* 'self' ; manifest-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload, max-age=63072000; includeSubDomains;
Date: Fri, 21 Oct 2022 01:42:11 GMT
Content-Security-Policy-report-only: default-src 'none'; font-src https: data:; script-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://*.wellsfargo.com:* https://*.wellsfargomedia.com:* 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' *.wellsfargo.com; connect-src https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.appdynamics.com https://*.appdynamics.com:* https://*.eum-appdynamics.com:* 'self' ; manifest-src https://*.wellsfargo.com https://*.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp
Content-Length: 17266
X-Xss-Protection: 1;mode=block, 1; mode=block
Pragma: no-cache
Last-Modified: Thu, 15 Sep 2022 19:14:16 GMT
ETag: "0f4f05837c9d81:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: application/javascript,charset=utf-8
Cache-Control: no-cache, no-store, max-age=0
Accept-Ranges: bytes
Expires: -1

GET
H/1.1 200
OK / Show response
connect.secure.wellsfargo.com/ATADUN/2.2/w/w-642409/init/js/ 533 B
2 KB 429ms
429ms Script
application/javascript 23.213.161.211
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/ATADUN/2.2/w/w-642409/init/js/?q=NDX%3A%25pR%20Z%2Ff%20Q%23%7CG4Pt6k%3F%22%5Dm0V84)F78QVyB%2ByJ%5CoA9vBAq4%3E%3CbDOU!pa4%27MNV%60Lt%7B%27o*ZrA5g%273gG%3De%23LfSDmG0bS%25bU1%60qCQIY-o1%40a.V%2BPO%2BS%2B%7B-)tOF5%22acU%3Eg%7D%24fT9SrOCq%5C!fd.s%26NcL-uH%5Bg%5E%3F%7D7%5DsP%27%7B-jD%3DU%20Sqx%25dn%2FkS%23hLEaU2Q9%26UUK%5CX%2C(L%2B%5B7R%22H%20%20%7DxMM81%3EPp.3I%2C%2F%40JFX_hu1!twelHpo.-%40%2Cn0%40d%5Br(%23V%2CSG%3EmVm%5Ejn7%7D6)Gdq%7B%3B%3DSk%3FY2N%2FiLzal%5C2k.dZ%5CW1df%7B16u%3B53%40JoHd%3C2%5C%22YJoR!mRP%25J%3F4%2F491t2CUSmKjFP0!%25%23f%23.(Y%60S7%244RX9kS3ir%23jX8%24E2f4MfW%3Cds%40gr%2Cfo%2F9WM%3F%3Fc%3D%3B).z61%7C%2B%273x%3F(%26*%3Ey%3E%3Au%3C%27A%5CtU%3Fm-Y%5CiE%2Fw%3C2D%3FrM6p%5EFRiFt94%2Bv%3Fp_X%7Cl%259%60q%2C%23dPm%2ClRAd%2C%26.%7C%60%7C%24a!LQ98%7DQp)G%27%7B%3Fw%3Cq%3C%5DGTr%5D%7CGax15V%3C1AN%3Dx(OJh%5D%24x0sG%3CzKYx%27Q1Z%5DIX%20D%5C28Q%26%2Ca%23sB%20%3D%7C)

Requested by

Host: confirmcard.wellsfargo.com
URL: https://confirmcard.wellsfargo.com/script/adrum-latest.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.213.161.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-213-161-211.deploy.static.akamaitechnologies.com

Software

Resource Hash

70df1214f3104647ec11497d4b94552c6cfe2c682c061c2fd27d4987d6e82cc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://confirmcard.wellsfargo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Fri, 21 Oct 2022 01:42:13 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Vary: Origin,Referer
Access-Control-Allow-Methods: GET, POST
Content-Type: application/javascript
Access-Control-Allow-Origin: https://confirmcard.wellsfargo.com
x-frame-options: SAMEORIGIN
Connection: keep-alive
Content-Length: 533
x-xss-protection: 1; mode=block

POST
H2 200 adrum Show response
pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABN-DDD/ 0
719 B 668ms
204ms XHR
text/html 100.22.16.82

General

Check archive.org

Show headers Download Go to

Full URL

https://pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABN-DDD/adrum

Requested by

Host: confirmcard.wellsfargo.com
URL: https://confirmcard.wellsfargo.com/script/adrum-ext.ebf1620b3b847dfbf76f6e109dcacd8e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

100.22.16.82 -, , ASN (),

Reverse DNS

Software

envoy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://confirmcard.wellsfargo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Oct 2022 01:42:15 GMT
x-content-type-options: nosniff
server: envoy
vary: *
content-type: text/html
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
x-envoy-upstream-service-time: 0
access-control-allow-headers: origin, content-type, accept
expires: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ort.evetest.wellsfargo.com
URL: https://ort.evetest.wellsfargo.com/reporting/csp

Domain: ort.evetest.wellsfargo.com
URL: https://ort.evetest.wellsfargo.com/reporting/csp

Domain: ort.evetest.wellsfargo.com
URL: https://ort.evetest.wellsfargo.com/reporting/csp

Domain: ort.evetest.wellsfargo.com
URL: https://ort.evetest.wellsfargo.com/reporting/csp

Domain: ort.evetest.wellsfargo.com
URL: https://ort.evetest.wellsfargo.com/reporting/csp

Domain: ort.evetest.wellsfargo.com
URL: https://ort.evetest.wellsfargo.com/reporting/csp

Verdicts & Comments Add Verdict or Comment

104 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
confirmcard.wellsfargo.com/	1969-12-31 23:59:59	Name: confirmcard-birm_edelv_bcp_443_infra_2 Value: !/x3cgI8LsOumxgnREughIpHeYkV065HywszWCXDeZr58sa+Bu4/vfIxrJcCBrf7dOrcbVB1UxBdmvFkW5eNlp+ChnQPUoWpEcnK9oXc4iEj+e7LurT1Ermh1TLQxNmI07LL9uv8ecIHvTAJeG4pDDhhB+oSNtYE=
confirmcard.wellsfargo.com/	1969-12-31 23:59:59	Name: confirmcard-birm_edelv_bcp_443_infra_1 Value: !6JFFUXQoiN94tZrREughIpHeYkV06wzdxT8S+kaArd11Bw5FZ0wHN6MXLBm8eyUOUSBQ0SlUZPgy+LMQtfnqrFyxiQ1tHMISTrP0YN10mrvOLJTn73UprhsiWfa4OJNcAwmYLmnPkegjPG9OcXKjHrtH/X8gXaE=
confirmcard.wellsfargo.com/	1970-01-20 06:51:56	Name: SameSite Value: None
confirmcard.wellsfargo.com/	1970-01-20 06:51:56	Name: ADRUM_BTa Value: R%3A35%7Cg%3Ac23d8f02-04d6-40ed-b7b8-e48d5035784c%7Cn%3Awellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7
confirmcard.wellsfargo.com/	1970-01-20 06:51:56	Name: ADRUM_BT1 Value: R%3A35%7Ci%3A8022
confirmcard.wellsfargo.com/	1969-12-31 23:59:59	Name: TS0172029a Value: 0114d6d85c456799e8c87d31f272b1d67e7852c34b1df4cbecc4dc5c8fbf313d5bf5c2c66344f75a7bef379a09cec1d064b3bd5cc6e62250934540c25c17a19322939e19b2f32bc6da335c803ba7444eea876a5fe767322d013f673f3c28b8358deaea7380781f2154988a1d1c188bdca09fe73741
connect.secure.wellsfargo.com/	1970-01-20 06:51:56	Name: ADRUM_BTa Value: R:35\|g:d92f4387-aa5d-4e61-8aab-c46711e3187e\|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7
connect.secure.wellsfargo.com/	1970-01-20 06:51:56	Name: SameSite Value: None
connect.secure.wellsfargo.com/	1970-01-20 06:51:56	Name: ADRUM_BT1 Value: R:35\|i:303100\|e:3
.connect.secure.wellsfargo.com/	1970-01-20 06:52:03	Name: ISD_AB_COOKIE Value: A
.wellsfargo.com/	1970-01-20 15:37:32	Name: ndcd Value: wc1.1.w-729460.1.2.vYRJTRYQ-x4bJBteZ8SUGw%252C%252C.klei1DVuz01pHFP_LZVzCI9IqYHDLJ9YU0g6iiSmSvFm6zCkVLE-j7Rmwk3HBdmIQNb7eFXlCIeLquFoXjbNfV6tIfAavEmPXPNCjdfI5KOKV-eUsZk8cinfszZad9EJ2NFFget5YyCF1PnmFuyThgNK6O7ziWQnCU-uAOUeVNXhGsBrVpMkRnOXvFfLIdPL
.connect.secure.wellsfargo.com/	1970-01-20 06:51:57	Name: DCID Value: mIReh%2fBehf09vwP5pw7Cgb7eg2yGvtieU2fXL2ZTy3dngkG3qGVkM%2fgwi1cFtbhe

16 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src https://.wellsfargo.com https://.wellsfargo.com:* 'self'".
security	error	URL: https://confirmcard.wellsfargo.com/ Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src https://.wellsfargo.com https://.wellsfargo.com:* 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-caMN8rBA1Sczw/CejnZcMBj9AUqwK+NKaBSRbgIKBng='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://confirmcard.wellsfargo.com/ Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src https://.wellsfargo.com https://.wellsfargo.com:* 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-caMN8rBA1Sczw/CejnZcMBj9AUqwK+NKaBSRbgIKBng='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://confirmcard.wellsfargo.com/ Message: [Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src https://.wellsfargo.com https://.wellsfargo.com:* 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-caMN8rBA1Sczw/CejnZcMBj9AUqwK+NKaBSRbgIKBng='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://confirmcard.wellsfargo.com/(Line 18) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src https://.wellsfargo.com https://.wellsfargo.com:* 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-RHu4ukCPgZZmXOfznGUmM90Qdbf/ntjQYVTA47MCrf4='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://confirmcard.wellsfargo.com/(Line 18) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src https://.wellsfargo.com https://.wellsfargo.com:* 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-RHu4ukCPgZZmXOfznGUmM90Qdbf/ntjQYVTA47MCrf4='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://confirmcard.wellsfargo.com/(Line 18) Message: [Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src https://.wellsfargo.com https://.wellsfargo.com:* 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-RHu4ukCPgZZmXOfznGUmM90Qdbf/ntjQYVTA47MCrf4='), or a nonce ('nonce-...') is required to enable inline execution.
network	error	URL: https://ort.evetest.wellsfargo.com/my.policy Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://ort.evetest.wellsfargo.com/my.policy Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://ort.evetest.wellsfargo.com/my.policy Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://ort.evetest.wellsfargo.com/my.policy Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://ort.evetest.wellsfargo.com/my.policy Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://ort.evetest.wellsfargo.com/my.policy Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://confirmcard.wellsfargo.com/static/media/WellsFargoSans_SBd.14f9aeb5.otf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://confirmcard.wellsfargo.com/static/media/WellsFargoSans_Rg.0fa8f797.otf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://confirmcard.wellsfargo.com/static/media/WellsFargoSerif_Rg.1307bad2.otf Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'none'; font-src https: data:; script-src https://.wellsfargo.com https://.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://.wellsfargo.com: https://.wellsfargomedia.com: 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' .wellsfargo.com; connect-src https://.wellsfargo.com https://.wellsfargo.com: https://.appdynamics.com https://.appdynamics.com:* https://.eum-appdynamics.com: 'self' ; manifest-src https://.wellsfargo.com https://.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp default-src 'none'; font-src https: data:; script-src https://.wellsfargo.com https://.wellsfargo.com:* 'self'; img-src https: data: blob:; style-src https://.wellsfargo.com: https://.wellsfargomedia.com: 'self' 'unsafe-inline'; object-src 'none'; base-uri 'none'; frame-ancestors 'self' .wellsfargo.com; connect-src https://.wellsfargo.com https://.wellsfargo.com: https://.appdynamics.com https://.appdynamics.com:* https://.eum-appdynamics.com: 'self' ; manifest-src https://.wellsfargo.com https://.wellsfargo.com:* 'self' ;form-action 'none'; report-uri https://ort.evetest.wellsfargo.com/reporting/csp
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1;mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

confirmcard.wellsfargo.com
connect.secure.wellsfargo.com
ort.evetest.wellsfargo.com
pdx-col.eum-appdynamics.com
ort.evetest.wellsfargo.com
100.22.16.82
159.45.88.61
23.213.161.211
15f651b3112a7c236748e50cf09ca65f89d95101d2bdb8aba6ee14b88e393c08
178500e4966aa916264480d83ed5def33333cc703ea7e1de1009e057df8eea0d
17aa1de3ab95d4b5318bb278a0066b8697df7c3dcc74efea947cb4b13119820a
1b6ed47900ccab396eb193e8e9805fe6e708ec1e28366f17885dc188576d63a8
267d09b20ea01ac32b4806b0f10b61e0e2087fd3744c9916ac71d4674429314b
2c7604cae45c229be28a382f14cf37d475227fcfee3582d8dc08bb4c86527720
49306ebc5e31624d95ca16e0be08e32a73d163498e648a926e25f15027d9f5d6
49d7a7ce363727ef00f5089ef73567fa86d3c1dc318c5199f4cef16885ba4854
666759bf619692c48a0e725fe30236b8c747fa681b63c8f2963d8634745b126b
70df1214f3104647ec11497d4b94552c6cfe2c682c061c2fd27d4987d6e82cc9
9356302bb3a91c0bfa69663ab57a0c71b08fa3c47aa12ebd33cdc85d7a771897
9a5d74a25927e02f8c00827181b51c7ed100b6c3d6656e8924d04efb6eb3cfe2
ab38621e55b805d723875e4a55075df51d8d456f6cb5311a6d280decc5b3cf96
ad5c529c601c130fb49941db045b584a4b0854bb8317047c7b94dbc8aa1b6800
c6ff187a26f683c14b53fba26964ff0c295b7e640c06b0889be8f50b781ec356
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6245f4a9dc4890e7b2a1fda39dfbc71f7f377c0dbc3f357985b1a045a8072a8
ec55d9f713e15dd2f74af09a2df8419c4d65aed9bca5533b94f647dc4c502f2e
edbc244d63fc9a59c97ad9c6965ca2f5d4ce3dc60d8afb5395a4d303ae156a0c
f4414dd69af578ae1cc99baa9daea73de231e9c85eeb684546b4b24d5cc2fbae
fedcfb8e2f0b7c29240f138dcfb5d5e5d06f6d7c73bf724aa9a49b39ff349295

confirmcard.wellsfargo.com Open in urlscan Pro 159.45.88.61 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

27 Requests

78 %HTTPS

0 %IPv6

2 Domains

4 Subdomains

4 IPs

2 Countries

729 kBTransfer

1448 kBSize

12 Cookies

10 Outgoing links

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

104 JavaScript Global Variables

12 Cookies

16 Console Messages

Security Headers

Indicators

confirmcard.wellsfargo.com Open in urlscan Pro
159.45.88.61 Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

78 %
HTTPS

0 %
IPv6

2
Domains

4
Subdomains

4
IPs

2
Countries

729 kB
Transfer

1448 kB
Size

12
Cookies

27 HTTP transactions
3 data transactions