Report - mail.zitic.duckdns.org/v/www.wellsfargo.com/help/online-banking/

Report Overview

Submitted URL
mail.zitic.duckdns.org/v/www.wellsfargo.com/help/online-banking/
IP
54.224.73.73
ASN
#14618 AMAZON-AES
Submitted
2022-10-06 10:46:57
Access
Website Title
Final URL
Tags
None
urlquery detections
DynDNS domain detected

Detections

urlquery
24
Network Intrusion Detection
0
Threat Detection Systems
24

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
resources.digital-cloud-prem.medallia.com	21249	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	444 B	2.2 kB	151.101.85.230
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	54.230.111.7
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	54.230.111.99
www01.wellsfargomedia.com	20259	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	891 B	3.7 kB	104.110.5.8
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	34.215.107.141
static.wellsfargo.com	12306	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	9.6 kB	422 kB	159.45.2.178
data.schemaapp.com	11806	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	1.3 kB	54.230.111.53
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	328 B	963 B	172.64.155.188
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	978 B	2.7 kB	23.36.77.32
mail.zitic.duckdns.org	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	16 kB	1.5 MB	54.224.73.73
pdx-col.eum-appdynamics.com	4816	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	494 B	937 B	44.233.9.40
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	3.7 kB	93.184.220.29
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
www17.wellsfargomedia.com	76964	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	10 kB	61 kB	104.110.27.78
cdn.schemaapp.com	12078	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.9 kB	5.1 kB	54.230.111.3
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	57 kB	34.120.237.76
udc-neb.kampyle.com	3039	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.3 kB	1.5 kB	35.241.45.82
edge.adobedc.net	8934	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	1.7 kB	15.188.95.229

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-10-05	medium	mail.zitic.duckdns.org/v/www.wellsfargo.com/help/online-banking/	Wells Fargo & Company

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-10-06	medium	mail.zitic.duckdns.org/v/www.wellsfargo.com/help/online-banking/	Phishing
2022-10-06	medium	mail.zitic.duckdns.org/v/static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js	Phishing
2022-10-06	medium	mail.zitic.duckdns.org/v/www.wellsfargo.com/js/shared/media-player-custom.js	Phishing
2022-10-06	medium	mail.zitic.duckdns.org/v/static.wellsfargo.com/assets/js/wfui/container/wfui-container-top.js	Phishing
2022-10-06	medium	mail.zitic.duckdns.org/v/www.wellsfargo.com/js/vendor/jquery.min.js	Phishing
2022-10-06	medium	mail.zitic.duckdns.org/v/www.wellsfargo.com/js/frameworks/jq/jquery-ui.js	Phishing
2022-10-06	medium	mail.zitic.duckdns.org/v/www.wellsfargo.com/js/tools/feedback/feedback.js	Phishing
2022-10-06	medium	mail.zitic.duckdns.org/v/static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js	Phishing
2022-10-06	medium	mail.zitic.duckdns.org/v/www.wellsfargo.com/js/vendor/video.js	Phishing
2022-10-06	medium	mail.zitic.duckdns.org/v/www.wellsfargo.com/js/global/global.js	Phishing
2022-10-06	medium	mail.zitic.duckdns.org/v/static.wellsfargo.com/assets/js/wfui/ndep/websdk/nuance-websdk-loader.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (42)

	URL	Size	First Seen	Last Seen
	mail.zitic.duckdns.org/v/www.wellsfargo.com/js/vendor/jquery.min.js	98 kB	2023-03-07	2024-04-24
Pretty URL mail.zitic.duckdns.org/v/www.wellsfargo.com/js/vendor/jquery.min.js IP 54.224.73.73 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:17 Last Seen2024-04-24 01:46:25 Times Seen144 Hash d49f5bd057488231fdcc675e2fe9f568 c81be8cda5beab5bd767a63bee8aafc08e037ce4 3c536cede8c67b4bda531f82b77f3678e52026398492010245d3870c87a1623e Loading...

	mail.zitic.duckdns.org/v/www.wellsfargo.com/js/vendor/video.js	420 kB	2023-03-07	2023-03-08
Pretty URL mail.zitic.duckdns.org/v/www.wellsfargo.com/js/vendor/video.js IP 54.224.73.73 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2023-03-08 08:13:26 Times Seen1 Hash efce68f045d0687df715b0ec9634accf 1b15d7dba57fed7ca7f041ea15d87f6d709a4458 d94e88dfb3c418dc2d7f7f4464faed1788ecc8407ef1694d824330279262b834 Loading...

	static.wellsfargo.com/tracking/main/utag.129.js?utv=ut4.48.202207272202	15 kB	2023-03-07	2024-04-08
Pretty URL static.wellsfargo.com/tracking/main/utag.129.js?utv=ut4.48.202207272202 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2024-04-08 03:26:08 Times Seen85 Hash 479fee1497e8ed53fe632cd4110af660 42ff77f5fe23ac8aff0d4837f9e5cb0fb8a918c0 00153616bcd7e705949fa43e3573c41b7808dfe57255d1dcc42e24c4dad5efa8 Loading...

	static.wellsfargo.com/tracking/main/utag.379.js?utv=ut4.48.202207272202	2.2 kB	2023-03-07	2024-04-08
Pretty URL static.wellsfargo.com/tracking/main/utag.379.js?utv=ut4.48.202207272202 IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2024-04-08 03:26:08 Times Seen84 Hash f4d859c7b49fa343d9c8b25c689d837e c571cf8c4aa455cd656785571a398b03bda70254 49e726aa41e4128560776f794aeae8f9648b7045769cf240ab3ff4f5d002d529 Loading...

	static.wellsfargo.com/tracking/main/utag.403.js?utv=ut4.48.202104051735	2.6 kB	2023-03-07	2023-05-21
Pretty URL static.wellsfargo.com/tracking/main/utag.403.js?utv=ut4.48.202104051735 IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2023-05-21 08:37:02 Times Seen74 Hash 211205c31f696e1bb7eee132a746fa45 f97ced5d992cf340c530a244639eb581d0767965 0cb89661317d3e3c5072364afb0da53fc3d43bb5edf3ac43327b1a57f993a251 Loading...

	static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js	45 kB	2023-03-07	2024-04-08
Pretty URL static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-08 03:26:09 Times Seen4864 Hash 5f310e2e2a558d76b916e137aee73462 c7ff0190c9c2c414321211f3863e9e27f32b713e 385196f0fce7cea80c2c99d971780ecb73df9dea6e5b2d95d19df3aa849c7b1f Loading...

	mail.zitic.duckdns.org/v/static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js	2.0 kB	2023-03-07	2024-04-08
Pretty URL mail.zitic.duckdns.org/v/static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js IP 54.224.73.73 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-08 03:26:08 Times Seen4778 Hash e7cf4c458b327ab7ed31e0936ccd404f 970bf05073f91ad6b8f21521f7c9886f71f2af1d 52b687a685d2239142be0db5335c5710951ba8c2b39a44431a40f156b4d9312d Loading...

	mail.zitic.duckdns.org/v/www.wellsfargo.com/js/frameworks/jq/jquery-ui.js	339 kB	2023-03-07	2023-05-21
Pretty URL mail.zitic.duckdns.org/v/www.wellsfargo.com/js/frameworks/jq/jquery-ui.js IP 54.224.73.73 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2023-05-21 08:37:02 Times Seen9 Hash 9726560d23e8100d33456702719491d1 1c64bfa8088fc04d7b6633a3479cb57ec9969d3a d65fdc6b62a5f7a8a9cbc7a756b75ed80b81cf828295d507aeec9878e908ad4d Loading...

	mail.zitic.duckdns.org/v/static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js	32 kB	2023-03-07	2023-11-04
Pretty URL mail.zitic.duckdns.org/v/static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js IP 54.224.73.73 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2023-11-04 00:29:39 Times Seen29 Hash 162100f507af8b50f1406bf3fc405ce5 cf0a2bf9b914710962e0dd7899b93ba5ceb5134d e9a598a5cc23c24a8ecc364ed7413961e416f5e9ec3df513ad9a12cda625a279 Loading...

	static.wellsfargo.com/tracking/ga/gtag.js?id=UA-107148943-1	117 kB	2023-03-07	2023-03-26
Pretty URL static.wellsfargo.com/tracking/ga/gtag.js?id=UA-107148943-1 IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2023-03-26 09:22:04 Times Seen2 Hash 17324c64926790e7068528ee285677e0 5f7c9d7694dfa9e92d5ae871cb0ea0cc5b4776c3 79f666407709e82d49c80fc330a5a34952fc56f30de257ccc3ae432d87c6fedc Loading...

	static.wellsfargo.com/tracking/main/utag.396.js?utv=ut4.48.202209192333	8.5 kB	2023-03-08	2023-03-08
Pretty URL static.wellsfargo.com/tracking/main/utag.396.js?utv=ut4.48.202209192333 IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:03:23 Last Seen2023-03-08 07:42:42 Times Seen1 Hash bfc7b10a98d0b83c34b9c5215e59acb3 c822f6bbd3dfebedd4dc5673c7abb5c9f233085b 713a7b27c18080ecb4665dab3036ae266329f318ccc648336564bb8c24e5e40c Loading...

	static.wellsfargo.com/tracking/main/utag.413.js?utv=ut4.48.202207272202	3.0 kB	2023-03-07	2024-04-08
Pretty URL static.wellsfargo.com/tracking/main/utag.413.js?utv=ut4.48.202207272202 IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2024-04-08 03:26:08 Times Seen82 Hash 6aedb7426c48b548874c016faf3f6e24 e3e8420bd3e75e7e6319a3f00a8c2aff6e33961a 8221ff8f89f7c212ab6cb02b5edf294ca06322a313ccd0fa8f5d17356cb07d88 Loading...

	static.wellsfargo.com/tracking/main/utag.505.js?utv=ut4.48.202209131956	6.5 kB	2023-03-07	2023-03-13
Pretty URL static.wellsfargo.com/tracking/main/utag.505.js?utv=ut4.48.202209131956 IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:47:21 Last Seen2023-03-13 06:40:20 Times Seen1 Hash 735658e345bcccb2e9b4f8436a45bcd3 94969ac03a39f4e244376817f674405e38b4a054 01a8d4c81581707d3d7a663057b6635f1d6bc4fcc1c49ba0d21ae4f57146d81f Loading...

	static.wellsfargo.com/tracking/alloy/alloy.js	77 kB	2023-03-07	2024-04-08
Pretty URL static.wellsfargo.com/tracking/alloy/alloy.js IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2024-04-08 03:26:09 Times Seen87 Hash dd67ef7bf5d168e7123d934cfd21ac80 eb66ab8b5ed10640c50c460c271be086f63e0ffb 5466d536089d3af772430020c62a83dc680cd9169200840742e51181ba81fd75 Loading...

	static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js	48 kB	2023-03-07	2024-04-08
Pretty URL static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-08 03:26:09 Times Seen4875 Hash aeccb854b0a76aa9f478e466c8011b29 625d31cbeb8978cf2419f58d14bba92a42dbb45c 7f0d10bc282c3d7b0eb4d7527303490f8d3b86a1c65e293c2d9f0793006441e6 Loading...

	mail.zitic.duckdns.org/v/static.wellsfargo.com/assets/js/wfui/container/wfui-container-top.js	48 kB	2023-03-07	2023-05-21
Pretty URL mail.zitic.duckdns.org/v/static.wellsfargo.com/assets/js/wfui/container/wfui-container-top.js IP 54.224.73.73 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:04 Last Seen2023-05-21 08:37:02 Times Seen11 Hash adc6bafd6d346973c15f80f542fa008f ec1f94d5fe65f25d7119488ffc067446b7af82b9 7a17bf7ddc09f705c34b0bdefe2a12142ae1702bf904a731f48cd4652c1036eb Loading...

	mail.zitic.duckdns.org/v/www.wellsfargo.com/js/global/global.js	230 kB	2023-03-08	2023-03-08
Pretty URL mail.zitic.duckdns.org/v/www.wellsfargo.com/js/global/global.js IP 54.224.73.73 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:03:23 Last Seen2023-03-08 08:14:13 Times Seen1 Hash a6d222867ebc1b0e6a57eddc8bd7418b be0c5877af0cf33abf8de5c793935c7c94c5fe7e 77d1d5f3d877905d3f0f5a434b77be2e3cf34887e0022ad9cae1b5d39150f827 Loading...

	cdn.schemaapp.com/javascript/schemaFunctions.min.js	1.7 kB	2023-03-07	2023-03-17
Pretty URL cdn.schemaapp.com/javascript/schemaFunctions.min.js IP 54.230.111.3 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2023-03-17 09:43:25 Times Seen1 Hash fa714262345ea0338a058d93199f56ed 81c3f8901938669975ad01a3ae3e4b0156de6a2f fe7b9f29a6a10cc36627e652af40af6381e2900f87eba0d348a8ef92f66ebd89 Loading...

	static.wellsfargo.com/tracking/main/utag.319.js?utv=ut4.48.202209142209	7.0 kB	2023-03-08	2023-03-29
Pretty URL static.wellsfargo.com/tracking/main/utag.319.js?utv=ut4.48.202209142209 IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:03:23 Last Seen2023-03-29 22:00:36 Times Seen47 Hash 3193265899115fcee583c2662559f250 22d60605121c7dc621b04edb46f2539d98fdcf9c 2e8b86b25ab5fb19b62a69f5ca7bb0f242136e3883b688670595ba896b7e53c8 Loading...

	static.wellsfargo.com/tracking/main/utag.397.js?utv=ut4.48.202209192301	10 kB	2023-03-08	2023-03-08
Pretty URL static.wellsfargo.com/tracking/main/utag.397.js?utv=ut4.48.202209192301 IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:03:23 Last Seen2023-03-08 07:42:42 Times Seen1 Hash 0e0ff10ca293ac96202da292e0f05087 d89bbbba6a1faef3d7cc06be60bcff48ec6ee9b3 52def0dd339c631d8a4fe5320c61e38ce6f8239d0d290725e7780aac112b3d46 Loading...

	static.wellsfargo.com/tracking/main/utag.471.js?utv=ut4.48.202209271731	6.7 kB	2023-03-08	2023-05-21
Pretty URL static.wellsfargo.com/tracking/main/utag.471.js?utv=ut4.48.202209271731 IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:03:23 Last Seen2023-05-21 08:37:02 Times Seen76 Hash 36ebda59de9fa37cbea1f48593d20eb1 e175622005a38183dd0c33deb423a1fb02d2ba5e d257a14d93cafce44ecdb34393fadbe76117819c7de517aff08925cfee9bfbf4 Loading...

	mail.zitic.duckdns.org/v/www.wellsfargo.com/js/shared/media-player-custom.js	4.3 kB	2023-03-07	2023-03-08
Pretty URL mail.zitic.duckdns.org/v/www.wellsfargo.com/js/shared/media-player-custom.js IP 54.224.73.73 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2023-03-08 08:37:51 Times Seen1 Hash 450744f087d3aa87a28395c107742acc c8a3e69e3b1287f65b72b9de8a553d4f309d4d99 cde7904316679ef5aa42b66a914d46fdae6d0e07d11bbc28f2dcb3a64012cdd6 Loading...

	static.wellsfargo.com/tracking/main/utag.js	326 kB	2023-03-08	2023-03-08
Pretty URL static.wellsfargo.com/tracking/main/utag.js IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:03:23 Last Seen2023-03-08 07:42:42 Times Seen1 Hash 7b4ba84ab0e2728a5ab460d07d2ac628 3067acb47d78a4630389f9017e467849de044461 b3f7e20d4377aaf99d7f96583d265be6a3ef34fefac4f7072e6bd0597649ff5c Loading...

	static.wellsfargo.com/tracking/main/utag.166.js?utv=ut4.48.202208100004	15 kB	2023-03-07	2023-05-21
Pretty URL static.wellsfargo.com/tracking/main/utag.166.js?utv=ut4.48.202208100004 IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2023-05-21 08:37:02 Times Seen79 Hash 80f41e3e9de3719de7b98e3fd6e0f727 70d1b9891e6f319b0f3f29adbc2832f493ac3b61 cb1b454a046f8f46ee3e5ea389d3648e46bf0973db9f61faa2724162ef850b03 Loading...

	static.wellsfargo.com/tracking/main/utag.384.js?utv=ut4.48.202208101746	30 kB	2023-03-07	2023-03-17
Pretty URL static.wellsfargo.com/tracking/main/utag.384.js?utv=ut4.48.202208101746 IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2023-03-17 09:43:24 Times Seen1 Hash ec515d2e0f8c06d5ce0a340cd3797fd4 7835986cd764c52d1ca821917fca951cb3081af7 cc86fbdc1bc9b57a54d136018fd8ec9006c062e65f944b4c51c90f1762986bf7 Loading...

	mail.zitic.duckdns.org/v/www.wellsfargo.com/js/tools/feedback/feedback.js	8.2 kB	2023-03-08	2023-05-21
Pretty URL mail.zitic.duckdns.org/v/www.wellsfargo.com/js/tools/feedback/feedback.js IP 54.224.73.73 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 07:12:05 Last Seen2023-05-21 08:37:02 Times Seen21 Hash 59f745c8080013f114553158132c5edb d0a9e7f436ee7e9ad6dae5e14ea32e96d6a7767f a81eed4118a01e2a37a8a6fba34d795925d191be5856864cfdfa48bf7f5c344f Loading...

	mail.zitic.duckdns.org/v/www.wellsfargo.com/help/online-banking/	387 B	2023-03-08	2023-03-08
Pretty URL mail.zitic.duckdns.org/v/www.wellsfargo.com/help/online-banking/ IP 54.224.73.73 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 07:14:40 Last Seen2023-03-08 07:14:40 Times Seen1 Hash 593077a3511ab26ebd1772cb7f1ccb43 4feb448eebc13617c81709741866f70e5c3ebed7 fc083a44975a1556f522f17bd89c7e353b01aade81c349fae48c7f9fb9e9f6cc Loading...

	mail.zitic.duckdns.org/v/www.wellsfargo.com/help/online-banking/	982 B	2023-03-08	2023-03-08
Pretty URL mail.zitic.duckdns.org/v/www.wellsfargo.com/help/online-banking/ IP 54.224.73.73 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:03:23 Last Seen2023-03-08 08:37:51 Times Seen1 Hash 59af5f205118061c2b240db02ce139d6 662884ab14b4c57620375f4604379a79b8a20525 5e3125de5bd28949d17b699748346d2853752273d3e70bd8aadb7a2496fb55b7 Loading...

	mail.zitic.duckdns.org/v/www.wellsfargo.com/help/online-banking/	107 B	2023-03-08	2023-03-08
Pretty URL mail.zitic.duckdns.org/v/www.wellsfargo.com/help/online-banking/ IP 54.224.73.73 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 07:14:40 Last Seen2023-03-08 07:14:40 Times Seen1 Hash 42302df8fc8ea605620fd80867db92a7 dfb43019ef79cbfbba0aa5fd90cf4c422ff1abf5 d62c35f4a632eb863d6f0988efd8bb04a9098557436433963c8d29a144071a5c Loading...

	static.wellsfargo.com/tracking/medallia/wdcusprem/57907/onsite/medallia-digital-embed.js	2.4 kB	2023-03-07	2023-03-17
Pretty URL static.wellsfargo.com/tracking/medallia/wdcusprem/57907/onsite/medallia-digital-embed.js IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2023-03-17 09:43:25 Times Seen1 Hash 3e75b97d91e2ac07972bd84b4b260fdc 003e8e223077086f1d634da73000252f1b724672 c6b012226d1f061a86a7a176fae93e55d7976d97afad14aa805aa3f5df2cb221 Loading...

	mail.zitic.duckdns.org/v/www.wellsfargo.com/help/online-banking/	167 B	2023-03-07	2024-03-28
Pretty URL mail.zitic.duckdns.org/v/www.wellsfargo.com/help/online-banking/ IP 54.224.73.73 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2024-03-28 17:44:16 Times Seen24 Hash 26b65410843bfddfedce7ee266ca15b2 1b72887bd3ae2258efd890942c7216883d413c28 9bad421eb21f5116f24930a4427c3a3e1916d321e28ed5e42d267e96b36a5264 Loading...

	mail.zitic.duckdns.org/v/www.wellsfargo.com/help/online-banking/	63 B	2023-03-08	2023-03-08
Pretty URL mail.zitic.duckdns.org/v/www.wellsfargo.com/help/online-banking/ IP 54.224.73.73 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:03:23 Last Seen2023-03-08 08:13:25 Times Seen1 Hash 8516570a103223cc527896183abb2aa8 5c33997abf47506068df553dcdbe79be521eeb9f f4ef49dd3d39911b5d7872a1cb29998edb1054ee8e090fa08a013cfc61d74a10 Loading...

	mail.zitic.duckdns.org/v/www.wellsfargo.com/help/online-banking/	240 B	2023-03-07	2024-03-28
Pretty URL mail.zitic.duckdns.org/v/www.wellsfargo.com/help/online-banking/ IP 54.224.73.73 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2024-03-28 17:44:16 Times Seen24 Hash 70dfaef5ceddbc8e9cf2f8c2f4da19ff aa3ce65c808b635d5d4cde20ec5471870d7804d8 0aad4b608078f01c780cd4fba7985dad900d7cd4166d43746c6ee13a27f96d05 Loading...

	static.wellsfargo.com/tracking/main/utag.328.js?utv=ut4.48.202207272202	17 kB	2023-03-07	2024-04-08
Pretty URL static.wellsfargo.com/tracking/main/utag.328.js?utv=ut4.48.202207272202 IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2024-04-08 03:26:08 Times Seen87 Hash f8ed7a36884e442c03847e482647b8e1 bae9cc143bf67dfeb1a99270b8f82666290b98c2 a69e6fb58df72540553b75552e4721c8e1d57086789f1d0a84c1bf49db0b1956 Loading...

	static.wellsfargo.com/tracking/main/utag.117.js?utv=ut4.48.202112070053	8.6 kB	2023-03-07	2024-04-08
Pretty URL static.wellsfargo.com/tracking/main/utag.117.js?utv=ut4.48.202112070053 IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2024-04-08 03:26:08 Times Seen81 Hash ca611e1ad5ce488baf7e687e039008f9 2152db6945b63d78a718aa87e1f1ccea350b8809 0abd344691477db2ac8e91cf0ce28160bad6b8b4ba6d192dfc000bb2e63f83e4 Loading...

	static.wellsfargo.com/tracking/main/utag.225.js?utv=ut4.48.202208301942	16 kB	2023-03-07	2023-05-21
Pretty URL static.wellsfargo.com/tracking/main/utag.225.js?utv=ut4.48.202208301942 IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2023-05-21 08:37:02 Times Seen79 Hash ede450a69bfad8ba8be6c09afec643d9 525ca9fbebba307f6a5d5c4c8ab2a3ba9afa70c2 d4c3ac2df676fc3c4c0662d5635b8078cbea41051632004adeee5e17ba9337b8 Loading...

	static.wellsfargo.com/tracking/main/utag.431.js?utv=ut4.48.202107202150	2.5 kB	2023-03-07	2024-04-08
Pretty URL static.wellsfargo.com/tracking/main/utag.431.js?utv=ut4.48.202107202150 IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2024-04-08 03:26:08 Times Seen82 Hash 47057e93093059b6ae4917b6015bd8fe c6b654398fc654f415bcd1cff05f926d9193fc65 2c7310c0bbcf2becb50249819d7d0d68636930bab7307962d020cebf0d9de42c Loading...

	cdn.schemaapp.com/javascript/highlight.js	32 kB	2023-03-07	2023-03-10
Pretty URL cdn.schemaapp.com/javascript/highlight.js IP 54.230.111.3 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:20:47 Last Seen2023-03-10 11:24:14 Times Seen1 Hash a75cfd2d41ac714329a4fc6895bb082d fc0712f2a046bebe006eb92279383b4f659b6b64 6f7298ad8b3f1b09f9454047ef159a3c943b93adbf93dce07a76a1152b76f136 Loading...

	static.wellsfargo.com/tracking/main/utag.381.js?utv=ut4.48.202209121603	94 kB	2023-03-07	2023-03-08
Pretty URL static.wellsfargo.com/tracking/main/utag.381.js?utv=ut4.48.202209121603 IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:47:21 Last Seen2023-03-08 07:42:42 Times Seen1 Hash b90cbacc71e1ae0a741626c87a25d013 00bf09b1f99fa67c51fd7cfba73951a9a710a424 f20359b2efae06d66e63fbd2e0ffb187fab7c9e2953e08306a0bf69ac8a5aa36 Loading...

	static.wellsfargo.com/tracking/main/utag.136.js?utv=ut4.48.202208102110	56 kB	2023-03-07	2023-04-20
Pretty URL static.wellsfargo.com/tracking/main/utag.136.js?utv=ut4.48.202208102110 IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2023-04-20 19:47:50 Times Seen62 Hash 41191acbeb53131c44ad4b17b97622cf 051e9ef1d5f33662109b4d4cfc253edaebf9f3aa eaeccba3d96e1fe1f6a600ab5b9ebb2dc6bf06cac27ce733ce5b74bf3c85887f Loading...

	static.wellsfargo.com/tracking/medallia/wdcusprem/57907/onsite/generic1649789670809.js	359 kB	2023-03-07	2023-03-08
Pretty URL static.wellsfargo.com/tracking/medallia/wdcusprem/57907/onsite/generic1649789670809.js IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2023-03-08 08:37:51 Times Seen1 Hash 715c89a07de4ffd82947e57d0809a2b4 ab6c19329d498be0888af0974e9b8b5df583a13a c73ee926afebcfb5d8f974cd1f3f595e18298a724b7ed41ebf564414fed6d6d7 Loading...

	static.wellsfargo.com/tracking/gb/detector-dom.min.js	440 kB	2023-03-08	2023-04-13
Pretty URL static.wellsfargo.com/tracking/gb/detector-dom.min.js IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:19:07 Last Seen2023-04-13 08:50:50 Times Seen267 Hash d980391562cb88335867228eb62355e0 ee7af0c08ee43ff66f6bba09c08852f7b3859a42 313c07f6e4facc5730db27563c4aeaad1a86126333d448e47c7b29adb1f806fd Loading...

HTTP Transactions (106)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

54.230.111.7

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
54.230.111.7:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 2V_noB1VZkYEk3ZXxqZ9JbvzHVe1vKqNYxkyBE35RRz5fk6gUFqZjw==
Age: 68368

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

54.230.111.99

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
54.230.111.99:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 06 Oct 2022 04:02:33 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: jH-8fL0ajzG6-BHkeu4dH_SBXJd4dnE4x6_wlObuWLUoXyEenaUYjQ==
age: 24254
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
282f6e1328452c1cb41f6a6272fff757
20b9ff1b5f4f81b645769bd4b4cf7bf7dfc16262
6a8070ebe51259cb11db68cca2c81f3c7408fad481d8c14cc1c38912442c63f4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A8070EBE51259CB11DB68CCA2C81F3C7408FAD481D8C14CC1C38912442C63F4"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6819
Expires: Thu, 06 Oct 2022 12:40:25 GMT
Date: Thu, 06 Oct 2022 10:46:46 GMT
Connection: keep-alive

mail.zitic.duckdns.org/v/www.wellsfargo.com/help/online-banking/

54.224.73.73

200 OK

47 kB

URL HTTP/1.1
mail.zitic.duckdns.org/v/www.wellsfargo.com/help/online-banking/
IP
54.224.73.73:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1219), with CRLF, LF line terminators
Size
47 kB (46813 bytes)
Hash
fe541682b34cc3b818974f3698a5192c
092d9049e4bbd7d558fd4dc250eec5651eaa4b55
5de3c87d48b44919a10b2c6f752e4181fd68b26fb5ba6314496a9a740a9a39a6

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
openphish	Wells Fargo & Company
fortinet	Phishing

HTTP Headers

GET /v/www.wellsfargo.com/help/online-banking/ HTTP/1.1
Host: mail.zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: kndctr_1BAA15F354F731E60A4C98A4_AdobeOrg_cluster=irl1; mdLogger=false; kampyle_userid=0b05-53a6-3db6-c9bc-1381-4fa7-4731-507f; kampyleUserSession=1665052101385; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:46:46 GMT
Server: Apache
Last-Modified: Fri, 30 Sep 2022 22:58:44 GMT
Accept-Ranges: bytes
Content-Length: 46813
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 10:46:46 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

www01.wellsfargomedia.com/assets/images/css/template/homepage/homepage-lock.svg

104.110.5.8

200 OK

668 B

URL HTTP/2
www01.wellsfargomedia.com/assets/images/css/template/homepage/homepage-lock.svg
IP
104.110.5.8:0
ASN
#16625 AKAMAI-AS

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
668 B (668 bytes)
Hash
de6fd1f7ffea13b855770b5dc54daf72
0e4ab6e3433c7607280e977fd9e9c5442eb30344
deab472180f1d0240b8f200d69c896d68ddf08eba1928ef3d2f2fbd4beefbbfa

HTTP Headers

GET /assets/images/css/template/homepage/homepage-lock.svg HTTP/1.1
Host: www01.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
accept-ranges: bytes
content-encoding: br
etag: "6f8-554880386bac0"
last-modified: Wed, 25 Aug 2021 22:12:55 GMT
server: Akamai Resource Optimizer
strict-transport-security: max-age=31536000; includeSubdomains;
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 668
unused62: 8096267
cache-control: max-age=3126967
expires: Fri, 11 Nov 2022 15:22:53 GMT
date: Thu, 06 Oct 2022 10:46:46 GMT
X-Firefox-Spdy: h2

www01.wellsfargomedia.com/assets/images/css/template/homepage/homepage-horz-logo.svg

104.110.5.8

200 OK

2.0 kB

URL HTTP/2
www01.wellsfargomedia.com/assets/images/css/template/homepage/homepage-horz-logo.svg
IP
104.110.5.8:0
ASN
#16625 AKAMAI-AS

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4948)
Size
2.0 kB (1977 bytes)
Hash
e56e5d0c3a6c91daa9c9e3cb35de49ec
1ac827e855541f5059c9122c624f7b5144c5faa8
6d046903ea56f94f8a7d998d662f03035b015d3019c57d88e091f16d1bd175e8

HTTP Headers

GET /assets/images/css/template/homepage/homepage-horz-logo.svg HTTP/1.1
Host: www01.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
accept-ranges: bytes
content-encoding: br
etag: "15b8-5895bfcbfa2c0"
last-modified: Mon, 24 May 2021 14:15:37 GMT
server: Akamai Resource Optimizer
strict-transport-security: max-age=31536000; includeSubdomains;
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 1977
unused62: 8096267
cache-control: max-age=3126967
expires: Fri, 11 Nov 2022 15:22:53 GMT
date: Thu, 06 Oct 2022 10:46:46 GMT
X-Firefox-Spdy: h2

mail.zitic.duckdns.org/v/static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js

54.224.73.73

200 OK

2.0 kB

URL HTTP/1.1
mail.zitic.duckdns.org/v/static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js
IP
54.224.73.73:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (1952), with no line terminators
Size
2.0 kB (1952 bytes)
Hash
e7cf4c458b327ab7ed31e0936ccd404f
970bf05073f91ad6b8f21521f7c9886f71f2af1d
52b687a685d2239142be0db5335c5710951ba8c2b39a44431a40f156b4d9312d

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
fortinet	Phishing

HTTP Headers

GET /v/static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js HTTP/1.1
Host: mail.zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/v/www.wellsfargo.com/help/online-banking/
Cookie: kndctr_1BAA15F354F731E60A4C98A4_AdobeOrg_cluster=irl1; mdLogger=false; kampyle_userid=0b05-53a6-3db6-c9bc-1381-4fa7-4731-507f; kampyleUserSession=1665052101385; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:46:46 GMT
Server: Apache
Last-Modified: Thu, 20 Jan 2022 03:38:26 GMT
Accept-Ranges: bytes
Content-Length: 1952
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

mail.zitic.duckdns.org/v/www.wellsfargo.com/css/tools/feedback/feedback.css

54.224.73.73

200 OK

4.4 kB

URL HTTP/1.1
mail.zitic.duckdns.org/v/www.wellsfargo.com/css/tools/feedback/feedback.css
IP
54.224.73.73:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (4440), with no line terminators
Size
4.4 kB (4440 bytes)
Hash
c04b44febf1f965fc2fa2cc93e83642b
5ed917b5383b9aea126c26cfd1386f6b561729fe
ae6df27ed0a71cc56b3b2343715c202bee5346d8cad7cb94b2798b18cc060d81

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /v/www.wellsfargo.com/css/tools/feedback/feedback.css HTTP/1.1
Host: mail.zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/v/www.wellsfargo.com/help/online-banking/
Cookie: kndctr_1BAA15F354F731E60A4C98A4_AdobeOrg_cluster=irl1; mdLogger=false; kampyle_userid=0b05-53a6-3db6-c9bc-1381-4fa7-4731-507f; kampyleUserSession=1665052101385; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:46:46 GMT
Server: Apache
Last-Modified: Mon, 05 Sep 2022 09:33:24 GMT
Accept-Ranges: bytes
Content-Length: 4440
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

mail.zitic.duckdns.org/v/www.wellsfargo.com/js/shared/media-player-custom.js

54.224.73.73

200 OK

4.3 kB

URL HTTP/1.1
mail.zitic.duckdns.org/v/www.wellsfargo.com/js/shared/media-player-custom.js
IP
54.224.73.73:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (4348), with no line terminators
Size
4.3 kB (4348 bytes)
Hash
450744f087d3aa87a28395c107742acc
c8a3e69e3b1287f65b72b9de8a553d4f309d4d99
cde7904316679ef5aa42b66a914d46fdae6d0e07d11bbc28f2dcb3a64012cdd6

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
fortinet	Phishing

HTTP Headers

GET /v/www.wellsfargo.com/js/shared/media-player-custom.js HTTP/1.1
Host: mail.zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/v/www.wellsfargo.com/help/online-banking/
Cookie: kndctr_1BAA15F354F731E60A4C98A4_AdobeOrg_cluster=irl1; mdLogger=false; kampyle_userid=0b05-53a6-3db6-c9bc-1381-4fa7-4731-507f; kampyleUserSession=1665052101385; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:46:46 GMT
Server: Apache
Last-Modified: Mon, 05 Sep 2022 09:33:20 GMT
Accept-Ranges: bytes
Content-Length: 4348
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

mail.zitic.duckdns.org/v/www.wellsfargo.com/css/template/global.css

54.224.73.73

200 OK

185 kB

URL HTTP/1.1
mail.zitic.duckdns.org/v/www.wellsfargo.com/css/template/global.css
IP
54.224.73.73:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (8262)
Size
185 kB (185441 bytes)
Hash
14d9a697a170e9accf9d8dca7ca7f869
c9e83fd2642cbb67ec5648fa04fb5850ba952a18
6d8bb4f75f6eb8608fc500cb23a7d6a09db009c91707584c1cc4f629e422d3ff

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /v/www.wellsfargo.com/css/template/global.css HTTP/1.1
Host: mail.zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/v/www.wellsfargo.com/help/online-banking/
Cookie: kndctr_1BAA15F354F731E60A4C98A4_AdobeOrg_cluster=irl1; mdLogger=false; kampyle_userid=0b05-53a6-3db6-c9bc-1381-4fa7-4731-507f; kampyleUserSession=1665052101385; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:46:46 GMT
Server: Apache
Last-Modified: Mon, 05 Sep 2022 09:33:24 GMT
Accept-Ranges: bytes
Content-Length: 185441
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

mail.zitic.duckdns.org/v/www.wellsfargo.com/css/template/ui-lightness/jquery-ui.custom.css

54.224.73.73

200 OK

18 kB

URL HTTP/1.1
mail.zitic.duckdns.org/v/www.wellsfargo.com/css/template/ui-lightness/jquery-ui.custom.css
IP
54.224.73.73:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (7491)
Size
18 kB (18459 bytes)
Hash
adacfb4b14fb1a108752d26f5c02ac5c
c86acc17d8ba331340c83d3426ac4b3561a51689
4cba34e0b3855598696d187bbcefc04326cfa6e79c4c4a035efab4017e40e4d3

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /v/www.wellsfargo.com/css/template/ui-lightness/jquery-ui.custom.css HTTP/1.1
Host: mail.zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/v/www.wellsfargo.com/help/online-banking/
Cookie: kndctr_1BAA15F354F731E60A4C98A4_AdobeOrg_cluster=irl1; mdLogger=false; kampyle_userid=0b05-53a6-3db6-c9bc-1381-4fa7-4731-507f; kampyleUserSession=1665052101385; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:46:46 GMT
Server: Apache
Last-Modified: Mon, 05 Sep 2022 09:33:24 GMT
Accept-Ranges: bytes
Content-Length: 18459
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

mail.zitic.duckdns.org/v/www.wellsfargo.com/css/vendor/video-js.css

54.224.73.73

200 OK

44 kB

URL HTTP/1.1
mail.zitic.duckdns.org/v/www.wellsfargo.com/css/vendor/video-js.css
IP
54.224.73.73:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (19597)
Size
44 kB (43928 bytes)
Hash
f8682704b21d1ed262ec8b90bb0c18d4
71e1bc05a39e85f299d5ecd5194e440f2a3d9fae
521ebc30fb48d89b4ac4808ef7e6fba9110684eb37751ad00a977ada5e74b0ef

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /v/www.wellsfargo.com/css/vendor/video-js.css HTTP/1.1
Host: mail.zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/v/www.wellsfargo.com/help/online-banking/
Cookie: kndctr_1BAA15F354F731E60A4C98A4_AdobeOrg_cluster=irl1; mdLogger=false; kampyle_userid=0b05-53a6-3db6-c9bc-1381-4fa7-4731-507f; kampyleUserSession=1665052101385; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:46:46 GMT
Server: Apache
Last-Modified: Mon, 05 Sep 2022 09:33:24 GMT
Accept-Ranges: bytes
Content-Length: 43928
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

54.230.111.7

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
54.230.111.7:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Thu, 06 Oct 2022 10:29:41 GMT
Expires: Thu, 06 Oct 2022 10:49:48 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 4TkMGBGQAjYzRqbwi623sFiaovXS-wDT-SpnzCN4cYEOvzNFydLI9A==
Age: 1025

mail.zitic.duckdns.org/v/static.wellsfargo.com/assets/js/wfui/container/wfui-container-top.js

54.224.73.73

200 OK

48 kB

URL HTTP/1.1
mail.zitic.duckdns.org/v/static.wellsfargo.com/assets/js/wfui/container/wfui-container-top.js
IP
54.224.73.73:0
ASN
#14618 AMAZON-AES

File type
Unicode text, UTF-8 text, with very long lines (48287)
Size
48 kB (48367 bytes)
Hash
adc6bafd6d346973c15f80f542fa008f
ec1f94d5fe65f25d7119488ffc067446b7af82b9
7a17bf7ddc09f705c34b0bdefe2a12142ae1702bf904a731f48cd4652c1036eb

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
fortinet	Phishing

HTTP Headers

GET /v/static.wellsfargo.com/assets/js/wfui/container/wfui-container-top.js HTTP/1.1
Host: mail.zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/v/www.wellsfargo.com/help/online-banking/
Cookie: kndctr_1BAA15F354F731E60A4C98A4_AdobeOrg_cluster=irl1; mdLogger=false; kampyle_userid=0b05-53a6-3db6-c9bc-1381-4fa7-4731-507f; kampyleUserSession=1665052101385; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:46:46 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 14:50:04 GMT
Accept-Ranges: bytes
Content-Length: 48367
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

mail.zitic.duckdns.org/v/www.wellsfargo.com/js/vendor/jquery.min.js

54.224.73.73

200 OK

98 kB

URL HTTP/1.1
mail.zitic.duckdns.org/v/www.wellsfargo.com/js/vendor/jquery.min.js
IP
54.224.73.73:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (8077)
Size
98 kB (97628 bytes)
Hash
d49f5bd057488231fdcc675e2fe9f568
c81be8cda5beab5bd767a63bee8aafc08e037ce4
3c536cede8c67b4bda531f82b77f3678e52026398492010245d3870c87a1623e

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
fortinet	Phishing

HTTP Headers

GET /v/www.wellsfargo.com/js/vendor/jquery.min.js HTTP/1.1
Host: mail.zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/v/www.wellsfargo.com/help/online-banking/
Cookie: kndctr_1BAA15F354F731E60A4C98A4_AdobeOrg_cluster=irl1; mdLogger=false; kampyle_userid=0b05-53a6-3db6-c9bc-1381-4fa7-4731-507f; kampyleUserSession=1665052101385; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:46:46 GMT
Server: Apache
Last-Modified: Mon, 05 Sep 2022 09:33:20 GMT
Accept-Ranges: bytes
Content-Length: 97628
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

mail.zitic.duckdns.org/v/www.wellsfargo.com/js/frameworks/jq/jquery-ui.js

54.224.73.73

200 OK

339 kB

URL HTTP/1.1
mail.zitic.duckdns.org/v/www.wellsfargo.com/js/frameworks/jq/jquery-ui.js
IP
54.224.73.73:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (8185)
Size
339 kB (339170 bytes)
Hash
9726560d23e8100d33456702719491d1
1c64bfa8088fc04d7b6633a3479cb57ec9969d3a
d65fdc6b62a5f7a8a9cbc7a756b75ed80b81cf828295d507aeec9878e908ad4d

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
fortinet	Phishing

HTTP Headers

GET /v/www.wellsfargo.com/js/frameworks/jq/jquery-ui.js HTTP/1.1
Host: mail.zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/v/www.wellsfargo.com/help/online-banking/
Cookie: kndctr_1BAA15F354F731E60A4C98A4_AdobeOrg_cluster=irl1; mdLogger=false; kampyle_userid=0b05-53a6-3db6-c9bc-1381-4fa7-4731-507f; kampyleUserSession=1665052101385; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:46:46 GMT
Server: Apache
Last-Modified: Mon, 05 Sep 2022 09:33:18 GMT
Accept-Ranges: bytes
Content-Length: 339170
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

mail.zitic.duckdns.org/v/www.wellsfargo.com/js/tools/feedback/feedback.js

54.224.73.73

200 OK

8.2 kB

URL HTTP/1.1
mail.zitic.duckdns.org/v/www.wellsfargo.com/js/tools/feedback/feedback.js
IP
54.224.73.73:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (8024)
Size
8.2 kB (8236 bytes)
Hash
59f745c8080013f114553158132c5edb
d0a9e7f436ee7e9ad6dae5e14ea32e96d6a7767f
a81eed4118a01e2a37a8a6fba34d795925d191be5856864cfdfa48bf7f5c344f

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
fortinet	Phishing

HTTP Headers

GET /v/www.wellsfargo.com/js/tools/feedback/feedback.js HTTP/1.1
Host: mail.zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/v/www.wellsfargo.com/help/online-banking/
Cookie: kndctr_1BAA15F354F731E60A4C98A4_AdobeOrg_cluster=irl1; mdLogger=false; kampyle_userid=0b05-53a6-3db6-c9bc-1381-4fa7-4731-507f; kampyleUserSession=1665052101385; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:46:46 GMT
Server: Apache
Last-Modified: Mon, 05 Sep 2022 09:33:20 GMT
Accept-Ranges: bytes
Content-Length: 8236
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

mail.zitic.duckdns.org/v/static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js

54.224.73.73

200 OK

32 kB

URL HTTP/1.1
mail.zitic.duckdns.org/v/static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js
IP
54.224.73.73:0
ASN
#14618 AMAZON-AES

File type
Unicode text, UTF-8 text, with very long lines (31790)
Size
32 kB (31841 bytes)
Hash
162100f507af8b50f1406bf3fc405ce5
cf0a2bf9b914710962e0dd7899b93ba5ceb5134d
e9a598a5cc23c24a8ecc364ed7413961e416f5e9ec3df513ad9a12cda625a279

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
fortinet	Phishing

HTTP Headers

GET /v/static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js HTTP/1.1
Host: mail.zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/v/www.wellsfargo.com/help/online-banking/
Cookie: kndctr_1BAA15F354F731E60A4C98A4_AdobeOrg_cluster=irl1; mdLogger=false; kampyle_userid=0b05-53a6-3db6-c9bc-1381-4fa7-4731-507f; kampyleUserSession=1665052101385; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:46:47 GMT
Server: Apache
Last-Modified: Sat, 12 Feb 2022 18:58:28 GMT
Accept-Ranges: bytes
Content-Length: 31841
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

mail.zitic.duckdns.org/v/www.wellsfargo.com/js/vendor/video.js

54.224.73.73

200 OK

420 kB

URL HTTP/1.1
mail.zitic.duckdns.org/v/www.wellsfargo.com/js/vendor/video.js
IP
54.224.73.73:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (8169)
Size
420 kB (419580 bytes)
Hash
efce68f045d0687df715b0ec9634accf
1b15d7dba57fed7ca7f041ea15d87f6d709a4458
d94e88dfb3c418dc2d7f7f4464faed1788ecc8407ef1694d824330279262b834

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
fortinet	Phishing

HTTP Headers

GET /v/www.wellsfargo.com/js/vendor/video.js HTTP/1.1
Host: mail.zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/v/www.wellsfargo.com/help/online-banking/
Cookie: kndctr_1BAA15F354F731E60A4C98A4_AdobeOrg_cluster=irl1; mdLogger=false; kampyle_userid=0b05-53a6-3db6-c9bc-1381-4fa7-4731-507f; kampyleUserSession=1665052101385; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:46:46 GMT
Server: Apache
Last-Modified: Mon, 05 Sep 2022 09:33:20 GMT
Accept-Ranges: bytes
Content-Length: 419580
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

mail.zitic.duckdns.org/v/www.wellsfargo.com/js/global/global.js

54.224.73.73

200 OK

230 kB

URL HTTP/1.1
mail.zitic.duckdns.org/v/www.wellsfargo.com/js/global/global.js
IP
54.224.73.73:0
ASN
#14618 AMAZON-AES

File type
HTML document, Unicode text, UTF-8 text, with very long lines (8155)
Size
230 kB (230254 bytes)
Hash
a6d222867ebc1b0e6a57eddc8bd7418b
be0c5877af0cf33abf8de5c793935c7c94c5fe7e
77d1d5f3d877905d3f0f5a434b77be2e3cf34887e0022ad9cae1b5d39150f827

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
fortinet	Phishing

HTTP Headers

GET /v/www.wellsfargo.com/js/global/global.js HTTP/1.1
Host: mail.zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/v/www.wellsfargo.com/help/online-banking/
Cookie: kndctr_1BAA15F354F731E60A4C98A4_AdobeOrg_cluster=irl1; mdLogger=false; kampyle_userid=0b05-53a6-3db6-c9bc-1381-4fa7-4731-507f; kampyleUserSession=1665052101385; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:46:46 GMT
Server: Apache
Last-Modified: Mon, 05 Sep 2022 09:33:24 GMT
Accept-Ranges: bytes
Content-Length: 230254
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
8be5570b9a5ca76c580da007a824b029
38840f2ac6476bdd5608121c5653e338c7ad9715
0b94e05080ef85432b1815eb3c6c7594c9613cfde1b51eeabee46d0d9fde64b2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4434
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 10:46:47 GMT
Last-Modified: Thu, 06 Oct 2022 09:32:53 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

mail.zitic.duckdns.org/v/www17.wellsfargomedia.com/assets/images/photography/lifestyle/413x185/customer_service_desktop_marquee_online_banking_413x185.jpg

54.224.73.73

200 OK

25 kB

URL HTTP/1.1
mail.zitic.duckdns.org/v/www17.wellsfargomedia.com/assets/images/photography/lifestyle/413x185/customer_service_desktop_marquee_online_banking_413x185.jpg
IP
54.224.73.73:0
ASN
#14618 AMAZON-AES

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 413x185, components 3\012- data
Size
25 kB (25065 bytes)
Hash
90d509779bd29035c99d894b1be4615e
f7b15435b0c906cc04b078441f3916379c6fdf71
d836c97c2e4d6a60bf367a4cc8d8cd23448d8bf29ed529dd94422d24bda04d73

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /v/www17.wellsfargomedia.com/assets/images/photography/lifestyle/413x185/customer_service_desktop_marquee_online_banking_413x185.jpg HTTP/1.1
Host: mail.zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/v/www.wellsfargo.com/help/online-banking/
Cookie: kndctr_1BAA15F354F731E60A4C98A4_AdobeOrg_cluster=irl1; mdLogger=false; kampyle_userid=0b05-53a6-3db6-c9bc-1381-4fa7-4731-507f; kampyleUserSession=1665052101385; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:46:47 GMT
Server: Apache
Last-Modified: Mon, 26 Sep 2022 21:34:42 GMT
Accept-Ranges: bytes
Content-Length: 25065
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg

mail.zitic.duckdns.org/assets/images/global/s.gif?log=1&cb=1664575123782&event=PageLoad&pid=222-17863-64&ptid=91-6232-128&pageUrl=https%3A%2F%2Fwww.wellsfargo.com%2Fhelp%2Fonline-banking%2F&clist=182-171513-16~223-4119-32|182-171542-16~223-6253-32|84-17541-16~91-6213-32|84-17567-16~91-6213-32|84-171545-16~91-6213-32|84-17712-16~91-6213-32|84-17646-16~91-6213-32|84-170878-16~91-6213-32|84-170879-16~91-6213-32|84-157536-16~91-6213-32|84-16221-16~91-6213-32|84-17435-16~91-6213-32|84-17204-16~91-6213-32|84-17717-16~91-6213-32|84-158114-16~91-6213-32|84-7187-16~91-6213-32|84-7208-16~91-6213-32|182-171597-16~223-6249-32|84-17316-16~91-6213-32|84-17296-16~91-6213-32|84-133397-16~91-6213-32|84-17429-16~91-6213-32|84-17375-16~91-6213-32|182-171598-16~223-6249-32|182-169170-16~223-3753-32|84-164790-16~91-1924-32|84-162984-16~91-1924-32|84-170735-16~91-1924-32|84-17744-16~91-1924-32|84-5529-16~91-2045-32|84-15318-16~91-1924-32|84-147998-16~91-1924-32|84-17799-16~91-1924-32|84-161919-16~91-1924-32|84-20661-16~91-1924-32|84-223467-16~91-1924-32|84-207756-16~91-1924-32|84-171543-16~91-6222-32|84-6876-16~91-6227-32

54.224.73.73

404 Not Found

315 B

URL HTTP/1.1
mail.zitic.duckdns.org/assets/images/global/s.gif?log=1&cb=1664575123782&event=PageLoad&pid=222-17863-64&ptid=91-6232-128&pageUrl=https%3A%2F%2Fwww.wellsfargo.com%2Fhelp%2Fonline-banking%2F&clist=182-171513-16~223-4119-32|182-171542-16~223-6253-32|84-17541-16~91-6213-32|84-17567-16~91-6213-32|84-171545-16~91-6213-32|84-17712-16~91-6213-32|84-17646-16~91-6213-32|84-170878-16~91-6213-32|84-170879-16~91-6213-32|84-157536-16~91-6213-32|84-16221-16~91-6213-32|84-17435-16~91-6213-32|84-17204-16~91-6213-32|84-17717-16~91-6213-32|84-158114-16~91-6213-32|84-7187-16~91-6213-32|84-7208-16~91-6213-32|182-171597-16~223-6249-32|84-17316-16~91-6213-32|84-17296-16~91-6213-32|84-133397-16~91-6213-32|84-17429-16~91-6213-32|84-17375-16~91-6213-32|182-171598-16~223-6249-32|182-169170-16~223-3753-32|84-164790-16~91-1924-32|84-162984-16~91-1924-32|84-170735-16~91-1924-32|84-17744-16~91-1924-32|84-5529-16~91-2045-32|84-15318-16~91-1924-32|84-147998-16~91-1924-32|84-17799-16~91-1924-32|84-161919-16~91-1924-32|84-20661-16~91-1924-32|84-223467-16~91-1924-32|84-207756-16~91-1924-32|84-171543-16~91-6222-32|84-6876-16~91-6227-32
IP
54.224.73.73:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /assets/images/global/s.gif?log=1&cb=1664575123782&event=PageLoad&pid=222-17863-64&ptid=91-6232-128&pageUrl=https%3A%2F%2Fwww.wellsfargo.com%2Fhelp%2Fonline-banking%2F&clist=182-171513-16~223-4119-32|182-171542-16~223-6253-32|84-17541-16~91-6213-32|84-17567-16~91-6213-32|84-171545-16~91-6213-32|84-17712-16~91-6213-32|84-17646-16~91-6213-32|84-170878-16~91-6213-32|84-170879-16~91-6213-32|84-157536-16~91-6213-32|84-16221-16~91-6213-32|84-17435-16~91-6213-32|84-17204-16~91-6213-32|84-17717-16~91-6213-32|84-158114-16~91-6213-32|84-7187-16~91-6213-32|84-7208-16~91-6213-32|182-171597-16~223-6249-32|84-17316-16~91-6213-32|84-17296-16~91-6213-32|84-133397-16~91-6213-32|84-17429-16~91-6213-32|84-17375-16~91-6213-32|182-171598-16~223-6249-32|182-169170-16~223-3753-32|84-164790-16~91-1924-32|84-162984-16~91-1924-32|84-170735-16~91-1924-32|84-17744-16~91-1924-32|84-5529-16~91-2045-32|84-15318-16~91-1924-32|84-147998-16~91-1924-32|84-17799-16~91-1924-32|84-161919-16~91-1924-32|84-20661-16~91-1924-32|84-223467-16~91-1924-32|84-207756-16~91-1924-32|84-171543-16~91-6222-32|84-6876-16~91-6227-32 HTTP/1.1
Host: mail.zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/v/www.wellsfargo.com/help/online-banking/
Cookie: kndctr_1BAA15F354F731E60A4C98A4_AdobeOrg_cluster=irl1; mdLogger=false; kampyle_userid=0b05-53a6-3db6-c9bc-1381-4fa7-4731-507f; kampyleUserSession=1665052101385; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1

HTTP/1.1 404 Not Found
Date: Thu, 06 Oct 2022 10:46:47 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

mail.zitic.duckdns.org/v/www01.wellsfargomedia.com/assets/images/global/btn-close-x.png

54.224.73.73

200 OK

1.5 kB

URL HTTP/1.1
mail.zitic.duckdns.org/v/www01.wellsfargomedia.com/assets/images/global/btn-close-x.png
IP
54.224.73.73:0
ASN
#14618 AMAZON-AES

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
1.5 kB (1453 bytes)
Hash
9921173323f53b9e476d01269ce6bc2b
41e125b4a816f5c346159ce28c32659a3ab4d80f
869e94fbe314e86261ff0dcfd5a52175d02298b8c6633140cdc0a544bb7721c5

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /v/www01.wellsfargomedia.com/assets/images/global/btn-close-x.png HTTP/1.1
Host: mail.zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/v/www.wellsfargo.com/help/online-banking/
Cookie: kndctr_1BAA15F354F731E60A4C98A4_AdobeOrg_cluster=irl1; mdLogger=false; kampyle_userid=0b05-53a6-3db6-c9bc-1381-4fa7-4731-507f; kampyleUserSession=1665052101385; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:46:47 GMT
Server: Apache
Last-Modified: Thu, 26 Aug 2021 02:32:58 GMT
Accept-Ranges: bytes
Content-Length: 1453
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png

mail.zitic.duckdns.org/v/www.wellsfargo.com/css/template/print.css

54.224.73.73

200 OK

570 B

URL HTTP/1.1
mail.zitic.duckdns.org/v/www.wellsfargo.com/css/template/print.css
IP
54.224.73.73:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (570), with no line terminators
Size
570 B (570 bytes)
Hash
95b4de8b86db5e33fc29372eb35bf21a
e75af300af9a609a69e3c11e8c4325637b1a0284
8dee9644ead3af242cdb9c56bfa5a795cc33154be20a7fac97d4357238ad7243

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /v/www.wellsfargo.com/css/template/print.css HTTP/1.1
Host: mail.zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/v/www.wellsfargo.com/help/online-banking/
Cookie: kndctr_1BAA15F354F731E60A4C98A4_AdobeOrg_cluster=irl1; mdLogger=false; kampyle_userid=0b05-53a6-3db6-c9bc-1381-4fa7-4731-507f; kampyleUserSession=1665052101385; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:46:47 GMT
Server: Apache
Last-Modified: Mon, 05 Sep 2022 09:33:24 GMT
Accept-Ranges: bytes
Content-Length: 570
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

www17.wellsfargomedia.com/assets/images/css/template/homepage/homepage-magnifying-glass.png

104.110.27.78

200 OK

236 B

URL HTTP/2
www17.wellsfargomedia.com/assets/images/css/template/homepage/homepage-magnifying-glass.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image\012- data
Size
236 B (236 bytes)
Hash
8cf6735df721c60affadb70ad95732eb
ae8a42ebbd6b60630e2c612e924c4fd66a4aca33
8dc5436dce4423f0e53e85904b6dc0552c1c8bbde0dd4ec1c929a1c272201c4c

HTTP Headers

GET /assets/images/css/template/homepage/homepage-magnifying-glass.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
etag: "59c2114b-12e"
last-modified: Sat, 23 Jul 2022 13:52:11 GMT
server: Akamai Image Manager
content-length: 236
content-type: image/webp
cache-control: private, no-transform, max-age=673150
expires: Fri, 14 Oct 2022 05:45:57 GMT
date: Thu, 06 Oct 2022 10:46:47 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/css/template/bg-footer.png

104.110.27.78

200 OK

481 B

URL HTTP/2
www17.wellsfargomedia.com/assets/images/css/template/bg-footer.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
GIF image data, version 89a, 9 x 60\012- data
Size
481 B (481 bytes)
Hash
a396c960e8b70984da1bbfe391e57e74
6963daf90a847a7383d69bd1b34f84c748614945
6060d85ee1d931efbe90cf1f903f53a63b506eb1e6b16c9a7a0feb3b5dcb9c69

HTTP Headers

GET /assets/images/css/template/bg-footer.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "5a7f02f5-393"
last-modified: Mon, 25 Jul 2022 06:04:23 GMT
server: Akamai Image Manager
x-serial: 1720
x-check-cacheable: YES
content-length: 481
content-type: image/gif
cache-control: private, no-transform, max-age=815126
expires: Sat, 15 Oct 2022 21:12:13 GMT
date: Thu, 06 Oct 2022 10:46:47 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/css/template/chevron-right-blue.png

104.110.27.78

200 OK

140 B

URL HTTP/2
www17.wellsfargomedia.com/assets/images/css/template/chevron-right-blue.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image\012- data
Size
140 B (140 bytes)
Hash
7838430f8f3db208f1791d12275f882c
f099b34e9cd7bb9b8ccfbe0284cf818ef1747a9a
15edc68516d9016f5df0651edcd4eedfd5c2f440d85f932f7a2b973b70d37883

HTTP Headers

GET /assets/images/css/template/chevron-right-blue.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "519fc766-3fc"
last-modified: Mon, 25 Jul 2022 06:04:22 GMT
server: Akamai Image Manager
x-serial: 1189
x-check-cacheable: YES
content-length: 140
content-type: image/webp
cache-control: private, no-transform, max-age=779041
expires: Sat, 15 Oct 2022 11:10:48 GMT
date: Thu, 06 Oct 2022 10:46:47 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/css/template/bg-c31-f3.png

104.110.27.78

200 OK

107 B

URL HTTP/2
www17.wellsfargomedia.com/assets/images/css/template/bg-c31-f3.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
PNG image data, 722 x 1, 8-bit grayscale, non-interlaced\012- data
Size
107 B (107 bytes)
Hash
1aaf5576743c3cba83b28273343712f6
babcc2c27cadc4c097fd39fa62f89c0e48aedbb9
ef7d3952a0b0a8d8229287ca58514ef62f350d0b34caa729661ee7ea71d3e290

HTTP Headers

GET /assets/images/css/template/bg-c31-f3.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "519fc74a-6b3"
last-modified: Wed, 07 Sep 2022 16:44:39 GMT
server: Akamai Image Manager
x-serial: 1477
x-check-cacheable: YES
content-length: 107
content-type: image/png
cache-control: private, no-transform, max-age=107882
expires: Fri, 07 Oct 2022 16:44:49 GMT
date: Thu, 06 Oct 2022 10:46:47 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/css/template/arrow-right-gray.png

104.110.27.78

200 OK

102 B

URL HTTP/2
www17.wellsfargomedia.com/assets/images/css/template/arrow-right-gray.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image\012- data
Size
102 B (102 bytes)
Hash
24a47218c6a6be92ed8ddc28b0365af7
837d6923fda7215a73ce3050aa03673504907f88
303132675de7ecc1ad7822db460c6c6c30a72fb102620c4ca489c3fbb41e9e8f

HTTP Headers

GET /assets/images/css/template/arrow-right-gray.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "519fc73e-40c"
last-modified: Mon, 25 Jul 2022 06:04:23 GMT
server: Akamai Image Manager
content-length: 102
content-type: image/webp
cache-control: private, no-transform, max-age=820488
expires: Sat, 15 Oct 2022 22:41:35 GMT
date: Thu, 06 Oct 2022 10:46:47 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/css/template/bg-c68-contactbar-top.png

104.110.27.78

200 OK

706 B

URL HTTP/2
www17.wellsfargomedia.com/assets/images/css/template/bg-c68-contactbar-top.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image\012- data
Size
706 B (706 bytes)
Hash
2cf75c65bae129474c19476f72985c9b
14db1a49477682d2e17ebaf4ed81a3d54f0e229b
30d7aa03684a1a793b3d5803597c327af08ee4e0dba727ff059449405501dd99

HTTP Headers

GET /assets/images/css/template/bg-c68-contactbar-top.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "519fc754-5b2"
last-modified: Mon, 25 Jul 2022 08:24:34 GMT
server: Akamai Image Manager
content-length: 706
content-type: image/webp
cache-control: private, no-transform, max-age=400147
expires: Tue, 11 Oct 2022 01:55:54 GMT
date: Thu, 06 Oct 2022 10:46:47 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/css/template/bg-c16header.png

104.110.27.78

200 OK

112 B

URL HTTP/2
www17.wellsfargomedia.com/assets/images/css/template/bg-c16header.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 9x33, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
112 B (112 bytes)
Hash
08717a42a51902911c1eda963e838541
59811f290b3056e0a17ce38185702cdada633652
1c0efb4533dd3790e5099ef3156ecc1bd9d6b08e625a11853fccef20e0936b8e

HTTP Headers

GET /assets/images/css/template/bg-c16header.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "519fc746-552"
last-modified: Mon, 25 Jul 2022 08:24:35 GMT
server: Akamai Image Manager
x-serial: 1042
x-check-cacheable: YES
content-length: 112
content-type: image/webp
cache-control: private, no-transform, max-age=812519
expires: Sat, 15 Oct 2022 20:28:46 GMT
date: Thu, 06 Oct 2022 10:46:47 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/css/template/chevron-right-grey.png

104.110.27.78

200 OK

82 B

URL HTTP/2
www17.wellsfargomedia.com/assets/images/css/template/chevron-right-grey.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 8x9, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
82 B (82 bytes)
Hash
8a64ca48888869867604fec4ca5a2300
05ecffa2687820e76c82f487d0347a5120615dd1
fb39d6b03e532d8c65acd85e6be42ac3fd7d781451a4bb1c616286a231c80cfa

HTTP Headers

GET /assets/images/css/template/chevron-right-grey.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
etag: "519fc766-3ed"
last-modified: Sat, 23 Jul 2022 13:52:12 GMT
server: Akamai Image Manager
x-serial: 612
x-check-cacheable: YES
content-length: 82
content-type: image/webp
cache-control: private, no-transform, max-age=627343
expires: Thu, 13 Oct 2022 17:02:30 GMT
date: Thu, 06 Oct 2022 10:46:47 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/fonts/wellsfargosans-bd.woff2

104.110.27.78

200 OK

22 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-bd.woff2
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
Web Open Font Format (Version 2), TrueType, length 22172, version 1.13107\012- data
Size
22 kB (22172 bytes)
Hash
f0307736c3a6ef356722f1dc3e9fa3f4
e29ea90ba786f0e08caa770dcfdfe923f619bebd
6bc7e16d4b6822a6867d7dd9f9d29f5fd77cd803750b0fe38a92309d9eb00704

HTTP Headers

GET /assets/fonts/wellsfargosans-bd.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://mail.zitic.duckdns.org
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: font/woff2
content-length: 22172
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-569c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=7227225
expires: Thu, 29 Dec 2022 02:20:32 GMT
date: Thu, 06 Oct 2022 10:46:47 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/fonts/wellsfargosans-rg.woff2

104.110.27.78

200 OK

22 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-rg.woff2
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
Web Open Font Format (Version 2), TrueType, length 22424, version 1.13107\012- data
Size
22 kB (22424 bytes)
Hash
0a1639ebe9fab396657a62aa5233c832
9b58164729ad918dd7255e4856f9da7f3a90bfde
631f3b6267a831a8d67c45e480b5d5a2601f10ff8708bcf3a45a41b377a129cc

HTTP Headers

GET /assets/fonts/wellsfargosans-rg.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://mail.zitic.duckdns.org
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: font/woff2
content-length: 22424
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-5798"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=7250431
expires: Thu, 29 Dec 2022 08:47:18 GMT
date: Thu, 06 Oct 2022 10:46:47 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/global/icon-yes-off.png

104.110.27.78

200 OK

234 B

URL HTTP/2
www17.wellsfargomedia.com/assets/images/global/icon-yes-off.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 40x33, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
234 B (234 bytes)
Hash
01af79da800e9e15bcd52bf35e756734
d495318cc7cc2d87a7b537ae645ee92b364b8d42
7a57d566047f6c948237ffe4ec52129833dce315b32d3ff2207062370a6542bc

HTTP Headers

GET /assets/images/global/icon-yes-off.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "54678ae4-78e"
last-modified: Mon, 25 Jul 2022 17:00:02 GMT
server: Akamai Image Manager
x-serial: 406
x-check-cacheable: YES
content-length: 234
content-type: image/webp
cache-control: private, no-transform, max-age=976817
expires: Mon, 17 Oct 2022 18:07:04 GMT
date: Thu, 06 Oct 2022 10:46:47 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/global/icon-yes-on.png

104.110.27.78

200 OK

372 B

URL HTTP/2
www17.wellsfargomedia.com/assets/images/global/icon-yes-on.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 40x33, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
372 B (372 bytes)
Hash
8116729d7a7c887063ef8cd8e8114448
ea43adeeb25280a33ba9e59a117909bf623008ad
5e7cdcbdf92d6cda668cf9fd8ba90c43542c638abdb427a4054819caff1c0a51

HTTP Headers

GET /assets/images/global/icon-yes-on.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "54678ae4-82f"
last-modified: Mon, 25 Jul 2022 17:00:00 GMT
server: Akamai Image Manager
content-length: 372
content-type: image/webp
cache-control: private, no-transform, max-age=822479
expires: Sat, 15 Oct 2022 23:14:46 GMT
date: Thu, 06 Oct 2022 10:46:47 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/global/icon-no-off.png

104.110.27.78

200 OK

192 B

URL HTTP/2
www17.wellsfargomedia.com/assets/images/global/icon-no-off.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 40x33, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
192 B (192 bytes)
Hash
d0d7e589b4d208f4735c041d0c938c34
a233b5cb37ff5b8793a978e7c3c0f7a2a49e9750
3f517003d905de14646a0239ab4277c4a1107d9ceb334b5158014b9a09c8b190

HTTP Headers

GET /assets/images/global/icon-no-off.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "54678ae4-6f5"
last-modified: Tue, 16 Aug 2022 16:28:47 GMT
server: Akamai Image Manager
content-length: 192
content-type: image/webp
cache-control: private, no-transform, max-age=412696
expires: Tue, 11 Oct 2022 05:25:03 GMT
date: Thu, 06 Oct 2022 10:46:47 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/global/icon-no-on.png

104.110.27.78

200 OK

414 B

URL HTTP/2
www17.wellsfargomedia.com/assets/images/global/icon-no-on.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 40x33, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
414 B (414 bytes)
Hash
6c70f39515a6efe2fd422e8784b000fb
9dba0b0c0f4c74c745293879bda642138847149f
c522316d1aae15ee4df56043b2ed8b74151a7c94b0c93fc9d5d572b7e508de33

HTTP Headers

GET /assets/images/global/icon-no-on.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "54678ae4-7b9"
last-modified: Mon, 25 Jul 2022 17:00:01 GMT
server: Akamai Image Manager
content-length: 414
content-type: image/webp
cache-control: private, no-transform, max-age=976682
expires: Mon, 17 Oct 2022 18:04:49 GMT
date: Thu, 06 Oct 2022 10:46:47 GMT
X-Firefox-Spdy: h2

mail.zitic.duckdns.org/v/www17.wellsfargomedia.com/assets/images/css/template/img_print.png

54.224.73.73

200 OK

134 B

URL HTTP/1.1
mail.zitic.duckdns.org/v/www17.wellsfargomedia.com/assets/images/css/template/img_print.png
IP
54.224.73.73:0
ASN
#14618 AMAZON-AES

File type
PNG image data, 14 x 12, 8-bit grayscale, non-interlaced\012- data
Size
134 B (134 bytes)
Hash
ed07b484af73610193cb8c7850a060d3
6acdb6fa2eb7890a132b7e24938a27b548ccb544
d6d272e61ccf4d57b23962568358f87656a7f820f580ab071d11fde58f6e45e6

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /v/www17.wellsfargomedia.com/assets/images/css/template/img_print.png HTTP/1.1
Host: mail.zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/v/www.wellsfargo.com/css/template/global.css
Cookie: kndctr_1BAA15F354F731E60A4C98A4_AdobeOrg_cluster=irl1; mdLogger=false; kampyle_userid=0b05-53a6-3db6-c9bc-1381-4fa7-4731-507f; kampyleUserSession=1665052101385; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:46:47 GMT
Server: Apache
Last-Modified: Mon, 25 Jul 2022 22:08:46 GMT
Accept-Ranges: bytes
Content-Length: 134
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

mail.zitic.duckdns.org/v/static.wellsfargo.com/assets/js/wfui/ndep/websdk/nuance-websdk-loader.js

54.224.73.73

404 Not Found

315 B

URL HTTP/1.1
mail.zitic.duckdns.org/v/static.wellsfargo.com/assets/js/wfui/ndep/websdk/nuance-websdk-loader.js
IP
54.224.73.73:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
fortinet	Phishing

HTTP Headers

GET /v/static.wellsfargo.com/assets/js/wfui/ndep/websdk/nuance-websdk-loader.js HTTP/1.1
Host: mail.zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/v/www.wellsfargo.com/help/online-banking/
Cookie: kndctr_1BAA15F354F731E60A4C98A4_AdobeOrg_cluster=irl1; mdLogger=false; kampyle_userid=0b05-53a6-3db6-c9bc-1381-4fa7-4731-507f; kampyleUserSession=1665052101385; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1

HTTP/1.1 404 Not Found
Date: Thu, 06 Oct 2022 10:46:47 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

www17.wellsfargomedia.com/assets/images/global/plus-button.png

104.110.27.78

200 OK

110 B

URL HTTP/2
www17.wellsfargomedia.com/assets/images/global/plus-button.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 16x16, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
110 B (110 bytes)
Hash
638efa83286ae3064086affec9ffa155
4f10a2ea2997fc670e693a2b9e49d66daedd010b
100ce535567998d54849a28ae56816f4b36177814655d15ca924df55a8537820

HTTP Headers

GET /assets/images/global/plus-button.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "519fc8a4-544"
last-modified: Mon, 25 Jul 2022 08:24:36 GMT
server: Akamai Image Manager
content-length: 110
content-type: image/webp
cache-control: private, no-transform, max-age=771041
expires: Sat, 15 Oct 2022 08:57:28 GMT
date: Thu, 06 Oct 2022 10:46:47 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/css/template/c68-icon-make-an-appointment.png

104.110.27.78

200 OK

351 B

URL HTTP/2
www17.wellsfargomedia.com/assets/images/css/template/c68-icon-make-an-appointment.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
PNG image data, 16 x 16, 8-bit gray+alpha, non-interlaced\012- data
Size
351 B (351 bytes)
Hash
1b82fb4265af1795adc529a2a16f3f92
eb687061feaea820e29ad0661e96a119a8a62796
ce6f5ec41cf987bc127514f912341dfdfc91bbf9862883c2ea33ec10c675bf00

HTTP Headers

GET /assets/images/css/template/c68-icon-make-an-appointment.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "53d03670-c2b"
last-modified: Mon, 25 Jul 2022 17:00:28 GMT
server: Akamai Image Manager
content-length: 351
content-type: image/png
cache-control: private, no-transform, max-age=977051
expires: Mon, 17 Oct 2022 18:10:58 GMT
date: Thu, 06 Oct 2022 10:46:47 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/css/template/c68-icon-call-us.png

104.110.27.78

200 OK

442 B

URL HTTP/2
www17.wellsfargomedia.com/assets/images/css/template/c68-icon-call-us.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
PNG image data, 19 x 19, 8-bit colormap, non-interlaced\012- data
Size
442 B (442 bytes)
Hash
021849d41b4b6156d850e5adf457001d
8af29aa10cd36c8045ea9ebb23850ebb218b0fab
48e3c79b5c5738c7cfd37a3efafba2948f3ea14a8f15f33809bde7527d5187da

HTTP Headers

GET /assets/images/css/template/c68-icon-call-us.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "519fc764-1e7"
last-modified: Mon, 25 Jul 2022 08:24:35 GMT
server: Akamai Image Manager
content-length: 442
content-type: image/png
cache-control: private, no-transform, max-age=672851
expires: Fri, 14 Oct 2022 05:40:58 GMT
date: Thu, 06 Oct 2022 10:46:47 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/global/minus-button.png

104.110.27.78

200 OK

92 B

URL HTTP/2
www17.wellsfargomedia.com/assets/images/global/minus-button.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 16x16, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
92 B (92 bytes)
Hash
4f7e0e980ea1431235e91c99fbe948b9
97917383755afa8bc8bf254c15442ff98604ec85
aeabc2776c48d2ea8a81c4765f0d1122d77c83e9d44597c76d9b03d3fdd8ec1a

HTTP Headers

GET /assets/images/global/minus-button.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "519fc8a4-4f1"
last-modified: Tue, 26 Jul 2022 07:35:12 GMT
server: Akamai Image Manager
content-length: 92
content-type: image/webp
cache-control: private, no-transform, max-age=1148312
expires: Wed, 19 Oct 2022 17:45:19 GMT
date: Thu, 06 Oct 2022 10:46:47 GMT
X-Firefox-Spdy: h2

push.services.mozilla.com/

34.215.107.141

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.215.107.141:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9JYPhV6XV5PFx6hO5GDLqA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: fyzL3dTKe+dEPMBRk2+QiBrbePc=

www17.wellsfargomedia.com/assets/images/css/template/img_facebook.png

104.110.27.78

200 OK

158 B

URL HTTP/2
www17.wellsfargomedia.com/assets/images/css/template/img_facebook.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 20x20, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
158 B (158 bytes)
Hash
2b29e2ab0a181b675c3a91a5daf2322c
7986adeec12fb7dfb3386f793662f634c842eb66
73b31bddb3e9b9e841725f10be78071daae55db39b60719eb73ffa94186edbbf

HTTP Headers

GET /assets/images/css/template/img_facebook.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "55209ab9-52d"
last-modified: Mon, 08 Aug 2022 16:03:34 GMT
server: Akamai Image Manager
content-length: 158
content-type: image/webp
cache-control: private, no-transform, max-age=2145910
expires: Mon, 31 Oct 2022 06:51:57 GMT
date: Thu, 06 Oct 2022 10:46:47 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/css/template/img_twitter.png

104.110.27.78

200 OK

186 B

URL HTTP/2
www17.wellsfargomedia.com/assets/images/css/template/img_twitter.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 20x20, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
186 B (186 bytes)
Hash
bf36c83f327f106b40a4a25396f68892
a47a4d66d99520946122236f23ec139c2252cae3
8bda07b34e5b9b98bc5b1609c1cb4327f829ec74484a558ae3873dd19b75953b

HTTP Headers

GET /assets/images/css/template/img_twitter.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "55209ab9-5a4"
last-modified: Mon, 25 Jul 2022 07:26:18 GMT
server: Akamai Image Manager
x-serial: 1787
x-check-cacheable: YES
content-length: 186
content-type: image/webp
cache-control: private, no-transform, max-age=712970
expires: Fri, 14 Oct 2022 16:49:37 GMT
date: Thu, 06 Oct 2022 10:46:47 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/css/template/social_show.png

104.110.27.78

200 OK

84 B

URL HTTP/2
www17.wellsfargomedia.com/assets/images/css/template/social_show.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 16x16, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
84 B (84 bytes)
Hash
6550aa7b280e5283194471eb87085983
b76e2eaf71fb1ae900ece375e4f0be5b23bc1ed0
daf8f3105a0bae551331bc9859b06561b50313d2cc0e3aa1b1aee9b7acd09cd4

HTTP Headers

GET /assets/images/css/template/social_show.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "55209ab9-3ca"
last-modified: Mon, 25 Jul 2022 08:19:23 GMT
server: Akamai Image Manager
content-length: 84
content-type: image/webp
cache-control: private, no-transform, max-age=943936
expires: Mon, 17 Oct 2022 08:59:03 GMT
date: Thu, 06 Oct 2022 10:46:47 GMT
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
ee9e15db28c6c174de4e0f2922e2b25c
9df4ed69f087ce66e15dec440470706a0b548474
3c2acc9d0d0eb77f7bb2e28a662473040984c2b2fe36be30b7acd45a45c504b3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 171
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 10:46:47 GMT
Last-Modified: Thu, 06 Oct 2022 10:43:56 GMT
Server: ECS (amb/6BB1)
X-Cache: HIT
Content-Length: 471

mail.zitic.duckdns.org/assets/images/global/s.gif?log=1&pid=222-17863-64&pageUrl=http%3A%2F%2Fmail.zitic.duckdns.org%2Fv%2Fwww.wellsfargo.com%2Fhelp%2Fonline-banking%2F&cb=1665053207547&event=PageLoad&eventDescription=DisplayTab&tabID=enrollandsignon&clist=182-171542-16~223-6253-32

54.224.73.73

404 Not Found

315 B

URL HTTP/1.1
mail.zitic.duckdns.org/assets/images/global/s.gif?log=1&pid=222-17863-64&pageUrl=http%3A%2F%2Fmail.zitic.duckdns.org%2Fv%2Fwww.wellsfargo.com%2Fhelp%2Fonline-banking%2F&cb=1665053207547&event=PageLoad&eventDescription=DisplayTab&tabID=enrollandsignon&clist=182-171542-16~223-6253-32
IP
54.224.73.73:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /assets/images/global/s.gif?log=1&pid=222-17863-64&pageUrl=http%3A%2F%2Fmail.zitic.duckdns.org%2Fv%2Fwww.wellsfargo.com%2Fhelp%2Fonline-banking%2F&cb=1665053207547&event=PageLoad&eventDescription=DisplayTab&tabID=enrollandsignon&clist=182-171542-16~223-6253-32 HTTP/1.1
Host: mail.zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/v/www.wellsfargo.com/help/online-banking/
Cookie: kndctr_1BAA15F354F731E60A4C98A4_AdobeOrg_cluster=irl1; mdLogger=false; kampyle_userid=0b05-53a6-3db6-c9bc-1381-4fa7-4731-507f; kampyleUserSession=1665052101385; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1

HTTP/1.1 404 Not Found
Date: Thu, 06 Oct 2022 10:46:47 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
60e15c331eace6c365b7907684305d5b
0bd2b17c8e69678b43b2beb1beb81cb059f848b7
9fba594974e3d01120b06149dbe25cbdd65a33f81a5a362283146b3472aa0aaa

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2328
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 10:46:47 GMT
Last-Modified: Thu, 06 Oct 2022 10:07:59 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

www17.wellsfargomedia.com/favicon.ico

104.110.27.78

200 OK

3.8 kB

URL HTTP/2
www17.wellsfargomedia.com/favicon.ico
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
MS Windows icon resource - 1 icon, 48x48, 8 bits/pixel\012- data
Size
3.8 kB (3774 bytes)
Hash
fc6d7821d387a8d5e630daa63ec39f10
91d3962918d4caf70de23cdf245f85881883c789
2420e2dd77fbe0494070da2c201f6fcdd613c7652c06d086137e8c41d129f254

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/x-icon
content-length: 3774
last-modified: Mon, 05 Sep 2022 08:30:50 GMT
etag: "6315b3ba-ebe"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=49485
expires: Fri, 07 Oct 2022 00:31:32 GMT
date: Thu, 06 Oct 2022 10:46:47 GMT
X-Firefox-Spdy: h2

mail.zitic.duckdns.org/v/www.wellsfargo.com/assets/images/icons/icon-hires_192x192.png

54.224.73.73

200 OK

3.5 kB

URL HTTP/1.1
mail.zitic.duckdns.org/v/www.wellsfargo.com/assets/images/icons/icon-hires_192x192.png
IP
54.224.73.73:0
ASN
#14618 AMAZON-AES

File type
PNG image data, 192 x 192, 8-bit colormap, non-interlaced\012- data
Size
3.5 kB (3535 bytes)
Hash
747ec8a6d8d3fba144f633730beed248
b964bae36903dc313023c922808a2956e21a77fe
ec992654b49d3bd0e6bec47d8dc6b4c82cb763c17edbd5a4d6da2f4b27846825

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /v/www.wellsfargo.com/assets/images/icons/icon-hires_192x192.png HTTP/1.1
Host: mail.zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/v/www.wellsfargo.com/help/online-banking/
Cookie: kndctr_1BAA15F354F731E60A4C98A4_AdobeOrg_cluster=irl1; mdLogger=false; kampyle_userid=0b05-53a6-3db6-c9bc-1381-4fa7-4731-507f; kampyleUserSession=1665052101385; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:46:47 GMT
Server: Apache
Last-Modified: Sat, 14 Aug 2021 00:00:54 GMT
Accept-Ranges: bytes
Content-Length: 3535
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png

static.wellsfargo.com/tracking/main/utag.js

159.45.2.178

200 OK

54 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.js
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
Unicode text, UTF-8 text, with very long lines (21397)
Size
54 kB (53864 bytes)
Hash
26bb07cb24ec9407cc5e5b66a69874ba
3b7a1b1f6e96cccdd1eb3cd04e81598619eb94fc
35d1ca2c89af89baebef9b8a93866f5a90ab51831cc3b8db9718e276ab28c0d4

HTTP Headers

GET /tracking/main/utag.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:46:47 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 04 Oct 2022 20:01:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"633c9124-4fa06"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

54.224.73.73

404 Not Found

315 B

URL HTTP/1.1
mail.zitic.duckdns.org/assets/images/global/s.gif?log=1&cb=1664575123782&event=PageLoad&pid=222-17863-64&ptid=91-6232-128&pageUrl=https%3A%2F%2Fwww.wellsfargo.com%2Fhelp%2Fonline-banking%2F&clist=182-171513-16~223-4119-32|182-171542-16~223-6253-32|84-17541-16~91-6213-32|84-17567-16~91-6213-32|84-171545-16~91-6213-32|84-17712-16~91-6213-32|84-17646-16~91-6213-32|84-170878-16~91-6213-32|84-170879-16~91-6213-32|84-157536-16~91-6213-32|84-16221-16~91-6213-32|84-17435-16~91-6213-32|84-17204-16~91-6213-32|84-17717-16~91-6213-32|84-158114-16~91-6213-32|84-7187-16~91-6213-32|84-7208-16~91-6213-32|182-171597-16~223-6249-32|84-17316-16~91-6213-32|84-17296-16~91-6213-32|84-133397-16~91-6213-32|84-17429-16~91-6213-32|84-17375-16~91-6213-32|182-171598-16~223-6249-32|182-169170-16~223-3753-32|84-164790-16~91-1924-32|84-162984-16~91-1924-32|84-170735-16~91-1924-32|84-17744-16~91-1924-32|84-5529-16~91-2045-32|84-15318-16~91-1924-32|84-147998-16~91-1924-32|84-17799-16~91-1924-32|84-161919-16~91-1924-32|84-20661-16~91-1924-32|84-223467-16~91-1924-32|84-207756-16~91-1924-32|84-171543-16~91-6222-32|84-6876-16~91-6227-32
IP
54.224.73.73:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /assets/images/global/s.gif?log=1&cb=1664575123782&event=PageLoad&pid=222-17863-64&ptid=91-6232-128&pageUrl=https%3A%2F%2Fwww.wellsfargo.com%2Fhelp%2Fonline-banking%2F&clist=182-171513-16~223-4119-32|182-171542-16~223-6253-32|84-17541-16~91-6213-32|84-17567-16~91-6213-32|84-171545-16~91-6213-32|84-17712-16~91-6213-32|84-17646-16~91-6213-32|84-170878-16~91-6213-32|84-170879-16~91-6213-32|84-157536-16~91-6213-32|84-16221-16~91-6213-32|84-17435-16~91-6213-32|84-17204-16~91-6213-32|84-17717-16~91-6213-32|84-158114-16~91-6213-32|84-7187-16~91-6213-32|84-7208-16~91-6213-32|182-171597-16~223-6249-32|84-17316-16~91-6213-32|84-17296-16~91-6213-32|84-133397-16~91-6213-32|84-17429-16~91-6213-32|84-17375-16~91-6213-32|182-171598-16~223-6249-32|182-169170-16~223-3753-32|84-164790-16~91-1924-32|84-162984-16~91-1924-32|84-170735-16~91-1924-32|84-17744-16~91-1924-32|84-5529-16~91-2045-32|84-15318-16~91-1924-32|84-147998-16~91-1924-32|84-17799-16~91-1924-32|84-161919-16~91-1924-32|84-20661-16~91-1924-32|84-223467-16~91-1924-32|84-207756-16~91-1924-32|84-171543-16~91-6222-32|84-6876-16~91-6227-32 HTTP/1.1
Host: mail.zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/v/www.wellsfargo.com/help/online-banking/
Cookie: kndctr_1BAA15F354F731E60A4C98A4_AdobeOrg_cluster=irl1; mdLogger=false; kampyle_userid=0b05-53a6-3db6-c9bc-1381-4fa7-4731-507f; kampyleUserSession=1665052101385; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1

HTTP/1.1 404 Not Found
Date: Thu, 06 Oct 2022 10:46:48 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

data.schemaapp.com/WellsFargo/aHR0cDovL21haWwueml0aWMuZHVja2Rucy5vcmcvdi93d3cud2VsbHNmYXJnby5jb20vaGVscC9vbmxpbmUtYmFua2luZy8

54.230.111.53

200 OK

0 B

URL HTTP/2
data.schemaapp.com/WellsFargo/aHR0cDovL21haWwueml0aWMuZHVja2Rucy5vcmcvdi93d3cud2VsbHNmYXJnby5jb20vaGVscC9vbmxpbmUtYmFua2luZy8
IP
54.230.111.53:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /WellsFargo/aHR0cDovL21haWwueml0aWMuZHVja2Rucy5vcmcvdi93d3cud2VsbHNmYXJnby5jb20vaGVscC9vbmxpbmUtYmFua2luZy8 HTTP/1.1
Host: data.schemaapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-api-key
Referer: http://mail.zitic.duckdns.org/
Origin: http://mail.zitic.duckdns.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-length: 0
date: Thu, 06 Oct 2022 10:46:49 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-headers: x-api-key
access-control-expose-headers: x-amz-meta-source
access-control-max-age: 3000
server: AmazonS3
strict-transport-security: max-age=31536000; includeSubDomains;
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Miss from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: tuoWTWMAhzK1_GGa0AHbsvPh-l8n2XbOgmnRzQ4_jYEnRQChpZ75MQ==
X-Firefox-Spdy: h2

static.wellsfargo.com/tracking/ga/gtag.js?id=UA-107148943-1

159.45.2.178

200 OK

45 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/ga/gtag.js?id=UA-107148943-1
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (65508)
Size
45 kB (45086 bytes)
Hash
f0bce3a74e635ab88b299b1f625c99a4
345faf01029820b11abc73022ece8fb8e51cc321
faebd8dced2c15d37da85427c6e60aecb6a1a5f75e888280d447e93e64102c8e

HTTP Headers

GET /tracking/ga/gtag.js?id=UA-107148943-1 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:46:48 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"613a44c0-1ca73"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/tracking/main/utag.319.js?utv=ut4.48.202209142209

159.45.2.178

200 OK

2.6 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.319.js?utv=ut4.48.202209142209
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (2571)
Size
2.6 kB (2613 bytes)
Hash
270dd8154d461df44b468039bd358e3d
75cfff528bf6a5b8cf3f2b186c06bf3facb78538
591ddca6ea1ce23bccb267ca1e5fc99ce9c4a463361905e8dc2ff7d544710c0b

HTTP Headers

GET /tracking/main/utag.319.js?utv=ut4.48.202209142209 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:46:48 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 22 Sep 2022 20:06:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"632cc04d-1b84"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
da760bd41ef8ff9370254bfa22f58538
d2913d670acf488ba2460758095e8238c1d47966
92af768a29358479e72788fbbb20cfd27aad26588b07a3218968710da11a2d37

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:46:48 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2022 13:42:54 GMT
Expires: Wed, 12 Oct 2022 13:42:53 GMT
Etag: "d2913d670acf488ba2460758095e8238c1d47966"
Cache-Control: max-age=528364,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 755dd0b87c91b517-OSL

cdn.schemaapp.com/highlighter/prod/WellsFargo/aHR0cDovL21haWwueml0aWMuZHVja2Rucy5vcmc

54.230.111.3

200 OK

0 B

URL HTTP/2
cdn.schemaapp.com/highlighter/prod/WellsFargo/aHR0cDovL21haWwueml0aWMuZHVja2Rucy5vcmc
IP
54.230.111.3:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /highlighter/prod/WellsFargo/aHR0cDovL21haWwueml0aWMuZHVja2Rucy5vcmc HTTP/1.1
Host: cdn.schemaapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-account-id,x-api-key
Referer: http://mail.zitic.duckdns.org/
Origin: http://mail.zitic.duckdns.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
TE: trailers

HTTP/2 200 OK
content-length: 0
date: Thu, 06 Oct 2022 10:46:49 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-headers: x-account-id, x-api-key
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: jdISUcLvcKdbKwtAwrgy9FCFyj_sE0Cdq_6UeAZSmlCySOdGliNy7A==
X-Firefox-Spdy: h2

static.wellsfargo.com/tracking/main/utag.328.js?utv=ut4.48.202207272202

159.45.2.178

200 OK

2.2 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.328.js?utv=ut4.48.202207272202
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (15058)
Size
2.2 kB (2248 bytes)
Hash
420683ca7854e6bef9d5433124c6040e
aad1b9f71f2c30deee478658bb6e453c2c7f3a5a
8851d5126d7413e67465c2cb8bc2adaba4dd4b39deac58a33c9dc2e4d53f8268

HTTP Headers

GET /tracking/main/utag.328.js?utv=ut4.48.202207272202 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:46:48 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 28 Jul 2022 20:08:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62e2eca5-413e"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14192
Expires: Thu, 06 Oct 2022 14:43:20 GMT
Date: Thu, 06 Oct 2022 10:46:48 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14192
Expires: Thu, 06 Oct 2022 14:43:20 GMT
Date: Thu, 06 Oct 2022 10:46:48 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7511 bytes)
Hash
9e520f87cae411cfc2ed1c8a14184385
69ad212cb7ae309d4f02019552887135bfae67da
723b10bfbcde201b5811e3bd0560f02f90775e4d18b28d19e6c814899f2da71a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7511
x-amzn-requestid: 995b51dd-5484-4b4c-ad40-550f7fd85930
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO6uG70IAMFjBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df844-70f17f6f24dce0003d03902a;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:33:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: BddSUzh-PKiFmfw2p9gPW-B0qtrXWxCXfee29Pk-wLqN7RO21Yic6g==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 f7283f3fe2c258cf54f8b7d3dd272e0e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:37:06 GMT
age: 47382
etag: "69ad212cb7ae309d4f02019552887135bfae67da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

data.schemaapp.com/WellsFargo/aHR0cDovL21haWwueml0aWMuZHVja2Rucy5vcmcvdi93d3cud2VsbHNmYXJnby5jb20vaGVscC9vbmxpbmUtYmFua2luZy8

54.230.111.53

200 OK

0 B

URL HTTP/2
data.schemaapp.com/WellsFargo/aHR0cDovL21haWwueml0aWMuZHVja2Rucy5vcmcvdi93d3cud2VsbHNmYXJnby5jb20vaGVscC9vbmxpbmUtYmFua2luZy8
IP
54.230.111.53:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WellsFargo/aHR0cDovL21haWwueml0aWMuZHVja2Rucy5vcmcvdi93d3cud2VsbHNmYXJnby5jb20vaGVscC9vbmxpbmUtYmFua2luZy8 HTTP/1.1
Host: data.schemaapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-api-key: XPJKP-GI7DG-FVNWZ-45W51
Origin: http://mail.zitic.duckdns.org
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/json
content-length: 0
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: x-amz-meta-source
access-control-max-age: 3000
date: Thu, 06 Oct 2022 10:46:47 GMT
server: AmazonS3
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: max-age=14400
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Miss from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5QZfDx4U6K5G-ufEySKNK9ANvNodbYjjbJt5p1JHH6Galzx0FjCGtQ==
X-Firefox-Spdy: h2

static.wellsfargo.com/tracking/main/utag.117.js?utv=ut4.48.202112070053

159.45.2.178

200 OK

1.5 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.117.js?utv=ut4.48.202112070053
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (8097)
Size
1.5 kB (1541 bytes)
Hash
98ea64d15274eed87401b2a479775049
54835f985edf79c1911926f35a454eed5462d672
ca6044266cd44788cd4fa4910c8bcae5bef1bc1c213eafb436c00cea0db2c79b

HTTP Headers

GET /tracking/main/utag.117.js?utv=ut4.48.202112070053 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:46:48 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 18 Feb 2021 22:15:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"602ee6f8-2166"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/tracking/main/utag.136.js?utv=ut4.48.202208102110

159.45.2.178

200 OK

4.3 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.136.js?utv=ut4.48.202208102110
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (55064), with CRLF line terminators
Size
4.3 kB (4329 bytes)
Hash
d0411178a32feb6cf283839f7d2adc0f
b48614403124421a7c1072238276d834c8c16fbc
9d4f430c94cc8de26993a0b05eaaedc4c5121f5c69a47aa13cb7ddf44cd1521f

HTTP Headers

GET /tracking/main/utag.136.js?utv=ut4.48.202208102110 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:46:48 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 11 Aug 2022 20:02:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62f56058-d8e3"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

34.120.237.76

200 OK

9.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccecc8c9-b6da-4470-b2be-fa8d46df1cc2.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.0 kB (9044 bytes)
Hash
70ea26af79226e9ff06d6198e2c019dc
ae2c476667f63c7f642f0d9f4d0bc0d846b0ef57
f9393e7b8cbaedc8e1ef87fd89c617cf102f58813d84d866ff68e3124f94d44c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccecc8c9-b6da-4470-b2be-fa8d46df1cc2.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9044
x-amzn-requestid: 127bce04-9f75-4bb1-bbe7-33bf1694d96c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZdZPmHG5oAMFehw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ba263-3896085b3b73ff5403237206;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 03:02:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: E4yZTPRLFdK717YfwjOIFOJDi0wYpyA736dQELeM5iPLvGDXBosEWg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 05:04:17 GMT
age: 20551
etag: "ae2c476667f63c7f642f0d9f4d0bc0d846b0ef57"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.3 kB (7270 bytes)
Hash
e238ccaa3b9fa88476a8514855e8232f
447cbf348ef10d0136a1811e843c46937defbba1
43dce3c1eb388dfaddca4176acb6eb32f76fc4c03fca18e7a315c9ddb43d2b02

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7270
x-amzn-requestid: e5d0bb7a-b9d5-49b1-b51c-8db019da641f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjQOGEQloAMFjgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633dfa5a-519d91fb0b83920960da479d;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:42:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: l1HGT5ycH36vVojsOPFptRSU1YJFvLbBsgiWJqzRlRIGgm2o5vf6jg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:58:56 GMT
etag: "447cbf348ef10d0136a1811e843c46937defbba1"
content-type: image/jpeg
age: 46072
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fac259b-7a22-4aa2-ba3f-682cb749091c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11080 bytes)
Hash
2277f8f2d93b4bc3b05d348343177892
531d9e4ec9078cd2d7376a19fcb287084af36c82
62907648de4a2ed390232a71ab7dce49f1e9c3363cde6a2f30ecae10ab67f93a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fac259b-7a22-4aa2-ba3f-682cb749091c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11080
x-amzn-requestid: 8fa4d19d-87a5-46c5-96c5-4aec793daad9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO7xE5eoAMFQLw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df84b-5c422c7a168c014f57559037;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:34:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: LySueW1si-yWLwecUILV1s57IEV2FdcQ9_pH1Aoe4AYISi7QXXfd3A==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:39:28 GMT
age: 47240
etag: "531d9e4ec9078cd2d7376a19fcb287084af36c82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

cdn.schemaapp.com/javascript/schemaFunctions.min.js

54.230.111.3

200 OK

2.6 kB

URL HTTP/2
cdn.schemaapp.com/javascript/schemaFunctions.min.js
IP
54.230.111.3:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (14899)
Size
2.6 kB (2609 bytes)
Hash
3f997e5142b96335accdf5f07a90cffe
ff81b52122c3c5b7faccfcdf9ec82a9020038849
c05377ac46364b09ad5f93b0999f3657bbda889546baff8ddbfec14ac0e0bfa0

HTTP Headers

GET /javascript/schemaFunctions.min.js HTTP/1.1
Host: cdn.schemaapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
x-amz-replication-status: COMPLETED
last-modified: Thu, 03 Jun 2021 19:02:30 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: ebtKiJ.k06e6HWGVnUjCEswYzQTrKhD5
server: AmazonS3
content-encoding: gzip
date: Thu, 29 Sep 2022 21:19:59 GMT
cache-control: max-age=699840
etag: W/"fa714262345ea0338a058d93199f56ed"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: CXFt_KsEsUB5M6GU5jz2_5HjVWyF6Kispe7ew39BRxeBOdlWQ3QoYg==
age: 566829
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feda182b7-6bc8-4aea-82c3-d9fa08748b61.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.4 kB (7385 bytes)
Hash
e5a5ee14d41747f46e71f04782e1a3d3
b0205176a58913f57056b91674097bfb58046e97
b3bae0b56b50374cb85fc7fe4c9b551383d1969bf31e7adccb867e3467c59269

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feda182b7-6bc8-4aea-82c3-d9fa08748b61.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7385
x-amzn-requestid: 7ada8e43-9cb5-4793-9289-e308e9565e7d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjOZoF7aIAMF43A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df770-73da01595d32809e08b93a83;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:30:24 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: 14qQi5wDI-_EgyghHCMjRtdZliSj3L6veSqIeBoEjCTfdZfrKb-UzA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 7d01bcfcfe27ce0b8979cf621dd081de.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:37:06 GMT
etag: "b0205176a58913f57056b91674097bfb58046e97"
content-type: image/jpeg
age: 47382
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

static.wellsfargo.com/tracking/main/utag.166.js?utv=ut4.48.202208100004

159.45.2.178

200 OK

2.6 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.166.js?utv=ut4.48.202208100004
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (13150), with CRLF line terminators
Size
2.6 kB (2600 bytes)
Hash
af5ecbbfa71cf9fb1890a16293a849ea
7c3917f40470f704d11d8410be7e975af7f180b0
2e134150a5652a1405756a04815f3cb049d3aac6dd8cc9be842a3455dda567ea

HTTP Headers

GET /tracking/main/utag.166.js?utv=ut4.48.202208100004 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:46:48 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 11 Aug 2022 20:02:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62f56058-39d1"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

34.120.237.76

200 OK

8.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5b87135-538c-4c9f-b146-1da5b13ce157.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.4 kB (8360 bytes)
Hash
a7bcc50ecfeeca47de68cb437e966f29
e98c870fd29b56fa4c3847008bedc0f01f222744
47a82bb40ead4346323b68c886cb88528cb2162666e9549b2ab215b86a499985

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5b87135-538c-4c9f-b146-1da5b13ce157.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8360
x-amzn-requestid: c1f21bfa-3ceb-4661-97b8-0d7475f0e911
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZKLlLG0joAMFQqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6333f2ed-43993b1377e9fbaf4e9443d2;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 07:08:29 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: kyp8p-Jm92bA3VDbsKDiD_JnS2eekJFUkMjYXquZ1D15WthqXoSlsA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:57:01 GMT
age: 46187
etag: "e98c870fd29b56fa4c3847008bedc0f01f222744"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

static.wellsfargo.com/tracking/main/utag.225.js?utv=ut4.48.202208301942

159.45.2.178

200 OK

2.0 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.225.js?utv=ut4.48.202208301942
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (14389), with CRLF line terminators
Size
2.0 kB (2028 bytes)
Hash
0a1f28ee2d9f4400d8cf7b2084cd75ef
881c3d612b62db99ee20be8dc123976041a99ae8
d0212788e34ae02ba53fcf465c24b34daaa894ea8194255d7c75fbbb1d6e7561

HTTP Headers

GET /tracking/main/utag.225.js?utv=ut4.48.202208301942 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:46:48 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 11 Aug 2022 20:02:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62f56054-3ea8"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/tracking/main/utag.379.js?utv=ut4.48.202207272202

159.45.2.178

200 OK

1.1 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.379.js?utv=ut4.48.202207272202
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (1071)
Size
1.1 kB (1132 bytes)
Hash
be33c3150315d92aaae2dd3f471f7e4e
e8807f0617c3f06b238aec8ebcf93ab846e619af
15ee0686aeb15b05f562cd16166152540f132425c01ed5268d70a53d8a81cb7a

HTTP Headers

GET /tracking/main/utag.379.js?utv=ut4.48.202207272202 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:46:48 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 28 Jul 2022 20:08:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62e2eca5-86e"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/tracking/main/utag.384.js?utv=ut4.48.202208101746

159.45.2.178

200 OK

4.5 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.384.js?utv=ut4.48.202208101746
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (20219), with CRLF line terminators
Size
4.5 kB (4498 bytes)
Hash
4c0349dd734ccb6d8e8e7623b1f7ae6d
b7b4c964104051333ba40303abf04653021319e7
78cb0c0a2e99cba235f7f99b436f3175f27f45872905afaffbae7a278c53e09b

HTTP Headers

GET /tracking/main/utag.384.js?utv=ut4.48.202208101746 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:46:48 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 11 Aug 2022 20:02:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62f56055-74c7"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/tracking/main/utag.381.js?utv=ut4.48.202209121603

159.45.2.178

200 OK

8.9 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.381.js?utv=ut4.48.202209121603
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (53448)
Size
8.9 kB (8905 bytes)
Hash
fa32a86db1201fd16a1ffad9bd9f7227
d03c84e85b4ecdfb12c65ad199d2ea35a4218fd7
6f152dcff72a37369ae8eac535bc29ed8ff4575fc220b9362535a1c5c1ab0ee9

HTTP Headers

GET /tracking/main/utag.381.js?utv=ut4.48.202209121603 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:46:48 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 15 Sep 2022 20:12:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6323871b-16edd"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/tracking/main/utag.431.js?utv=ut4.48.202107202150

159.45.2.178

200 OK

1.3 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.431.js?utv=ut4.48.202107202150
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (1071)
Size
1.3 kB (1302 bytes)
Hash
6b1893e708596451fe24ba0542af6968
64f6d916c0fa5d4ed53d7af241edc228403f7733
d02ba9b5bff6d6dd10c51121cfa90bee0a178af4fd5bc5b7d2401e4717c2fbc0

HTTP Headers

GET /tracking/main/utag.431.js?utv=ut4.48.202107202150 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:46:48 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 29 Jul 2021 21:00:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"610316f8-9eb"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/tracking/main/utag.396.js?utv=ut4.48.202209192333

159.45.2.178

200 OK

1.6 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.396.js?utv=ut4.48.202209192333
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (6813), with CRLF line terminators
Size
1.6 kB (1628 bytes)
Hash
b0eaf99033dacb91df01cca9f18c5efd
c36cef3a700b34b9d1298bf2c93e396b95a27222
916f35f839cc40c2eccad5d01538ed4adb46de9d51e9b95bdb9dd3598a3c8d0f

HTTP Headers

GET /tracking/main/utag.396.js?utv=ut4.48.202209192333 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:46:48 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 22 Sep 2022 20:06:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"632cc033-2110"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/tracking/main/utag.397.js?utv=ut4.48.202209192301

159.45.2.178

200 OK

1.8 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.397.js?utv=ut4.48.202209192301
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (8790), with CRLF line terminators
Size
1.8 kB (1799 bytes)
Hash
83ec4867fa7d7a18fe8379520ca7c873
549c4bc01430a3a6aeddf8e235438bcd19d4d40a
88bb418f969436f16382dca8ded387c0513dda2648a6e11f61ff338e28d16f35

HTTP Headers

GET /tracking/main/utag.397.js?utv=ut4.48.202209192301 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:46:48 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 22 Sep 2022 20:06:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"632cc032-28c9"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/tracking/main/utag.403.js?utv=ut4.48.202104051735

159.45.2.178

200 OK

1.3 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.403.js?utv=ut4.48.202104051735
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (1071)
Size
1.3 kB (1298 bytes)
Hash
d9e09275c6f22e92f2ba7f907f9d1c31
712ff938b4ae788338fa1d926af874b7fbe7ab58
15c605e2b2babb99517d3b0f36ef52191d80d7a448b0089d0f254ac52559d217

HTTP Headers

GET /tracking/main/utag.403.js?utv=ut4.48.202104051735 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:46:48 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 15 Apr 2021 21:15:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6078ace7-a3a"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/tracking/main/utag.413.js?utv=ut4.48.202207272202

159.45.2.178

200 OK

1.4 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.413.js?utv=ut4.48.202207272202
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (1317)
Size
1.4 kB (1352 bytes)
Hash
7d2d9e509acf171d299a8fd31ef8ca0d
64cd01f823e796aa972ba0bd3349b21847dee603
c47666bd3cde639619863664b81db5e312723c4e87287993b4ebb1f12af0733c

HTTP Headers

GET /tracking/main/utag.413.js?utv=ut4.48.202207272202 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:46:48 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 28 Jul 2022 20:08:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62e2eca1-b91"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/tracking/main/utag.471.js?utv=ut4.48.202209271731

159.45.2.178

200 OK

2.5 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.471.js?utv=ut4.48.202209271731
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (995)
Size
2.5 kB (2457 bytes)
Hash
5245bcf67d3ef6caa0e9c2185d20c08a
aa2ad19ae558fe7f58b3770873c8683ce91fba4c
343bc115dd405111bb74587ffb571d9c0f7fe4c9da381b88109998c2c7cf5f48

HTTP Headers

GET /tracking/main/utag.471.js?utv=ut4.48.202209271731 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:46:48 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 04 Oct 2022 20:01:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"633c9122-19fb"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

cdn.schemaapp.com/highlighter/prod/WellsFargo/aHR0cDovL21haWwueml0aWMuZHVja2Rucy5vcmc

54.230.111.3

200 OK

2 B

URL HTTP/2
cdn.schemaapp.com/highlighter/prod/WellsFargo/aHR0cDovL21haWwueml0aWMuZHVja2Rucy5vcmc
IP
54.230.111.3:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

HTTP Headers

GET /highlighter/prod/WellsFargo/aHR0cDovL21haWwueml0aWMuZHVja2Rucy5vcmc HTTP/1.1
Host: cdn.schemaapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://mail.zitic.duckdns.org/
x-account-id: WellsFargo
x-api-key: XPJKP-GI7DG-FVNWZ-45W51
Origin: http://mail.zitic.duckdns.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/json
content-length: 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
last-modified: Tue, 11 Dec 2018 16:01:38 GMT
x-amz-version-id: 4FsmemwQuur.Z0jxvea6XGJagB0M87fi
accept-ranges: bytes
server: AmazonS3
date: Thu, 06 Oct 2022 10:11:08 GMT
etag: "99914b932bd37a50b983c5e7c90ae93b"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Error from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xw23Xk4Om_KRkalzLWjIEpFOxPi58alArh8KP3A9jHDdfpvNNfOgSg==
age: 2974
X-Firefox-Spdy: h2

static.wellsfargo.com/tracking/main/utag.505.js?utv=ut4.48.202209131956

159.45.2.178

200 OK

2.8 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.505.js?utv=ut4.48.202209131956
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (1430)
Size
2.8 kB (2760 bytes)
Hash
b2e03f6d954a4357a7268c29f963c4f0
33e8f489c2444aa2ac08b82d692c995836020fcf
7ed82ca71abf90288110fed75cb12480d77721dca21fc258f21d3e6536df8db8

HTTP Headers

GET /tracking/main/utag.505.js?utv=ut4.48.202209131956 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:46:49 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 15 Sep 2022 20:12:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6323871b-197d"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js

159.45.2.178

200 OK

14 kB

URL HTTP/1.1
static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (32088), with CRLF line terminators
Size
14 kB (14304 bytes)
Hash
3aebe41731e9656c48b87e8e8b2d1177
43369d1732f4ad8a5e7a1e9a3e133d96945afe02
6cf0cd136cefa8b4cce2da6ead22c33b83af4af3e87d7e4e9589b60f6ce4e395

HTTP Headers

GET /assets/js/wfui/appdynamics/adrum-ext.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:46:49 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 09 Mar 2021 18:36:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6047c047-b11c"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip

static.wellsfargo.com/tracking/medallia/wdcusprem/57907/onsite/medallia-digital-embed.js

159.45.2.178

200 OK

961 B

URL HTTP/1.1
static.wellsfargo.com/tracking/medallia/wdcusprem/57907/onsite/medallia-digital-embed.js
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (577)
Size
961 B (961 bytes)
Hash
fdb41e651caf483e7aef91805f810c24
91fc1ceef8d8466f20133e680e77b4dc6de9e8f4
ffd6d341df741ab75634dc5345d0bb8b489fb84de377ef4c2445c4e355fc9cc3

HTTP Headers

GET /tracking/medallia/wdcusprem/57907/onsite/medallia-digital-embed.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:46:49 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 28 Apr 2022 00:53:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6269e590-96c"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/tracking/alloy/alloy.js

159.45.2.178

200 OK

25 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/alloy/alloy.js
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
Unicode text, UTF-8 text, with very long lines (65505)
Size
25 kB (24609 bytes)
Hash
9a021c3b9dea16b9bedb216b6b195cdd
f767ed7dba6d08b08ffc5b35fb0468eb00c66a25
54b94b3b7c4900d7012f824d21f9fa94928055f6cae6c59c23d88a10eaa79e95

HTTP Headers

GET /tracking/alloy/alloy.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:46:49 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 25 Aug 2022 20:01:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6307d531-12d93"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js

159.45.2.178

200 OK

16 kB

URL HTTP/1.1
static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (599)
Size
16 kB (15970 bytes)
Hash
18a9dcc7cee831010cf1647c8e39088a
731f39c30835414c6e165dd4687bf4071fe0eb10
1dc439a17ef08f995584c4869ccc397120b2502b57ba40240887df28e347be9b

HTTP Headers

GET /assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:46:49 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 03 Mar 2021 23:46:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60401fd0-bbed"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip

static.wellsfargo.com/tracking/medallia/wdcusprem/57907/onsite/generic1649789670809.js

159.45.2.178

200 OK

82 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/medallia/wdcusprem/57907/onsite/generic1649789670809.js
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
Unicode text, UTF-8 text, with very long lines (11631)
Size
82 kB (81476 bytes)
Hash
94d4aed186bc1e91168480ab7abe9623
086e008f5989cfd43dbb39a4506013a3e458319b
f8b0db24893cab8e4a951ea60ac3c65b7803b9ca558ca7527df58d534d8d8b08

HTTP Headers

GET /tracking/medallia/wdcusprem/57907/onsite/generic1649789670809.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:46:49 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 28 Apr 2022 00:53:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6269e590-57c18"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
cd4b79bba0fd50aa52ce7651c802a4c2
f2c9a468baeee591930a52768f69d03b32a6f9d9
895dd9332f266d5e1fd15b2ad883fe80d0fdfbd4fe61e85942b2785da969fd90

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5073
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 10:46:49 GMT
Last-Modified: Thu, 06 Oct 2022 09:22:16 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

static.wellsfargo.com/tracking/gb/detector-dom.min.js

159.45.2.178

200 OK

132 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/gb/detector-dom.min.js
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (65434)
Size
132 kB (131829 bytes)
Hash
73ad7a8f8ccda765b898b038f90d8274
756ac35ad2422d93a0b327dfeff7fe9200695883
60ccc38cf175aba7cbe63bf1ec6319b5c1648d9a52014dfefa6ec718476a17b7

HTTP Headers

GET /tracking/gb/detector-dom.min.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:46:49 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 22 Sep 2022 20:03:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"632cbfa4-6b8d3"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

resources.digital-cloud-prem.medallia.com/wdcusprem/57907/onsite/onsiteData.json

151.101.85.230

200 OK

1.5 kB

URL HTTP/2
resources.digital-cloud-prem.medallia.com/wdcusprem/57907/onsite/onsiteData.json
IP
151.101.85.230:0
ASN
#54113 FASTLY

File type
JSON data\012- , ASCII text, with very long lines (2056)
Size
1.5 kB (1456 bytes)
Hash
c9e0528f64d1e24fbfea3ed57c48a781
5c68095e947a74761541c7e78517e5ec7da48f99
edbcc863269fbfbc0aa044b7a54a4c06538f254869b87c25ab24628a40a97560

HTTP Headers

GET /wdcusprem/57907/onsite/onsiteData.json HTTP/1.1
Host: resources.digital-cloud-prem.medallia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://mail.zitic.duckdns.org
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: uxyB8aCGqOqiMLhWek+ms91byROlBpG+9oq5B0LY6ylUg7kYIVfv07w3RqBrNKkmulBF4oq8yuo=
x-amz-request-id: 6Q220M36ZA4Q7HGT
last-modified: Mon, 29 Aug 2022 14:36:24 GMT
etag: "4dd8128146b81339a1aabe91b5ddbafa"
x-amz-version-id: h0XCleBJUwMzYgUwLc_VpXobL_hX1j6f
content-type: application/json
server: AmazonS3
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
access-control-allow-origin: *
cache-control: max-age=0,must-revalidate
accept-ranges: bytes
date: Thu, 06 Oct 2022 10:46:49 GMT
age: 1084353
x-served-by: cache-pao12023-PAO, cache-bma1657-BMA
x-cache: HIT, HIT
x-cache-hits: 193, 5
x-timer: S1665053209.480311,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=31557600
content-length: 1456
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/css/template/bg-top-feedback.png

104.110.27.78

200 OK

52 B

URL HTTP/2
www17.wellsfargomedia.com/assets/images/css/template/bg-top-feedback.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1x12, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
52 B (52 bytes)
Hash
096af1842eb0bd1f095b81842c009771
7178d6bbd7ddbe085c15852c2914273996639fd7
0967c104f8b1b584988a411d4f02492c3efeef140753b67acd4be2b2b6c6f656

HTTP Headers

GET /assets/images/css/template/bg-top-feedback.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "519fc760-90"
last-modified: Mon, 25 Jul 2022 17:00:02 GMT
server: Akamai Image Manager
content-length: 52
content-type: image/webp
cache-control: private, no-transform, max-age=976796
expires: Mon, 17 Oct 2022 18:06:45 GMT
date: Thu, 06 Oct 2022 10:46:49 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/css/template/bg-bottom-feedback.png

104.110.27.78

200 OK

66 B

URL HTTP/2
www17.wellsfargomedia.com/assets/images/css/template/bg-bottom-feedback.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1x24, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
66 B (66 bytes)
Hash
26a05ac317f055346dbe5322432c5a05
636b1244715b875b9998c9faaeb123d5400cd51d
46372cced2db5318d4727eec97c553a419d45ebf846724849915ab142fa945f5

HTTP Headers

GET /assets/images/css/template/bg-bottom-feedback.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "519fc740-ac"
last-modified: Mon, 25 Jul 2022 17:00:04 GMT
server: Akamai Image Manager
x-serial: 431
x-check-cacheable: YES
content-length: 66
content-type: image/webp
cache-control: private, no-transform, max-age=808118
expires: Sat, 15 Oct 2022 19:15:27 GMT
date: Thu, 06 Oct 2022 10:46:49 GMT
X-Firefox-Spdy: h2

udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInBhZ2VfdGl0bGUiOiAiT25saW5lIEJhbmtpbmcgSGVscCB8IFdlbGxzIEZhcmdvIiwicGFnZV91cmwiOiAiaHR0cDovL21haWwueml0aWMuZHVja2Rucy5vcmcvdi93d3cud2VsbHNmYXJnby5jb20vaGVscC9vbmxpbmUtYmFua2luZy8iLCJ0cmFja2VyX3R5cGUiOiAiamF2YXNjcmlwdCIsInRyYWNrZXJfdmVyc2lvbiI6ICIyLjIuMjAiLCJldmVudF9uYW1lIjogIm5lYnVsYV9iZWZvcmVfaHR0cF9nZXRfcmVxdWVzdCIsImV2ZW50X3RpbWVzdGFtcF9lcG9jaCI6ICIxNjY1MDUzMjA5NDAxIiwiZXZlbnRfdGltZXpvbmVfb2Zmc2V0IjogMCwidXNlcl9pZCI6ICIxODNhY2Q2Y2FjNThhLTBlMjU2Y2RjMWEyMjc5LTMwNmQ0NjRhLTE0MDAwMC0xODNhY2Q2Y2FjNjI4ZCIsImVudmlyb21lbnQiOiAiZGlnaXRhbC1jbG91ZC11cy1wcmVtIiwiYWNjb3VudElkIjogNTc5MDUsInVybCI6ICJodHRwOi8vbWFpbC56aXRpYy5kdWNrZG5zLm9yZy92L3d3dy53ZWxsc2ZhcmdvLmNvbS9oZWxwL29ubGluZS1iYW5raW5nLyIsIndlYnNpdGVJZCI6IDU3OTA3LCJmb3JtSWQiOiBudWxsLCJmb3JtVHJpZ2dlclR5cGUiOiBudWxsLCJrYW1weWxlX2RhdGEiOiB7IkxBU1RfSU5WSVRBVElPTl9WSUVXIjogIiIsIkRFQ0xJTkVEX0RBVEUiOiAiIiwia2FtcHlsZUludml0ZVByZXNlbnRlZCI6ICIiLCJrYW1weWxlX3VzZXJpZCI6ICIwYjA1LTUzYTYtM2RiNi1jOWJjLTEzODEtNGZhNy00NzMxLTUwN2YiLCJrYW1weWxlVXNlclNlc3Npb24iOiAiMTY2NTA1MjEwMTM4NSIsImthbXB5bGVVc2VyUGVyY2VudGlsZSI6ICIiLCJTVUJNSVRURURfREFURSI6ICIiLCJodHRwUmVxdWVzdERhdGEiOiB7ImF0dGVtcHROdW1iZXIiOiAwLCJ1cmwiOiAiaHR0cHM6Ly9yZXNvdXJjZXMuZGlnaXRhbC1jbG91ZC1wcmVtLm1lZGFsbGlhLmNvbS93ZGN1c3ByZW0vNTc5MDcvb25zaXRlL29uc2l0ZURhdGEuanNvbiJ9fSwiY29va2llX3NpemUiOiAyNjUsImthbXB5bGVfdmVyc2lvbiI6ICIyLjQxLjAiLCJvbnNpdGVfdmVyc2lvbiI6ICIyLjQxLjAiLCJoaXN0b3J5X2xlbmd0aCI6IDEsImV2ZW50X2xvY2FsX3RpbWVzdGFtcCI6IDE2NjUwNTMyMDk0MDEsInBvc2l0aW9uIjogbnVsbCwiaXNVc2VySWRlbnRpZmllZCI6IGZhbHNlLCJwYWNrYWdlVmVyc2lvbiI6ICIyLjQxLjFfMjAyMjA0MTIxODU0MzAifQpdfQ==

35.241.45.82

200 OK

0 B

URL HTTP/1.1
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInBhZ2VfdGl0bGUiOiAiT25saW5lIEJhbmtpbmcgSGVscCB8IFdlbGxzIEZhcmdvIiwicGFnZV91cmwiOiAiaHR0cDovL21haWwueml0aWMuZHVja2Rucy5vcmcvdi93d3cud2VsbHNmYXJnby5jb20vaGVscC9vbmxpbmUtYmFua2luZy8iLCJ0cmFja2VyX3R5cGUiOiAiamF2YXNjcmlwdCIsInRyYWNrZXJfdmVyc2lvbiI6ICIyLjIuMjAiLCJldmVudF9uYW1lIjogIm5lYnVsYV9iZWZvcmVfaHR0cF9nZXRfcmVxdWVzdCIsImV2ZW50X3RpbWVzdGFtcF9lcG9jaCI6ICIxNjY1MDUzMjA5NDAxIiwiZXZlbnRfdGltZXpvbmVfb2Zmc2V0IjogMCwidXNlcl9pZCI6ICIxODNhY2Q2Y2FjNThhLTBlMjU2Y2RjMWEyMjc5LTMwNmQ0NjRhLTE0MDAwMC0xODNhY2Q2Y2FjNjI4ZCIsImVudmlyb21lbnQiOiAiZGlnaXRhbC1jbG91ZC11cy1wcmVtIiwiYWNjb3VudElkIjogNTc5MDUsInVybCI6ICJodHRwOi8vbWFpbC56aXRpYy5kdWNrZG5zLm9yZy92L3d3dy53ZWxsc2ZhcmdvLmNvbS9oZWxwL29ubGluZS1iYW5raW5nLyIsIndlYnNpdGVJZCI6IDU3OTA3LCJmb3JtSWQiOiBudWxsLCJmb3JtVHJpZ2dlclR5cGUiOiBudWxsLCJrYW1weWxlX2RhdGEiOiB7IkxBU1RfSU5WSVRBVElPTl9WSUVXIjogIiIsIkRFQ0xJTkVEX0RBVEUiOiAiIiwia2FtcHlsZUludml0ZVByZXNlbnRlZCI6ICIiLCJrYW1weWxlX3VzZXJpZCI6ICIwYjA1LTUzYTYtM2RiNi1jOWJjLTEzODEtNGZhNy00NzMxLTUwN2YiLCJrYW1weWxlVXNlclNlc3Npb24iOiAiMTY2NTA1MjEwMTM4NSIsImthbXB5bGVVc2VyUGVyY2VudGlsZSI6ICIiLCJTVUJNSVRURURfREFURSI6ICIiLCJodHRwUmVxdWVzdERhdGEiOiB7ImF0dGVtcHROdW1iZXIiOiAwLCJ1cmwiOiAiaHR0cHM6Ly9yZXNvdXJjZXMuZGlnaXRhbC1jbG91ZC1wcmVtLm1lZGFsbGlhLmNvbS93ZGN1c3ByZW0vNTc5MDcvb25zaXRlL29uc2l0ZURhdGEuanNvbiJ9fSwiY29va2llX3NpemUiOiAyNjUsImthbXB5bGVfdmVyc2lvbiI6ICIyLjQxLjAiLCJvbnNpdGVfdmVyc2lvbiI6ICIyLjQxLjAiLCJoaXN0b3J5X2xlbmd0aCI6IDEsImV2ZW50X2xvY2FsX3RpbWVzdGFtcCI6IDE2NjUwNTMyMDk0MDEsInBvc2l0aW9uIjogbnVsbCwiaXNVc2VySWRlbnRpZmllZCI6IGZhbHNlLCJwYWNrYWdlVmVyc2lvbiI6ICIyLjQxLjFfMjAyMjA0MTIxODU0MzAifQpdfQ==
IP
35.241.45.82:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInBhZ2VfdGl0bGUiOiAiT25saW5lIEJhbmtpbmcgSGVscCB8IFdlbGxzIEZhcmdvIiwicGFnZV91cmwiOiAiaHR0cDovL21haWwueml0aWMuZHVja2Rucy5vcmcvdi93d3cud2VsbHNmYXJnby5jb20vaGVscC9vbmxpbmUtYmFua2luZy8iLCJ0cmFja2VyX3R5cGUiOiAiamF2YXNjcmlwdCIsInRyYWNrZXJfdmVyc2lvbiI6ICIyLjIuMjAiLCJldmVudF9uYW1lIjogIm5lYnVsYV9iZWZvcmVfaHR0cF9nZXRfcmVxdWVzdCIsImV2ZW50X3RpbWVzdGFtcF9lcG9jaCI6ICIxNjY1MDUzMjA5NDAxIiwiZXZlbnRfdGltZXpvbmVfb2Zmc2V0IjogMCwidXNlcl9pZCI6ICIxODNhY2Q2Y2FjNThhLTBlMjU2Y2RjMWEyMjc5LTMwNmQ0NjRhLTE0MDAwMC0xODNhY2Q2Y2FjNjI4ZCIsImVudmlyb21lbnQiOiAiZGlnaXRhbC1jbG91ZC11cy1wcmVtIiwiYWNjb3VudElkIjogNTc5MDUsInVybCI6ICJodHRwOi8vbWFpbC56aXRpYy5kdWNrZG5zLm9yZy92L3d3dy53ZWxsc2ZhcmdvLmNvbS9oZWxwL29ubGluZS1iYW5raW5nLyIsIndlYnNpdGVJZCI6IDU3OTA3LCJmb3JtSWQiOiBudWxsLCJmb3JtVHJpZ2dlclR5cGUiOiBudWxsLCJrYW1weWxlX2RhdGEiOiB7IkxBU1RfSU5WSVRBVElPTl9WSUVXIjogIiIsIkRFQ0xJTkVEX0RBVEUiOiAiIiwia2FtcHlsZUludml0ZVByZXNlbnRlZCI6ICIiLCJrYW1weWxlX3VzZXJpZCI6ICIwYjA1LTUzYTYtM2RiNi1jOWJjLTEzODEtNGZhNy00NzMxLTUwN2YiLCJrYW1weWxlVXNlclNlc3Npb24iOiAiMTY2NTA1MjEwMTM4NSIsImthbXB5bGVVc2VyUGVyY2VudGlsZSI6ICIiLCJTVUJNSVRURURfREFURSI6ICIiLCJodHRwUmVxdWVzdERhdGEiOiB7ImF0dGVtcHROdW1iZXIiOiAwLCJ1cmwiOiAiaHR0cHM6Ly9yZXNvdXJjZXMuZGlnaXRhbC1jbG91ZC1wcmVtLm1lZGFsbGlhLmNvbS93ZGN1c3ByZW0vNTc5MDcvb25zaXRlL29uc2l0ZURhdGEuanNvbiJ9fSwiY29va2llX3NpemUiOiAyNjUsImthbXB5bGVfdmVyc2lvbiI6ICIyLjQxLjAiLCJvbnNpdGVfdmVyc2lvbiI6ICIyLjQxLjAiLCJoaXN0b3J5X2xlbmd0aCI6IDEsImV2ZW50X2xvY2FsX3RpbWVzdGFtcCI6IDE2NjUwNTMyMDk0MDEsInBvc2l0aW9uIjogbnVsbCwiaXNVc2VySWRlbnRpZmllZCI6IGZhbHNlLCJwYWNrYWdlVmVyc2lvbiI6ICIyLjQxLjFfMjAyMjA0MTIxODU0MzAifQpdfQ== HTTP/1.1
Host: udc-neb.kampyle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:46:49 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PUT, DELETE
Access-Control-Allow-Headers: X-Requested-With, Origin, Content-Type, Accept
Access-Control-Max-Age: 1800
X-ME: prod-instance-gatewayservice-blue-4401
X-Application-Context: application:9090
Content-Type: image/gif; charset=UTF-8
Content-Length: 0
Server: Jetty(9.2.11.v20150529)
Via: 1.1 google

udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInBhZ2VfdGl0bGUiOiAiT25saW5lIEJhbmtpbmcgSGVscCB8IFdlbGxzIEZhcmdvIiwicGFnZV91cmwiOiAiaHR0cDovL21haWwueml0aWMuZHVja2Rucy5vcmcvdi93d3cud2VsbHNmYXJnby5jb20vaGVscC9vbmxpbmUtYmFua2luZy8iLCJ0cmFja2VyX3R5cGUiOiAiamF2YXNjcmlwdCIsInRyYWNrZXJfdmVyc2lvbiI6ICIyLjIuMjAiLCJldmVudF9uYW1lIjogIm5lYnVsYV9hZnRlcl9odHRwX2dldF9yZXF1ZXN0IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE2NjUwNTMyMDk0ODEiLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAwLCJ1c2VyX2lkIjogIjE4M2FjZDZjYWM1OGEtMGUyNTZjZGMxYTIyNzktMzA2ZDQ2NGEtMTQwMDAwLTE4M2FjZDZjYWM2MjhkIiwiZW52aXJvbWVudCI6ICJkaWdpdGFsLWNsb3VkLXVzLXByZW0iLCJhY2NvdW50SWQiOiA1NzkwNSwidXJsIjogImh0dHA6Ly9tYWlsLnppdGljLmR1Y2tkbnMub3JnL3Yvd3d3LndlbGxzZmFyZ28uY29tL2hlbHAvb25saW5lLWJhbmtpbmcvIiwid2Vic2l0ZUlkIjogNTc5MDcsImZvcm1JZCI6IG51bGwsImZvcm1UcmlnZ2VyVHlwZSI6IG51bGwsImthbXB5bGVfZGF0YSI6IHsiTEFTVF9JTlZJVEFUSU9OX1ZJRVciOiAiIiwiREVDTElORURfREFURSI6ICIiLCJrYW1weWxlSW52aXRlUHJlc2VudGVkIjogIiIsImthbXB5bGVfdXNlcmlkIjogIjBiMDUtNTNhNi0zZGI2LWM5YmMtMTM4MS00ZmE3LTQ3MzEtNTA3ZiIsImthbXB5bGVVc2VyU2Vzc2lvbiI6ICIxNjY1MDUyMTAxMzg1Iiwia2FtcHlsZVVzZXJQZXJjZW50aWxlIjogIiIsIlNVQk1JVFRFRF9EQVRFIjogIiIsImh0dHBSZXF1ZXN0RGF0YSI6IHsicmVxdWVzdFVybCI6ICJodHRwczovL3Jlc291cmNlcy5kaWdpdGFsLWNsb3VkLXByZW0ubWVkYWxsaWEuY29tL3dkY3VzcHJlbS81NzkwNy9vbnNpdGUvb25zaXRlRGF0YS5qc29uIiwiYXR0ZW1wdE51bWJlciI6IDAsInJlcXVlc3RUb3RhbFRpbWVJblNlY29uZHMiOiAwLjA4fX0sImNvb2tpZV9zaXplIjogNTE2LCJrYW1weWxlX3ZlcnNpb24iOiAiMi40MS4wIiwib25zaXRlX3ZlcnNpb24iOiAiMi40MS4wIiwiaGlzdG9yeV9sZW5ndGgiOiAxLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNjY1MDUzMjA5NDgxLCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZSwicGFja2FnZVZlcnNpb24iOiAiMi40MS4xXzIwMjIwNDEyMTg1NDMwIn0KXX0=

35.241.45.82

200 OK

0 B

URL HTTP/1.1
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInBhZ2VfdGl0bGUiOiAiT25saW5lIEJhbmtpbmcgSGVscCB8IFdlbGxzIEZhcmdvIiwicGFnZV91cmwiOiAiaHR0cDovL21haWwueml0aWMuZHVja2Rucy5vcmcvdi93d3cud2VsbHNmYXJnby5jb20vaGVscC9vbmxpbmUtYmFua2luZy8iLCJ0cmFja2VyX3R5cGUiOiAiamF2YXNjcmlwdCIsInRyYWNrZXJfdmVyc2lvbiI6ICIyLjIuMjAiLCJldmVudF9uYW1lIjogIm5lYnVsYV9hZnRlcl9odHRwX2dldF9yZXF1ZXN0IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE2NjUwNTMyMDk0ODEiLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAwLCJ1c2VyX2lkIjogIjE4M2FjZDZjYWM1OGEtMGUyNTZjZGMxYTIyNzktMzA2ZDQ2NGEtMTQwMDAwLTE4M2FjZDZjYWM2MjhkIiwiZW52aXJvbWVudCI6ICJkaWdpdGFsLWNsb3VkLXVzLXByZW0iLCJhY2NvdW50SWQiOiA1NzkwNSwidXJsIjogImh0dHA6Ly9tYWlsLnppdGljLmR1Y2tkbnMub3JnL3Yvd3d3LndlbGxzZmFyZ28uY29tL2hlbHAvb25saW5lLWJhbmtpbmcvIiwid2Vic2l0ZUlkIjogNTc5MDcsImZvcm1JZCI6IG51bGwsImZvcm1UcmlnZ2VyVHlwZSI6IG51bGwsImthbXB5bGVfZGF0YSI6IHsiTEFTVF9JTlZJVEFUSU9OX1ZJRVciOiAiIiwiREVDTElORURfREFURSI6ICIiLCJrYW1weWxlSW52aXRlUHJlc2VudGVkIjogIiIsImthbXB5bGVfdXNlcmlkIjogIjBiMDUtNTNhNi0zZGI2LWM5YmMtMTM4MS00ZmE3LTQ3MzEtNTA3ZiIsImthbXB5bGVVc2VyU2Vzc2lvbiI6ICIxNjY1MDUyMTAxMzg1Iiwia2FtcHlsZVVzZXJQZXJjZW50aWxlIjogIiIsIlNVQk1JVFRFRF9EQVRFIjogIiIsImh0dHBSZXF1ZXN0RGF0YSI6IHsicmVxdWVzdFVybCI6ICJodHRwczovL3Jlc291cmNlcy5kaWdpdGFsLWNsb3VkLXByZW0ubWVkYWxsaWEuY29tL3dkY3VzcHJlbS81NzkwNy9vbnNpdGUvb25zaXRlRGF0YS5qc29uIiwiYXR0ZW1wdE51bWJlciI6IDAsInJlcXVlc3RUb3RhbFRpbWVJblNlY29uZHMiOiAwLjA4fX0sImNvb2tpZV9zaXplIjogNTE2LCJrYW1weWxlX3ZlcnNpb24iOiAiMi40MS4wIiwib25zaXRlX3ZlcnNpb24iOiAiMi40MS4wIiwiaGlzdG9yeV9sZW5ndGgiOiAxLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNjY1MDUzMjA5NDgxLCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZSwicGFja2FnZVZlcnNpb24iOiAiMi40MS4xXzIwMjIwNDEyMTg1NDMwIn0KXX0=
IP
35.241.45.82:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInBhZ2VfdGl0bGUiOiAiT25saW5lIEJhbmtpbmcgSGVscCB8IFdlbGxzIEZhcmdvIiwicGFnZV91cmwiOiAiaHR0cDovL21haWwueml0aWMuZHVja2Rucy5vcmcvdi93d3cud2VsbHNmYXJnby5jb20vaGVscC9vbmxpbmUtYmFua2luZy8iLCJ0cmFja2VyX3R5cGUiOiAiamF2YXNjcmlwdCIsInRyYWNrZXJfdmVyc2lvbiI6ICIyLjIuMjAiLCJldmVudF9uYW1lIjogIm5lYnVsYV9hZnRlcl9odHRwX2dldF9yZXF1ZXN0IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE2NjUwNTMyMDk0ODEiLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAwLCJ1c2VyX2lkIjogIjE4M2FjZDZjYWM1OGEtMGUyNTZjZGMxYTIyNzktMzA2ZDQ2NGEtMTQwMDAwLTE4M2FjZDZjYWM2MjhkIiwiZW52aXJvbWVudCI6ICJkaWdpdGFsLWNsb3VkLXVzLXByZW0iLCJhY2NvdW50SWQiOiA1NzkwNSwidXJsIjogImh0dHA6Ly9tYWlsLnppdGljLmR1Y2tkbnMub3JnL3Yvd3d3LndlbGxzZmFyZ28uY29tL2hlbHAvb25saW5lLWJhbmtpbmcvIiwid2Vic2l0ZUlkIjogNTc5MDcsImZvcm1JZCI6IG51bGwsImZvcm1UcmlnZ2VyVHlwZSI6IG51bGwsImthbXB5bGVfZGF0YSI6IHsiTEFTVF9JTlZJVEFUSU9OX1ZJRVciOiAiIiwiREVDTElORURfREFURSI6ICIiLCJrYW1weWxlSW52aXRlUHJlc2VudGVkIjogIiIsImthbXB5bGVfdXNlcmlkIjogIjBiMDUtNTNhNi0zZGI2LWM5YmMtMTM4MS00ZmE3LTQ3MzEtNTA3ZiIsImthbXB5bGVVc2VyU2Vzc2lvbiI6ICIxNjY1MDUyMTAxMzg1Iiwia2FtcHlsZVVzZXJQZXJjZW50aWxlIjogIiIsIlNVQk1JVFRFRF9EQVRFIjogIiIsImh0dHBSZXF1ZXN0RGF0YSI6IHsicmVxdWVzdFVybCI6ICJodHRwczovL3Jlc291cmNlcy5kaWdpdGFsLWNsb3VkLXByZW0ubWVkYWxsaWEuY29tL3dkY3VzcHJlbS81NzkwNy9vbnNpdGUvb25zaXRlRGF0YS5qc29uIiwiYXR0ZW1wdE51bWJlciI6IDAsInJlcXVlc3RUb3RhbFRpbWVJblNlY29uZHMiOiAwLjA4fX0sImNvb2tpZV9zaXplIjogNTE2LCJrYW1weWxlX3ZlcnNpb24iOiAiMi40MS4wIiwib25zaXRlX3ZlcnNpb24iOiAiMi40MS4wIiwiaGlzdG9yeV9sZW5ndGgiOiAxLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNjY1MDUzMjA5NDgxLCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZSwicGFja2FnZVZlcnNpb24iOiAiMi40MS4xXzIwMjIwNDEyMTg1NDMwIn0KXX0= HTTP/1.1
Host: udc-neb.kampyle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:46:49 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PUT, DELETE
Access-Control-Allow-Headers: X-Requested-With, Origin, Content-Type, Accept
Access-Control-Max-Age: 1800
X-ME: prod-instance-gatewayservice-blue-b8zf
X-Application-Context: application:9090
Content-Type: image/gif; charset=UTF-8
Content-Length: 0
Server: Jetty(9.2.11.v20150529)
Via: 1.1 google

udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInBhZ2VfdGl0bGUiOiAiT25saW5lIEJhbmtpbmcgSGVscCB8IFdlbGxzIEZhcmdvIiwicGFnZV91cmwiOiAiaHR0cDovL21haWwueml0aWMuZHVja2Rucy5vcmcvdi93d3cud2VsbHNmYXJnby5jb20vaGVscC9vbmxpbmUtYmFua2luZy8iLCJ0cmFja2VyX3R5cGUiOiAiamF2YXNjcmlwdCIsInRyYWNrZXJfdmVyc2lvbiI6ICIyLjIuMjAiLCJldmVudF9uYW1lIjogIm5lYnVsYV9wYWdlX3ZpZXciLCJldmVudF90aW1lc3RhbXBfZXBvY2giOiAiMTY2NTA1MzIwOTQ5NyIsImV2ZW50X3RpbWV6b25lX29mZnNldCI6IDAsInVzZXJfaWQiOiAiMTgzYWNkNmNhYzU4YS0wZTI1NmNkYzFhMjI3OS0zMDZkNDY0YS0xNDAwMDAtMTgzYWNkNmNhYzYyOGQiLCJlbnZpcm9tZW50IjogImRpZ2l0YWwtY2xvdWQtdXMtcHJlbSIsImFjY291bnRJZCI6IDU3OTA1LCJ1cmwiOiAiaHR0cDovL21haWwueml0aWMuZHVja2Rucy5vcmcvdi93d3cud2VsbHNmYXJnby5jb20vaGVscC9vbmxpbmUtYmFua2luZy8iLCJ3ZWJzaXRlSWQiOiA1NzkwNywiZm9ybUlkIjogbnVsbCwiZm9ybVRyaWdnZXJUeXBlIjogbnVsbCwia2FtcHlsZV9kYXRhIjogeyJMQVNUX0lOVklUQVRJT05fVklFVyI6ICIiLCJERUNMSU5FRF9EQVRFIjogIiIsImthbXB5bGVJbnZpdGVQcmVzZW50ZWQiOiAiIiwia2FtcHlsZV91c2VyaWQiOiAiMGIwNS01M2E2LTNkYjYtYzliYy0xMzgxLTRmYTctNDczMS01MDdmIiwia2FtcHlsZVVzZXJTZXNzaW9uIjogIjE2NjUwNTMyMDk0OTYiLCJrYW1weWxlVXNlclBlcmNlbnRpbGUiOiAiIiwiU1VCTUlUVEVEX0RBVEUiOiAiIn0sImNvb2tpZV9zaXplIjogNTE2LCJrYW1weWxlX3ZlcnNpb24iOiAiMi40MS4wIiwib25zaXRlX3ZlcnNpb24iOiAiMi40MS4wIiwiaGlzdG9yeV9sZW5ndGgiOiAxLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNjY1MDUzMjA5NDk3LCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZSwicGFja2FnZVZlcnNpb24iOiAiMi40MS4xXzIwMjIwNDEyMTg1NDMwIn0KXX0=

35.241.45.82

200 OK

0 B

URL HTTP/1.1
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInBhZ2VfdGl0bGUiOiAiT25saW5lIEJhbmtpbmcgSGVscCB8IFdlbGxzIEZhcmdvIiwicGFnZV91cmwiOiAiaHR0cDovL21haWwueml0aWMuZHVja2Rucy5vcmcvdi93d3cud2VsbHNmYXJnby5jb20vaGVscC9vbmxpbmUtYmFua2luZy8iLCJ0cmFja2VyX3R5cGUiOiAiamF2YXNjcmlwdCIsInRyYWNrZXJfdmVyc2lvbiI6ICIyLjIuMjAiLCJldmVudF9uYW1lIjogIm5lYnVsYV9wYWdlX3ZpZXciLCJldmVudF90aW1lc3RhbXBfZXBvY2giOiAiMTY2NTA1MzIwOTQ5NyIsImV2ZW50X3RpbWV6b25lX29mZnNldCI6IDAsInVzZXJfaWQiOiAiMTgzYWNkNmNhYzU4YS0wZTI1NmNkYzFhMjI3OS0zMDZkNDY0YS0xNDAwMDAtMTgzYWNkNmNhYzYyOGQiLCJlbnZpcm9tZW50IjogImRpZ2l0YWwtY2xvdWQtdXMtcHJlbSIsImFjY291bnRJZCI6IDU3OTA1LCJ1cmwiOiAiaHR0cDovL21haWwueml0aWMuZHVja2Rucy5vcmcvdi93d3cud2VsbHNmYXJnby5jb20vaGVscC9vbmxpbmUtYmFua2luZy8iLCJ3ZWJzaXRlSWQiOiA1NzkwNywiZm9ybUlkIjogbnVsbCwiZm9ybVRyaWdnZXJUeXBlIjogbnVsbCwia2FtcHlsZV9kYXRhIjogeyJMQVNUX0lOVklUQVRJT05fVklFVyI6ICIiLCJERUNMSU5FRF9EQVRFIjogIiIsImthbXB5bGVJbnZpdGVQcmVzZW50ZWQiOiAiIiwia2FtcHlsZV91c2VyaWQiOiAiMGIwNS01M2E2LTNkYjYtYzliYy0xMzgxLTRmYTctNDczMS01MDdmIiwia2FtcHlsZVVzZXJTZXNzaW9uIjogIjE2NjUwNTMyMDk0OTYiLCJrYW1weWxlVXNlclBlcmNlbnRpbGUiOiAiIiwiU1VCTUlUVEVEX0RBVEUiOiAiIn0sImNvb2tpZV9zaXplIjogNTE2LCJrYW1weWxlX3ZlcnNpb24iOiAiMi40MS4wIiwib25zaXRlX3ZlcnNpb24iOiAiMi40MS4wIiwiaGlzdG9yeV9sZW5ndGgiOiAxLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNjY1MDUzMjA5NDk3LCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZSwicGFja2FnZVZlcnNpb24iOiAiMi40MS4xXzIwMjIwNDEyMTg1NDMwIn0KXX0=
IP
35.241.45.82:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInBhZ2VfdGl0bGUiOiAiT25saW5lIEJhbmtpbmcgSGVscCB8IFdlbGxzIEZhcmdvIiwicGFnZV91cmwiOiAiaHR0cDovL21haWwueml0aWMuZHVja2Rucy5vcmcvdi93d3cud2VsbHNmYXJnby5jb20vaGVscC9vbmxpbmUtYmFua2luZy8iLCJ0cmFja2VyX3R5cGUiOiAiamF2YXNjcmlwdCIsInRyYWNrZXJfdmVyc2lvbiI6ICIyLjIuMjAiLCJldmVudF9uYW1lIjogIm5lYnVsYV9wYWdlX3ZpZXciLCJldmVudF90aW1lc3RhbXBfZXBvY2giOiAiMTY2NTA1MzIwOTQ5NyIsImV2ZW50X3RpbWV6b25lX29mZnNldCI6IDAsInVzZXJfaWQiOiAiMTgzYWNkNmNhYzU4YS0wZTI1NmNkYzFhMjI3OS0zMDZkNDY0YS0xNDAwMDAtMTgzYWNkNmNhYzYyOGQiLCJlbnZpcm9tZW50IjogImRpZ2l0YWwtY2xvdWQtdXMtcHJlbSIsImFjY291bnRJZCI6IDU3OTA1LCJ1cmwiOiAiaHR0cDovL21haWwueml0aWMuZHVja2Rucy5vcmcvdi93d3cud2VsbHNmYXJnby5jb20vaGVscC9vbmxpbmUtYmFua2luZy8iLCJ3ZWJzaXRlSWQiOiA1NzkwNywiZm9ybUlkIjogbnVsbCwiZm9ybVRyaWdnZXJUeXBlIjogbnVsbCwia2FtcHlsZV9kYXRhIjogeyJMQVNUX0lOVklUQVRJT05fVklFVyI6ICIiLCJERUNMSU5FRF9EQVRFIjogIiIsImthbXB5bGVJbnZpdGVQcmVzZW50ZWQiOiAiIiwia2FtcHlsZV91c2VyaWQiOiAiMGIwNS01M2E2LTNkYjYtYzliYy0xMzgxLTRmYTctNDczMS01MDdmIiwia2FtcHlsZVVzZXJTZXNzaW9uIjogIjE2NjUwNTMyMDk0OTYiLCJrYW1weWxlVXNlclBlcmNlbnRpbGUiOiAiIiwiU1VCTUlUVEVEX0RBVEUiOiAiIn0sImNvb2tpZV9zaXplIjogNTE2LCJrYW1weWxlX3ZlcnNpb24iOiAiMi40MS4wIiwib25zaXRlX3ZlcnNpb24iOiAiMi40MS4wIiwiaGlzdG9yeV9sZW5ndGgiOiAxLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNjY1MDUzMjA5NDk3LCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZSwicGFja2FnZVZlcnNpb24iOiAiMi40MS4xXzIwMjIwNDEyMTg1NDMwIn0KXX0= HTTP/1.1
Host: udc-neb.kampyle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:46:49 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PUT, DELETE
Access-Control-Allow-Headers: X-Requested-With, Origin, Content-Type, Accept
Access-Control-Max-Age: 1800
X-ME: prod-instance-gatewayservice-blue-28wl
X-Application-Context: application:9090
Content-Type: image/gif; charset=UTF-8
Content-Length: 0
Server: Jetty(9.2.11.v20150529)
Via: 1.1 google

edge.adobedc.net/ee/irl1/v1/interact?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=fc45063d-e88b-400a-b1f3-06bcc7cefcf2

15.188.95.229

200 OK

369 B

URL HTTP/2
edge.adobedc.net/ee/irl1/v1/interact?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=fc45063d-e88b-400a-b1f3-06bcc7cefcf2
IP
15.188.95.229:0
ASN
#16509 AMAZON-02

File type
data
Size
369 B (369 bytes)
Hash
3ddf30d3d3c56bf8ed77921a52da1588
756c63a6c7645c896231e7d15ef50196cd76a4bc
7339353dc90e7c461410166fe7a83795c7211b821b48e2728800ae5164fcc789

HTTP Headers

POST /ee/irl1/v1/interact?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=fc45063d-e88b-400a-b1f3-06bcc7cefcf2 HTTP/1.1
Host: edge.adobedc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://mail.zitic.duckdns.org/
Content-Type: text/plain; charset=UTF-8
Origin: http://mail.zitic.duckdns.org
Content-Length: 3836
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-request-id: fc45063d-e88b-400a-b1f3-06bcc7cefcf2
x-rate-limit-remaining: 599
vary: Origin
access-control-allow-origin: http://mail.zitic.duckdns.org
access-control-allow-credentials: true
access-control-expose-headers: Retry-After, X-Adobe-Edge, X-Request-ID
date: Thu, 06 Oct 2022 10:46:49 GMT
x-konductor: 22.10.1:d2d3a42e
x-adobe-edge: IRL1;6
server: jag
content-encoding: deflate
content-type: application/json;charset=utf-8
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
9f9550b4cc5b1f340bca768bcb13d029
7303e5a8e538c87ac031f96626e7ed6044a0e3d5
f02de708407cbfb3f6baa04e1171103a886e53d0f7fef119b64dc4c6c8b302f0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3774
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 10:46:50 GMT
Last-Modified: Thu, 06 Oct 2022 09:43:56 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum

44.233.9.40

200 OK

0 B

URL HTTP/2
pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum
IP
44.233.9.40:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 11918
Origin: http://mail.zitic.duckdns.org
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 06 Oct 2022 10:46:51 GMT
content-type: text/html
expires: 0
set-cookie: ADRUM_BTa=R:30|g:d02d853f-837d-4015-a329-5c791708c846;Path=/;Expires=Thu, 06-Oct-2022 10:47:21 GMT;Max-Age=30
ADRUM_BTa=R:30|g:d02d853f-837d-4015-a329-5c791708c846|n:appdynamics_eee1d4f8-67a2-498e-a725-47e29803822e;Path=/;Expires=Thu, 06-Oct-2022 10:47:21 GMT;Max-Age=30
SameSite=None;Path=/;Expires=Thu, 06-Oct-2022 10:47:21 GMT;Max-Age=30;Secure
ADRUM_BT1=R:30|i:559461;Path=/;Expires=Thu, 06-Oct-2022 10:47:21 GMT;Max-Age=30
ADRUM_BT1=R:30|i:559461|e:6;Path=/;Expires=Thu, 06-Oct-2022 10:47:21 GMT;Max-Age=30
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2

cdn.schemaapp.com/javascript/highlight.js

54.230.111.3

200 OK

0 B

URL HTTP/2
cdn.schemaapp.com/javascript/highlight.js
IP
54.230.111.3:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /javascript/highlight.js HTTP/1.1
Host: cdn.schemaapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
date: Thu, 29 Sep 2022 17:49:18 GMT
x-amz-replication-status: COMPLETED
last-modified: Tue, 13 Sep 2022 13:00:40 GMT
etag: W/"a75cfd2d41ac714329a4fc6895bb082d"
x-amz-server-side-encryption: AES256
cache-control: max-age=699840
x-amz-version-id: yuc1pGbDhqDdI_gLgLi7faeJw6LKcbDu
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vd9d9ee5mTZiae_R6SrMufZ8ROhEAQ-LqBhBi57Fc1vkTHn0iCW5EA==
age: 579451
X-Firefox-Spdy: h2

edge.adobedc.net/ee/irl1/v1/identity/acquire?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=8cff2fb8-be7d-4def-b5e7-1f8bc37a759c

15.188.95.229

200 OK

0 B

URL HTTP/2
edge.adobedc.net/ee/irl1/v1/identity/acquire?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=8cff2fb8-be7d-4def-b5e7-1f8bc37a759c
IP
15.188.95.229:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /ee/irl1/v1/identity/acquire?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=8cff2fb8-be7d-4def-b5e7-1f8bc37a759c HTTP/1.1
Host: edge.adobedc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://mail.zitic.duckdns.org/
Content-Type: text/plain; charset=UTF-8
Origin: http://mail.zitic.duckdns.org
Content-Length: 197
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-request-id: 8cff2fb8-be7d-4def-b5e7-1f8bc37a759c
x-rate-limit-remaining: 599
vary: Origin
access-control-allow-origin: http://mail.zitic.duckdns.org
access-control-allow-credentials: true
access-control-expose-headers: Retry-After, X-Adobe-Edge, X-Request-ID
date: Thu, 06 Oct 2022 10:46:49 GMT
x-konductor: 22.10.1:d2d3a42e
x-adobe-edge: IRL1;6
server: jag
content-encoding: deflate
content-type: application/json;charset=utf-8
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (42)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations