Report - zitic.duckdns.org/v/www.wellsfargo.com/mortgage/rates/customize-v2/

Report Overview

Submitted URL
zitic.duckdns.org/v/www.wellsfargo.com/mortgage/rates/customize-v2/
IP
54.224.73.73
ASN
#14618 AMAZON-AES
Submitted
2022-10-06 10:49:42
Access
Website Title
Final URL
Tags
None
urlquery detections
DynDNS domain detected

Detections

urlquery
4
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
www.wellsfargo.com	10586	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	7.9 kB	985 kB	159.45.170.145
www15.wellsfargomedia.com	20573	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	473 B	23 kB	96.6.19.156
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	328 B	963 B	172.64.155.188
cdn.schemaapp.com	12078	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.8 kB	23 kB	54.230.111.2
tag-wellsfargo.nod-glb.nuance.com	25312	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	15 kB	18 kB	8.39.193.5
edge.adobedc.net	8934	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	1.3 kB	15.236.176.210
static.wellsfargo.com	12306	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	12 kB	484 kB	159.45.2.178
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.9 kB	8.8 kB	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	52.89.255.30
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	57 kB	34.120.237.76
data.schemaapp.com	11806	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	1.3 kB	54.230.111.129
rubicon.wellsfargo.com	11786	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	553 B	1.0 kB	23.36.79.18
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	54.230.111.7
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	54.230.111.7
www17.wellsfargomedia.com	76964	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	7.0 kB	103 kB	104.110.27.78
resources.digital-cloud-prem.medallia.com	21249	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	434 B	2.2 kB	151.101.85.230
udc-neb.kampyle.com	3039	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.6 kB	1.5 kB	35.241.45.82
media-wellsfargo.nod-glb.nuance.com	28807	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.2 kB	269 kB	8.39.193.5
zitic.duckdns.org	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.9 kB	27 kB	54.224.73.73
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
www04.wellsfargomedia.com	54757	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	424 B	1.2 kB	104.110.5.8
www01.wellsfargomedia.com	20259	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	836 B	4.2 kB	104.110.5.8
col.eum-appdynamics.com	2199	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	403 B	972 B	44.238.69.235
pdx-col.eum-appdynamics.com	4816	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	908 B	138 kB	44.241.22.20
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.77.32

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-10-05	medium	zitic.duckdns.org/v/www.wellsfargo.com/mortgage/rates/customize-v2/	Wells Fargo & Company

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-10-06	medium	zitic.duckdns.org/v/www.wellsfargo.com/mortgage/rates/customize-v2/	Phishing
2022-10-06	medium	zitic.duckdns.org/v/static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js	Phishing
2022-10-06	medium	zitic.duckdns.org/as/global/session-reset	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (57)

	URL	Size	First Seen	Last Seen
	static.wellsfargo.com/tracking/main/utag.384.js?utv=ut4.48.202208101746	30 kB	2023-03-07	2023-03-17
Pretty URL static.wellsfargo.com/tracking/main/utag.384.js?utv=ut4.48.202208101746 IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2023-03-17 09:43:24 Times Seen1 Hash ec515d2e0f8c06d5ce0a340cd3797fd4 7835986cd764c52d1ca821917fca951cb3081af7 cc86fbdc1bc9b57a54d136018fd8ec9006c062e65f944b4c51c90f1762986bf7 Loading...

	static.wellsfargo.com/tracking/alloy/alloy.js	77 kB	2023-03-07	2024-04-08
Pretty URL static.wellsfargo.com/tracking/alloy/alloy.js IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2024-04-08 03:26:09 Times Seen87 Hash dd67ef7bf5d168e7123d934cfd21ac80 eb66ab8b5ed10640c50c460c271be086f63e0ffb 5466d536089d3af772430020c62a83dc680cd9169200840742e51181ba81fd75 Loading...

	www.wellsfargo.com/js/frameworks/slick01.js	63 kB	2023-03-08	2024-04-24
Pretty URL www.wellsfargo.com/js/frameworks/slick01.js IP 159.45.170.145 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:03:38 Last Seen2024-04-24 01:46:25 Times Seen36 Hash 0c8184819332ec4f72f81aaf7e225ae2 4e0dc10b41812b30f74e2b183e19966a525de6a2 11dea6f8a3c56ae01aeff3bd061c0b746ddf9297258c2d18c86481b3a3c10b64 Loading...

	www.wellsfargo.com/js/global/global.js	230 kB	2023-03-08	2023-03-08
Pretty URL www.wellsfargo.com/js/global/global.js IP 159.45.170.145 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:03:23 Last Seen2023-03-08 08:14:13 Times Seen1 Hash a6d222867ebc1b0e6a57eddc8bd7418b be0c5877af0cf33abf8de5c793935c7c94c5fe7e 77d1d5f3d877905d3f0f5a434b77be2e3cf34887e0022ad9cae1b5d39150f827 Loading...

	cdn.schemaapp.com/javascript/schemaFunctions.min.js	1.7 kB	2023-03-07	2023-03-17
Pretty URL cdn.schemaapp.com/javascript/schemaFunctions.min.js IP 54.230.111.2 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2023-03-17 09:43:25 Times Seen1 Hash fa714262345ea0338a058d93199f56ed 81c3f8901938669975ad01a3ae3e4b0156de6a2f fe7b9f29a6a10cc36627e652af40af6381e2900f87eba0d348a8ef92f66ebd89 Loading...

	static.wellsfargo.com/assets/js/wfui/ndep/js/nuan-c2c.js	23 kB	2023-03-07	2023-06-29
Pretty URL static.wellsfargo.com/assets/js/wfui/ndep/js/nuan-c2c.js IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2023-06-29 15:24:08 Times Seen72 Hash f320653366aae1336b9a1c0547ea97b9 8c87c242b3bf13c2558679bd936123a5e6069da5 e02ff12dc676cc581ade44548d917c7df10e14c6a7b6373dbf1b67a7b352108a Loading...

	zitic.duckdns.org/v/www.wellsfargo.com/mortgage/rates/customize-v2/	152 B	2023-03-08	2024-04-24
Pretty URL zitic.duckdns.org/v/www.wellsfargo.com/mortgage/rates/customize-v2/ IP 54.224.73.73 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:03:38 Last Seen2024-04-24 01:46:24 Times Seen29 Hash afa56f934ec858025328b1699356dd02 d1f72151b21676534d5d063a45b6629aa105dfcb ebea6e5e1db6eb572f25ff1cda99007a155c362d69ac3f70da13086d96a1effe Loading...

	static.wellsfargo.com/tracking/main/utag.471.js?utv=ut4.48.202209271731	6.7 kB	2023-03-08	2023-05-21
Pretty URL static.wellsfargo.com/tracking/main/utag.471.js?utv=ut4.48.202209271731 IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:03:23 Last Seen2023-05-21 08:37:02 Times Seen76 Hash 36ebda59de9fa37cbea1f48593d20eb1 e175622005a38183dd0c33deb423a1fb02d2ba5e d257a14d93cafce44ecdb34393fadbe76117819c7de517aff08925cfee9bfbf4 Loading...

	zitic.duckdns.org/v/www.wellsfargo.com/mortgage/rates/customize-v2/	120 B	2023-03-08	2023-03-08
Pretty URL zitic.duckdns.org/v/www.wellsfargo.com/mortgage/rates/customize-v2/ IP 54.224.73.73 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 07:07:21 Last Seen2023-03-08 07:14:48 Times Seen1 Hash 0fb120a2d474dc0dbd46925f7958d96a 672331837d2bb7120fb4bb6c2853141359a68079 2159a2f3ddb53b5fec790f037ddeea4097fa1011127a0401f14e58351c548006 Loading...

	static.wellsfargo.com/tracking/main/utag.413.js?utv=ut4.48.202207272202	3.0 kB	2023-03-07	2024-04-08
Pretty URL static.wellsfargo.com/tracking/main/utag.413.js?utv=ut4.48.202207272202 IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2024-04-08 03:26:08 Times Seen82 Hash 6aedb7426c48b548874c016faf3f6e24 e3e8420bd3e75e7e6319a3f00a8c2aff6e33961a 8221ff8f89f7c212ab6cb02b5edf294ca06322a313ccd0fa8f5d17356cb07d88 Loading...

	static.wellsfargo.com/tracking/medallia/wdcusprem/57907/onsite/generic1649789670809.js	359 kB	2023-03-07	2023-03-08
Pretty URL static.wellsfargo.com/tracking/medallia/wdcusprem/57907/onsite/generic1649789670809.js IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2023-03-08 08:37:51 Times Seen1 Hash 715c89a07de4ffd82947e57d0809a2b4 ab6c19329d498be0888af0974e9b8b5df583a13a c73ee926afebcfb5d8f974cd1f3f595e18298a724b7ed41ebf564414fed6d6d7 Loading...

	media-wellsfargo.nod-glb.nuance.com/media/launch/site_10006005_default_helper.js?codeVersion=1664936708888	448 kB	2023-03-08	2023-03-08
Pretty URL media-wellsfargo.nod-glb.nuance.com/media/launch/site_10006005_default_helper.js?codeVersion=1664936708888 IP 8.39.193.5 ASN #54396 NUANCE-MOBILITY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:03:52 Last Seen2023-03-08 08:13:26 Times Seen1 Hash 6e366abf8e8b895741169e8cb7ca0d36 fe72dbbe34789ebb95a8ee4c31605127fbc9bf16 d629969a3cdc29b3dbc95116d44b04c1d4d3bb4448f7775e5719f74426f4bcab Loading...

	media-wellsfargo.nod-glb.nuance.com/media/launch/site_10006005_default_jssdk.js?codeVersion=1664936708888	145 kB	2023-03-08	2023-03-08
Pretty URL media-wellsfargo.nod-glb.nuance.com/media/launch/site_10006005_default_jssdk.js?codeVersion=1664936708888 IP 8.39.193.5 ASN #54396 NUANCE-MOBILITY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:03:52 Last Seen2023-03-08 08:13:26 Times Seen1 Hash 3fef62da82bb057e35f9fa1c5deae5fd a9429641c317311e7aa7c907987deae6bbd71789 ddf307fb9b8f55dd387f9146d421befdebf8106c3d0d884d5d856754007ba77f Loading...

	www.wellsfargo.com/js/vendor/jquery.min.js	98 kB	2023-03-07	2024-04-24
Pretty URL www.wellsfargo.com/js/vendor/jquery.min.js IP 159.45.170.145 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:17 Last Seen2024-04-24 01:46:25 Times Seen144 Hash d49f5bd057488231fdcc675e2fe9f568 c81be8cda5beab5bd767a63bee8aafc08e037ce4 3c536cede8c67b4bda531f82b77f3678e52026398492010245d3870c87a1623e Loading...

	zitic.duckdns.org/v/www.wellsfargo.com/mortgage/rates/customize-v2/	1.2 kB	2023-03-08	2023-03-08
Pretty URL zitic.duckdns.org/v/www.wellsfargo.com/mortgage/rates/customize-v2/ IP 54.224.73.73 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:03:52 Last Seen2023-03-08 08:13:26 Times Seen1 Hash f44c7fab129a766c3bb64da48883981d 92442db80268741d9227fcf9f820d0d146d3fb28 97806b8f94d73ed3f62519ca7910519621c0f0e3900b06fb7331d3b1e13e38a0 Loading...

	zitic.duckdns.org/v/www.wellsfargo.com/mortgage/rates/customize-v2/	968 B	2023-03-08	2023-03-08
Pretty URL zitic.duckdns.org/v/www.wellsfargo.com/mortgage/rates/customize-v2/ IP 54.224.73.73 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 07:14:48 Last Seen2023-03-08 07:14:48 Times Seen1 Hash f6edaddea3167725449471585f028f39 08ba5487007c32ed5b3bd931687d170545fd7f18 b7e3342656feb59b93fa77ba5598f1178f7280fb42a874f325e1156dcc97b27a Loading...

	static.wellsfargo.com/tracking/main/utag.225.js?utv=ut4.48.202208301942	16 kB	2023-03-07	2023-05-21
Pretty URL static.wellsfargo.com/tracking/main/utag.225.js?utv=ut4.48.202208301942 IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2023-05-21 08:37:02 Times Seen79 Hash ede450a69bfad8ba8be6c09afec643d9 525ca9fbebba307f6a5d5c4c8ab2a3ba9afa70c2 d4c3ac2df676fc3c4c0662d5635b8078cbea41051632004adeee5e17ba9337b8 Loading...

	static.wellsfargo.com/tracking/main/utag.328.js?utv=ut4.48.202207272202	17 kB	2023-03-07	2024-04-08
Pretty URL static.wellsfargo.com/tracking/main/utag.328.js?utv=ut4.48.202207272202 IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2024-04-08 03:26:08 Times Seen87 Hash f8ed7a36884e442c03847e482647b8e1 bae9cc143bf67dfeb1a99270b8f82666290b98c2 a69e6fb58df72540553b75552e4721c8e1d57086789f1d0a84c1bf49db0b1956 Loading...

	static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js	45 kB	2023-03-07	2024-04-08
Pretty URL static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-08 03:26:09 Times Seen4864 Hash 5f310e2e2a558d76b916e137aee73462 c7ff0190c9c2c414321211f3863e9e27f32b713e 385196f0fce7cea80c2c99d971780ecb73df9dea6e5b2d95d19df3aa849c7b1f Loading...

	zitic.duckdns.org/v/www.wellsfargo.com/mortgage/rates/customize-v2/	387 B	2023-03-08	2023-03-08
Pretty URL zitic.duckdns.org/v/www.wellsfargo.com/mortgage/rates/customize-v2/ IP 54.224.73.73 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 07:07:21 Last Seen2023-03-08 07:14:48 Times Seen1 Hash 9e95a5f2c9ce4da9be7e898802e8a068 ba14463e174c4c2d981b56f76cdd9ad1ba394a76 443aa29453bfed74d474059a3e6d16ee24291cef5ef716ed06630a4faca6878d Loading...

	www.wellsfargo.com/js/widgets/ui/rates-solution/js/wfui.chunk.js	928 kB	2023-03-08	2023-03-08
Pretty URL www.wellsfargo.com/js/widgets/ui/rates-solution/js/wfui.chunk.js IP 159.45.170.145 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 07:07:21 Last Seen2023-03-08 07:14:48 Times Seen1 Hash fe72e32b39d916856c59057db0f9bffc 7d141788ad711a2d0ef2f6659109a17a01f7d009 b12e5b795d0718de47f8c1bc431c9a6dda5e958b3067d07eaacae9bfb6995542 Loading...

	cdn.schemaapp.com/javascript/highlight.js	32 kB	2023-03-07	2023-03-10
Pretty URL cdn.schemaapp.com/javascript/highlight.js IP 54.230.111.2 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:20:47 Last Seen2023-03-10 11:24:14 Times Seen1 Hash a75cfd2d41ac714329a4fc6895bb082d fc0712f2a046bebe006eb92279383b4f659b6b64 6f7298ad8b3f1b09f9454047ef159a3c943b93adbf93dce07a76a1152b76f136 Loading...

	static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js	32 kB	2023-03-07	2023-11-04
Pretty URL static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2023-11-04 00:29:39 Times Seen29 Hash 162100f507af8b50f1406bf3fc405ce5 cf0a2bf9b914710962e0dd7899b93ba5ceb5134d e9a598a5cc23c24a8ecc364ed7413961e416f5e9ec3df513ad9a12cda625a279 Loading...

	www.wellsfargo.com/js/shared/media-player-custom.js	4.3 kB	2023-03-07	2023-03-08
Pretty URL www.wellsfargo.com/js/shared/media-player-custom.js IP 159.45.170.145 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2023-03-08 08:37:51 Times Seen1 Hash 450744f087d3aa87a28395c107742acc c8a3e69e3b1287f65b72b9de8a553d4f309d4d99 cde7904316679ef5aa42b66a914d46fdae6d0e07d11bbc28f2dcb3a64012cdd6 Loading...

	media-wellsfargo.nod-glb.nuance.com/media/launch/sdkChatLoader.min.js?codeVersion=1664936708888	7.1 kB	2023-03-07	2024-03-28
Pretty URL media-wellsfargo.nod-glb.nuance.com/media/launch/sdkChatLoader.min.js?codeVersion=1664936708888 IP 8.39.193.5 ASN #54396 NUANCE-MOBILITY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-03-28 17:44:18 Times Seen68 Hash 91a3833ccffbae0b31a6cca516216880 9284e1bb265d09e17e10407f280072b9d938bec5 182475449b1dc308c4d183fe50d348ab2f4e882aac99c0945762629c9fe65f9d Loading...

	static.wellsfargo.com/tracking/ga/gtag.js?id=UA-107148943-1	117 kB	2023-03-07	2023-03-26
Pretty URL static.wellsfargo.com/tracking/ga/gtag.js?id=UA-107148943-1 IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2023-03-26 09:22:04 Times Seen2 Hash 17324c64926790e7068528ee285677e0 5f7c9d7694dfa9e92d5ae871cb0ea0cc5b4776c3 79f666407709e82d49c80fc330a5a34952fc56f30de257ccc3ae432d87c6fedc Loading...

	static.wellsfargo.com/tracking/main/utag.166.js?utv=ut4.48.202208100004	15 kB	2023-03-07	2023-05-21
Pretty URL static.wellsfargo.com/tracking/main/utag.166.js?utv=ut4.48.202208100004 IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2023-05-21 08:37:02 Times Seen79 Hash 80f41e3e9de3719de7b98e3fd6e0f727 70d1b9891e6f319b0f3f29adbc2832f493ac3b61 cb1b454a046f8f46ee3e5ea389d3648e46bf0973db9f61faa2724162ef850b03 Loading...

	static.wellsfargo.com/tracking/main/utag.397.js?utv=ut4.48.202209192301	10 kB	2023-03-08	2023-03-08
Pretty URL static.wellsfargo.com/tracking/main/utag.397.js?utv=ut4.48.202209192301 IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:03:23 Last Seen2023-03-08 07:42:42 Times Seen1 Hash 0e0ff10ca293ac96202da292e0f05087 d89bbbba6a1faef3d7cc06be60bcff48ec6ee9b3 52def0dd339c631d8a4fe5320c61e38ce6f8239d0d290725e7780aac112b3d46 Loading...

	zitic.duckdns.org/v/static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js	2.0 kB	2023-03-07	2024-04-08
Pretty URL zitic.duckdns.org/v/static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js IP 54.224.73.73 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-08 03:26:08 Times Seen4778 Hash e7cf4c458b327ab7ed31e0936ccd404f 970bf05073f91ad6b8f21521f7c9886f71f2af1d 52b687a685d2239142be0db5335c5710951ba8c2b39a44431a40f156b4d9312d Loading...

	zitic.duckdns.org/v/www.wellsfargo.com/mortgage/rates/customize-v2/	67 B	2023-03-08	2023-03-08
Pretty URL zitic.duckdns.org/v/www.wellsfargo.com/mortgage/rates/customize-v2/ IP 54.224.73.73 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:03:38 Last Seen2023-03-08 08:37:51 Times Seen1 Hash 0e9c3fb282a3102bbc12edc089f21223 0638c5489670be5aac1dee3ffe5bdde31a260c9b 9af7f6ee055e1a99fcbcb6247d08c3c2544e6bc091501f8bb3685aac98f7773e Loading...

	unknown	0 B	2023-03-07	2024-04-24
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-24 04:54:35 Times Seen37030599 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	static.wellsfargo.com/tracking/main/utag.319.js?utv=ut4.48.202209142209	7.0 kB	2023-03-08	2023-03-29
Pretty URL static.wellsfargo.com/tracking/main/utag.319.js?utv=ut4.48.202209142209 IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:03:23 Last Seen2023-03-29 22:00:36 Times Seen47 Hash 3193265899115fcee583c2662559f250 22d60605121c7dc621b04edb46f2539d98fdcf9c 2e8b86b25ab5fb19b62a69f5ca7bb0f242136e3883b688670595ba896b7e53c8 Loading...

	zitic.duckdns.org/v/www.wellsfargo.com/mortgage/rates/customize-v2/	252 B	2023-03-07	2024-04-24
Pretty URL zitic.duckdns.org/v/www.wellsfargo.com/mortgage/rates/customize-v2/ IP 54.224.73.73 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-24 01:46:25 Times Seen2499 Hash 4f6526fc5cfbf8f77c674e5cb40c36d6 94bb860d263ab388eea733a7a0e7fc00717d0637 06249a30772721e1f681be4a0d74c05a58b36a266c273eafdbe86ebcca83aabc Loading...

	www.wellsfargo.com/js/frameworks/jq/jquery-ui.js	339 kB	2023-03-07	2023-05-21
Pretty URL www.wellsfargo.com/js/frameworks/jq/jquery-ui.js IP 159.45.170.145 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2023-05-21 08:37:02 Times Seen9 Hash 9726560d23e8100d33456702719491d1 1c64bfa8088fc04d7b6633a3479cb57ec9969d3a d65fdc6b62a5f7a8a9cbc7a756b75ed80b81cf828295d507aeec9878e908ad4d Loading...

	www.wellsfargo.com/js/widgets/ui/rates-solution/js/main.chunk.js	286 kB	2023-03-08	2023-03-08
Pretty URL www.wellsfargo.com/js/widgets/ui/rates-solution/js/main.chunk.js IP 159.45.170.145 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 07:07:21 Last Seen2023-03-08 07:14:48 Times Seen1 Hash 6fda27c8c88c00e477a79b6f88369f48 d89b672c987da7f460e811e317b7a44bd56a312c 70e0a2d5ac8aee6b7aa3bdfa35d76f6eac864acccc97e696c97810e23c57ed6b Loading...

	static.wellsfargo.com/tracking/main/utag.379.js?utv=ut4.48.202207272202	2.2 kB	2023-03-07	2024-04-08
Pretty URL static.wellsfargo.com/tracking/main/utag.379.js?utv=ut4.48.202207272202 IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2024-04-08 03:26:08 Times Seen84 Hash f4d859c7b49fa343d9c8b25c689d837e c571cf8c4aa455cd656785571a398b03bda70254 49e726aa41e4128560776f794aeae8f9648b7045769cf240ab3ff4f5d002d529 Loading...

	static.wellsfargo.com/tracking/main/utag.403.js?utv=ut4.48.202104051735	2.6 kB	2023-03-07	2023-05-21
Pretty URL static.wellsfargo.com/tracking/main/utag.403.js?utv=ut4.48.202104051735 IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2023-05-21 08:37:02 Times Seen74 Hash 211205c31f696e1bb7eee132a746fa45 f97ced5d992cf340c530a244639eb581d0767965 0cb89661317d3e3c5072364afb0da53fc3d43bb5edf3ac43327b1a57f993a251 Loading...

	static.wellsfargo.com/assets/js/wfui/ndep/js/nuan_websdk_bootstrap.js	66 kB	2023-03-07	2023-03-17
Pretty URL static.wellsfargo.com/assets/js/wfui/ndep/js/nuan_websdk_bootstrap.js IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2023-03-17 11:41:13 Times Seen1 Hash 831557d9711fd36924ae1bfac5a7a7db 9d6a6b34a82a1e4f27f610b460c9e33c102da9de b16b31f2f8e681a5909e23a5508af022a3744b365d9077bea964d728e28929a3 Loading...

	static.wellsfargo.com/tracking/medallia/wdcusprem/57907/onsite/medallia-digital-embed.js	2.4 kB	2023-03-07	2023-03-17
Pretty URL static.wellsfargo.com/tracking/medallia/wdcusprem/57907/onsite/medallia-digital-embed.js IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2023-03-17 09:43:25 Times Seen1 Hash 3e75b97d91e2ac07972bd84b4b260fdc 003e8e223077086f1d634da73000252f1b724672 c6b012226d1f061a86a7a176fae93e55d7976d97afad14aa805aa3f5df2cb221 Loading...

	tag-wellsfargo.nod-glb.nuance.com/tagserver/postToServer.min.htm?siteID=10006005&codeVersion=1664936708888	21 kB	2023-03-07	2023-07-06
Pretty URL tag-wellsfargo.nod-glb.nuance.com/tagserver/postToServer.min.htm?siteID=10006005&codeVersion=1664936708888 IP 8.39.193.5 ASN #54396 NUANCE-MOBILITY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:04 Last Seen2023-07-06 01:44:31 Times Seen101 Hash ceff19d6f6c2b1a641348fe75922e31d 0f49f9408d2499018f89a9c651dbeb869120ae64 7455230adb5d30b14d3ce23c11e2937451ce1eecb55a592703bbcd2044711cea Loading...

	static.wellsfargo.com/tracking/main/utag.117.js?utv=ut4.48.202112070053	8.6 kB	2023-03-07	2024-04-08
Pretty URL static.wellsfargo.com/tracking/main/utag.117.js?utv=ut4.48.202112070053 IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2024-04-08 03:26:08 Times Seen81 Hash ca611e1ad5ce488baf7e687e039008f9 2152db6945b63d78a718aa87e1f1ccea350b8809 0abd344691477db2ac8e91cf0ce28160bad6b8b4ba6d192dfc000bb2e63f83e4 Loading...

	static.wellsfargo.com/tracking/main/utag.249.js?utv=ut4.48.202103111723	4.9 kB	2023-03-07	2024-04-08
Pretty URL static.wellsfargo.com/tracking/main/utag.249.js?utv=ut4.48.202103111723 IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2024-04-08 03:26:08 Times Seen70 Hash 373195f42e45544150714cf15c2e1b6b 628200927b2b0f9125cf9e2f59e134ea0c00b55c a846aca7c9641d8d211b69b9f63c5c394eba8a53b27a75f5bdea3dc09a3284db Loading...

	static.wellsfargo.com/tracking/main/utag.129.js?utv=ut4.48.202207272202	15 kB	2023-03-07	2024-04-08
Pretty URL static.wellsfargo.com/tracking/main/utag.129.js?utv=ut4.48.202207272202 IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2024-04-08 03:26:08 Times Seen85 Hash 479fee1497e8ed53fe632cd4110af660 42ff77f5fe23ac8aff0d4837f9e5cb0fb8a918c0 00153616bcd7e705949fa43e3573c41b7808dfe57255d1dcc42e24c4dad5efa8 Loading...

	tag-wellsfargo.nod-glb.nuance.com/tagserver/frame-bridge.js	27 kB	2023-03-07	2023-03-17
Pretty URL tag-wellsfargo.nod-glb.nuance.com/tagserver/frame-bridge.js IP 8.39.193.5 ASN #54396 NUANCE-MOBILITY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2023-03-17 11:41:13 Times Seen1 Hash faff7d5f8cd278071e80b18f7373e6b2 bf32efcdf7df36e1c599b5949a83e343f05b84a0 78af5f0e3b33e451cd20e506a2ae37053a3774c4bcdd1e4f0f505331bb033a72 Loading...

	tag-wellsfargo.nod-glb.nuance.com/chatskins/launch/inqChatLaunch10006005.js?chatVersion=sdk	5.2 kB	2023-03-08	2023-03-08
Pretty URL tag-wellsfargo.nod-glb.nuance.com/chatskins/launch/inqChatLaunch10006005.js?chatVersion=sdk IP 8.39.193.5 ASN #54396 NUANCE-MOBILITY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:03:52 Last Seen2023-03-08 08:13:26 Times Seen1 Hash b7d1186d5d738052b8b32ea68ba13c8e 434c9ef7d5539e5ec0a90929b4b8bfe6c836b92e df1e680de5aec6795bd73f1276e838a8b468e34e9dc9996c50c97a24ba8ac5e0 Loading...

	static.wellsfargo.com/assets/js/wfui/container/wfui-container-top.js	48 kB	2023-03-07	2023-05-21
Pretty URL static.wellsfargo.com/assets/js/wfui/container/wfui-container-top.js IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:04 Last Seen2023-05-21 08:37:02 Times Seen11 Hash adc6bafd6d346973c15f80f542fa008f ec1f94d5fe65f25d7119488ffc067446b7af82b9 7a17bf7ddc09f705c34b0bdefe2a12142ae1702bf904a731f48cd4652c1036eb Loading...

	www.wellsfargo.com/js/vendor/video.js	420 kB	2023-03-07	2023-03-08
Pretty URL www.wellsfargo.com/js/vendor/video.js IP 159.45.170.145 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2023-03-08 08:13:26 Times Seen1 Hash efce68f045d0687df715b0ec9634accf 1b15d7dba57fed7ca7f041ea15d87f6d709a4458 d94e88dfb3c418dc2d7f7f4464faed1788ecc8407ef1694d824330279262b834 Loading...

	static.wellsfargo.com/tracking/main/utag.136.js?utv=ut4.48.202208102110	56 kB	2023-03-07	2023-04-20
Pretty URL static.wellsfargo.com/tracking/main/utag.136.js?utv=ut4.48.202208102110 IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2023-04-20 19:47:50 Times Seen62 Hash 41191acbeb53131c44ad4b17b97622cf 051e9ef1d5f33662109b4d4cfc253edaebf9f3aa eaeccba3d96e1fe1f6a600ab5b9ebb2dc6bf06cac27ce733ce5b74bf3c85887f Loading...

	static.wellsfargo.com/tracking/gb/detector-dom.min.js	440 kB	2023-03-08	2023-04-13
Pretty URL static.wellsfargo.com/tracking/gb/detector-dom.min.js IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:19:07 Last Seen2023-04-13 08:50:50 Times Seen267 Hash d980391562cb88335867228eb62355e0 ee7af0c08ee43ff66f6bba09c08852f7b3859a42 313c07f6e4facc5730db27563c4aeaad1a86126333d448e47c7b29adb1f806fd Loading...

	static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js	48 kB	2023-03-07	2024-04-08
Pretty URL static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-08 03:26:09 Times Seen4875 Hash aeccb854b0a76aa9f478e466c8011b29 625d31cbeb8978cf2419f58d14bba92a42dbb45c 7f0d10bc282c3d7b0eb4d7527303490f8d3b86a1c65e293c2d9f0793006441e6 Loading...

	media-wellsfargo.nod-glb.nuance.com/media/launch/tcFramework_jssdk.min.js?codeVersion=1664936708888	516 kB	2023-03-07	2023-03-17
Pretty URL media-wellsfargo.nod-glb.nuance.com/media/launch/tcFramework_jssdk.min.js?codeVersion=1664936708888 IP 8.39.193.5 ASN #54396 NUANCE-MOBILITY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:44:37 Last Seen2023-03-17 10:39:42 Times Seen1 Hash 92e33ffe477dad0bcefe92f3e91a417b 5551e75559e2d86683d6b3a0cdcfc1b15f73039f 0a832288f2c649ffac22ec7ce2a57bd194e32303c7febb64d9e864312b76fc94 Loading...

	www.wellsfargo.com/js/widgets/ui/rates-solution/js/runtime.js	1.5 kB	2023-03-07	2023-03-13
Pretty URL www.wellsfargo.com/js/widgets/ui/rates-solution/js/runtime.js IP 159.45.170.145 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:32:02 Last Seen2023-03-13 18:53:56 Times Seen1 Hash cbfd9e32f07f0d2df43836707943c3c4 0d6f6237e14a83413a3f12bb72861efa8d6012a6 f11a4fa97ef5a8ebd26c594a5ab9ec881bdb7e183cb2147151a0deb1d9678d25 Loading...

	static.wellsfargo.com/assets/js/wfui/ndep/websdk/nuance-websdk-loader.js	36 kB	2023-03-07	2023-03-17
Pretty URL static.wellsfargo.com/assets/js/wfui/ndep/websdk/nuance-websdk-loader.js IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2023-03-17 11:41:13 Times Seen1 Hash a87d017094c294b72c41efb2cfbf49aa 86590309a3f44265fd4acd0b35c5911c18047ca8 c19b2cfb96a4e34bf9537736e5ca1fcea2fa89b6f0c05ec2e7e2c7a017bafdb6 Loading...

	static.wellsfargo.com/tracking/main/utag.431.js?utv=ut4.48.202107202150	2.5 kB	2023-03-07	2024-04-08
Pretty URL static.wellsfargo.com/tracking/main/utag.431.js?utv=ut4.48.202107202150 IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2024-04-08 03:26:08 Times Seen82 Hash 47057e93093059b6ae4917b6015bd8fe c6b654398fc654f415bcd1cff05f926d9193fc65 2c7310c0bbcf2becb50249819d7d0d68636930bab7307962d020cebf0d9de42c Loading...

	static.wellsfargo.com/tracking/main/utag.381.js?utv=ut4.48.202209121603	94 kB	2023-03-07	2023-03-08
Pretty URL static.wellsfargo.com/tracking/main/utag.381.js?utv=ut4.48.202209121603 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:47:21 Last Seen2023-03-08 07:42:42 Times Seen1 Hash b90cbacc71e1ae0a741626c87a25d013 00bf09b1f99fa67c51fd7cfba73951a9a710a424 f20359b2efae06d66e63fbd2e0ffb187fab7c9e2953e08306a0bf69ac8a5aa36 Loading...

	static.wellsfargo.com/tracking/main/utag.396.js?utv=ut4.48.202209192333	8.5 kB	2023-03-08	2023-03-08
Pretty URL static.wellsfargo.com/tracking/main/utag.396.js?utv=ut4.48.202209192333 IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:03:23 Last Seen2023-03-08 07:42:42 Times Seen1 Hash bfc7b10a98d0b83c34b9c5215e59acb3 c822f6bbd3dfebedd4dc5673c7abb5c9f233085b 713a7b27c18080ecb4665dab3036ae266329f318ccc648336564bb8c24e5e40c Loading...

	static.wellsfargo.com/tracking/main/utag.505.js?utv=ut4.48.202209131956	6.5 kB	2023-03-07	2023-03-13
Pretty URL static.wellsfargo.com/tracking/main/utag.505.js?utv=ut4.48.202209131956 IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:47:21 Last Seen2023-03-13 06:40:20 Times Seen1 Hash 735658e345bcccb2e9b4f8436a45bcd3 94969ac03a39f4e244376817f674405e38b4a054 01a8d4c81581707d3d7a663057b6635f1d6bc4fcc1c49ba0d21ae4f57146d81f Loading...

HTTP Transactions (130)

URL IP Response Size

zitic.duckdns.org/v/www.wellsfargo.com/mortgage/rates/customize-v2/

54.224.73.73

200 OK

24 kB

URL HTTP/1.1
zitic.duckdns.org/v/www.wellsfargo.com/mortgage/rates/customize-v2/
IP
54.224.73.73:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1412), with CRLF, LF line terminators
Size
24 kB (24279 bytes)
Hash
5bd482524e06cb0b11b2a13ccd540ad5
964ec73a9294b1473b4ade8980266a76dbbca30b
bfa19605375ce1beb393759c94d816e07ea11f602e2ac93cf89e1d72741297be

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
openphish	Wells Fargo & Company
fortinet	Phishing

HTTP Headers

GET /v/www.wellsfargo.com/mortgage/rates/customize-v2/ HTTP/1.1
Host: zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: kndctr_1BAA15F354F731E60A4C98A4_AdobeOrg_identity=CiY3MjgxMzUzMzE2MjU4Mjk2NzY4NDM0ODQwNzA2Nzg3Mjg2NzUwNFIRCIrjpOa6MBABGAEqBElSTDHwAYrjpOa6MA==; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=MCMID|72813533162582967684348407067872867504
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:49:30 GMT
Server: Apache
Last-Modified: Fri, 30 Sep 2022 22:54:28 GMT
Accept-Ranges: bytes
Content-Length: 24279
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
282f6e1328452c1cb41f6a6272fff757
20b9ff1b5f4f81b645769bd4b4cf7bf7dfc16262
6a8070ebe51259cb11db68cca2c81f3c7408fad481d8c14cc1c38912442c63f4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A8070EBE51259CB11DB68CCA2C81F3C7408FAD481D8C14CC1C38912442C63F4"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6655
Expires: Thu, 06 Oct 2022 12:40:25 GMT
Date: Thu, 06 Oct 2022 10:49:30 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

54.230.111.7

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
54.230.111.7:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 5h7Mq2dUrUfHehou0SQ74Vxugz5bZPH0KvalshbeK-W4ETuBUFpkow==
Age: 68532

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

54.230.111.7

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
54.230.111.7:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 06 Oct 2022 04:02:33 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KWWnZwEDlv-rFC22r9f0JHBKKPT49tMRSrhUt2lLENtzzY4b7hyRJA==
age: 24418
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 10:49:30 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

zitic.duckdns.org/v/static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js

54.224.73.73

200 OK

2.0 kB

URL HTTP/1.1
zitic.duckdns.org/v/static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js
IP
54.224.73.73:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (1952), with no line terminators
Size
2.0 kB (1952 bytes)
Hash
e7cf4c458b327ab7ed31e0936ccd404f
970bf05073f91ad6b8f21521f7c9886f71f2af1d
52b687a685d2239142be0db5335c5710951ba8c2b39a44431a40f156b4d9312d

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
fortinet	Phishing

HTTP Headers

GET /v/static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js HTTP/1.1
Host: zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://zitic.duckdns.org/v/www.wellsfargo.com/mortgage/rates/customize-v2/
Cookie: kndctr_1BAA15F354F731E60A4C98A4_AdobeOrg_identity=CiY3MjgxMzUzMzE2MjU4Mjk2NzY4NDM0ODQwNzA2Nzg3Mjg2NzUwNFIRCIrjpOa6MBABGAEqBElSTDHwAYrjpOa6MA==; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=MCMID|72813533162582967684348407067872867504

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:49:30 GMT
Server: Apache
Last-Modified: Thu, 20 Jan 2022 03:38:26 GMT
Accept-Ranges: bytes
Content-Length: 1952
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
ee9e15db28c6c174de4e0f2922e2b25c
9df4ed69f087ce66e15dec440470706a0b548474
3c2acc9d0d0eb77f7bb2e28a662473040984c2b2fe36be30b7acd45a45c504b3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6577
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 10:49:31 GMT
Last-Modified: Thu, 06 Oct 2022 08:59:54 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
ee9e15db28c6c174de4e0f2922e2b25c
9df4ed69f087ce66e15dec440470706a0b548474
3c2acc9d0d0eb77f7bb2e28a662473040984c2b2fe36be30b7acd45a45c504b3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 588
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 10:49:31 GMT
Last-Modified: Thu, 06 Oct 2022 10:39:43 GMT
Server: ECS (amb/6B7E)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
60e15c331eace6c365b7907684305d5b
0bd2b17c8e69678b43b2beb1beb81cb059f848b7
9fba594974e3d01120b06149dbe25cbdd65a33f81a5a362283146b3472aa0aaa

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5999
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 10:49:31 GMT
Last-Modified: Thu, 06 Oct 2022 09:09:32 GMT
Server: ECS (amb/6B93)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
714884a57375646cad1baef2220eb6cf
6e905029a7c31f9b759aabb08340e0b3b9b6a43d
9c11fc482233d4c4c5d05ea70270e08d29a45e00fa18f439be416fc561099c1c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 84
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 10:49:31 GMT
Last-Modified: Thu, 06 Oct 2022 10:48:07 GMT
Server: ECS (amb/6B7E)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
60e15c331eace6c365b7907684305d5b
0bd2b17c8e69678b43b2beb1beb81cb059f848b7
9fba594974e3d01120b06149dbe25cbdd65a33f81a5a362283146b3472aa0aaa

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2492
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 10:49:31 GMT
Last-Modified: Thu, 06 Oct 2022 10:07:59 GMT
Server: ECS (amb/6BB1)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
714884a57375646cad1baef2220eb6cf
6e905029a7c31f9b759aabb08340e0b3b9b6a43d
9c11fc482233d4c4c5d05ea70270e08d29a45e00fa18f439be416fc561099c1c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5777
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 10:49:31 GMT
Last-Modified: Thu, 06 Oct 2022 09:13:14 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
714884a57375646cad1baef2220eb6cf
6e905029a7c31f9b759aabb08340e0b3b9b6a43d
9c11fc482233d4c4c5d05ea70270e08d29a45e00fa18f439be416fc561099c1c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 84
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 10:49:31 GMT
Last-Modified: Thu, 06 Oct 2022 10:48:07 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
714884a57375646cad1baef2220eb6cf
6e905029a7c31f9b759aabb08340e0b3b9b6a43d
9c11fc482233d4c4c5d05ea70270e08d29a45e00fa18f439be416fc561099c1c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6001
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 10:49:31 GMT
Last-Modified: Thu, 06 Oct 2022 09:09:32 GMT
Server: ECS (amb/6B93)
X-Cache: HIT
Content-Length: 471

static.wellsfargo.com/assets/js/wfui/container/wfui-container-top.js

159.45.2.178

200 OK

17 kB

URL HTTP/1.1
static.wellsfargo.com/assets/js/wfui/container/wfui-container-top.js
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
Unicode text, UTF-8 text, with very long lines (48287)
Size
17 kB (16778 bytes)
Hash
a75fd8e10b107df2ef26038f1783ac4e
b27d8fc62fd83f944d638b93140ec05bd050ded4
9baeb568dd185db9aeaefd009c3778e3fe04b59acfa6c04fe96bdf608c8f2299

HTTP Headers

GET /assets/js/wfui/container/wfui-container-top.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:49:31 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Sat, 13 Aug 2022 13:50:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62f7ac0c-bcef"
Cache-Control: max-age=1800
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip

static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js

159.45.2.178

200 OK

11 kB

URL HTTP/1.1
static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
Unicode text, UTF-8 text, with very long lines (31790)
Size
11 kB (11076 bytes)
Hash
6d79a0dbc6ea2602aa38bbf53e43124e
8b53e45df3e4aea81cbfaa90081f6795bcfe39fc
d2aa003ecdd6c31e12964104bd23498a60e94fa2d163c6d1ff285db59f61bb6a

HTTP Headers

GET /assets/js/wfui/container/wfui-container-bottom.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:49:31 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Sat, 12 Feb 2022 17:58:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6207f544-7c61"
Cache-Control: max-age=1800
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

54.230.111.7

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
54.230.111.7:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Thu, 06 Oct 2022 10:29:41 GMT
Expires: Thu, 06 Oct 2022 10:49:48 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ZQA2gASoPh6ROCWtNQFlCu9c3Irc_2I9ovYkbcPbpyOWfDciOqGbbg==
Age: 1190

www.wellsfargo.com/css/vendor/video-js.css

159.45.170.145

200 OK

14 kB

URL HTTP/1.1
www.wellsfargo.com/css/vendor/video-js.css
IP
159.45.170.145:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (19577)
Size
14 kB (13980 bytes)
Hash
e8bc91c72d762cbbef2808777d5a9bcf
5ba83a1b3904a42fa83588d83ba81b4e17c48928
c039b9caa0e841feb7fd71b9084ac9729c92bf1eec41d16e1ecf8bc218739851

HTTP Headers

GET /css/vendor/video-js.css HTTP/1.1
Host: www.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:49:31 GMT
Content-Type: text/css
Last-Modified: Mon, 05 Sep 2022 08:33:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6315b454-ab84"
Expires: Thu, 06 Oct 2022 11:19:31 GMT
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com

www.wellsfargo.com/css/template/ui-lightness/jquery-ui.custom.css

159.45.170.145

200 OK

3.5 kB

URL HTTP/1.1
www.wellsfargo.com/css/template/ui-lightness/jquery-ui.custom.css
IP
159.45.170.145:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (7443)
Size
3.5 kB (3484 bytes)
Hash
bd26fea19f8cd25a2f0e7049bfbf20e5
bef14c1fd36f7c5038c88ce6c9942477ef673634
28e648cccfc26b07acdebac605f7b16d9de18e0fc4bfae55da3d2e2196c79df2

HTTP Headers

GET /css/template/ui-lightness/jquery-ui.custom.css HTTP/1.1
Host: www.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:49:31 GMT
Content-Type: text/css
Last-Modified: Mon, 05 Sep 2022 08:33:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6315b454-47e3"
Expires: Thu, 06 Oct 2022 11:19:31 GMT
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com

www.wellsfargo.com/css/widgets/ui/rates-solution/css/main.chunk.css

159.45.170.145

200 OK

13 kB

URL HTTP/1.1
www.wellsfargo.com/css/widgets/ui/rates-solution/css/main.chunk.css
IP
159.45.170.145:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (65536), with no line terminators
Size
13 kB (13378 bytes)
Hash
da0b444c7f1cc85829319de0751c8303
b9de4ec03c4054e94125a55a02fe834bea743a82
803092a0b5a23e06a17c969de68b34e7e45b4a57dd06e3801fd537706df2d583

HTTP Headers

GET /css/widgets/ui/rates-solution/css/main.chunk.css HTTP/1.1
Host: www.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:49:31 GMT
Content-Type: text/css
Last-Modified: Thu, 21 Apr 2022 15:57:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62617ef2-16db9"
Expires: Thu, 06 Oct 2022 11:19:31 GMT
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com

www.wellsfargo.com/css/tools/homelending/homelending.css

159.45.170.145

200 OK

3.2 kB

URL HTTP/1.1
www.wellsfargo.com/css/tools/homelending/homelending.css
IP
159.45.170.145:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (8055)
Size
3.2 kB (3190 bytes)
Hash
b4b979d861a3f9b5f0f275b86a389619
59c4cf8d452ef7886017909808fa0c45620bfbc1
adc2bd1767db2dea0bbe9d9846f392c90b5840f119473be1e43319248adde2ac

HTTP Headers

GET /css/tools/homelending/homelending.css HTTP/1.1
Host: www.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:49:31 GMT
Content-Type: text/css
Last-Modified: Mon, 05 Sep 2022 08:33:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6315b454-2f0c"
Expires: Thu, 06 Oct 2022 11:19:31 GMT
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com

www.wellsfargo.com/css/template/global.css

159.45.170.145

200 OK

34 kB

URL HTTP/1.1
www.wellsfargo.com/css/template/global.css
IP
159.45.170.145:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (8261)
Size
34 kB (33875 bytes)
Hash
bde2c1be77c92f84fb05e75fb791ced3
6fa898da825712388a330c5a55341f1bc6ea841f
bdfa97725a18f7ef601a99479f2ffc4db97c661e432dbb8c5318748edeabd71b

HTTP Headers

GET /css/template/global.css HTTP/1.1
Host: www.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:49:31 GMT
Content-Type: text/css
Last-Modified: Mon, 05 Sep 2022 08:33:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6315b454-2d449"
Expires: Thu, 06 Oct 2022 11:19:31 GMT
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
8be5570b9a5ca76c580da007a824b029
38840f2ac6476bdd5608121c5653e338c7ad9715
0b94e05080ef85432b1815eb3c6c7594c9613cfde1b51eeabee46d0d9fde64b2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4526
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 10:49:31 GMT
Last-Modified: Thu, 06 Oct 2022 09:34:05 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

www.wellsfargo.com/js/shared/media-player-custom.js

159.45.170.145

200 OK

1.1 kB

URL HTTP/1.1
www.wellsfargo.com/js/shared/media-player-custom.js
IP
159.45.170.145:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (4348), with no line terminators
Size
1.1 kB (1072 bytes)
Hash
093678f8ad7bdbc8cd585c56e790a897
d902c5e10098748cd595696e2dfd6477af38d6d2
dcc204775e343aca84f7c8cfa23a2addc3e9681567d5cd071e6f05ba8606dd89

HTTP Headers

GET /js/shared/media-player-custom.js HTTP/1.1
Host: www.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:49:31 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Mon, 05 Sep 2022 08:33:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6315b450-10fc"
Expires: Thu, 06 Oct 2022 11:19:31 GMT
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com

www.wellsfargo.com/css/widgets/ui/rates-solution/css/wfui.chunk.css

159.45.170.145

200 OK

38 kB

URL HTTP/1.1
www.wellsfargo.com/css/widgets/ui/rates-solution/css/wfui.chunk.css
IP
159.45.170.145:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (65536), with no line terminators
Size
38 kB (38490 bytes)
Hash
d864175eaa3811957c72af17bb2c24b0
1a33e2235176f4174479c2805de8117c44f0574e
2be924bc5f18e0d9d8e52533366fb2da33e30015a0dff3a3b9a324052023d75e

HTTP Headers

GET /css/widgets/ui/rates-solution/css/wfui.chunk.css HTTP/1.1
Host: www.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:49:31 GMT
Content-Type: text/css
Last-Modified: Thu, 21 Apr 2022 15:57:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62617ef4-26100"
Expires: Thu, 06 Oct 2022 11:19:31 GMT
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com

www.wellsfargo.com/js/frameworks/slick01.js

159.45.170.145

200 OK

14 kB

URL HTTP/1.1
www.wellsfargo.com/js/frameworks/slick01.js
IP
159.45.170.145:0
ASN
#10837 WELLSFARGO-10837

File type
Unicode text, UTF-8 text, with very long lines (8157)
Size
14 kB (13861 bytes)
Hash
f3b4fe3b70d7879d03983a1f0c7bfb02
d9e7bd3d0fafdf62a785057f98585e3aee716888
e42bf212ab8bc25a50408cfc448b8fd27ab21553564e866699a808e880390435

HTTP Headers

GET /js/frameworks/slick01.js HTTP/1.1
Host: www.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:49:31 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Mon, 05 Sep 2022 08:33:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6315b44e-f651"
Expires: Thu, 06 Oct 2022 11:19:31 GMT
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com

www.wellsfargo.com/js/widgets/ui/rates-solution/js/runtime.js

159.45.170.145

200 OK

727 B

URL HTTP/1.1
www.wellsfargo.com/js/widgets/ui/rates-solution/js/runtime.js
IP
159.45.170.145:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (1499), with no line terminators
Size
727 B (727 bytes)
Hash
07aa1778592f880adf735e3dae9ad2ae
33044bc38a8983a8d817c80e00508dbd7d2bd22b
a1cfd1eedba4bde2805117726f175b7ef73463a89cf4d6da5348f14494c281b2

HTTP Headers

GET /js/widgets/ui/rates-solution/js/runtime.js HTTP/1.1
Host: www.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:49:31 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 21 Apr 2022 15:57:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62617ef4-5db"
Expires: Thu, 06 Oct 2022 11:19:31 GMT
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com

www.wellsfargo.com/js/vendor/jquery.min.js

159.45.170.145

200 OK

33 kB

URL HTTP/1.1
www.wellsfargo.com/js/vendor/jquery.min.js
IP
159.45.170.145:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (8077)
Size
33 kB (33308 bytes)
Hash
168e3db9aed10d5a534287cbff2304e0
169ff7955da23134626a75db6337232feeebef4a
1140ecb834e6e1aa2a5ec74793e9a5ce3d6a1c47b384b63f7a61646ca0b54618

HTTP Headers

GET /js/vendor/jquery.min.js HTTP/1.1
Host: www.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:49:31 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Mon, 05 Sep 2022 08:33:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6315b450-17d5c"
Expires: Thu, 06 Oct 2022 11:19:31 GMT
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com

www.wellsfargo.com/js/global/global.js

159.45.170.145

200 OK

56 kB

URL HTTP/1.1
www.wellsfargo.com/js/global/global.js
IP
159.45.170.145:0
ASN
#10837 WELLSFARGO-10837

File type
HTML document, Unicode text, UTF-8 text, with very long lines (8155)
Size
56 kB (55848 bytes)
Hash
3cc3c4c3e87a4c2f327b4443edc4d687
038aa8880f1aef9d6a5c670982794ca5f081bdd4
3814f430533d4045e91765252403aa9687628839d98abec1a6bf1ac4325b65dd

HTTP Headers

GET /js/global/global.js HTTP/1.1
Host: www.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:49:31 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Mon, 05 Sep 2022 08:33:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6315b454-3836e"
Expires: Thu, 06 Oct 2022 11:19:31 GMT
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com

push.services.mozilla.com/

52.89.255.30

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.89.255.30:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: h5qUXqwOnQ10xWDFVPVo8Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: b20S8ZF4uopI/jO+ze4O1c7wheI=

www.wellsfargo.com/js/vendor/video.js

159.45.170.145

200 OK

78 kB

URL HTTP/1.1
www.wellsfargo.com/js/vendor/video.js
IP
159.45.170.145:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (8169)
Size
78 kB (78047 bytes)
Hash
5832f5704f0825e0ffd440d53c3b955c
a4c1609efee7e03f0ce9d0f20fd42015c315aef4
5175be972567e37ed17b1e33fe2f9ad422eaefcc187f6b49f1369ebf3234e875

HTTP Headers

GET /js/vendor/video.js HTTP/1.1
Host: www.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:49:31 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Mon, 05 Sep 2022 08:33:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6315b450-666fc"
Expires: Thu, 06 Oct 2022 11:19:31 GMT
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com

www04.wellsfargomedia.com/assets/images/css/template/homepage/homepage-lock.svg

104.110.5.8

200 OK

668 B

URL HTTP/2
www04.wellsfargomedia.com/assets/images/css/template/homepage/homepage-lock.svg
IP
104.110.5.8:0
ASN
#16625 AKAMAI-AS

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
668 B (668 bytes)
Hash
de6fd1f7ffea13b855770b5dc54daf72
0e4ab6e3433c7607280e977fd9e9c5442eb30344
deab472180f1d0240b8f200d69c896d68ddf08eba1928ef3d2f2fbd4beefbbfa

HTTP Headers

GET /assets/images/css/template/homepage/homepage-lock.svg HTTP/1.1
Host: www04.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/svg+xml
accept-ranges: bytes
content-encoding: br
etag: "6f8-554880386bac0"
last-modified: Wed, 25 Aug 2021 22:12:55 GMT
server: Akamai Resource Optimizer
strict-transport-security: max-age=31536000; includeSubdomains;
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 668
unused62: 8096267
cache-control: max-age=3126801
expires: Fri, 11 Nov 2022 15:22:53 GMT
date: Thu, 06 Oct 2022 10:49:32 GMT
X-Firefox-Spdy: h2

www01.wellsfargomedia.com/assets/images/global/btn-close-x.png

104.110.5.8

200 OK

1.3 kB

URL HTTP/2
www01.wellsfargomedia.com/assets/images/global/btn-close-x.png
IP
104.110.5.8:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.3 kB (1338 bytes)
Hash
51f9ce35922f8fd2a8f332ecab96fadf
219d30a9ae5bc02d9b3f3032ef40329cb65a2f70
df18094841a0d00f767d5928cdc130069ca22c4f4e7ced49cb21c5b571ae0f33

HTTP Headers

GET /assets/images/global/btn-close-x.png HTTP/1.1
Host: www01.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
etag: "5ad-4dd7c5a174400"
last-modified: Thu, 26 Aug 2021 01:32:57 GMT
server: Akamai Image Manager
x-serial: 1801
x-check-cacheable: YES
content-length: 1338
content-type: image/webp
unused62: 8096267
cache-control: private, no-transform, max-age=15552000
expires: Tue, 04 Apr 2023 10:49:32 GMT
date: Thu, 06 Oct 2022 10:49:32 GMT
X-Firefox-Spdy: h2

www01.wellsfargomedia.com/assets/images/css/template/homepage/homepage-horz-logo.svg

104.110.5.8

200 OK

2.0 kB

URL HTTP/2
www01.wellsfargomedia.com/assets/images/css/template/homepage/homepage-horz-logo.svg
IP
104.110.5.8:0
ASN
#16625 AKAMAI-AS

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4948)
Size
2.0 kB (1977 bytes)
Hash
e56e5d0c3a6c91daa9c9e3cb35de49ec
1ac827e855541f5059c9122c624f7b5144c5faa8
6d046903ea56f94f8a7d998d662f03035b015d3019c57d88e091f16d1bd175e8

HTTP Headers

GET /assets/images/css/template/homepage/homepage-horz-logo.svg HTTP/1.1
Host: www01.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/svg+xml
accept-ranges: bytes
content-encoding: br
etag: "15b8-5895bfcbfa2c0"
last-modified: Mon, 24 May 2021 14:15:37 GMT
server: Akamai Resource Optimizer
strict-transport-security: max-age=31536000; includeSubdomains;
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 1977
unused62: 8096267
cache-control: max-age=3126801
expires: Fri, 11 Nov 2022 15:22:53 GMT
date: Thu, 06 Oct 2022 10:49:32 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/home-lending-shared/hide_for_hmc.png

104.110.27.78

200 OK

107 B

URL HTTP/2
www17.wellsfargomedia.com/assets/images/home-lending-shared/hide_for_hmc.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
PNG image data, 1 x 1, 1-bit grayscale, non-interlaced\012- data
Size
107 B (107 bytes)
Hash
e29502ab2e7a78a984fe5ae3f0bd8f80
9e0f73bcf8e412d61b5c7ddaa23eb2bd10cd24c3
d7ec07781b09c2777c423e36467fd093d55b95cca0b53f7add06a3b0e8f1cc9a

HTTP Headers

GET /assets/images/home-lending-shared/hide_for_hmc.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
etag: "61c0f0a5-cf7"
last-modified: Fri, 23 Sep 2022 20:10:18 GMT
server: Akamai Image Manager
x-serial: 1777
x-check-cacheable: YES
content-length: 107
content-type: image/png
cache-control: private, no-transform, max-age=1502470
expires: Sun, 23 Oct 2022 20:10:42 GMT
date: Thu, 06 Oct 2022 10:49:32 GMT
X-Firefox-Spdy: h2

www.wellsfargo.com/js/frameworks/jq/jquery-ui.js

159.45.170.145

200 OK

80 kB

URL HTTP/1.1
www.wellsfargo.com/js/frameworks/jq/jquery-ui.js
IP
159.45.170.145:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (8185)
Size
80 kB (80063 bytes)
Hash
9ff54c8cd2a89ba19317dc2d21dd7b70
c72ce00b74f7e5f79b20127d3fdf2f27e9f695f6
f9fe644ca857fecf364b2560911254ab12d934588c4aa8bab0b1ffcc76ad8f12

HTTP Headers

GET /js/frameworks/jq/jquery-ui.js HTTP/1.1
Host: www.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:49:31 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Mon, 05 Sep 2022 08:33:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6315b44e-52ce2"
Expires: Thu, 06 Oct 2022 11:19:31 GMT
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com

www.wellsfargo.com/css/template/print.css

159.45.170.145

200 OK

280 B

URL HTTP/1.1
www.wellsfargo.com/css/template/print.css
IP
159.45.170.145:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (570), with no line terminators
Size
280 B (280 bytes)
Hash
0bedbeb280ad7fe4984c41a5310dcf5d
21437c76f6acfc98cb62e778521229a95f520ea0
a58b9ecd2517292e12277596f941bd00a57ea10a884f0b02063a60386ca9a50e

HTTP Headers

GET /css/template/print.css HTTP/1.1
Host: www.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:49:32 GMT
Content-Type: text/css
Last-Modified: Mon, 05 Sep 2022 08:33:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6315b454-23a"
Expires: Thu, 06 Oct 2022 11:19:32 GMT
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com

www.wellsfargo.com/assets/images/global/s.gif?log=1&cb=1664574868538&event=PageLoad&pid=tcm:222-239743-64&ptid=tcm:222-170471-128&pageUrl=https%3A%2F%2Fwww.wellsfargo.com%2Fmortgage%2Frates%2Fcustomize-v2%2F&clist=182-200963-16~223-4119-32|84-201330-16~91-122371-32|84-94062-16~91-2806-32|84-5531-16~91-2045-32|84-39242-16~91-1924-32|84-207757-16~91-1924-32|84-8259-16~91-1865-32|84-36594-16~91-2830-32|182-200964-16~223-122394-32|182-221996-16~91-2049-32|182-200966-16~223-122392-32|182-239721-16~91-2049-32|182-251842-16~223-122392-32|84-7805-16~91-6211-32|182-215730-16~91-2049-32|182-215726-16~91-2049-32|84-8253-16~91-1866-32

159.45.170.145

200 OK

43 B

URL HTTP/1.1
www.wellsfargo.com/assets/images/global/s.gif?log=1&cb=1664574868538&event=PageLoad&pid=tcm:222-239743-64&ptid=tcm:222-170471-128&pageUrl=https%3A%2F%2Fwww.wellsfargo.com%2Fmortgage%2Frates%2Fcustomize-v2%2F&clist=182-200963-16~223-4119-32|84-201330-16~91-122371-32|84-94062-16~91-2806-32|84-5531-16~91-2045-32|84-39242-16~91-1924-32|84-207757-16~91-1924-32|84-8259-16~91-1865-32|84-36594-16~91-2830-32|182-200964-16~223-122394-32|182-221996-16~91-2049-32|182-200966-16~223-122392-32|182-239721-16~91-2049-32|182-251842-16~223-122392-32|84-7805-16~91-6211-32|182-215730-16~91-2049-32|182-215726-16~91-2049-32|84-8253-16~91-1866-32
IP
159.45.170.145:0
ASN
#10837 WELLSFARGO-10837

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

HTTP Headers

GET /assets/images/global/s.gif?log=1&cb=1664574868538&event=PageLoad&pid=tcm:222-239743-64&ptid=tcm:222-170471-128&pageUrl=https%3A%2F%2Fwww.wellsfargo.com%2Fmortgage%2Frates%2Fcustomize-v2%2F&clist=182-200963-16~223-4119-32|84-201330-16~91-122371-32|84-94062-16~91-2806-32|84-5531-16~91-2045-32|84-39242-16~91-1924-32|84-207757-16~91-1924-32|84-8259-16~91-1865-32|84-36594-16~91-2830-32|182-200964-16~223-122394-32|182-221996-16~91-2049-32|182-200966-16~223-122392-32|182-239721-16~91-2049-32|182-251842-16~223-122392-32|84-7805-16~91-6211-32|182-215730-16~91-2049-32|182-215726-16~91-2049-32|84-8253-16~91-1866-32 HTTP/1.1
Host: www.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:49:32 GMT
Content-Type: image/gif
Content-Length: 43
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
Connection: keep-alive
ETag: "519fc8a6-2b"
Expires: Wed, 05 Oct 2022 10:49:32 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com

www17.wellsfargomedia.com/assets/images/css/template/homepage/homepage-magnifying-glass.png

104.110.27.78

200 OK

236 B

URL HTTP/2
www17.wellsfargomedia.com/assets/images/css/template/homepage/homepage-magnifying-glass.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image\012- data
Size
236 B (236 bytes)
Hash
8cf6735df721c60affadb70ad95732eb
ae8a42ebbd6b60630e2c612e924c4fd66a4aca33
8dc5436dce4423f0e53e85904b6dc0552c1c8bbde0dd4ec1c929a1c272201c4c

HTTP Headers

GET /assets/images/css/template/homepage/homepage-magnifying-glass.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wellsfargo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "59c2114b-12e"
last-modified: Sat, 23 Jul 2022 13:52:11 GMT
server: Akamai Image Manager
content-length: 236
content-type: image/webp
cache-control: private, no-transform, max-age=672985
expires: Fri, 14 Oct 2022 05:45:57 GMT
date: Thu, 06 Oct 2022 10:49:32 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/css/template/chevron-right-grey.png

104.110.27.78

200 OK

82 B

URL HTTP/2
www17.wellsfargomedia.com/assets/images/css/template/chevron-right-grey.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 8x9, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
82 B (82 bytes)
Hash
8a64ca48888869867604fec4ca5a2300
05ecffa2687820e76c82f487d0347a5120615dd1
fb39d6b03e532d8c65acd85e6be42ac3fd7d781451a4bb1c616286a231c80cfa

HTTP Headers

GET /assets/images/css/template/chevron-right-grey.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wellsfargo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "519fc766-3ed"
last-modified: Sat, 23 Jul 2022 13:52:12 GMT
server: Akamai Image Manager
x-serial: 612
x-check-cacheable: YES
content-length: 82
content-type: image/webp
cache-control: private, no-transform, max-age=627178
expires: Thu, 13 Oct 2022 17:02:30 GMT
date: Thu, 06 Oct 2022 10:49:32 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/css/template/img_print.png

104.110.27.78

200 OK

98 B

URL HTTP/2
www17.wellsfargomedia.com/assets/images/css/template/img_print.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 14x12, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
98 B (98 bytes)
Hash
dbe4baa4fabf22f2030bedd4b77cf124
49be649c1a5572d2ed0cd43561066c747395fa95
60e215de6e3f74e07a38051e5c810b9de9aa0f683c8b3eab3ffe9678c77f3efd

HTTP Headers

GET /assets/images/css/template/img_print.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wellsfargo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "55209ab9-407"
last-modified: Mon, 25 Jul 2022 21:08:46 GMT
server: Akamai Image Manager
x-serial: 1046
x-check-cacheable: YES
content-length: 98
content-type: image/webp
cache-control: private, no-transform, max-age=769582
expires: Sat, 15 Oct 2022 08:35:54 GMT
date: Thu, 06 Oct 2022 10:49:32 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/css/template/arrow-right-gray.png

104.110.27.78

200 OK

102 B

URL HTTP/2
www17.wellsfargomedia.com/assets/images/css/template/arrow-right-gray.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image\012- data
Size
102 B (102 bytes)
Hash
24a47218c6a6be92ed8ddc28b0365af7
837d6923fda7215a73ce3050aa03673504907f88
303132675de7ecc1ad7822db460c6c6c30a72fb102620c4ca489c3fbb41e9e8f

HTTP Headers

GET /assets/images/css/template/arrow-right-gray.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wellsfargo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "519fc73e-40c"
last-modified: Mon, 25 Jul 2022 06:04:23 GMT
server: Akamai Image Manager
content-length: 102
content-type: image/webp
cache-control: private, no-transform, max-age=820323
expires: Sat, 15 Oct 2022 22:41:35 GMT
date: Thu, 06 Oct 2022 10:49:32 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/css/template/chevron-right-blue.png

104.110.27.78

200 OK

140 B

URL HTTP/2
www17.wellsfargomedia.com/assets/images/css/template/chevron-right-blue.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image\012- data
Size
140 B (140 bytes)
Hash
7838430f8f3db208f1791d12275f882c
f099b34e9cd7bb9b8ccfbe0284cf818ef1747a9a
15edc68516d9016f5df0651edcd4eedfd5c2f440d85f932f7a2b973b70d37883

HTTP Headers

GET /assets/images/css/template/chevron-right-blue.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wellsfargo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "519fc766-3fc"
last-modified: Mon, 25 Jul 2022 06:04:22 GMT
server: Akamai Image Manager
x-serial: 1189
x-check-cacheable: YES
content-length: 140
content-type: image/webp
cache-control: private, no-transform, max-age=778876
expires: Sat, 15 Oct 2022 11:10:48 GMT
date: Thu, 06 Oct 2022 10:49:32 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/css/template/equal_housing_lender.png

104.110.27.78

200 OK

146 B

URL HTTP/2
www17.wellsfargomedia.com/assets/images/css/template/equal_housing_lender.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 14x10, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
146 B (146 bytes)
Hash
c73303512a820b836d024a0efc538d22
2b30f51905546ab930bfc316a0fe508a73cd0eb3
4c9381cad294a8fadeceba5b80bd34158c900eb9a401095d013c77644030598c

HTTP Headers

GET /assets/images/css/template/equal_housing_lender.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wellsfargo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "519fc768-443"
last-modified: Mon, 25 Jul 2022 07:26:21 GMT
server: Akamai Image Manager
x-serial: 2004
x-check-cacheable: YES
content-length: 146
content-type: image/webp
cache-control: private, no-transform, max-age=938565
expires: Mon, 17 Oct 2022 07:32:17 GMT
date: Thu, 06 Oct 2022 10:49:32 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/fonts/wellsfargosans-bd.woff2

104.110.27.78

200 OK

22 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-bd.woff2
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
Web Open Font Format (Version 2), TrueType, length 22172, version 1.13107\012- data
Size
22 kB (22172 bytes)
Hash
f0307736c3a6ef356722f1dc3e9fa3f4
e29ea90ba786f0e08caa770dcfdfe923f619bebd
6bc7e16d4b6822a6867d7dd9f9d29f5fd77cd803750b0fe38a92309d9eb00704

HTTP Headers

GET /assets/fonts/wellsfargosans-bd.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://zitic.duckdns.org
Connection: keep-alive
Referer: https://www.wellsfargo.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: font/woff2
content-length: 22172
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-569c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=7227060
expires: Thu, 29 Dec 2022 02:20:32 GMT
date: Thu, 06 Oct 2022 10:49:32 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2

www15.wellsfargomedia.com/wfui/css/fonts/wellsfargosans-rg.woff2

96.6.19.156

200 OK

22 kB

URL HTTP/2
www15.wellsfargomedia.com/wfui/css/fonts/wellsfargosans-rg.woff2
IP
96.6.19.156:0
ASN
#16625 AKAMAI-AS

File type
Web Open Font Format (Version 2), TrueType, length 22424, version 1.13107\012- data
Size
22 kB (22424 bytes)
Hash
0a1639ebe9fab396657a62aa5233c832
9b58164729ad918dd7255e4856f9da7f3a90bfde
631f3b6267a831a8d67c45e480b5d5a2601f10ff8708bcf3a45a41b377a129cc

HTTP Headers

GET /wfui/css/fonts/wellsfargosans-rg.woff2 HTTP/1.1
Host: www15.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://zitic.duckdns.org
Connection: keep-alive
Referer: https://www.wellsfargo.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: KONICHIWA/2.0
last-modified: Tue, 26 Feb 2019 19:38:34 GMT
etag: "5798-582d133e56280"
accept-ranges: bytes
content-length: 22424
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: font/woff2
cache-control: max-age=31536000
expires: Fri, 06 Oct 2023 10:49:32 GMT
date: Thu, 06 Oct 2022 10:49:32 GMT
X-Firefox-Spdy: h2

www.wellsfargo.com/js/widgets/ui/rates-solution/js/main.chunk.js

159.45.170.145

200 OK

67 kB

URL HTTP/1.1
www.wellsfargo.com/js/widgets/ui/rates-solution/js/main.chunk.js
IP
159.45.170.145:0
ASN
#10837 WELLSFARGO-10837

File type
Unicode text, UTF-8 text, with very long lines (65528), with no line terminators
Size
67 kB (67060 bytes)
Hash
a9c0dabe3c5a899cf55099728030f327
89742bb6c416ed25cab9575df3713293e7d330f1
b2fae5fda5934c18ec43cc3d0e4bee4655cca9dfbe37f49489aaea7154faa2c1

HTTP Headers

GET /js/widgets/ui/rates-solution/js/main.chunk.js HTTP/1.1
Host: www.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:49:31 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 21 Apr 2022 15:57:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62617ef2-45b9e"
Expires: Thu, 06 Oct 2022 11:19:31 GMT
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com

www.wellsfargo.com/js/widgets/ui/rates-solution/js/vendor.chunk.js

159.45.170.145

200 OK

276 kB

URL HTTP/1.1
www.wellsfargo.com/js/widgets/ui/rates-solution/js/vendor.chunk.js
IP
159.45.170.145:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (65466)
Size
276 kB (275913 bytes)
Hash
cfa92ed634eb80d3bca7920ae1242718
cddf03f22e9c48f30ef00ab6091256553413ce7a
8dec7ebe9e2965579d11102991f2921bd83f4ab18786387a417aee589deda0b2

HTTP Headers

GET /js/widgets/ui/rates-solution/js/vendor.chunk.js HTTP/1.1
Host: www.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:49:31 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 21 Apr 2022 15:57:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62617ef4-cbb42"
Expires: Thu, 06 Oct 2022 11:19:31 GMT
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com

www17.wellsfargomedia.com/assets/images/photography/lifestyle/970x275/couple-outside-realtor_970x275.png

104.110.27.78

200 OK

69 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/photography/lifestyle/970x275/couple-outside-realtor_970x275.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image\012- data
Size
69 kB (69330 bytes)
Hash
ac3cf256c51dc8c373eb137b714e57b9
5391c7ac696e98b14154aa6ed5fbdc693b2fa7bd
516ed3b6e377f35ad6942b0545c1c7ac476fe85be269971a042caa80c1cd15b5

HTTP Headers

GET /assets/images/photography/lifestyle/970x275/couple-outside-realtor_970x275.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
etag: "5f08b62b-95549"
last-modified: Fri, 23 Sep 2022 20:10:23 GMT
server: Akamai Image Manager
content-length: 69330
content-type: image/webp
cache-control: private, no-transform, max-age=1502435
expires: Sun, 23 Oct 2022 20:10:07 GMT
date: Thu, 06 Oct 2022 10:49:32 GMT
X-Firefox-Spdy: h2

www.wellsfargo.com/js/widgets/ui/rates-solution/js/wfui.chunk.js

159.45.170.145

200 OK

258 kB

URL HTTP/1.1
www.wellsfargo.com/js/widgets/ui/rates-solution/js/wfui.chunk.js
IP
159.45.170.145:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (65536), with no line terminators
Size
258 kB (258230 bytes)
Hash
d9edee4920cac26da0763ed86967e1c1
a786fdabfb4e835a5f375f7dd69c974cc351e662
447e6f90c2552fc58ba5664075e666bb826a3d213466e3905985e3725c4c35ee

HTTP Headers

GET /js/widgets/ui/rates-solution/js/wfui.chunk.js HTTP/1.1
Host: www.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:49:31 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 21 Apr 2022 15:57:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62617ef4-e29d6"
Expires: Thu, 06 Oct 2022 11:19:31 GMT
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com

zitic.duckdns.org/as/global/session-reset

54.224.73.73

404 Not Found

315 B

URL HTTP/1.1
zitic.duckdns.org/as/global/session-reset
IP
54.224.73.73:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
fortinet	Phishing

HTTP Headers

POST /as/global/session-reset HTTP/1.1
Host: zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json; charset=UTF-8
Content-Length: 15
Origin: http://zitic.duckdns.org
Connection: keep-alive
Referer: http://zitic.duckdns.org/v/www.wellsfargo.com/mortgage/rates/customize-v2/
Cookie: kndctr_1BAA15F354F731E60A4C98A4_AdobeOrg_identity=CiY3MjgxMzUzMzE2MjU4Mjk2NzY4NDM0ODQwNzA2Nzg3Mjg2NzUwNFIRCIrjpOa6MBABGAEqBElSTDHwAYrjpOa6MA==; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=MCMID|72813533162582967684348407067872867504

HTTP/1.1 404 Not Found
Date: Thu, 06 Oct 2022 10:49:33 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14027
Expires: Thu, 06 Oct 2022 14:43:20 GMT
Date: Thu, 06 Oct 2022 10:49:33 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14027
Expires: Thu, 06 Oct 2022 14:43:20 GMT
Date: Thu, 06 Oct 2022 10:49:33 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14027
Expires: Thu, 06 Oct 2022 14:43:20 GMT
Date: Thu, 06 Oct 2022 10:49:33 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14027
Expires: Thu, 06 Oct 2022 14:43:20 GMT
Date: Thu, 06 Oct 2022 10:49:33 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14027
Expires: Thu, 06 Oct 2022 14:43:20 GMT
Date: Thu, 06 Oct 2022 10:49:33 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccecc8c9-b6da-4470-b2be-fa8d46df1cc2.webp

34.120.237.76

200 OK

9.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccecc8c9-b6da-4470-b2be-fa8d46df1cc2.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.0 kB (9044 bytes)
Hash
70ea26af79226e9ff06d6198e2c019dc
ae2c476667f63c7f642f0d9f4d0bc0d846b0ef57
f9393e7b8cbaedc8e1ef87fd89c617cf102f58813d84d866ff68e3124f94d44c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccecc8c9-b6da-4470-b2be-fa8d46df1cc2.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9044
x-amzn-requestid: 127bce04-9f75-4bb1-bbe7-33bf1694d96c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZdZPmHG5oAMFehw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ba263-3896085b3b73ff5403237206;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 03:02:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: E4yZTPRLFdK717YfwjOIFOJDi0wYpyA736dQELeM5iPLvGDXBosEWg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 04:27:43 GMT
age: 22910
etag: "ae2c476667f63c7f642f0d9f4d0bc0d846b0ef57"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.3 kB (7270 bytes)
Hash
e238ccaa3b9fa88476a8514855e8232f
447cbf348ef10d0136a1811e843c46937defbba1
43dce3c1eb388dfaddca4176acb6eb32f76fc4c03fca18e7a315c9ddb43d2b02

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7270
x-amzn-requestid: f2f15f43-6054-40f5-943a-530671e772dd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjOZjF3aIAMFW9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df770-5e2253791a927c8c40a0ff0d;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:30:24 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: xRuMce_9OkP3R2DqHjZI34GwkDezdfGKsgntCMTZG2c6SJUcyv0Ckg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 583992e175976bd59a21b4416890271e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:56:40 GMT
etag: "447cbf348ef10d0136a1811e843c46937defbba1"
content-type: image/jpeg
age: 46373
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5b87135-538c-4c9f-b146-1da5b13ce157.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.4 kB (8360 bytes)
Hash
a7bcc50ecfeeca47de68cb437e966f29
e98c870fd29b56fa4c3847008bedc0f01f222744
47a82bb40ead4346323b68c886cb88528cb2162666e9549b2ab215b86a499985

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5b87135-538c-4c9f-b146-1da5b13ce157.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8360
x-amzn-requestid: bd55219f-b8e2-4a03-a301-02cf9eab03e2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZKLC-H0TIAMF2Uw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6333f212-7f1cc90d1e28f8170ce2f219;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 07:04:50 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: UlO0u-eW8URZYj0kBAv35fJSQZ527l3IEUC28xUJlUVm9e7x5uaAiA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:44:49 GMT
age: 47084
etag: "e98c870fd29b56fa4c3847008bedc0f01f222744"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fac259b-7a22-4aa2-ba3f-682cb749091c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11080 bytes)
Hash
2277f8f2d93b4bc3b05d348343177892
531d9e4ec9078cd2d7376a19fcb287084af36c82
62907648de4a2ed390232a71ab7dce49f1e9c3363cde6a2f30ecae10ab67f93a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fac259b-7a22-4aa2-ba3f-682cb749091c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11080
x-amzn-requestid: 8fa4d19d-87a5-46c5-96c5-4aec793daad9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO7xE5eoAMFQLw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df84b-5c422c7a168c014f57559037;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:34:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: TlEKsCdhNhlKmA2Yhz8FarEUG18gQZMKGRD6SnzCnUMiKyGS9-UeOQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 73b60e9a9fd08eae9e034cedba707280.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:38:04 GMT
etag: "531d9e4ec9078cd2d7376a19fcb287084af36c82"
content-type: image/jpeg
age: 47489
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feda182b7-6bc8-4aea-82c3-d9fa08748b61.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.4 kB (7385 bytes)
Hash
e5a5ee14d41747f46e71f04782e1a3d3
b0205176a58913f57056b91674097bfb58046e97
b3bae0b56b50374cb85fc7fe4c9b551383d1969bf31e7adccb867e3467c59269

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feda182b7-6bc8-4aea-82c3-d9fa08748b61.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7385
x-amzn-requestid: f3b30c95-2f19-4d70-b358-ff7e1e1c56f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO6uHJrIAMF3WA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df844-5211c3087ea4f0023b32b284;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:33:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: uka14Zb4NhZEmseL9817VqWrplnl8Yrmnp3oTVs6OeMjdCLI89QoVg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 b47618c03bd47cf085f27b1e215f76cc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:36:41 GMT
age: 47572
etag: "b0205176a58913f57056b91674097bfb58046e97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7511 bytes)
Hash
9e520f87cae411cfc2ed1c8a14184385
69ad212cb7ae309d4f02019552887135bfae67da
723b10bfbcde201b5811e3bd0560f02f90775e4d18b28d19e6c814899f2da71a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7511
x-amzn-requestid: 995b51dd-5484-4b4c-ad40-550f7fd85930
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO6uG70IAMFjBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df844-70f17f6f24dce0003d03902a;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:33:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: 3lKuGlFCBN2wEsp9-Oa3ysQg62py090H30jy6_bR02Ufs0KGPrVC4w==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 d8d9c12d1a621129f4bc739038e7c72e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:36:41 GMT
age: 47572
etag: "69ad212cb7ae309d4f02019552887135bfae67da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

static.wellsfargo.com/assets/js/wfui/ndep/websdk/nuance-websdk-loader.js

159.45.2.178

200 OK

11 kB

URL HTTP/1.1
static.wellsfargo.com/assets/js/wfui/ndep/websdk/nuance-websdk-loader.js
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
Unicode text, UTF-8 text, with very long lines (35814)
Size
11 kB (11411 bytes)
Hash
1d081a456e54c7c623d773fa473a4533
14aeab37af44fcabcde3e3419f3d46b0e427524b
b9ad6838ec4946d6494773e8f5c2c1b16bb361e98d435af2137a7bc9fb12f879

HTTP Headers

GET /assets/js/wfui/ndep/websdk/nuance-websdk-loader.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:49:33 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 11 May 2022 04:38:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"627b3dac-8c18"
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip

www17.wellsfargomedia.com/assets/images/css/template/img_facebook.png

104.110.27.78

200 OK

158 B

URL HTTP/2
www17.wellsfargomedia.com/assets/images/css/template/img_facebook.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 20x20, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
158 B (158 bytes)
Hash
2b29e2ab0a181b675c3a91a5daf2322c
7986adeec12fb7dfb3386f793662f634c842eb66
73b31bddb3e9b9e841725f10be78071daae55db39b60719eb73ffa94186edbbf

HTTP Headers

GET /assets/images/css/template/img_facebook.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wellsfargo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "55209ab9-52d"
last-modified: Mon, 08 Aug 2022 16:03:34 GMT
server: Akamai Image Manager
content-length: 158
content-type: image/webp
cache-control: private, no-transform, max-age=2145744
expires: Mon, 31 Oct 2022 06:51:57 GMT
date: Thu, 06 Oct 2022 10:49:33 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/css/template/img_twitter.png

104.110.27.78

200 OK

186 B

URL HTTP/2
www17.wellsfargomedia.com/assets/images/css/template/img_twitter.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 20x20, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
186 B (186 bytes)
Hash
bf36c83f327f106b40a4a25396f68892
a47a4d66d99520946122236f23ec139c2252cae3
8bda07b34e5b9b98bc5b1609c1cb4327f829ec74484a558ae3873dd19b75953b

HTTP Headers

GET /assets/images/css/template/img_twitter.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wellsfargo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "55209ab9-5a4"
last-modified: Mon, 25 Jul 2022 07:26:18 GMT
server: Akamai Image Manager
x-serial: 1787
x-check-cacheable: YES
content-length: 186
content-type: image/webp
cache-control: private, no-transform, max-age=712804
expires: Fri, 14 Oct 2022 16:49:37 GMT
date: Thu, 06 Oct 2022 10:49:33 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/css/template/social_show.png

104.110.27.78

200 OK

84 B

URL HTTP/2
www17.wellsfargomedia.com/assets/images/css/template/social_show.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 16x16, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
84 B (84 bytes)
Hash
6550aa7b280e5283194471eb87085983
b76e2eaf71fb1ae900ece375e4f0be5b23bc1ed0
daf8f3105a0bae551331bc9859b06561b50313d2cc0e3aa1b1aee9b7acd09cd4

HTTP Headers

GET /assets/images/css/template/social_show.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wellsfargo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "55209ab9-3ca"
last-modified: Mon, 25 Jul 2022 08:19:23 GMT
server: Akamai Image Manager
content-length: 84
content-type: image/webp
cache-control: private, no-transform, max-age=943770
expires: Mon, 17 Oct 2022 08:59:03 GMT
date: Thu, 06 Oct 2022 10:49:33 GMT
X-Firefox-Spdy: h2

static.wellsfargo.com/tracking/main/utag.js

159.45.2.178

200 OK

54 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.js
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
Unicode text, UTF-8 text, with very long lines (21397)
Size
54 kB (53864 bytes)
Hash
26bb07cb24ec9407cc5e5b66a69874ba
3b7a1b1f6e96cccdd1eb3cd04e81598619eb94fc
35d1ca2c89af89baebef9b8a93866f5a90ab51831cc3b8db9718e276ab28c0d4

HTTP Headers

GET /tracking/main/utag.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:49:33 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 04 Oct 2022 20:01:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"633c9124-4fa06"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

www17.wellsfargomedia.com/assets/images/icons/icon-hires_192x192.png

104.110.27.78

200 OK

1.6 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/icons/icon-hires_192x192.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 192x192, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
1.6 kB (1636 bytes)
Hash
b9d2c719de3d6701349f1134e129defe
703a51a2f72672f6b34a3dcf8d07c351143f9151
95ae72a8f3b1f5794802b2704b74bef2f29fe1b8da1f06c97a8e7ab2acb5e435

HTTP Headers

GET /assets/images/icons/icon-hires_192x192.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "6116f9a6-dcf"
last-modified: Thu, 14 Jul 2022 02:02:37 GMT
server: Akamai Image Manager
content-length: 1636
content-type: image/webp
cache-control: private, no-transform, max-age=2232812
expires: Tue, 01 Nov 2022 07:03:05 GMT
date: Thu, 06 Oct 2022 10:49:33 GMT
X-Firefox-Spdy: h2

static.wellsfargo.com/assets/js/wfui/ndep/css/nuance-chat.css

159.45.2.178

200 OK

505 B

URL HTTP/1.1
static.wellsfargo.com/assets/js/wfui/ndep/css/nuance-chat.css
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with CRLF, LF line terminators
Size
505 B (505 bytes)
Hash
e2966fedd68930d5281a2ed6ea61c0d3
1ede5572cf49f251c212abdbd6f2df4bb48de1fe
c2ef5abb39d304068b5476114ebc952a97c091ea59348c8ba3adeadc715976ad

HTTP Headers

GET /assets/js/wfui/ndep/css/nuance-chat.css HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:49:33 GMT
Content-Type: text/css
Last-Modified: Tue, 17 Nov 2020 14:00:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5fb3d782-52b"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

www.wellsfargo.com/favicon.ico

159.45.170.145

200 OK

3.8 kB

URL HTTP/1.1
www.wellsfargo.com/favicon.ico
IP
159.45.170.145:0
ASN
#10837 WELLSFARGO-10837

File type
MS Windows icon resource - 1 icon, 48x48, 8 bits/pixel\012- data
Size
3.8 kB (3774 bytes)
Hash
fc6d7821d387a8d5e630daa63ec39f10
91d3962918d4caf70de23cdf245f85881883c789
2420e2dd77fbe0494070da2c201f6fcdd613c7652c06d086137e8c41d129f254

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:49:33 GMT
Content-Type: image/x-icon
Content-Length: 3774
Last-Modified: Mon, 05 Sep 2022 08:30:50 GMT
Connection: keep-alive
ETag: "6315b3ba-ebe"
Expires: Fri, 07 Oct 2022 10:49:33 GMT
Cache-Control: max-age=86400
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com

static.wellsfargo.com/tracking/main/utag.117.js?utv=ut4.48.202112070053

159.45.2.178

200 OK

1.5 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.117.js?utv=ut4.48.202112070053
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (8097)
Size
1.5 kB (1541 bytes)
Hash
98ea64d15274eed87401b2a479775049
54835f985edf79c1911926f35a454eed5462d672
ca6044266cd44788cd4fa4910c8bcae5bef1bc1c213eafb436c00cea0db2c79b

HTTP Headers

GET /tracking/main/utag.117.js?utv=ut4.48.202112070053 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:49:33 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 18 Feb 2021 22:15:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"602ee6f8-2166"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/tracking/ga/gtag.js?id=UA-107148943-1

159.45.2.178

200 OK

45 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/ga/gtag.js?id=UA-107148943-1
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (65508)
Size
45 kB (45086 bytes)
Hash
f0bce3a74e635ab88b299b1f625c99a4
345faf01029820b11abc73022ece8fb8e51cc321
faebd8dced2c15d37da85427c6e60aecb6a1a5f75e888280d447e93e64102c8e

HTTP Headers

GET /tracking/ga/gtag.js?id=UA-107148943-1 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:49:33 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"613a44c0-1ca73"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
da760bd41ef8ff9370254bfa22f58538
d2913d670acf488ba2460758095e8238c1d47966
92af768a29358479e72788fbbb20cfd27aad26588b07a3218968710da11a2d37

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:49:33 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2022 13:42:54 GMT
Expires: Wed, 12 Oct 2022 13:42:53 GMT
Etag: "d2913d670acf488ba2460758095e8238c1d47966"
Cache-Control: max-age=528199,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 755dd4c138acb4f9-OSL

static.wellsfargo.com/tracking/main/utag.249.js?utv=ut4.48.202103111723

159.45.2.178

200 OK

2.0 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.249.js?utv=ut4.48.202103111723
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (1280)
Size
2.0 kB (1971 bytes)
Hash
028aad0d319ba7357204d8bc9bfca330
6d391340b147026435eed039b322b297195d976f
8ea1397b96ad59126143e4ce576d94d1193772eefc90ef06acd785fcef164592

HTTP Headers

GET /tracking/main/utag.249.js?utv=ut4.48.202103111723 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:49:33 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 25 Mar 2021 21:15:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"605cfd72-133d"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/tracking/main/utag.319.js?utv=ut4.48.202209142209

159.45.2.178

200 OK

2.6 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.319.js?utv=ut4.48.202209142209
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (2571)
Size
2.6 kB (2613 bytes)
Hash
270dd8154d461df44b468039bd358e3d
75cfff528bf6a5b8cf3f2b186c06bf3facb78538
591ddca6ea1ce23bccb267ca1e5fc99ce9c4a463361905e8dc2ff7d544710c0b

HTTP Headers

GET /tracking/main/utag.319.js?utv=ut4.48.202209142209 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:49:33 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 22 Sep 2022 20:06:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"632cc04d-1b84"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/tracking/main/utag.328.js?utv=ut4.48.202207272202

159.45.2.178

200 OK

2.2 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.328.js?utv=ut4.48.202207272202
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (15058)
Size
2.2 kB (2248 bytes)
Hash
420683ca7854e6bef9d5433124c6040e
aad1b9f71f2c30deee478658bb6e453c2c7f3a5a
8851d5126d7413e67465c2cb8bc2adaba4dd4b39deac58a33c9dc2e4d53f8268

HTTP Headers

GET /tracking/main/utag.328.js?utv=ut4.48.202207272202 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:49:33 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 28 Jul 2022 20:08:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62e2eca5-413e"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

cdn.schemaapp.com/highlighter/prod/WellsFargo/aHR0cDovL3ppdGljLmR1Y2tkbnMub3Jn

54.230.111.2

200 OK

0 B

URL HTTP/2
cdn.schemaapp.com/highlighter/prod/WellsFargo/aHR0cDovL3ppdGljLmR1Y2tkbnMub3Jn
IP
54.230.111.2:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /highlighter/prod/WellsFargo/aHR0cDovL3ppdGljLmR1Y2tkbnMub3Jn HTTP/1.1
Host: cdn.schemaapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-account-id,x-api-key
Referer: http://zitic.duckdns.org/
Origin: http://zitic.duckdns.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
TE: trailers

HTTP/2 200 OK
content-length: 0
date: Thu, 06 Oct 2022 10:49:34 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-headers: x-account-id, x-api-key
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VA_-ukiQpodetysF12va4YbtMoHrK6ZamJKNS5K4J5V6CWCOukWkwA==
X-Firefox-Spdy: h2

data.schemaapp.com/WellsFargo/aHR0cDovL3ppdGljLmR1Y2tkbnMub3JnL3Yvd3d3LndlbGxzZmFyZ28uY29tL21vcnRnYWdlL3JhdGVzL2N1c3RvbWl6ZS12Mi8

54.230.111.129

200 OK

0 B

URL HTTP/2
data.schemaapp.com/WellsFargo/aHR0cDovL3ppdGljLmR1Y2tkbnMub3JnL3Yvd3d3LndlbGxzZmFyZ28uY29tL21vcnRnYWdlL3JhdGVzL2N1c3RvbWl6ZS12Mi8
IP
54.230.111.129:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /WellsFargo/aHR0cDovL3ppdGljLmR1Y2tkbnMub3JnL3Yvd3d3LndlbGxzZmFyZ28uY29tL21vcnRnYWdlL3JhdGVzL2N1c3RvbWl6ZS12Mi8 HTTP/1.1
Host: data.schemaapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-api-key
Referer: http://zitic.duckdns.org/
Origin: http://zitic.duckdns.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-length: 0
date: Thu, 06 Oct 2022 10:49:34 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-headers: x-api-key
access-control-expose-headers: x-amz-meta-source
access-control-max-age: 3000
server: AmazonS3
strict-transport-security: max-age=31536000; includeSubDomains;
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Miss from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: t2NnRbE3vd-vLUzh05vkE6P7mo0sVO7cPWspH5kDk9Zor9QYe56E0A==
X-Firefox-Spdy: h2

static.wellsfargo.com/tracking/main/utag.136.js?utv=ut4.48.202208102110

159.45.2.178

200 OK

4.3 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.136.js?utv=ut4.48.202208102110
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (55064), with CRLF line terminators
Size
4.3 kB (4329 bytes)
Hash
d0411178a32feb6cf283839f7d2adc0f
b48614403124421a7c1072238276d834c8c16fbc
9d4f430c94cc8de26993a0b05eaaedc4c5121f5c69a47aa13cb7ddf44cd1521f

HTTP Headers

GET /tracking/main/utag.136.js?utv=ut4.48.202208102110 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:49:33 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 11 Aug 2022 20:02:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62f56058-d8e3"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/tracking/main/utag.129.js?utv=ut4.48.202207272202

159.45.2.178

200 OK

2.0 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.129.js?utv=ut4.48.202207272202
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (14899)
Size
2.0 kB (2012 bytes)
Hash
3955ea8eef1163d5a03b223080bb369b
afdc4ffc48f5b5454bec0d211d81bf5a29a88300
773e4bda27c4b159fa2f2ddfc6b0a940fe149e1b2d6e9d68af4798d80f453b94

HTTP Headers

GET /tracking/main/utag.129.js?utv=ut4.48.202207272202 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:49:33 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 28 Jul 2022 20:08:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62e2eca7-3bf8"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/tracking/main/utag.166.js?utv=ut4.48.202208100004

159.45.2.178

200 OK

2.6 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.166.js?utv=ut4.48.202208100004
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (13150), with CRLF line terminators
Size
2.6 kB (2600 bytes)
Hash
af5ecbbfa71cf9fb1890a16293a849ea
7c3917f40470f704d11d8410be7e975af7f180b0
2e134150a5652a1405756a04815f3cb049d3aac6dd8cc9be842a3455dda567ea

HTTP Headers

GET /tracking/main/utag.166.js?utv=ut4.48.202208100004 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:49:33 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 11 Aug 2022 20:02:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62f56058-39d1"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/tracking/main/utag.379.js?utv=ut4.48.202207272202

159.45.2.178

200 OK

1.1 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.379.js?utv=ut4.48.202207272202
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (1071)
Size
1.1 kB (1132 bytes)
Hash
be33c3150315d92aaae2dd3f471f7e4e
e8807f0617c3f06b238aec8ebcf93ab846e619af
15ee0686aeb15b05f562cd16166152540f132425c01ed5268d70a53d8a81cb7a

HTTP Headers

GET /tracking/main/utag.379.js?utv=ut4.48.202207272202 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:49:34 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 28 Jul 2022 20:08:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62e2eca5-86e"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/tracking/main/utag.225.js?utv=ut4.48.202208301942

159.45.2.178

200 OK

2.0 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.225.js?utv=ut4.48.202208301942
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (14389), with CRLF line terminators
Size
2.0 kB (2028 bytes)
Hash
0a1f28ee2d9f4400d8cf7b2084cd75ef
881c3d612b62db99ee20be8dc123976041a99ae8
d0212788e34ae02ba53fcf465c24b34daaa894ea8194255d7c75fbbb1d6e7561

HTTP Headers

GET /tracking/main/utag.225.js?utv=ut4.48.202208301942 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:49:34 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 11 Aug 2022 20:02:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62f56054-3ea8"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

cdn.schemaapp.com/javascript/highlight.js

54.230.111.2

200 OK

19 kB

URL HTTP/2
cdn.schemaapp.com/javascript/highlight.js
IP
54.230.111.2:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (32642)
Size
19 kB (19218 bytes)
Hash
de8f1e38c0a4f60f85a62cdf26066029
449db99e00264694c17ccd604d8d5d7f2f791a14
c221fd666ff816b6c3cb14c76421e163cdc098808bd2f517a0ce913a7b0c50c9

HTTP Headers

GET /javascript/highlight.js HTTP/1.1
Host: cdn.schemaapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
date: Thu, 29 Sep 2022 17:49:18 GMT
x-amz-replication-status: COMPLETED
last-modified: Tue, 13 Sep 2022 13:00:40 GMT
etag: W/"a75cfd2d41ac714329a4fc6895bb082d"
x-amz-server-side-encryption: AES256
cache-control: max-age=699840
x-amz-version-id: yuc1pGbDhqDdI_gLgLi7faeJw6LKcbDu
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ZQESMqxvapadxTmRvxUT4XJ-focORBr_M_WHEUK4-wKI24hRhby2jA==
age: 579616
X-Firefox-Spdy: h2

static.wellsfargo.com/tracking/main/utag.384.js?utv=ut4.48.202208101746

159.45.2.178

200 OK

4.5 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.384.js?utv=ut4.48.202208101746
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (20219), with CRLF line terminators
Size
4.5 kB (4498 bytes)
Hash
4c0349dd734ccb6d8e8e7623b1f7ae6d
b7b4c964104051333ba40303abf04653021319e7
78cb0c0a2e99cba235f7f99b436f3175f27f45872905afaffbae7a278c53e09b

HTTP Headers

GET /tracking/main/utag.384.js?utv=ut4.48.202208101746 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:49:34 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 11 Aug 2022 20:02:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62f56055-74c7"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/tracking/main/utag.431.js?utv=ut4.48.202107202150

159.45.2.178

200 OK

1.3 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.431.js?utv=ut4.48.202107202150
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (1071)
Size
1.3 kB (1302 bytes)
Hash
6b1893e708596451fe24ba0542af6968
64f6d916c0fa5d4ed53d7af241edc228403f7733
d02ba9b5bff6d6dd10c51121cfa90bee0a178af4fd5bc5b7d2401e4717c2fbc0

HTTP Headers

GET /tracking/main/utag.431.js?utv=ut4.48.202107202150 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:49:34 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 29 Jul 2021 21:00:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"610316f8-9eb"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/tracking/main/utag.396.js?utv=ut4.48.202209192333

159.45.2.178

200 OK

1.6 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.396.js?utv=ut4.48.202209192333
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (6813), with CRLF line terminators
Size
1.6 kB (1628 bytes)
Hash
b0eaf99033dacb91df01cca9f18c5efd
c36cef3a700b34b9d1298bf2c93e396b95a27222
916f35f839cc40c2eccad5d01538ed4adb46de9d51e9b95bdb9dd3598a3c8d0f

HTTP Headers

GET /tracking/main/utag.396.js?utv=ut4.48.202209192333 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:49:34 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 22 Sep 2022 20:06:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"632cc033-2110"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/tracking/main/utag.397.js?utv=ut4.48.202209192301

159.45.2.178

200 OK

1.8 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.397.js?utv=ut4.48.202209192301
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (8790), with CRLF line terminators
Size
1.8 kB (1799 bytes)
Hash
83ec4867fa7d7a18fe8379520ca7c873
549c4bc01430a3a6aeddf8e235438bcd19d4d40a
88bb418f969436f16382dca8ded387c0513dda2648a6e11f61ff338e28d16f35

HTTP Headers

GET /tracking/main/utag.397.js?utv=ut4.48.202209192301 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:49:34 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 22 Sep 2022 20:06:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"632cc032-28c9"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/tracking/main/utag.403.js?utv=ut4.48.202104051735

159.45.2.178

200 OK

1.3 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.403.js?utv=ut4.48.202104051735
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (1071)
Size
1.3 kB (1298 bytes)
Hash
d9e09275c6f22e92f2ba7f907f9d1c31
712ff938b4ae788338fa1d926af874b7fbe7ab58
15c605e2b2babb99517d3b0f36ef52191d80d7a448b0089d0f254ac52559d217

HTTP Headers

GET /tracking/main/utag.403.js?utv=ut4.48.202104051735 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:49:34 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 15 Apr 2021 21:15:19 GMT
Transfer-Encoding: chunked
X-Cnection: close
Vary: Accept-Encoding
ETag: W/"6078ace7-a3a"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/tracking/main/utag.413.js?utv=ut4.48.202207272202

159.45.2.178

200 OK

1.4 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.413.js?utv=ut4.48.202207272202
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (1317)
Size
1.4 kB (1352 bytes)
Hash
7d2d9e509acf171d299a8fd31ef8ca0d
64cd01f823e796aa972ba0bd3349b21847dee603
c47666bd3cde639619863664b81db5e312723c4e87287993b4ebb1f12af0733c

HTTP Headers

GET /tracking/main/utag.413.js?utv=ut4.48.202207272202 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:49:34 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 28 Jul 2022 20:08:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62e2eca1-b91"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/tracking/main/utag.471.js?utv=ut4.48.202209271731

159.45.2.178

200 OK

2.5 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.471.js?utv=ut4.48.202209271731
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (995)
Size
2.5 kB (2457 bytes)
Hash
5245bcf67d3ef6caa0e9c2185d20c08a
aa2ad19ae558fe7f58b3770873c8683ce91fba4c
343bc115dd405111bb74587ffb571d9c0f7fe4c9da381b88109998c2c7cf5f48

HTTP Headers

GET /tracking/main/utag.471.js?utv=ut4.48.202209271731 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:49:34 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 04 Oct 2022 20:01:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"633c9122-19fb"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/tracking/main/utag.505.js?utv=ut4.48.202209131956

159.45.2.178

200 OK

2.8 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.505.js?utv=ut4.48.202209131956
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (1430)
Size
2.8 kB (2760 bytes)
Hash
b2e03f6d954a4357a7268c29f963c4f0
33e8f489c2444aa2ac08b82d692c995836020fcf
7ed82ca71abf90288110fed75cb12480d77721dca21fc258f21d3e6536df8db8

HTTP Headers

GET /tracking/main/utag.505.js?utv=ut4.48.202209131956 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:49:34 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 15 Sep 2022 20:12:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6323871b-197d"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/assets/js/wfui/ndep/js/nuan_websdk_bootstrap.js

159.45.2.178

200 OK

19 kB

URL HTTP/1.1
static.wellsfargo.com/assets/js/wfui/ndep/js/nuan_websdk_bootstrap.js
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (65536), with no line terminators
Size
19 kB (18728 bytes)
Hash
55392b773646f8d0ce7447669d57b9df
a2ac835f802e03d4315bf3eee9cb51b1320b15c9
58ebbc236c9018a279c0059043036b148d40b90eb78ad799d4812bbda1058f2b

HTTP Headers

GET /assets/js/wfui/ndep/js/nuan_websdk_bootstrap.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:49:34 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 11 Aug 2022 02:16:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62f4668c-10199"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/tracking/medallia/wdcusprem/57907/onsite/medallia-digital-embed.js

159.45.2.178

200 OK

961 B

URL HTTP/1.1
static.wellsfargo.com/tracking/medallia/wdcusprem/57907/onsite/medallia-digital-embed.js
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (577)
Size
961 B (961 bytes)
Hash
fdb41e651caf483e7aef91805f810c24
91fc1ceef8d8466f20133e680e77b4dc6de9e8f4
ffd6d341df741ab75634dc5345d0bb8b489fb84de377ef4c2445c4e355fc9cc3

HTTP Headers

GET /tracking/medallia/wdcusprem/57907/onsite/medallia-digital-embed.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:49:34 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 28 Apr 2022 00:53:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6269e590-96c"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

data.schemaapp.com/WellsFargo/aHR0cDovL3ppdGljLmR1Y2tkbnMub3JnL3Yvd3d3LndlbGxzZmFyZ28uY29tL21vcnRnYWdlL3JhdGVzL2N1c3RvbWl6ZS12Mi8

54.230.111.129

200 OK

0 B

URL HTTP/2
data.schemaapp.com/WellsFargo/aHR0cDovL3ppdGljLmR1Y2tkbnMub3JnL3Yvd3d3LndlbGxzZmFyZ28uY29tL21vcnRnYWdlL3JhdGVzL2N1c3RvbWl6ZS12Mi8
IP
54.230.111.129:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WellsFargo/aHR0cDovL3ppdGljLmR1Y2tkbnMub3JnL3Yvd3d3LndlbGxzZmFyZ28uY29tL21vcnRnYWdlL3JhdGVzL2N1c3RvbWl6ZS12Mi8 HTTP/1.1
Host: data.schemaapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-api-key: XPJKP-GI7DG-FVNWZ-45W51
Origin: http://zitic.duckdns.org
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/json
content-length: 0
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: x-amz-meta-source
access-control-max-age: 3000
date: Thu, 06 Oct 2022 10:49:34 GMT
server: AmazonS3
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: max-age=14400
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Miss from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: yzOxceE36Sa7fh62rqGVjMuFaz0gZzs5q6dVwyST-SWQjDA25s8JOw==
X-Firefox-Spdy: h2

cdn.schemaapp.com/highlighter/prod/WellsFargo/aHR0cDovL3ppdGljLmR1Y2tkbnMub3Jn

54.230.111.2

200 OK

2 B

URL HTTP/2
cdn.schemaapp.com/highlighter/prod/WellsFargo/aHR0cDovL3ppdGljLmR1Y2tkbnMub3Jn
IP
54.230.111.2:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

HTTP Headers

GET /highlighter/prod/WellsFargo/aHR0cDovL3ppdGljLmR1Y2tkbnMub3Jn HTTP/1.1
Host: cdn.schemaapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://zitic.duckdns.org/
x-account-id: WellsFargo
x-api-key: XPJKP-GI7DG-FVNWZ-45W51
Origin: http://zitic.duckdns.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/json
content-length: 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
last-modified: Tue, 11 Dec 2018 16:01:38 GMT
x-amz-version-id: 4FsmemwQuur.Z0jxvea6XGJagB0M87fi
accept-ranges: bytes
server: AmazonS3
date: Thu, 06 Oct 2022 10:24:13 GMT
etag: "99914b932bd37a50b983c5e7c90ae93b"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Error from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KUFg3Ep4Xrdlz4p4hpCT-BPllWtvBxvj8C6QUL_LxLtW0DC4SY-sZQ==
age: 1763
X-Firefox-Spdy: h2

static.wellsfargo.com/tracking/alloy/alloy.js

159.45.2.178

200 OK

25 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/alloy/alloy.js
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
Unicode text, UTF-8 text, with very long lines (65505)
Size
25 kB (24609 bytes)
Hash
9a021c3b9dea16b9bedb216b6b195cdd
f767ed7dba6d08b08ffc5b35fb0468eb00c66a25
54b94b3b7c4900d7012f824d21f9fa94928055f6cae6c59c23d88a10eaa79e95

HTTP Headers

GET /tracking/alloy/alloy.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:49:34 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 25 Aug 2022 20:01:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6307d531-12d93"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/tracking/gb/detector-dom.min.js

159.45.2.178

200 OK

132 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/gb/detector-dom.min.js
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (65434)
Size
132 kB (131829 bytes)
Hash
73ad7a8f8ccda765b898b038f90d8274
756ac35ad2422d93a0b327dfeff7fe9200695883
60ccc38cf175aba7cbe63bf1ec6319b5c1648d9a52014dfefa6ec718476a17b7

HTTP Headers

GET /tracking/gb/detector-dom.min.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:49:34 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 22 Sep 2022 20:03:48 GMT
Transfer-Encoding: chunked
X-Cnection: close
Vary: Accept-Encoding
ETag: W/"632cbfa4-6b8d3"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/assets/js/wfui/ndep/js/nuan-c2c.js

159.45.2.178

200 OK

5.6 kB

URL HTTP/1.1
static.wellsfargo.com/assets/js/wfui/ndep/js/nuan-c2c.js
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (928), with CRLF line terminators
Size
5.6 kB (5649 bytes)
Hash
00e6f77045d9c92840a490cfcdc9ff6a
22f273b66fe0c5d43cf747fb9868b0904d5ee4b8
4d144f941f05ff42f2a818328b7524c6d3f2b6efc1fe93a09794af14ad262f6c

HTTP Headers

GET /assets/js/wfui/ndep/js/nuan-c2c.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:49:34 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 16 Mar 2022 05:41:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62317886-590b"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
cd4b79bba0fd50aa52ce7651c802a4c2
f2c9a468baeee591930a52768f69d03b32a6f9d9
895dd9332f266d5e1fd15b2ad883fe80d0fdfbd4fe61e85942b2785da969fd90

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3457
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 10:49:34 GMT
Last-Modified: Thu, 06 Oct 2022 09:51:57 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
a4a6b82d27a071b8b95da77d7f1949dd
ad9854c34179bfd41b84d8c6936cb03843604145
d20638bbbffcd45f4d614ad87662e7c608c44288ff59d1b1e92af362000313f7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4268
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 10:49:35 GMT
Last-Modified: Thu, 06 Oct 2022 09:38:27 GMT
Server: ECS (amb/6B7E)
X-Cache: HIT
Content-Length: 471

tag-wellsfargo.nod-glb.nuance.com/tagserver/nuanceChat.html?UUID=WF_10006005

8.39.193.5

200 OK

266 B

URL HTTP/1.1
tag-wellsfargo.nod-glb.nuance.com/tagserver/nuanceChat.html?UUID=WF_10006005
IP
8.39.193.5:0
ASN
#54396 NUANCE-MOBILITY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
266 B (266 bytes)
Hash
a671bc4e541aadc71fd7812d93af15e7
3b8c76ac113e54f3d413e09807f3661c72d0f6b5
ef16255038c7c5847295c3c434243418d898b7b40a9095aeeb65e3ddb7579383

HTTP Headers

GET /tagserver/nuanceChat.html?UUID=WF_10006005 HTTP/1.1
Host: tag-wellsfargo.nod-glb.nuance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Cookie: inqVital_10006005=%7B%22INQ%22%3A%7B%22custID%22%3A%22-4299421148256407263%22%7D%2C%22v%22%3A3%2C%22vcnt%22%3A16%2C%22vtime%22%3A1665051214972%2C%22_acid%22%3A%22-1%22%2C%22_ss%22%3A%22unsold%22%2C%22CHM%22%3A%7B%22lpt%22%3A0%2C%22lastChat%22%3A%7B%7D%2C%22lastCallId%22%3A0%7D%2C%22_is%22%3A1665051214972%2C%22_iID%22%3A%22-42994211482564072631%22%2C%22_ig%22%3A%22CHAT%22%7D; inqSession_10006005=%7B%22tzOf%22%3A25200000%2C%22auu%22%3A0%2C%22_svMs%22%3A-1%2C%22_aTyp%22%3A3%2C%22l%22%3A%5B%5D%2C%22m%22%3A0%2C%22n%22%3A0%2C%22o%22%3A0%2C%22r%22%3A0%2C%22s%22%3A0%2C%22st%22%3A0%2C%22v%22%3A0%2C%22ab%22%3A0%2C%22G%22%3A0%2C%22ss%22%3A0%2C%22T%22%3A0%2C%22U%22%3A0%2C%22ag%22%3A0%2C%22V%22%3A0%2C%22Va%22%3A0%2C%22cA%22%3A1%2C%22cB%22%3A2%2C%22af%22%3A-1%2C%22cnA%22%3A0%2C%22at%22%3A%22WFB-MessengerApp-S%22%2C%22as%22%3A1%2C%22Ac%22%3A0%2C%22sa%22%3A0%2C%22cHn%22%3A0%2C%22hdg%22%3A%22%22%2C%22bcs%22%3A0%2C%22to%22%3A0%2C%22stv%22%3A0%2C%22pi%22%3A%22null%22%2C%22St%22%3A0%2C%22odcr%22%3A0%2C%22scI%22%3A%220%22%2C%22lpb%22%3A0%2C%22ay%22%3A0%2C%22aya%22%3A0%2C%22f%22%3A0%2C%22j%22%3A0%2C%22ahh%22%3A0%2C%22CDRC%22%3A0%2C%22CHM%22%3A%7B%22pmor%22%3Afalse%7D%2C%22_ssID%22%3A%22-42994211482564072631%22%2C%22rd%22%3A%22mail.zitic.duckdns.org%22%2C%22sest%22%3A%22%22%2C%22_sT%22%3A0%2C%22ltt%22%3A1665051214971%7D; inqState_10006005=%7B%22VA%22%3A%5B%5D%2C%22_loy%22%3A1%2C%22_ssQ%22%3A%5B%222022-10-06T10%3A13%3A34.960Z%22%5D%2C%22_slq%22%3A%5B%5D%2C%22_cct%22%3A0%2C%22_sqc%22%3A0%2C%22_slc%22%3A0%2C%22cfl%22%3A9223372036854776000%2C%22t%22%3A28800000%2C%22u%22%3A0%2C%22w%22%3A28800000%2C%22x%22%3A0%2C%22y%22%3A0%2C%22z%22%3A28800000%2C%22aa%22%3A0%2C%22A%22%3A28800000%2C%22LDM%22%3A%7B%22lh%22%3A%5B%7B%22id%22%3A-1%2C%22cg%22%3A%5B%5D%7D%5D%7D%2C%22CHM%22%3A%7B%7D%2C%22fst%22%3A1665051214960%2C%22lst%22%3A1665051214960%2C%22_ist%22%3A%22ELIGIBLE%22%2C%22_sesT%22%3A0%7D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: TouchCommerce Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
Cache-Control: max-age=3600
P3P: policyref="http://tag-wellsfargo.nod-glb.nuance.com/w3c/p3p.xml", CP="NON DSP LAW CUR ADMi TAIi PSAi PSD TELi OUR SAMi IND
ETag: "+6ZNxP/6RTk"
Last-Modified: Wed, 21 Sep 2022 04:44:06 GMT
Accept-Ranges: bytes
Content-Type: text/html; charset=utf-8
Content-Length: 266
Date: Thu, 06 Oct 2022 10:49:35 GMT

tag-wellsfargo.nod-glb.nuance.com/tagserver/frame-bridge.js

8.39.193.5

200 OK

5.8 kB

URL HTTP/1.1
tag-wellsfargo.nod-glb.nuance.com/tagserver/frame-bridge.js
IP
8.39.193.5:0
ASN
#54396 NUANCE-MOBILITY

File type
ASCII text
Size
5.8 kB (5817 bytes)
Hash
2567a541f33a261f8fca11dad46b636a
0f23cb71788652af10a4b226be05648d0f763d4f
0fd35a0d2ac21f42f443ec000ea11e55a3498e777b8b91938ceeedca8456d37a

HTTP Headers

GET /tagserver/frame-bridge.js HTTP/1.1
Host: tag-wellsfargo.nod-glb.nuance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tag-wellsfargo.nod-glb.nuance.com/tagserver/nuanceChat.html?UUID=WF_10006005
Cookie: inqVital_10006005=%7B%22INQ%22%3A%7B%22custID%22%3A%22-4299421148256407263%22%7D%2C%22v%22%3A3%2C%22vcnt%22%3A16%2C%22vtime%22%3A1665051214972%2C%22_acid%22%3A%22-1%22%2C%22_ss%22%3A%22unsold%22%2C%22CHM%22%3A%7B%22lpt%22%3A0%2C%22lastChat%22%3A%7B%7D%2C%22lastCallId%22%3A0%7D%2C%22_is%22%3A1665051214972%2C%22_iID%22%3A%22-42994211482564072631%22%2C%22_ig%22%3A%22CHAT%22%7D; inqSession_10006005=%7B%22tzOf%22%3A25200000%2C%22auu%22%3A0%2C%22_svMs%22%3A-1%2C%22_aTyp%22%3A3%2C%22l%22%3A%5B%5D%2C%22m%22%3A0%2C%22n%22%3A0%2C%22o%22%3A0%2C%22r%22%3A0%2C%22s%22%3A0%2C%22st%22%3A0%2C%22v%22%3A0%2C%22ab%22%3A0%2C%22G%22%3A0%2C%22ss%22%3A0%2C%22T%22%3A0%2C%22U%22%3A0%2C%22ag%22%3A0%2C%22V%22%3A0%2C%22Va%22%3A0%2C%22cA%22%3A1%2C%22cB%22%3A2%2C%22af%22%3A-1%2C%22cnA%22%3A0%2C%22at%22%3A%22WFB-MessengerApp-S%22%2C%22as%22%3A1%2C%22Ac%22%3A0%2C%22sa%22%3A0%2C%22cHn%22%3A0%2C%22hdg%22%3A%22%22%2C%22bcs%22%3A0%2C%22to%22%3A0%2C%22stv%22%3A0%2C%22pi%22%3A%22null%22%2C%22St%22%3A0%2C%22odcr%22%3A0%2C%22scI%22%3A%220%22%2C%22lpb%22%3A0%2C%22ay%22%3A0%2C%22aya%22%3A0%2C%22f%22%3A0%2C%22j%22%3A0%2C%22ahh%22%3A0%2C%22CDRC%22%3A0%2C%22CHM%22%3A%7B%22pmor%22%3Afalse%7D%2C%22_ssID%22%3A%22-42994211482564072631%22%2C%22rd%22%3A%22mail.zitic.duckdns.org%22%2C%22sest%22%3A%22%22%2C%22_sT%22%3A0%2C%22ltt%22%3A1665051214971%7D; inqState_10006005=%7B%22VA%22%3A%5B%5D%2C%22_loy%22%3A1%2C%22_ssQ%22%3A%5B%222022-10-06T10%3A13%3A34.960Z%22%5D%2C%22_slq%22%3A%5B%5D%2C%22_cct%22%3A0%2C%22_sqc%22%3A0%2C%22_slc%22%3A0%2C%22cfl%22%3A9223372036854776000%2C%22t%22%3A28800000%2C%22u%22%3A0%2C%22w%22%3A28800000%2C%22x%22%3A0%2C%22y%22%3A0%2C%22z%22%3A28800000%2C%22aa%22%3A0%2C%22A%22%3A28800000%2C%22LDM%22%3A%7B%22lh%22%3A%5B%7B%22id%22%3A-1%2C%22cg%22%3A%5B%5D%7D%5D%7D%2C%22CHM%22%3A%7B%7D%2C%22fst%22%3A1665051214960%2C%22lst%22%3A1665051214960%2C%22_ist%22%3A%22ELIGIBLE%22%2C%22_sesT%22%3A0%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: TouchCommerce Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
Cache-Control: max-age=3600
P3P: policyref="http://tag-wellsfargo.nod-glb.nuance.com/w3c/p3p.xml", CP="NON DSP LAW CUR ADMi TAIi PSAi PSD TELi OUR SAMi IND
ETag: "/sVCUwsi+1l"
Last-Modified: Wed, 21 Sep 2022 04:44:02 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: application/javascript
Content-Length: 5817
Date: Thu, 06 Oct 2022 10:49:35 GMT

www17.wellsfargomedia.com/assets/images/global/icon_quick_help_2x.png

104.110.27.78

200 OK

1.3 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/global/icon_quick_help_2x.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.3 kB (1304 bytes)
Hash
9a07cc4be45e6074f7117964b8be820b
2a57973b7c34db57fe75f125ca681e6aa83c6118
56c2d8b0532908ad0bdaa016f0422f682a7de84ae2c6b15ed8fe2fd77cd2c7a2

HTTP Headers

GET /assets/images/global/icon_quick_help_2x.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wellsfargo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "5761a09f-c78"
last-modified: Mon, 25 Jul 2022 07:26:22 GMT
server: Akamai Image Manager
content-length: 1304
content-type: image/webp
cache-control: private, no-transform, max-age=685244
expires: Fri, 14 Oct 2022 09:10:19 GMT
date: Thu, 06 Oct 2022 10:49:35 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/global/icon_call_us_2x.png

104.110.27.78

200 OK

1.0 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/global/icon_call_us_2x.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.0 kB (1038 bytes)
Hash
43e65d20159d0c85c6a87b5694c825c9
189db8fb7a2405878bc81c5c24531a84ee7a8922
b0b4ae909f2977142be68a2555ee28f57d481fecc11e2cb3b22c26fb04ced4a0

HTTP Headers

GET /assets/images/global/icon_call_us_2x.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wellsfargo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "5761a09f-b80"
last-modified: Mon, 25 Jul 2022 07:26:22 GMT
server: Akamai Image Manager
x-serial: 980
x-check-cacheable: YES
content-length: 1038
content-type: image/webp
cache-control: private, no-transform, max-age=941825
expires: Mon, 17 Oct 2022 08:26:40 GMT
date: Thu, 06 Oct 2022 10:49:35 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/global/icn-let-us-contact-you_desktop_horz-contact-bar_32x41px.png

104.110.27.78

200 OK

562 B

URL HTTP/2
www17.wellsfargomedia.com/assets/images/global/icn-let-us-contact-you_desktop_horz-contact-bar_32x41px.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image\012- data
Size
562 B (562 bytes)
Hash
785d99387a2bcc976e6c50df2663eaa3
a89afc8b95aac2a2a51cd854fdfd8a2fe79e3c5d
793dfb914944428025a6aa5fd2c460cf6710166184d35778e8b0f3cc5083ab63

HTTP Headers

GET /assets/images/global/icn-let-us-contact-you_desktop_horz-contact-bar_32x41px.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wellsfargo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "57d7f889-314"
last-modified: Mon, 25 Jul 2022 07:26:22 GMT
server: Akamai Image Manager
content-length: 562
content-type: image/webp
cache-control: private, no-transform, max-age=809016
expires: Sat, 15 Oct 2022 19:33:11 GMT
date: Thu, 06 Oct 2022 10:49:35 GMT
X-Firefox-Spdy: h2

static.wellsfargo.com/tracking/medallia/wdcusprem/57907/onsite/generic1649789670809.js

159.45.2.178

200 OK

82 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/medallia/wdcusprem/57907/onsite/generic1649789670809.js
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
Unicode text, UTF-8 text, with very long lines (11631)
Size
82 kB (81476 bytes)
Hash
94d4aed186bc1e91168480ab7abe9623
086e008f5989cfd43dbb39a4506013a3e458319b
f8b0db24893cab8e4a951ea60ac3c65b7803b9ca558ca7527df58d534d8d8b08

HTTP Headers

GET /tracking/medallia/wdcusprem/57907/onsite/generic1649789670809.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:49:35 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 28 Apr 2022 00:53:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6269e590-57c18"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

tag-wellsfargo.nod-glb.nuance.com/chatskins/launch/inqChatLaunch10006005.js?chatVersion=sdk

8.39.193.5

200 OK

2.0 kB

URL HTTP/1.1
tag-wellsfargo.nod-glb.nuance.com/chatskins/launch/inqChatLaunch10006005.js?chatVersion=sdk
IP
8.39.193.5:0
ASN
#54396 NUANCE-MOBILITY

File type
ASCII text, with very long lines (1080)
Size
2.0 kB (1993 bytes)
Hash
ebe861d8b2696e611422ab6c67c7e224
10b8cf65aca0c2f258d2005d6a77678da9bfb538
53478e9ebc9f55313778c9018758a8470342b8a9e8a30d65d435d6e9ec99a9d2

HTTP Headers

GET /chatskins/launch/inqChatLaunch10006005.js?chatVersion=sdk HTTP/1.1
Host: tag-wellsfargo.nod-glb.nuance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tag-wellsfargo.nod-glb.nuance.com/tagserver/nuanceChat.html?UUID=WF_10006005
Cookie: inqVital_10006005=%7B%22INQ%22%3A%7B%22custID%22%3A%22-4299421148256407263%22%7D%2C%22v%22%3A3%2C%22vcnt%22%3A16%2C%22vtime%22%3A1665051214972%2C%22_acid%22%3A%22-1%22%2C%22_ss%22%3A%22unsold%22%2C%22CHM%22%3A%7B%22lpt%22%3A0%2C%22lastChat%22%3A%7B%7D%2C%22lastCallId%22%3A0%7D%2C%22_is%22%3A1665051214972%2C%22_iID%22%3A%22-42994211482564072631%22%2C%22_ig%22%3A%22CHAT%22%7D; inqSession_10006005=%7B%22tzOf%22%3A25200000%2C%22auu%22%3A0%2C%22_svMs%22%3A-1%2C%22_aTyp%22%3A3%2C%22l%22%3A%5B%5D%2C%22m%22%3A0%2C%22n%22%3A0%2C%22o%22%3A0%2C%22r%22%3A0%2C%22s%22%3A0%2C%22st%22%3A0%2C%22v%22%3A0%2C%22ab%22%3A0%2C%22G%22%3A0%2C%22ss%22%3A0%2C%22T%22%3A0%2C%22U%22%3A0%2C%22ag%22%3A0%2C%22V%22%3A0%2C%22Va%22%3A0%2C%22cA%22%3A1%2C%22cB%22%3A2%2C%22af%22%3A-1%2C%22cnA%22%3A0%2C%22at%22%3A%22WFB-MessengerApp-S%22%2C%22as%22%3A1%2C%22Ac%22%3A0%2C%22sa%22%3A0%2C%22cHn%22%3A0%2C%22hdg%22%3A%22%22%2C%22bcs%22%3A0%2C%22to%22%3A0%2C%22stv%22%3A0%2C%22pi%22%3A%22null%22%2C%22St%22%3A0%2C%22odcr%22%3A0%2C%22scI%22%3A%220%22%2C%22lpb%22%3A0%2C%22ay%22%3A0%2C%22aya%22%3A0%2C%22f%22%3A0%2C%22j%22%3A0%2C%22ahh%22%3A0%2C%22CDRC%22%3A0%2C%22CHM%22%3A%7B%22pmor%22%3Afalse%7D%2C%22_ssID%22%3A%22-42994211482564072631%22%2C%22rd%22%3A%22mail.zitic.duckdns.org%22%2C%22sest%22%3A%22%22%2C%22_sT%22%3A0%2C%22ltt%22%3A1665051214971%7D; inqState_10006005=%7B%22VA%22%3A%5B%5D%2C%22_loy%22%3A1%2C%22_ssQ%22%3A%5B%222022-10-06T10%3A13%3A34.960Z%22%5D%2C%22_slq%22%3A%5B%5D%2C%22_cct%22%3A0%2C%22_sqc%22%3A0%2C%22_slc%22%3A0%2C%22cfl%22%3A9223372036854776000%2C%22t%22%3A28800000%2C%22u%22%3A0%2C%22w%22%3A28800000%2C%22x%22%3A0%2C%22y%22%3A0%2C%22z%22%3A28800000%2C%22aa%22%3A0%2C%22A%22%3A28800000%2C%22LDM%22%3A%7B%22lh%22%3A%5B%7B%22id%22%3A-1%2C%22cg%22%3A%5B%5D%7D%5D%7D%2C%22CHM%22%3A%7B%7D%2C%22fst%22%3A1665051214960%2C%22lst%22%3A1665051214960%2C%22_ist%22%3A%22ELIGIBLE%22%2C%22_sesT%22%3A0%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: TouchCommerce Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: *
Cache-Control: no-cache
ETag: "+cKwS2dKEZR"
Last-Modified: Wed, 05 Oct 2022 02:25:25 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Type: application/javascript
Content-Length: 1993
Date: Thu, 06 Oct 2022 10:49:35 GMT

rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=c81cddd2-189b-48ba-a1b5-4d2346858906%3A0&_cls_v=997c5b48-0258-47a7-abb4-c9901a0a3af1&pv=2&f_cls_s=true

23.36.79.18

200 OK

76 B

URL HTTP/1.1
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=c81cddd2-189b-48ba-a1b5-4d2346858906%3A0&_cls_v=997c5b48-0258-47a7-abb4-c9901a0a3af1&pv=2&f_cls_s=true
IP
23.36.79.18:0
ASN
#20940 Akamai International B.V.

File type
JSON data\012- , ASCII text, with no line terminators
Size
76 B (76 bytes)
Hash
764ada2e8e6bd007d2d233e5b6f93229
86085c4b385132b35f3b09affdc1279aeafcd8a6
eb4611678baa5977720c21973ca7a0335a949f395555249e52053b36735b7a57

HTTP Headers

GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=c81cddd2-189b-48ba-a1b5-4d2346858906%3A0&_cls_v=997c5b48-0258-47a7-abb4-c9901a0a3af1&pv=2&f_cls_s=true HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://zitic.duckdns.org
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://zitic.duckdns.org
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 76
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: origin, Accept-Encoding
Date: Thu, 06 Oct 2022 10:49:35 GMT
Connection: keep-alive
Set-Cookie: _cls_v=997c5b48-0258-47a7-abb4-c9901a0a3af1; Secure; SameSite=None;HttpOnly;Secure
_cls_s=c81cddd2-189b-48ba-a1b5-4d2346858906:0; Secure; SameSite=None;HttpOnly;Secure
ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!RYoWNLa9/e4xSp7jbMKMZ0gdoDa2eT1uM/8Fwyff1/frVbjioPjBhpaGWugYNPi+z8ElmH5rFOTX98k=; path=/; Httponly; Secure
DCID=IQaA+gvrNu8pCZlDQbunUvTvcG0o4YyRlB%2fwN7FcP+w%3d; Domain=rubicon.wellsfargo.com; Path=/; Expires=Thu, 06 Oct 2022 11:04:35 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains

static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js

159.45.2.178

200 OK

14 kB

URL HTTP/1.1
static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (32088), with CRLF line terminators
Size
14 kB (14304 bytes)
Hash
3aebe41731e9656c48b87e8e8b2d1177
43369d1732f4ad8a5e7a1e9a3e133d96945afe02
6cf0cd136cefa8b4cce2da6ead22c33b83af4af3e87d7e4e9589b60f6ce4e395

HTTP Headers

GET /assets/js/wfui/appdynamics/adrum-ext.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:49:35 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 09 Mar 2021 18:36:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6047c047-b11c"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip

resources.digital-cloud-prem.medallia.com/wdcusprem/57907/onsite/onsiteData.json

151.101.85.230

200 OK

1.5 kB

URL HTTP/2
resources.digital-cloud-prem.medallia.com/wdcusprem/57907/onsite/onsiteData.json
IP
151.101.85.230:0
ASN
#54113 FASTLY

File type
JSON data\012- , ASCII text, with very long lines (2056)
Size
1.5 kB (1456 bytes)
Hash
c9e0528f64d1e24fbfea3ed57c48a781
5c68095e947a74761541c7e78517e5ec7da48f99
edbcc863269fbfbc0aa044b7a54a4c06538f254869b87c25ab24628a40a97560

HTTP Headers

GET /wdcusprem/57907/onsite/onsiteData.json HTTP/1.1
Host: resources.digital-cloud-prem.medallia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://zitic.duckdns.org
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: uxyB8aCGqOqiMLhWek+ms91byROlBpG+9oq5B0LY6ylUg7kYIVfv07w3RqBrNKkmulBF4oq8yuo=
x-amz-request-id: 6Q220M36ZA4Q7HGT
last-modified: Mon, 29 Aug 2022 14:36:24 GMT
etag: "4dd8128146b81339a1aabe91b5ddbafa"
x-amz-version-id: h0XCleBJUwMzYgUwLc_VpXobL_hX1j6f
content-type: application/json
server: AmazonS3
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
access-control-allow-origin: *
cache-control: max-age=0,must-revalidate
accept-ranges: bytes
date: Thu, 06 Oct 2022 10:49:35 GMT
age: 1084520
x-served-by: cache-pao12023-PAO, cache-bma1637-BMA
x-cache: HIT, HIT
x-cache-hits: 193, 1
x-timer: S1665053376.772967,VS0,VE1
vary: Accept-Encoding
strict-transport-security: max-age=31557600
content-length: 1456
X-Firefox-Spdy: h2

udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInBhZ2VfdGl0bGUiOiAiQ3VzdG9taXplZCBIb21lIE1vcnRnYWdlIFJhdGUgVG9vbCB8IFdlbGxzIEZhcmdvIiwicGFnZV91cmwiOiAiaHR0cDovL3ppdGljLmR1Y2tkbnMub3JnL3Yvd3d3LndlbGxzZmFyZ28uY29tL21vcnRnYWdlL3JhdGVzL2N1c3RvbWl6ZS12Mi8iLCJ0cmFja2VyX3R5cGUiOiAiamF2YXNjcmlwdCIsInRyYWNrZXJfdmVyc2lvbiI6ICIyLjIuMjAiLCJldmVudF9uYW1lIjogIm5lYnVsYV9iZWZvcmVfaHR0cF9nZXRfcmVxdWVzdCIsImV2ZW50X3RpbWVzdGFtcF9lcG9jaCI6ICIxNjY1MDUzMzc1NzA3IiwiZXZlbnRfdGltZXpvbmVfb2Zmc2V0IjogMCwidXNlcl9pZCI6ICIxODNhY2VhM2NkODYwYi0wOGEzNWIzM2VlOTQ0ODgtMzA2ZDQ2NGEtMTQwMDAwLTE4M2FjZWEzY2Q5MmM1IiwiZW52aXJvbWVudCI6ICJkaWdpdGFsLWNsb3VkLXVzLXByZW0iLCJhY2NvdW50SWQiOiA1NzkwNSwidXJsIjogImh0dHA6Ly96aXRpYy5kdWNrZG5zLm9yZy92L3d3dy53ZWxsc2ZhcmdvLmNvbS9tb3J0Z2FnZS9yYXRlcy9jdXN0b21pemUtdjIvIiwid2Vic2l0ZUlkIjogNTc5MDcsImZvcm1JZCI6IG51bGwsImZvcm1UcmlnZ2VyVHlwZSI6IG51bGwsImthbXB5bGVfZGF0YSI6IHsiTEFTVF9JTlZJVEFUSU9OX1ZJRVciOiAiIiwiREVDTElORURfREFURSI6ICIiLCJrYW1weWxlSW52aXRlUHJlc2VudGVkIjogIiIsImthbXB5bGVfdXNlcmlkIjogImNkZjktYzJlNC1hODk3LTdiNDMtMmYyOC04ZTA5LWQ1YjEtNDk2NyIsImthbXB5bGVVc2VyU2Vzc2lvbiI6ICIiLCJrYW1weWxlVXNlclBlcmNlbnRpbGUiOiAiIiwiU1VCTUlUVEVEX0RBVEUiOiAiIiwiaHR0cFJlcXVlc3REYXRhIjogeyJhdHRlbXB0TnVtYmVyIjogMCwidXJsIjogImh0dHBzOi8vcmVzb3VyY2VzLmRpZ2l0YWwtY2xvdWQtcHJlbS5tZWRhbGxpYS5jb20vd2RjdXNwcmVtLzU3OTA3L29uc2l0ZS9vbnNpdGVEYXRhLmpzb24ifX0sImNvb2tpZV9zaXplIjogNDA3LCJrYW1weWxlX3ZlcnNpb24iOiAiMi40MS4wIiwib25zaXRlX3ZlcnNpb24iOiAiMi40MS4wIiwiaGlzdG9yeV9sZW5ndGgiOiAxLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNjY1MDUzMzc1NzA3LCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZSwicGFja2FnZVZlcnNpb24iOiAiMi40MS4xXzIwMjIwNDEyMTg1NDMwIn0KXX0=

35.241.45.82

200 OK

0 B

URL HTTP/1.1
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInBhZ2VfdGl0bGUiOiAiQ3VzdG9taXplZCBIb21lIE1vcnRnYWdlIFJhdGUgVG9vbCB8IFdlbGxzIEZhcmdvIiwicGFnZV91cmwiOiAiaHR0cDovL3ppdGljLmR1Y2tkbnMub3JnL3Yvd3d3LndlbGxzZmFyZ28uY29tL21vcnRnYWdlL3JhdGVzL2N1c3RvbWl6ZS12Mi8iLCJ0cmFja2VyX3R5cGUiOiAiamF2YXNjcmlwdCIsInRyYWNrZXJfdmVyc2lvbiI6ICIyLjIuMjAiLCJldmVudF9uYW1lIjogIm5lYnVsYV9iZWZvcmVfaHR0cF9nZXRfcmVxdWVzdCIsImV2ZW50X3RpbWVzdGFtcF9lcG9jaCI6ICIxNjY1MDUzMzc1NzA3IiwiZXZlbnRfdGltZXpvbmVfb2Zmc2V0IjogMCwidXNlcl9pZCI6ICIxODNhY2VhM2NkODYwYi0wOGEzNWIzM2VlOTQ0ODgtMzA2ZDQ2NGEtMTQwMDAwLTE4M2FjZWEzY2Q5MmM1IiwiZW52aXJvbWVudCI6ICJkaWdpdGFsLWNsb3VkLXVzLXByZW0iLCJhY2NvdW50SWQiOiA1NzkwNSwidXJsIjogImh0dHA6Ly96aXRpYy5kdWNrZG5zLm9yZy92L3d3dy53ZWxsc2ZhcmdvLmNvbS9tb3J0Z2FnZS9yYXRlcy9jdXN0b21pemUtdjIvIiwid2Vic2l0ZUlkIjogNTc5MDcsImZvcm1JZCI6IG51bGwsImZvcm1UcmlnZ2VyVHlwZSI6IG51bGwsImthbXB5bGVfZGF0YSI6IHsiTEFTVF9JTlZJVEFUSU9OX1ZJRVciOiAiIiwiREVDTElORURfREFURSI6ICIiLCJrYW1weWxlSW52aXRlUHJlc2VudGVkIjogIiIsImthbXB5bGVfdXNlcmlkIjogImNkZjktYzJlNC1hODk3LTdiNDMtMmYyOC04ZTA5LWQ1YjEtNDk2NyIsImthbXB5bGVVc2VyU2Vzc2lvbiI6ICIiLCJrYW1weWxlVXNlclBlcmNlbnRpbGUiOiAiIiwiU1VCTUlUVEVEX0RBVEUiOiAiIiwiaHR0cFJlcXVlc3REYXRhIjogeyJhdHRlbXB0TnVtYmVyIjogMCwidXJsIjogImh0dHBzOi8vcmVzb3VyY2VzLmRpZ2l0YWwtY2xvdWQtcHJlbS5tZWRhbGxpYS5jb20vd2RjdXNwcmVtLzU3OTA3L29uc2l0ZS9vbnNpdGVEYXRhLmpzb24ifX0sImNvb2tpZV9zaXplIjogNDA3LCJrYW1weWxlX3ZlcnNpb24iOiAiMi40MS4wIiwib25zaXRlX3ZlcnNpb24iOiAiMi40MS4wIiwiaGlzdG9yeV9sZW5ndGgiOiAxLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNjY1MDUzMzc1NzA3LCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZSwicGFja2FnZVZlcnNpb24iOiAiMi40MS4xXzIwMjIwNDEyMTg1NDMwIn0KXX0=
IP
35.241.45.82:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInBhZ2VfdGl0bGUiOiAiQ3VzdG9taXplZCBIb21lIE1vcnRnYWdlIFJhdGUgVG9vbCB8IFdlbGxzIEZhcmdvIiwicGFnZV91cmwiOiAiaHR0cDovL3ppdGljLmR1Y2tkbnMub3JnL3Yvd3d3LndlbGxzZmFyZ28uY29tL21vcnRnYWdlL3JhdGVzL2N1c3RvbWl6ZS12Mi8iLCJ0cmFja2VyX3R5cGUiOiAiamF2YXNjcmlwdCIsInRyYWNrZXJfdmVyc2lvbiI6ICIyLjIuMjAiLCJldmVudF9uYW1lIjogIm5lYnVsYV9iZWZvcmVfaHR0cF9nZXRfcmVxdWVzdCIsImV2ZW50X3RpbWVzdGFtcF9lcG9jaCI6ICIxNjY1MDUzMzc1NzA3IiwiZXZlbnRfdGltZXpvbmVfb2Zmc2V0IjogMCwidXNlcl9pZCI6ICIxODNhY2VhM2NkODYwYi0wOGEzNWIzM2VlOTQ0ODgtMzA2ZDQ2NGEtMTQwMDAwLTE4M2FjZWEzY2Q5MmM1IiwiZW52aXJvbWVudCI6ICJkaWdpdGFsLWNsb3VkLXVzLXByZW0iLCJhY2NvdW50SWQiOiA1NzkwNSwidXJsIjogImh0dHA6Ly96aXRpYy5kdWNrZG5zLm9yZy92L3d3dy53ZWxsc2ZhcmdvLmNvbS9tb3J0Z2FnZS9yYXRlcy9jdXN0b21pemUtdjIvIiwid2Vic2l0ZUlkIjogNTc5MDcsImZvcm1JZCI6IG51bGwsImZvcm1UcmlnZ2VyVHlwZSI6IG51bGwsImthbXB5bGVfZGF0YSI6IHsiTEFTVF9JTlZJVEFUSU9OX1ZJRVciOiAiIiwiREVDTElORURfREFURSI6ICIiLCJrYW1weWxlSW52aXRlUHJlc2VudGVkIjogIiIsImthbXB5bGVfdXNlcmlkIjogImNkZjktYzJlNC1hODk3LTdiNDMtMmYyOC04ZTA5LWQ1YjEtNDk2NyIsImthbXB5bGVVc2VyU2Vzc2lvbiI6ICIiLCJrYW1weWxlVXNlclBlcmNlbnRpbGUiOiAiIiwiU1VCTUlUVEVEX0RBVEUiOiAiIiwiaHR0cFJlcXVlc3REYXRhIjogeyJhdHRlbXB0TnVtYmVyIjogMCwidXJsIjogImh0dHBzOi8vcmVzb3VyY2VzLmRpZ2l0YWwtY2xvdWQtcHJlbS5tZWRhbGxpYS5jb20vd2RjdXNwcmVtLzU3OTA3L29uc2l0ZS9vbnNpdGVEYXRhLmpzb24ifX0sImNvb2tpZV9zaXplIjogNDA3LCJrYW1weWxlX3ZlcnNpb24iOiAiMi40MS4wIiwib25zaXRlX3ZlcnNpb24iOiAiMi40MS4wIiwiaGlzdG9yeV9sZW5ndGgiOiAxLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNjY1MDUzMzc1NzA3LCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZSwicGFja2FnZVZlcnNpb24iOiAiMi40MS4xXzIwMjIwNDEyMTg1NDMwIn0KXX0= HTTP/1.1
Host: udc-neb.kampyle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://zitic.duckdns.org/

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:49:35 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PUT, DELETE
Access-Control-Allow-Headers: X-Requested-With, Origin, Content-Type, Accept
Access-Control-Max-Age: 1800
X-ME: prod-instance-gatewayservice-blue-2m5l
X-Application-Context: application:9090
Content-Type: image/gif; charset=UTF-8
Content-Length: 0
Server: Jetty(9.2.11.v20150529)
Via: 1.1 google

static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js

159.45.2.178

200 OK

16 kB

URL HTTP/1.1
static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (599)
Size
16 kB (15970 bytes)
Hash
18a9dcc7cee831010cf1647c8e39088a
731f39c30835414c6e165dd4687bf4071fe0eb10
1dc439a17ef08f995584c4869ccc397120b2502b57ba40240887df28e347be9b

HTTP Headers

GET /assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:49:35 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 03 Mar 2021 23:46:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60401fd0-bbed"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip

udc-neb.kampyle.com/v1/qceuv8449dzg58ptt1bhda9g8ue19c7s/track

35.241.45.82

200 OK

59 B

URL HTTP/1.1
udc-neb.kampyle.com/v1/qceuv8449dzg58ptt1bhda9g8ue19c7s/track
IP
35.241.45.82:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
59 B (59 bytes)
Hash
0ab969c512ad71613832d03710eadde2
f64271cfa7e4b386fed80e18a958a90ffd1e3893
cbc1399b82e42018fbc8b8b9277200665d6367c9134ead9308ea5e568b00e459

HTTP Headers

POST /v1/qceuv8449dzg58ptt1bhda9g8ue19c7s/track HTTP/1.1
Host: udc-neb.kampyle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-type: application/x-www-form-urlencoded
Content-Length: 1995
Origin: http://zitic.duckdns.org
Connection: keep-alive
Referer: http://zitic.duckdns.org/

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:49:35 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://zitic.duckdns.org
Access-Control-Allow-Methods: GET, POST, PUT, DELETE
Access-Control-Allow-Headers: X-Requested-With, Origin, Content-Type, Accept
Access-Control-Max-Age: 1800
X-ME: prod-instance-gatewayservice-blue-hjlz
X-Application-Context: application:9090
Content-Type: text/plain;charset=ISO-8859-1
Content-Length: 59
Server: Jetty(9.2.11.v20150529)
Via: 1.1 google

udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInBhZ2VfdGl0bGUiOiAiQ3VzdG9taXplZCBIb21lIE1vcnRnYWdlIFJhdGUgVG9vbCB8IFdlbGxzIEZhcmdvIiwicGFnZV91cmwiOiAiaHR0cDovL3ppdGljLmR1Y2tkbnMub3JnL3Yvd3d3LndlbGxzZmFyZ28uY29tL21vcnRnYWdlL3JhdGVzL2N1c3RvbWl6ZS12Mi8iLCJ0cmFja2VyX3R5cGUiOiAiamF2YXNjcmlwdCIsInRyYWNrZXJfdmVyc2lvbiI6ICIyLjIuMjAiLCJldmVudF9uYW1lIjogIm5lYnVsYV9wYWdlX3ZpZXciLCJldmVudF90aW1lc3RhbXBfZXBvY2giOiAiMTY2NTA1MzM3NTc4OSIsImV2ZW50X3RpbWV6b25lX29mZnNldCI6IDAsInVzZXJfaWQiOiAiMTgzYWNlYTNjZDg2MGItMDhhMzViMzNlZTk0NDg4LTMwNmQ0NjRhLTE0MDAwMC0xODNhY2VhM2NkOTJjNSIsImVudmlyb21lbnQiOiAiZGlnaXRhbC1jbG91ZC11cy1wcmVtIiwiYWNjb3VudElkIjogNTc5MDUsInVybCI6ICJodHRwOi8veml0aWMuZHVja2Rucy5vcmcvdi93d3cud2VsbHNmYXJnby5jb20vbW9ydGdhZ2UvcmF0ZXMvY3VzdG9taXplLXYyLyIsIndlYnNpdGVJZCI6IDU3OTA3LCJmb3JtSWQiOiBudWxsLCJmb3JtVHJpZ2dlclR5cGUiOiBudWxsLCJrYW1weWxlX2RhdGEiOiB7IkxBU1RfSU5WSVRBVElPTl9WSUVXIjogIiIsIkRFQ0xJTkVEX0RBVEUiOiAiIiwia2FtcHlsZUludml0ZVByZXNlbnRlZCI6ICIiLCJrYW1weWxlX3VzZXJpZCI6ICJjZGY5LWMyZTQtYTg5Ny03YjQzLTJmMjgtOGUwOS1kNWIxLTQ5NjciLCJrYW1weWxlVXNlclNlc3Npb24iOiAiMTY2NTA1MzM3NTc4NyIsImthbXB5bGVVc2VyUGVyY2VudGlsZSI6ICIiLCJTVUJNSVRURURfREFURSI6ICIifSwiY29va2llX3NpemUiOiA1MTYsImthbXB5bGVfdmVyc2lvbiI6ICIyLjQxLjAiLCJvbnNpdGVfdmVyc2lvbiI6ICIyLjQxLjAiLCJoaXN0b3J5X2xlbmd0aCI6IDEsImV2ZW50X2xvY2FsX3RpbWVzdGFtcCI6IDE2NjUwNTMzNzU3ODksInBvc2l0aW9uIjogbnVsbCwiaXNVc2VySWRlbnRpZmllZCI6IGZhbHNlLCJwYWNrYWdlVmVyc2lvbiI6ICIyLjQxLjFfMjAyMjA0MTIxODU0MzAifQpdfQ==

35.241.45.82

200 OK

0 B

URL HTTP/1.1
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInBhZ2VfdGl0bGUiOiAiQ3VzdG9taXplZCBIb21lIE1vcnRnYWdlIFJhdGUgVG9vbCB8IFdlbGxzIEZhcmdvIiwicGFnZV91cmwiOiAiaHR0cDovL3ppdGljLmR1Y2tkbnMub3JnL3Yvd3d3LndlbGxzZmFyZ28uY29tL21vcnRnYWdlL3JhdGVzL2N1c3RvbWl6ZS12Mi8iLCJ0cmFja2VyX3R5cGUiOiAiamF2YXNjcmlwdCIsInRyYWNrZXJfdmVyc2lvbiI6ICIyLjIuMjAiLCJldmVudF9uYW1lIjogIm5lYnVsYV9wYWdlX3ZpZXciLCJldmVudF90aW1lc3RhbXBfZXBvY2giOiAiMTY2NTA1MzM3NTc4OSIsImV2ZW50X3RpbWV6b25lX29mZnNldCI6IDAsInVzZXJfaWQiOiAiMTgzYWNlYTNjZDg2MGItMDhhMzViMzNlZTk0NDg4LTMwNmQ0NjRhLTE0MDAwMC0xODNhY2VhM2NkOTJjNSIsImVudmlyb21lbnQiOiAiZGlnaXRhbC1jbG91ZC11cy1wcmVtIiwiYWNjb3VudElkIjogNTc5MDUsInVybCI6ICJodHRwOi8veml0aWMuZHVja2Rucy5vcmcvdi93d3cud2VsbHNmYXJnby5jb20vbW9ydGdhZ2UvcmF0ZXMvY3VzdG9taXplLXYyLyIsIndlYnNpdGVJZCI6IDU3OTA3LCJmb3JtSWQiOiBudWxsLCJmb3JtVHJpZ2dlclR5cGUiOiBudWxsLCJrYW1weWxlX2RhdGEiOiB7IkxBU1RfSU5WSVRBVElPTl9WSUVXIjogIiIsIkRFQ0xJTkVEX0RBVEUiOiAiIiwia2FtcHlsZUludml0ZVByZXNlbnRlZCI6ICIiLCJrYW1weWxlX3VzZXJpZCI6ICJjZGY5LWMyZTQtYTg5Ny03YjQzLTJmMjgtOGUwOS1kNWIxLTQ5NjciLCJrYW1weWxlVXNlclNlc3Npb24iOiAiMTY2NTA1MzM3NTc4NyIsImthbXB5bGVVc2VyUGVyY2VudGlsZSI6ICIiLCJTVUJNSVRURURfREFURSI6ICIifSwiY29va2llX3NpemUiOiA1MTYsImthbXB5bGVfdmVyc2lvbiI6ICIyLjQxLjAiLCJvbnNpdGVfdmVyc2lvbiI6ICIyLjQxLjAiLCJoaXN0b3J5X2xlbmd0aCI6IDEsImV2ZW50X2xvY2FsX3RpbWVzdGFtcCI6IDE2NjUwNTMzNzU3ODksInBvc2l0aW9uIjogbnVsbCwiaXNVc2VySWRlbnRpZmllZCI6IGZhbHNlLCJwYWNrYWdlVmVyc2lvbiI6ICIyLjQxLjFfMjAyMjA0MTIxODU0MzAifQpdfQ==
IP
35.241.45.82:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInBhZ2VfdGl0bGUiOiAiQ3VzdG9taXplZCBIb21lIE1vcnRnYWdlIFJhdGUgVG9vbCB8IFdlbGxzIEZhcmdvIiwicGFnZV91cmwiOiAiaHR0cDovL3ppdGljLmR1Y2tkbnMub3JnL3Yvd3d3LndlbGxzZmFyZ28uY29tL21vcnRnYWdlL3JhdGVzL2N1c3RvbWl6ZS12Mi8iLCJ0cmFja2VyX3R5cGUiOiAiamF2YXNjcmlwdCIsInRyYWNrZXJfdmVyc2lvbiI6ICIyLjIuMjAiLCJldmVudF9uYW1lIjogIm5lYnVsYV9wYWdlX3ZpZXciLCJldmVudF90aW1lc3RhbXBfZXBvY2giOiAiMTY2NTA1MzM3NTc4OSIsImV2ZW50X3RpbWV6b25lX29mZnNldCI6IDAsInVzZXJfaWQiOiAiMTgzYWNlYTNjZDg2MGItMDhhMzViMzNlZTk0NDg4LTMwNmQ0NjRhLTE0MDAwMC0xODNhY2VhM2NkOTJjNSIsImVudmlyb21lbnQiOiAiZGlnaXRhbC1jbG91ZC11cy1wcmVtIiwiYWNjb3VudElkIjogNTc5MDUsInVybCI6ICJodHRwOi8veml0aWMuZHVja2Rucy5vcmcvdi93d3cud2VsbHNmYXJnby5jb20vbW9ydGdhZ2UvcmF0ZXMvY3VzdG9taXplLXYyLyIsIndlYnNpdGVJZCI6IDU3OTA3LCJmb3JtSWQiOiBudWxsLCJmb3JtVHJpZ2dlclR5cGUiOiBudWxsLCJrYW1weWxlX2RhdGEiOiB7IkxBU1RfSU5WSVRBVElPTl9WSUVXIjogIiIsIkRFQ0xJTkVEX0RBVEUiOiAiIiwia2FtcHlsZUludml0ZVByZXNlbnRlZCI6ICIiLCJrYW1weWxlX3VzZXJpZCI6ICJjZGY5LWMyZTQtYTg5Ny03YjQzLTJmMjgtOGUwOS1kNWIxLTQ5NjciLCJrYW1weWxlVXNlclNlc3Npb24iOiAiMTY2NTA1MzM3NTc4NyIsImthbXB5bGVVc2VyUGVyY2VudGlsZSI6ICIiLCJTVUJNSVRURURfREFURSI6ICIifSwiY29va2llX3NpemUiOiA1MTYsImthbXB5bGVfdmVyc2lvbiI6ICIyLjQxLjAiLCJvbnNpdGVfdmVyc2lvbiI6ICIyLjQxLjAiLCJoaXN0b3J5X2xlbmd0aCI6IDEsImV2ZW50X2xvY2FsX3RpbWVzdGFtcCI6IDE2NjUwNTMzNzU3ODksInBvc2l0aW9uIjogbnVsbCwiaXNVc2VySWRlbnRpZmllZCI6IGZhbHNlLCJwYWNrYWdlVmVyc2lvbiI6ICIyLjQxLjFfMjAyMjA0MTIxODU0MzAifQpdfQ== HTTP/1.1
Host: udc-neb.kampyle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://zitic.duckdns.org/

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:49:35 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PUT, DELETE
Access-Control-Allow-Headers: X-Requested-With, Origin, Content-Type, Accept
Access-Control-Max-Age: 1800
X-ME: prod-instance-gatewayservice-blue-251x
X-Application-Context: application:9090
Content-Type: image/gif; charset=UTF-8
Content-Length: 0
Server: Jetty(9.2.11.v20150529)
Via: 1.1 google

cdn.schemaapp.com/javascript/schemaFunctions.min.js

54.230.111.2

200 OK

1.1 kB

URL HTTP/2
cdn.schemaapp.com/javascript/schemaFunctions.min.js
IP
54.230.111.2:0
ASN
#16509 AMAZON-02

File type
data
Size
1.1 kB (1068 bytes)
Hash
a9d60731d3b1cdab1caf0f92cb019c6f
50d30156dfabffa53079530b47c3421f750b0841
0b6664a35dde987d2676164adee19961d25f834d3b0923a52b4be9126177b4d3

HTTP Headers

GET /javascript/schemaFunctions.min.js HTTP/1.1
Host: cdn.schemaapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
x-amz-replication-status: COMPLETED
last-modified: Thu, 03 Jun 2021 19:02:30 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: ebtKiJ.k06e6HWGVnUjCEswYzQTrKhD5
server: AmazonS3
content-encoding: gzip
date: Thu, 29 Sep 2022 21:19:59 GMT
cache-control: max-age=699840
etag: W/"fa714262345ea0338a058d93199f56ed"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: H6AAZT5Xz56jGkPVKvYlCtL4zWn8asXAg5ZQitm40pymaXciV1j00Q==
age: 566994
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
9f9550b4cc5b1f340bca768bcb13d029
7303e5a8e538c87ac031f96626e7ed6044a0e3d5
f02de708407cbfb3f6baa04e1171103a886e53d0f7fef119b64dc4c6c8b302f0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5434
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 10:49:36 GMT
Last-Modified: Thu, 06 Oct 2022 09:19:02 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

media-wellsfargo.nod-glb.nuance.com/media/launch/sdkChatLoader.min.js?codeVersion=1664936708888

8.39.193.5

200 OK

2.3 kB

URL HTTP/1.1
media-wellsfargo.nod-glb.nuance.com/media/launch/sdkChatLoader.min.js?codeVersion=1664936708888
IP
8.39.193.5:0
ASN
#54396 NUANCE-MOBILITY

File type
ASCII text, with very long lines (7108), with no line terminators
Size
2.3 kB (2292 bytes)
Hash
69248df2e4cd19badf361961108eec5e
86054d9394816797a159f91274bf9c97033a9024
4879bdd8f9d0bd0597e5df3170a4164ca2ca3aaab294b91dd49332db9d36f290

HTTP Headers

GET /media/launch/sdkChatLoader.min.js?codeVersion=1664936708888 HTTP/1.1
Host: media-wellsfargo.nod-glb.nuance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tag-wellsfargo.nod-glb.nuance.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Server: TouchCommerce Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
ETag: "6Cu8yUJ1UkL"
Last-Modified: Wed, 21 Sep 2022 04:43:17 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: application/javascript
Content-Length: 2292
Date: Thu, 06 Oct 2022 10:49:36 GMT

media-wellsfargo.nod-glb.nuance.com/media/launch/site_10006005_default_helper.js?codeVersion=1664936708888

8.39.193.5

200 OK

32 kB

URL HTTP/1.1
media-wellsfargo.nod-glb.nuance.com/media/launch/site_10006005_default_helper.js?codeVersion=1664936708888
IP
8.39.193.5:0
ASN
#54396 NUANCE-MOBILITY

File type
Unicode text, UTF-8 text, with very long lines (59866)
Size
32 kB (32153 bytes)
Hash
0ebafc7f35214ee56bdde838f9f6f473
e8caf55a23ec76e4cee5bd4b59853a020d2ba7b2
89bb7aea85d2785fcd8cd0267009c0c98b27075693ea280a216f775de50c71ef

HTTP Headers

GET /media/launch/site_10006005_default_helper.js?codeVersion=1664936708888 HTTP/1.1
Host: media-wellsfargo.nod-glb.nuance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tag-wellsfargo.nod-glb.nuance.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Server: TouchCommerce Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
ETag: "H7DpMeHDie0"
Last-Modified: Wed, 05 Oct 2022 02:25:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: application/javascript
Transfer-Encoding: chunked
Date: Thu, 06 Oct 2022 10:49:36 GMT

media-wellsfargo.nod-glb.nuance.com/media/launch/site_10006005_default_jssdk.js?codeVersion=1664936708888

8.39.193.5

200 OK

26 kB

URL HTTP/1.1
media-wellsfargo.nod-glb.nuance.com/media/launch/site_10006005_default_jssdk.js?codeVersion=1664936708888
IP
8.39.193.5:0
ASN
#54396 NUANCE-MOBILITY

File type
ASCII text, with very long lines (5905)
Size
26 kB (25916 bytes)
Hash
60283e9423308a0b7a585769559147fd
11ba339e7a3a8f804ff0491dac8c1019d247ab3d
272a4e08c79eb1ff65fc59fc702eb267bc2368953987ed8a141a9c3120ae50df

HTTP Headers

GET /media/launch/site_10006005_default_jssdk.js?codeVersion=1664936708888 HTTP/1.1
Host: media-wellsfargo.nod-glb.nuance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tag-wellsfargo.nod-glb.nuance.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Server: TouchCommerce Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
ETag: "9kPrmEHr7Tj"
Last-Modified: Wed, 05 Oct 2022 02:25:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: application/javascript
Transfer-Encoding: chunked
Date: Thu, 06 Oct 2022 10:49:36 GMT

col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum

44.238.69.235

200 OK

0 B

URL HTTP/1.1
col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum
IP
44.238.69.235:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum HTTP/1.1
Host: col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-type: text/plain
Content-Length: 12079
Origin: http://zitic.duckdns.org
Connection: keep-alive
Referer: http://zitic.duckdns.org/

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:49:37 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
expires: 0
set-cookie: ADRUM_BTa=R:25|g:7f09a41d-5767-4097-b3cf-2123dc23e69e;Path=/;Expires=Thu, 06-Oct-2022 10:50:07 GMT;Max-Age=30
ADRUM_BTa=R:25|g:7f09a41d-5767-4097-b3cf-2123dc23e69e|n:appdynamics_eee1d4f8-67a2-498e-a725-47e29803822e;Path=/;Expires=Thu, 06-Oct-2022 10:50:07 GMT;Max-Age=30
SameSite=None;Path=/;Expires=Thu, 06-Oct-2022 10:50:07 GMT;Max-Age=30;Secure
ADRUM_BT1=R:25|i:559461;Path=/;Expires=Thu, 06-Oct-2022 10:50:07 GMT;Max-Age=30
ADRUM_BT1=R:25|i:559461|e:20;Path=/;Expires=Thu, 06-Oct-2022 10:50:07 GMT;Max-Age=30
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy

pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50

44.241.22.20

200 OK

137 kB

URL HTTP/2
pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50
IP
44.241.22.20:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
137 kB (136715 bytes)
Hash
6553275522121a9faf42d3d40b3678da
a74166efa12401a893b220a1c826720ed9c701ff
b56a63dd957e0d0e4d7502714d1dd0c039fa586013be48b41bcd95269ca0bef2

HTTP Headers

GET /eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50 HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 06 Oct 2022 10:49:36 GMT
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
expires: 0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2

media-wellsfargo.nod-glb.nuance.com/media/launch/tcFramework_jssdk.min.js?codeVersion=1664936708888

8.39.193.5

200 OK

132 kB

URL HTTP/1.1
media-wellsfargo.nod-glb.nuance.com/media/launch/tcFramework_jssdk.min.js?codeVersion=1664936708888
IP
8.39.193.5:0
ASN
#54396 NUANCE-MOBILITY

File type
ASCII text, with very long lines (65536), with no line terminators
Size
132 kB (132437 bytes)
Hash
11230cf34df33055ed40777bec3f09c5
02c411378aeef6a85361b0663f35ed7fb1a2a25b
e52774445064fa6006fa516e09df931ffd30f1aac549ee94ef510b70e67b433e

HTTP Headers

GET /media/launch/tcFramework_jssdk.min.js?codeVersion=1664936708888 HTTP/1.1
Host: media-wellsfargo.nod-glb.nuance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tag-wellsfargo.nod-glb.nuance.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Server: TouchCommerce Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
ETag: "9VzjEfzg+kJ"
Last-Modified: Wed, 21 Sep 2022 04:43:17 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: application/javascript
Transfer-Encoding: chunked
Date: Thu, 06 Oct 2022 10:49:38 GMT

tag-wellsfargo.nod-glb.nuance.com/tagserver/postToServer.min.htm?siteID=10006005&codeVersion=1664936708888

8.39.193.5

200 OK

6.5 kB

URL HTTP/1.1
tag-wellsfargo.nod-glb.nuance.com/tagserver/postToServer.min.htm?siteID=10006005&codeVersion=1664936708888
IP
8.39.193.5:0
ASN
#54396 NUANCE-MOBILITY

File type
HTML document text\012- HTML document text\012- HTML document text\012- Java source text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (807)
Size
6.5 kB (6470 bytes)
Hash
92c92a14d7348502d53a96ffb124e505
541bcbda5db19216712a37552092329b09a6301e
9f86b1cce23c8debd8f30ae3d4284689d83fe289f2e006e623e62eb0f90cbf67

HTTP Headers

GET /tagserver/postToServer.min.htm?siteID=10006005&codeVersion=1664936708888 HTTP/1.1
Host: tag-wellsfargo.nod-glb.nuance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tag-wellsfargo.nod-glb.nuance.com/tagserver/nuanceChat.html?UUID=WF_10006005
Cookie: inqVital_10006005=%7B%22INQ%22%3A%7B%22custID%22%3A%22-4299421148256407263%22%7D%2C%22v%22%3A3%2C%22vcnt%22%3A16%2C%22vtime%22%3A1665051214972%2C%22_acid%22%3A%22-1%22%2C%22_ss%22%3A%22unsold%22%2C%22CHM%22%3A%7B%22lpt%22%3A0%2C%22lastChat%22%3A%7B%7D%2C%22lastCallId%22%3A0%7D%2C%22_is%22%3A1665051214972%2C%22_iID%22%3A%22-42994211482564072631%22%2C%22_ig%22%3A%22CHAT%22%7D; inqSession_10006005=%7B%22tzOf%22%3A25200000%2C%22auu%22%3A0%2C%22_svMs%22%3A-1%2C%22_aTyp%22%3A3%2C%22l%22%3A%5B%5D%2C%22m%22%3A0%2C%22n%22%3A0%2C%22o%22%3A0%2C%22r%22%3A0%2C%22s%22%3A0%2C%22st%22%3A0%2C%22v%22%3A0%2C%22ab%22%3A0%2C%22G%22%3A0%2C%22ss%22%3A0%2C%22T%22%3A0%2C%22U%22%3A0%2C%22ag%22%3A0%2C%22V%22%3A0%2C%22Va%22%3A0%2C%22cA%22%3A1%2C%22cB%22%3A2%2C%22af%22%3A-1%2C%22cnA%22%3A0%2C%22at%22%3A%22WFB-MessengerApp-S%22%2C%22as%22%3A1%2C%22Ac%22%3A0%2C%22sa%22%3A0%2C%22cHn%22%3A0%2C%22hdg%22%3A%22%22%2C%22bcs%22%3A0%2C%22to%22%3A0%2C%22stv%22%3A0%2C%22pi%22%3A%22null%22%2C%22St%22%3A0%2C%22odcr%22%3A0%2C%22scI%22%3A%220%22%2C%22lpb%22%3A0%2C%22ay%22%3A0%2C%22aya%22%3A0%2C%22f%22%3A0%2C%22j%22%3A0%2C%22ahh%22%3A0%2C%22CDRC%22%3A0%2C%22CHM%22%3A%7B%22pmor%22%3Afalse%7D%2C%22_ssID%22%3A%22-42994211482564072631%22%2C%22rd%22%3A%22mail.zitic.duckdns.org%22%2C%22sest%22%3A%22%22%2C%22_sT%22%3A0%2C%22ltt%22%3A1665051214971%7D; inqState_10006005=%7B%22VA%22%3A%5B%5D%2C%22_loy%22%3A1%2C%22_ssQ%22%3A%5B%222022-10-06T10%3A13%3A34.960Z%22%5D%2C%22_slq%22%3A%5B%5D%2C%22_cct%22%3A0%2C%22_sqc%22%3A0%2C%22_slc%22%3A0%2C%22cfl%22%3A9223372036854776000%2C%22t%22%3A28800000%2C%22u%22%3A0%2C%22w%22%3A28800000%2C%22x%22%3A0%2C%22y%22%3A0%2C%22z%22%3A28800000%2C%22aa%22%3A0%2C%22A%22%3A28800000%2C%22LDM%22%3A%7B%22lh%22%3A%5B%7B%22id%22%3A-1%2C%22cg%22%3A%5B%5D%7D%5D%7D%2C%22CHM%22%3A%7B%7D%2C%22fst%22%3A1665051214960%2C%22lst%22%3A1665051214960%2C%22_ist%22%3A%22ELIGIBLE%22%2C%22_sesT%22%3A0%7D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: TouchCommerce Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
Cache-Control: max-age=3600
P3P: policyref="http://tag-wellsfargo.nod-glb.nuance.com/w3c/p3p.xml", CP="NON DSP LAW CUR ADMi TAIi PSAi PSD TELi OUR SAMi IND
ETag: "AN7QOU24IDr"
Last-Modified: Wed, 21 Sep 2022 04:44:02 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Content-Length: 6470
Date: Thu, 06 Oct 2022 10:49:38 GMT

tag-wellsfargo.nod-glb.nuance.com/tagserver/init/isTrustedDomain

8.39.193.5

200 OK

0 B

URL HTTP/1.1
tag-wellsfargo.nod-glb.nuance.com/tagserver/init/isTrustedDomain
IP
8.39.193.5:0
ASN
#54396 NUANCE-MOBILITY

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /tagserver/init/isTrustedDomain HTTP/1.1
Host: tag-wellsfargo.nod-glb.nuance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 70
Origin: https://tag-wellsfargo.nod-glb.nuance.com
Connection: keep-alive
Referer: https://tag-wellsfargo.nod-glb.nuance.com/tagserver/postToServer.min.htm?siteID=10006005&codeVersion=1664936708888
Cookie: inqVital_10006005=%7B%22INQ%22%3A%7B%22custID%22%3A%22-4299421148256407263%22%7D%2C%22v%22%3A3%2C%22vcnt%22%3A16%2C%22vtime%22%3A1665051214972%2C%22_acid%22%3A%22-1%22%2C%22_ss%22%3A%22unsold%22%2C%22CHM%22%3A%7B%22lpt%22%3A0%2C%22lastChat%22%3A%7B%7D%2C%22lastCallId%22%3A0%7D%2C%22_is%22%3A1665051214972%2C%22_iID%22%3A%22-42994211482564072631%22%2C%22_ig%22%3A%22CHAT%22%7D; inqSession_10006005=%7B%22tzOf%22%3A25200000%2C%22auu%22%3A0%2C%22_svMs%22%3A-1%2C%22_aTyp%22%3A3%2C%22l%22%3A%5B%5D%2C%22m%22%3A0%2C%22n%22%3A0%2C%22o%22%3A0%2C%22r%22%3A0%2C%22s%22%3A0%2C%22st%22%3A0%2C%22v%22%3A0%2C%22ab%22%3A0%2C%22G%22%3A0%2C%22ss%22%3A0%2C%22T%22%3A0%2C%22U%22%3A0%2C%22ag%22%3A0%2C%22V%22%3A0%2C%22Va%22%3A0%2C%22cA%22%3A1%2C%22cB%22%3A2%2C%22af%22%3A-1%2C%22cnA%22%3A0%2C%22at%22%3A%22WFB-MessengerApp-S%22%2C%22as%22%3A1%2C%22Ac%22%3A0%2C%22sa%22%3A0%2C%22cHn%22%3A0%2C%22hdg%22%3A%22%22%2C%22bcs%22%3A0%2C%22to%22%3A0%2C%22stv%22%3A0%2C%22pi%22%3A%22null%22%2C%22St%22%3A0%2C%22odcr%22%3A0%2C%22scI%22%3A%220%22%2C%22lpb%22%3A0%2C%22ay%22%3A0%2C%22aya%22%3A0%2C%22f%22%3A0%2C%22j%22%3A0%2C%22ahh%22%3A0%2C%22CDRC%22%3A0%2C%22CHM%22%3A%7B%22pmor%22%3Afalse%7D%2C%22_ssID%22%3A%22-42994211482564072631%22%2C%22rd%22%3A%22mail.zitic.duckdns.org%22%2C%22sest%22%3A%22%22%2C%22_sT%22%3A0%2C%22ltt%22%3A1665051214971%7D; inqState_10006005=%7B%22VA%22%3A%5B%5D%2C%22_loy%22%3A1%2C%22_ssQ%22%3A%5B%222022-10-06T10%3A13%3A34.960Z%22%5D%2C%22_slq%22%3A%5B%5D%2C%22_cct%22%3A0%2C%22_sqc%22%3A0%2C%22_slc%22%3A0%2C%22cfl%22%3A9223372036854776000%2C%22t%22%3A28800000%2C%22u%22%3A0%2C%22w%22%3A28800000%2C%22x%22%3A0%2C%22y%22%3A0%2C%22z%22%3A28800000%2C%22aa%22%3A0%2C%22A%22%3A28800000%2C%22LDM%22%3A%7B%22lh%22%3A%5B%7B%22id%22%3A-1%2C%22cg%22%3A%5B%5D%7D%5D%7D%2C%22CHM%22%3A%7B%7D%2C%22fst%22%3A1665051214960%2C%22lst%22%3A1665051214960%2C%22_ist%22%3A%22ELIGIBLE%22%2C%22_sesT%22%3A0%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: TouchCommerce Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://tag-wellsfargo.nod-glb.nuance.com
Vary: Origin
Access-Control-Allow-Credentials: true
P3P: policyref="http://tag-wellsfargo.nod-glb.nuance.com/w3c/p3p.xml", CP="NON DSP LAW CUR ADMi TAIi PSAi PSD TELi OUR SAMi IND
Content-Type: text/html; charset=utf-8
Content-Length: 0
Date: Thu, 06 Oct 2022 10:49:39 GMT

tag-wellsfargo.nod-glb.nuance.com/tagserver/init/initFramework

8.39.193.5

200 OK

249 B

URL HTTP/1.1
tag-wellsfargo.nod-glb.nuance.com/tagserver/init/initFramework
IP
8.39.193.5:0
ASN
#54396 NUANCE-MOBILITY

File type
JSON data\012- , ASCII text, with no line terminators
Size
249 B (249 bytes)
Hash
ea7cfd102a1f0abeefcae33eda26f9cc
dcdb87b2fe5e04f24cc522d0ca3d3d4b155633e0
25e313d406fe354551b871419fdbc038031bbea07a4af0c1e6fee1160d2f98a1

HTTP Headers

POST /tagserver/init/initFramework HTTP/1.1
Host: tag-wellsfargo.nod-glb.nuance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 183
Origin: https://tag-wellsfargo.nod-glb.nuance.com
Connection: keep-alive
Referer: https://tag-wellsfargo.nod-glb.nuance.com/tagserver/postToServer.min.htm?siteID=10006005&codeVersion=1664936708888
Cookie: inqVital_10006005=%7B%22INQ%22%3A%7B%22custID%22%3A%22-4299421148256407263%22%7D%2C%22v%22%3A3%2C%22vcnt%22%3A16%2C%22vtime%22%3A1665051214972%2C%22_acid%22%3A%22-1%22%2C%22_ss%22%3A%22unsold%22%2C%22CHM%22%3A%7B%22lpt%22%3A0%2C%22lastChat%22%3A%7B%7D%2C%22lastCallId%22%3A0%7D%2C%22_is%22%3A1665051214972%2C%22_iID%22%3A%22-42994211482564072631%22%2C%22_ig%22%3A%22CHAT%22%7D; inqSession_10006005=%7B%22tzOf%22%3A25200000%2C%22auu%22%3A0%2C%22_svMs%22%3A-1%2C%22_aTyp%22%3A3%2C%22l%22%3A%5B%5D%2C%22m%22%3A0%2C%22n%22%3A0%2C%22o%22%3A0%2C%22r%22%3A0%2C%22s%22%3A0%2C%22st%22%3A0%2C%22v%22%3A0%2C%22ab%22%3A0%2C%22G%22%3A0%2C%22ss%22%3A0%2C%22T%22%3A0%2C%22U%22%3A0%2C%22ag%22%3A0%2C%22V%22%3A0%2C%22Va%22%3A0%2C%22cA%22%3A1%2C%22cB%22%3A2%2C%22af%22%3A-1%2C%22cnA%22%3A0%2C%22at%22%3A%22WFB-MessengerApp-S%22%2C%22as%22%3A1%2C%22Ac%22%3A0%2C%22sa%22%3A0%2C%22cHn%22%3A0%2C%22hdg%22%3A%22%22%2C%22bcs%22%3A0%2C%22to%22%3A0%2C%22stv%22%3A0%2C%22pi%22%3A%22null%22%2C%22St%22%3A0%2C%22odcr%22%3A0%2C%22scI%22%3A%220%22%2C%22lpb%22%3A0%2C%22ay%22%3A0%2C%22aya%22%3A0%2C%22f%22%3A0%2C%22j%22%3A0%2C%22ahh%22%3A0%2C%22CDRC%22%3A0%2C%22CHM%22%3A%7B%22pmor%22%3Afalse%7D%2C%22_ssID%22%3A%22-42994211482564072631%22%2C%22rd%22%3A%22mail.zitic.duckdns.org%22%2C%22sest%22%3A%22%22%2C%22_sT%22%3A0%2C%22ltt%22%3A1665051214971%7D; inqState_10006005=%7B%22VA%22%3A%5B%5D%2C%22_loy%22%3A1%2C%22_ssQ%22%3A%5B%222022-10-06T10%3A13%3A34.960Z%22%5D%2C%22_slq%22%3A%5B%5D%2C%22_cct%22%3A0%2C%22_sqc%22%3A0%2C%22_slc%22%3A0%2C%22cfl%22%3A9223372036854776000%2C%22t%22%3A28800000%2C%22u%22%3A0%2C%22w%22%3A28800000%2C%22x%22%3A0%2C%22y%22%3A0%2C%22z%22%3A28800000%2C%22aa%22%3A0%2C%22A%22%3A28800000%2C%22LDM%22%3A%7B%22lh%22%3A%5B%7B%22id%22%3A-1%2C%22cg%22%3A%5B%5D%7D%5D%7D%2C%22CHM%22%3A%7B%7D%2C%22fst%22%3A1665051214960%2C%22lst%22%3A1665051214960%2C%22_ist%22%3A%22ELIGIBLE%22%2C%22_sesT%22%3A0%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: TouchCommerce Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://tag-wellsfargo.nod-glb.nuance.com
Vary: Origin
Access-Control-Allow-Credentials: true
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
P3P: policyref="http://tag-wellsfargo.nod-glb.nuance.com/w3c/p3p.xml", CP="NON DSP LAW CUR ADMi TAIi PSAi PSD TELi OUR SAMi IND
Content-Language: en-US
Content-Type: application/json; charset=UTF-8
Content-Length: 249
Date: Thu, 06 Oct 2022 10:49:39 GMT

media-wellsfargo.nod-glb.nuance.com/media/launch/ci/InqFrameworkService.js?codeVersion=1664936708888

8.39.193.5

200 OK

74 kB

URL HTTP/1.1
media-wellsfargo.nod-glb.nuance.com/media/launch/ci/InqFrameworkService.js?codeVersion=1664936708888
IP
8.39.193.5:0
ASN
#54396 NUANCE-MOBILITY

File type
ASCII text, with very long lines (65536), with no line terminators
Size
74 kB (73754 bytes)
Hash
864ede161397df71c4acf4f6f64c69d2
144b1983c6ef03cee50ab3c0a014fc55059c13c7
2f8c042d4470162397d906a63268fc20988a5b7b1de2087e826a612e7f1f2ca5

HTTP Headers

GET /media/launch/ci/InqFrameworkService.js?codeVersion=1664936708888 HTTP/1.1
Host: media-wellsfargo.nod-glb.nuance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://tag-wellsfargo.nod-glb.nuance.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Server: TouchCommerce Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
ETag: "FU7Yc21iU/N"
Last-Modified: Wed, 21 Sep 2022 04:43:16 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: application/javascript
Transfer-Encoding: chunked
Date: Thu, 06 Oct 2022 10:49:39 GMT

edge.adobedc.net/ee/v1/identity/acquire?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=26de1140-891e-4a71-8e93-6a1773cb3b52

15.236.176.210

200 OK

0 B

URL HTTP/2
edge.adobedc.net/ee/v1/identity/acquire?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=26de1140-891e-4a71-8e93-6a1773cb3b52
IP
15.236.176.210:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /ee/v1/identity/acquire?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=26de1140-891e-4a71-8e93-6a1773cb3b52 HTTP/1.1
Host: edge.adobedc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://zitic.duckdns.org/
Content-Type: text/plain; charset=UTF-8
Origin: http://zitic.duckdns.org
Content-Length: 286
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-request-id: 26de1140-891e-4a71-8e93-6a1773cb3b52
x-rate-limit-remaining: 599
vary: Origin
access-control-allow-origin: http://zitic.duckdns.org
access-control-allow-credentials: true
access-control-expose-headers: Retry-After, X-Adobe-Edge, X-Request-ID
date: Thu, 06 Oct 2022 10:49:34 GMT
x-konductor: 22.10.1:d2d3a42e
x-adobe-edge: IRL1;6
server: jag
content-encoding: deflate
content-type: application/json;charset=utf-8
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

edge.adobedc.net/ee/irl1/v1/interact?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=037183bb-1566-4330-92d7-8b35cbbc542d

15.236.176.210

200 OK

0 B

URL HTTP/2
edge.adobedc.net/ee/irl1/v1/interact?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=037183bb-1566-4330-92d7-8b35cbbc542d
IP
15.236.176.210:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /ee/irl1/v1/interact?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=037183bb-1566-4330-92d7-8b35cbbc542d HTTP/1.1
Host: edge.adobedc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://zitic.duckdns.org/
Content-Type: text/plain; charset=UTF-8
Origin: http://zitic.duckdns.org
Content-Length: 3951
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-request-id: 037183bb-1566-4330-92d7-8b35cbbc542d
x-rate-limit-remaining: 599
vary: Origin
access-control-allow-origin: http://zitic.duckdns.org
access-control-allow-credentials: true
access-control-expose-headers: Retry-After, X-Adobe-Edge, X-Request-ID
date: Thu, 06 Oct 2022 10:49:35 GMT
x-konductor: 22.10.1:d2d3a42e
x-adobe-edge: IRL1;6
server: jag
content-encoding: deflate
content-type: application/json;charset=utf-8
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M51

44.241.22.20

200 OK

0 B

URL HTTP/2
pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M51
IP
44.241.22.20:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M51 HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 06 Oct 2022 10:49:36 GMT
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
expires: 0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (57)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations