Report - zitic.duckdns.org/v/www.wellsfargo.com/mortgage/mortgage-refinance-v3/index.html

Report Overview

Submitted URL
zitic.duckdns.org/v/www.wellsfargo.com/mortgage/mortgage-refinance-v3/index.html
IP
54.224.73.73
ASN
#14618 AMAZON-AES
Submitted
2022-10-06 10:28:03
Access
Website Title
Final URL
Tags
None
urlquery detections
DynDNS domain detected

Detections

urlquery
3
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.3 kB	12 kB	93.184.220.29
cdn.schemaapp.com	12078	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	13 kB	54.230.111.100
pixel.everesttech.net	3289	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	876 B	1.1 kB	52.210.55.46
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	3.5 kB	23.36.76.226
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	54.230.111.7
www17.wellsfargomedia.com	76964	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	7.4 kB	57 kB	104.110.27.78
www.facebook.com	99	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	799 B	31.13.72.36
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	676 B	1.9 kB	54.230.245.100
media-wellsfargo.nod-glb.nuance.com	28807	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	406 kB	8.39.193.5
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	54.230.111.118
www01.wellsfargomedia.com	20259	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.8 kB	72 kB	104.110.5.8
ct.pinterest.com	852	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	472 B	731 B	151.101.84.84
static.wellsfargo.com	12306	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	13 kB	496 kB	159.45.66.178
edge.adobedc.net	8934	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	549 B	1.4 kB	15.188.95.229
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	328 B	963 B	104.18.32.68
data.schemaapp.com	11806	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	550 B	661 B	54.230.111.53
resources.digital-cloud-prem.medallia.com	21249	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	434 B	2.2 kB	151.101.85.230
rubicon.wellsfargo.com	11786	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	553 B	1.0 kB	23.36.79.9
pdx-col.eum-appdynamics.com	4816	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	483 B	937 B	54.69.177.24
zitic.duckdns.org	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	789 B	31 kB	54.224.73.73
www04.wellsfargomedia.com	54757	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	6.3 kB	104.110.5.8
tag-wellsfargo.nod-glb.nuance.com	25312	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.4 kB	18 kB	8.39.193.5
www.wellsfargo.com	10586	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.7 kB	328 kB	159.45.2.145
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	57 kB	34.120.237.76
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	44.236.232.139
udc-neb.kampyle.com	3039	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.2 kB	968 B	35.241.45.82

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-10-05	medium	zitic.duckdns.org/v/www.wellsfargo.com/mortgage/mortgage-refinance-v3/index.html	Wells Fargo & Company

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-10-06	medium	zitic.duckdns.org/v/www.wellsfargo.com/mortgage/mortgage-refinance-v3/index.html	Phishing
2022-10-06	medium	zitic.duckdns.org/v/static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (53)

	URL	Size	First Seen	Last Seen
	static.wellsfargo.com/assets/js/wfui/container/wfui-container-top.js	48 kB	2023-03-07	2023-05-21
Pretty URL static.wellsfargo.com/assets/js/wfui/container/wfui-container-top.js IP 159.45.66.178 ASN #4196 WELLSFARGO-4196 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:04 Last Seen2023-05-21 08:37:02 Times Seen11 Hash adc6bafd6d346973c15f80f542fa008f ec1f94d5fe65f25d7119488ffc067446b7af82b9 7a17bf7ddc09f705c34b0bdefe2a12142ae1702bf904a731f48cd4652c1036eb Loading...

	zitic.duckdns.org/v/www.wellsfargo.com/mortgage/mortgage-refinance-v3/index.html	387 B	2023-03-08	2023-03-08
Pretty URL zitic.duckdns.org/v/www.wellsfargo.com/mortgage/mortgage-refinance-v3/index.html IP 54.224.73.73 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 07:13:50 Last Seen2023-03-08 07:13:50 Times Seen1 Hash dfbe9db15eb3b420bddd72972b1d882e 48722e3cdf421c0b310074b41c126351b7a2e0f3 60732ccd10b44f600156955bbcec796eceeff92177133adb711cd213430a6df0 Loading...

	static.wellsfargo.com/tracking/medallia/wdcusprem/57907/onsite/medallia-digital-embed.js	2.4 kB	2023-03-07	2023-03-17
Pretty URL static.wellsfargo.com/tracking/medallia/wdcusprem/57907/onsite/medallia-digital-embed.js IP 159.45.66.178 ASN #4196 WELLSFARGO-4196 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2023-03-17 09:43:25 Times Seen1 Hash 3e75b97d91e2ac07972bd84b4b260fdc 003e8e223077086f1d634da73000252f1b724672 c6b012226d1f061a86a7a176fae93e55d7976d97afad14aa805aa3f5df2cb221 Loading...

	zitic.duckdns.org/v/www.wellsfargo.com/mortgage/mortgage-refinance-v3/index.html	152 B	2023-03-08	2024-04-24
Pretty URL zitic.duckdns.org/v/www.wellsfargo.com/mortgage/mortgage-refinance-v3/index.html IP 54.224.73.73 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:03:38 Last Seen2024-04-24 01:46:24 Times Seen29 Hash afa56f934ec858025328b1699356dd02 d1f72151b21676534d5d063a45b6629aa105dfcb ebea6e5e1db6eb572f25ff1cda99007a155c362d69ac3f70da13086d96a1effe Loading...

	zitic.duckdns.org/v/www.wellsfargo.com/mortgage/mortgage-refinance-v3/index.html	67 B	2023-03-08	2023-03-08
Pretty URL zitic.duckdns.org/v/www.wellsfargo.com/mortgage/mortgage-refinance-v3/index.html IP 54.224.73.73 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:03:38 Last Seen2023-03-08 08:37:51 Times Seen1 Hash 0e9c3fb282a3102bbc12edc089f21223 0638c5489670be5aac1dee3ffe5bdde31a260c9b 9af7f6ee055e1a99fcbcb6247d08c3c2544e6bc091501f8bb3685aac98f7773e Loading...

	static.wellsfargo.com/tracking/main/utag.117.js?utv=ut4.48.202112070053	8.6 kB	2023-03-07	2024-04-08
Pretty URL static.wellsfargo.com/tracking/main/utag.117.js?utv=ut4.48.202112070053 IP 159.45.66.178 ASN #4196 WELLSFARGO-4196 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2024-04-08 03:26:08 Times Seen81 Hash ca611e1ad5ce488baf7e687e039008f9 2152db6945b63d78a718aa87e1f1ccea350b8809 0abd344691477db2ac8e91cf0ce28160bad6b8b4ba6d192dfc000bb2e63f83e4 Loading...

	static.wellsfargo.com/tracking/main/utag.249.js?utv=ut4.48.202103111723	4.9 kB	2023-03-07	2024-04-08
Pretty URL static.wellsfargo.com/tracking/main/utag.249.js?utv=ut4.48.202103111723 IP 159.45.66.178 ASN #4196 WELLSFARGO-4196 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2024-04-08 03:26:08 Times Seen70 Hash 373195f42e45544150714cf15c2e1b6b 628200927b2b0f9125cf9e2f59e134ea0c00b55c a846aca7c9641d8d211b69b9f63c5c394eba8a53b27a75f5bdea3dc09a3284db Loading...

	static.wellsfargo.com/tracking/main/utag.328.js?utv=ut4.48.202207272202	17 kB	2023-03-07	2024-04-08
Pretty URL static.wellsfargo.com/tracking/main/utag.328.js?utv=ut4.48.202207272202 IP 159.45.66.178 ASN #4196 WELLSFARGO-4196 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2024-04-08 03:26:08 Times Seen87 Hash f8ed7a36884e442c03847e482647b8e1 bae9cc143bf67dfeb1a99270b8f82666290b98c2 a69e6fb58df72540553b75552e4721c8e1d57086789f1d0a84c1bf49db0b1956 Loading...

	unknown	0 B	2023-03-07	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 07:50:38 Times Seen37086637 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	media-wellsfargo.nod-glb.nuance.com/media/launch/site_10006005_default_helper.js?codeVersion=1664936708888	448 kB	2023-03-08	2023-03-08
Pretty URL media-wellsfargo.nod-glb.nuance.com/media/launch/site_10006005_default_helper.js?codeVersion=1664936708888 IP 8.39.193.5 ASN #54396 NUANCE-MOBILITY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:03:52 Last Seen2023-03-08 08:13:26 Times Seen1 Hash 6e366abf8e8b895741169e8cb7ca0d36 fe72dbbe34789ebb95a8ee4c31605127fbc9bf16 d629969a3cdc29b3dbc95116d44b04c1d4d3bb4448f7775e5719f74426f4bcab Loading...

	media-wellsfargo.nod-glb.nuance.com/media/launch/tcFramework_jssdk.min.js?codeVersion=1664936708888	516 kB	2023-03-07	2023-03-17
Pretty URL media-wellsfargo.nod-glb.nuance.com/media/launch/tcFramework_jssdk.min.js?codeVersion=1664936708888 IP 8.39.193.5 ASN #54396 NUANCE-MOBILITY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:44:37 Last Seen2023-03-17 10:39:42 Times Seen1 Hash 92e33ffe477dad0bcefe92f3e91a417b 5551e75559e2d86683d6b3a0cdcfc1b15f73039f 0a832288f2c649ffac22ec7ce2a57bd194e32303c7febb64d9e864312b76fc94 Loading...

	www.wellsfargo.com/js/frameworks/slick01.js	63 kB	2023-03-08	2024-04-24
Pretty URL www.wellsfargo.com/js/frameworks/slick01.js IP 159.45.2.145 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:03:38 Last Seen2024-04-24 01:46:25 Times Seen36 Hash 0c8184819332ec4f72f81aaf7e225ae2 4e0dc10b41812b30f74e2b183e19966a525de6a2 11dea6f8a3c56ae01aeff3bd061c0b746ddf9297258c2d18c86481b3a3c10b64 Loading...

	static.wellsfargo.com/tracking/main/utag.381.js?utv=ut4.48.202209121603	94 kB	2023-03-07	2023-03-08
Pretty URL static.wellsfargo.com/tracking/main/utag.381.js?utv=ut4.48.202209121603 IP 159.45.66.178 ASN #4196 WELLSFARGO-4196 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:47:21 Last Seen2023-03-08 07:42:42 Times Seen1 Hash b90cbacc71e1ae0a741626c87a25d013 00bf09b1f99fa67c51fd7cfba73951a9a710a424 f20359b2efae06d66e63fbd2e0ffb187fab7c9e2953e08306a0bf69ac8a5aa36 Loading...

	static.wellsfargo.com/tracking/main/utag.384.js?utv=ut4.48.202208101746	30 kB	2023-03-07	2023-03-17
Pretty URL static.wellsfargo.com/tracking/main/utag.384.js?utv=ut4.48.202208101746 IP 159.45.66.178 ASN #4196 WELLSFARGO-4196 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2023-03-17 09:43:24 Times Seen1 Hash ec515d2e0f8c06d5ce0a340cd3797fd4 7835986cd764c52d1ca821917fca951cb3081af7 cc86fbdc1bc9b57a54d136018fd8ec9006c062e65f944b4c51c90f1762986bf7 Loading...

	static.wellsfargo.com/tracking/main/utag.396.js?utv=ut4.48.202209192333	8.5 kB	2023-03-08	2023-03-08
Pretty URL static.wellsfargo.com/tracking/main/utag.396.js?utv=ut4.48.202209192333 IP 159.45.66.178 ASN #4196 WELLSFARGO-4196 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:03:23 Last Seen2023-03-08 07:42:42 Times Seen1 Hash bfc7b10a98d0b83c34b9c5215e59acb3 c822f6bbd3dfebedd4dc5673c7abb5c9f233085b 713a7b27c18080ecb4665dab3036ae266329f318ccc648336564bb8c24e5e40c Loading...

	static.wellsfargo.com/tracking/main/utag.397.js?utv=ut4.48.202209192301	10 kB	2023-03-08	2023-03-08
Pretty URL static.wellsfargo.com/tracking/main/utag.397.js?utv=ut4.48.202209192301 IP 159.45.66.178 ASN #4196 WELLSFARGO-4196 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:03:23 Last Seen2023-03-08 07:42:42 Times Seen1 Hash 0e0ff10ca293ac96202da292e0f05087 d89bbbba6a1faef3d7cc06be60bcff48ec6ee9b3 52def0dd339c631d8a4fe5320c61e38ce6f8239d0d290725e7780aac112b3d46 Loading...

	www.wellsfargo.com/js/shared/media-player-custom.js	4.3 kB	2023-03-07	2023-03-08
Pretty URL www.wellsfargo.com/js/shared/media-player-custom.js IP 159.45.2.145 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2023-03-08 08:37:51 Times Seen1 Hash 450744f087d3aa87a28395c107742acc c8a3e69e3b1287f65b72b9de8a553d4f309d4d99 cde7904316679ef5aa42b66a914d46fdae6d0e07d11bbc28f2dcb3a64012cdd6 Loading...

	zitic.duckdns.org/v/www.wellsfargo.com/mortgage/mortgage-refinance-v3/index.html	252 B	2023-03-07	2024-04-24
Pretty URL zitic.duckdns.org/v/www.wellsfargo.com/mortgage/mortgage-refinance-v3/index.html IP 54.224.73.73 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-24 01:46:25 Times Seen2499 Hash 4f6526fc5cfbf8f77c674e5cb40c36d6 94bb860d263ab388eea733a7a0e7fc00717d0637 06249a30772721e1f681be4a0d74c05a58b36a266c273eafdbe86ebcca83aabc Loading...

	cdn.schemaapp.com/javascript/schemaFunctions.min.js	1.7 kB	2023-03-07	2023-03-17
Pretty URL cdn.schemaapp.com/javascript/schemaFunctions.min.js IP 54.230.111.100 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2023-03-17 09:43:25 Times Seen1 Hash fa714262345ea0338a058d93199f56ed 81c3f8901938669975ad01a3ae3e4b0156de6a2f fe7b9f29a6a10cc36627e652af40af6381e2900f87eba0d348a8ef92f66ebd89 Loading...

	static.wellsfargo.com/assets/js/wfui/ndep/js/nuan-c2c.js	23 kB	2023-03-07	2023-06-29
Pretty URL static.wellsfargo.com/assets/js/wfui/ndep/js/nuan-c2c.js IP 159.45.66.178 ASN #4196 WELLSFARGO-4196 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2023-06-29 15:24:08 Times Seen72 Hash f320653366aae1336b9a1c0547ea97b9 8c87c242b3bf13c2558679bd936123a5e6069da5 e02ff12dc676cc581ade44548d917c7df10e14c6a7b6373dbf1b67a7b352108a Loading...

	tag-wellsfargo.nod-glb.nuance.com/tagserver/frame-bridge.js	27 kB	2023-03-07	2023-03-17
Pretty URL tag-wellsfargo.nod-glb.nuance.com/tagserver/frame-bridge.js IP 8.39.193.5 ASN #54396 NUANCE-MOBILITY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2023-03-17 11:41:13 Times Seen1 Hash faff7d5f8cd278071e80b18f7373e6b2 bf32efcdf7df36e1c599b5949a83e343f05b84a0 78af5f0e3b33e451cd20e506a2ae37053a3774c4bcdd1e4f0f505331bb033a72 Loading...

	static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js	45 kB	2023-03-07	2024-04-08
Pretty URL static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js IP 159.45.66.178 ASN #4196 WELLSFARGO-4196 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-08 03:26:09 Times Seen4864 Hash 5f310e2e2a558d76b916e137aee73462 c7ff0190c9c2c414321211f3863e9e27f32b713e 385196f0fce7cea80c2c99d971780ecb73df9dea6e5b2d95d19df3aa849c7b1f Loading...

	www.wellsfargo.com/js/vendor/video.js	420 kB	2023-03-07	2023-03-08
Pretty URL www.wellsfargo.com/js/vendor/video.js IP 159.45.2.145 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2023-03-08 08:13:26 Times Seen1 Hash efce68f045d0687df715b0ec9634accf 1b15d7dba57fed7ca7f041ea15d87f6d709a4458 d94e88dfb3c418dc2d7f7f4464faed1788ecc8407ef1694d824330279262b834 Loading...

	tag-wellsfargo.nod-glb.nuance.com/chatskins/launch/inqChatLaunch10006005.js?chatVersion=sdk	5.2 kB	2023-03-08	2023-03-08
Pretty URL tag-wellsfargo.nod-glb.nuance.com/chatskins/launch/inqChatLaunch10006005.js?chatVersion=sdk IP 8.39.193.5 ASN #54396 NUANCE-MOBILITY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:03:52 Last Seen2023-03-08 08:13:26 Times Seen1 Hash b7d1186d5d738052b8b32ea68ba13c8e 434c9ef7d5539e5ec0a90929b4b8bfe6c836b92e df1e680de5aec6795bd73f1276e838a8b468e34e9dc9996c50c97a24ba8ac5e0 Loading...

	zitic.duckdns.org/v/www.wellsfargo.com/mortgage/mortgage-refinance-v3/index.html	123 B	2023-03-08	2023-03-08
Pretty URL zitic.duckdns.org/v/www.wellsfargo.com/mortgage/mortgage-refinance-v3/index.html IP 54.224.73.73 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 07:13:50 Last Seen2023-03-08 07:13:50 Times Seen1 Hash 99c68d6a232da24f807ae43ae8b7621d 0d3bae7394904712a24fdb967e0529ee5918a381 986cd8c1f52d785e2f04c1abff9c8709871c6772f8a9e67c75eb6ae355a31d4c Loading...

	static.wellsfargo.com/tracking/main/utag.505.js?utv=ut4.48.202209131956	6.5 kB	2023-03-07	2023-03-13
Pretty URL static.wellsfargo.com/tracking/main/utag.505.js?utv=ut4.48.202209131956 IP 159.45.66.178 ASN #4196 WELLSFARGO-4196 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:47:21 Last Seen2023-03-13 06:40:20 Times Seen1 Hash 735658e345bcccb2e9b4f8436a45bcd3 94969ac03a39f4e244376817f674405e38b4a054 01a8d4c81581707d3d7a663057b6635f1d6bc4fcc1c49ba0d21ae4f57146d81f Loading...

	static.wellsfargo.com/tracking/alloy/alloy.js	77 kB	2023-03-07	2024-04-08
Pretty URL static.wellsfargo.com/tracking/alloy/alloy.js IP 159.45.66.178 ASN #4196 WELLSFARGO-4196 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2024-04-08 03:26:09 Times Seen87 Hash dd67ef7bf5d168e7123d934cfd21ac80 eb66ab8b5ed10640c50c460c271be086f63e0ffb 5466d536089d3af772430020c62a83dc680cd9169200840742e51181ba81fd75 Loading...

	static.wellsfargo.com/tracking/main/utag.136.js?utv=ut4.48.202208102110	56 kB	2023-03-07	2023-04-20
Pretty URL static.wellsfargo.com/tracking/main/utag.136.js?utv=ut4.48.202208102110 IP 159.45.66.178 ASN #4196 WELLSFARGO-4196 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2023-04-20 19:47:50 Times Seen62 Hash 41191acbeb53131c44ad4b17b97622cf 051e9ef1d5f33662109b4d4cfc253edaebf9f3aa eaeccba3d96e1fe1f6a600ab5b9ebb2dc6bf06cac27ce733ce5b74bf3c85887f Loading...

	static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js	48 kB	2023-03-07	2024-04-08
Pretty URL static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js IP 159.45.66.178 ASN #4196 WELLSFARGO-4196 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-08 03:26:09 Times Seen4875 Hash aeccb854b0a76aa9f478e466c8011b29 625d31cbeb8978cf2419f58d14bba92a42dbb45c 7f0d10bc282c3d7b0eb4d7527303490f8d3b86a1c65e293c2d9f0793006441e6 Loading...

	media-wellsfargo.nod-glb.nuance.com/media/launch/sdkChatLoader.min.js?codeVersion=1664936708888	7.1 kB	2023-03-07	2024-03-28
Pretty URL media-wellsfargo.nod-glb.nuance.com/media/launch/sdkChatLoader.min.js?codeVersion=1664936708888 IP 8.39.193.5 ASN #54396 NUANCE-MOBILITY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-03-28 17:44:18 Times Seen68 Hash 91a3833ccffbae0b31a6cca516216880 9284e1bb265d09e17e10407f280072b9d938bec5 182475449b1dc308c4d183fe50d348ab2f4e882aac99c0945762629c9fe65f9d Loading...

	www.wellsfargo.com/js/vendor/jquery.min.js	98 kB	2023-03-07	2024-04-24
Pretty URL www.wellsfargo.com/js/vendor/jquery.min.js IP 159.45.2.145 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:17 Last Seen2024-04-24 01:46:25 Times Seen144 Hash d49f5bd057488231fdcc675e2fe9f568 c81be8cda5beab5bd767a63bee8aafc08e037ce4 3c536cede8c67b4bda531f82b77f3678e52026398492010245d3870c87a1623e Loading...

	static.wellsfargo.com/tracking/main/utag.129.js?utv=ut4.48.202207272202	15 kB	2023-03-07	2024-04-08
Pretty URL static.wellsfargo.com/tracking/main/utag.129.js?utv=ut4.48.202207272202 IP 159.45.66.178 ASN #4196 WELLSFARGO-4196 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2024-04-08 03:26:08 Times Seen85 Hash 479fee1497e8ed53fe632cd4110af660 42ff77f5fe23ac8aff0d4837f9e5cb0fb8a918c0 00153616bcd7e705949fa43e3573c41b7808dfe57255d1dcc42e24c4dad5efa8 Loading...

	static.wellsfargo.com/tracking/main/utag.319.js?utv=ut4.48.202209142209	7.0 kB	2023-03-08	2023-03-29
Pretty URL static.wellsfargo.com/tracking/main/utag.319.js?utv=ut4.48.202209142209 IP 159.45.66.178 ASN #4196 WELLSFARGO-4196 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:03:23 Last Seen2023-03-29 22:00:36 Times Seen47 Hash 3193265899115fcee583c2662559f250 22d60605121c7dc621b04edb46f2539d98fdcf9c 2e8b86b25ab5fb19b62a69f5ca7bb0f242136e3883b688670595ba896b7e53c8 Loading...

	static.wellsfargo.com/tracking/main/utag.js	326 kB	2023-03-08	2023-03-08
Pretty URL static.wellsfargo.com/tracking/main/utag.js IP 159.45.66.178 ASN #4196 WELLSFARGO-4196 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:03:23 Last Seen2023-03-08 07:42:42 Times Seen1 Hash 7b4ba84ab0e2728a5ab460d07d2ac628 3067acb47d78a4630389f9017e467849de044461 b3f7e20d4377aaf99d7f96583d265be6a3ef34fefac4f7072e6bd0597649ff5c Loading...

	static.wellsfargo.com/assets/js/wfui/ndep/js/nuan_websdk_bootstrap.js	66 kB	2023-03-07	2023-03-17
Pretty URL static.wellsfargo.com/assets/js/wfui/ndep/js/nuan_websdk_bootstrap.js IP 159.45.66.178 ASN #4196 WELLSFARGO-4196 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2023-03-17 11:41:13 Times Seen1 Hash 831557d9711fd36924ae1bfac5a7a7db 9d6a6b34a82a1e4f27f610b460c9e33c102da9de b16b31f2f8e681a5909e23a5508af022a3744b365d9077bea964d728e28929a3 Loading...

	static.wellsfargo.com/tracking/main/utag.379.js?utv=ut4.48.202207272202	2.2 kB	2023-03-07	2024-04-08
Pretty URL static.wellsfargo.com/tracking/main/utag.379.js?utv=ut4.48.202207272202 IP 159.45.66.178 ASN #4196 WELLSFARGO-4196 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2024-04-08 03:26:08 Times Seen84 Hash f4d859c7b49fa343d9c8b25c689d837e c571cf8c4aa455cd656785571a398b03bda70254 49e726aa41e4128560776f794aeae8f9648b7045769cf240ab3ff4f5d002d529 Loading...

	static.wellsfargo.com/tracking/ga/gtag.js?id=UA-107148943-1	117 kB	2023-03-07	2023-03-26
Pretty URL static.wellsfargo.com/tracking/ga/gtag.js?id=UA-107148943-1 IP 159.45.66.178 ASN #4196 WELLSFARGO-4196 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2023-03-26 09:22:04 Times Seen2 Hash 17324c64926790e7068528ee285677e0 5f7c9d7694dfa9e92d5ae871cb0ea0cc5b4776c3 79f666407709e82d49c80fc330a5a34952fc56f30de257ccc3ae432d87c6fedc Loading...

	static.wellsfargo.com/tracking/gb/detector-dom.min.js	440 kB	2023-03-08	2023-04-13
Pretty URL static.wellsfargo.com/tracking/gb/detector-dom.min.js IP 159.45.66.178 ASN #4196 WELLSFARGO-4196 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:19:07 Last Seen2023-04-13 08:50:50 Times Seen267 Hash d980391562cb88335867228eb62355e0 ee7af0c08ee43ff66f6bba09c08852f7b3859a42 313c07f6e4facc5730db27563c4aeaad1a86126333d448e47c7b29adb1f806fd Loading...

	static.wellsfargo.com/tracking/main/utag.431.js?utv=ut4.48.202107202150	2.5 kB	2023-03-07	2024-04-08
Pretty URL static.wellsfargo.com/tracking/main/utag.431.js?utv=ut4.48.202107202150 IP 159.45.66.178 ASN #4196 WELLSFARGO-4196 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2024-04-08 03:26:08 Times Seen82 Hash 47057e93093059b6ae4917b6015bd8fe c6b654398fc654f415bcd1cff05f926d9193fc65 2c7310c0bbcf2becb50249819d7d0d68636930bab7307962d020cebf0d9de42c Loading...

	static.wellsfargo.com/tracking/main/utag.403.js?utv=ut4.48.202104051735	2.6 kB	2023-03-07	2023-05-21
Pretty URL static.wellsfargo.com/tracking/main/utag.403.js?utv=ut4.48.202104051735 IP 159.45.66.178 ASN #4196 WELLSFARGO-4196 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2023-05-21 08:37:02 Times Seen74 Hash 211205c31f696e1bb7eee132a746fa45 f97ced5d992cf340c530a244639eb581d0767965 0cb89661317d3e3c5072364afb0da53fc3d43bb5edf3ac43327b1a57f993a251 Loading...

	cdn.schemaapp.com/javascript/highlight.js	32 kB	2023-03-07	2023-03-10
Pretty URL cdn.schemaapp.com/javascript/highlight.js IP 54.230.111.100 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:20:47 Last Seen2023-03-10 11:24:14 Times Seen1 Hash a75cfd2d41ac714329a4fc6895bb082d fc0712f2a046bebe006eb92279383b4f659b6b64 6f7298ad8b3f1b09f9454047ef159a3c943b93adbf93dce07a76a1152b76f136 Loading...

	static.wellsfargo.com/tracking/main/utag.225.js?utv=ut4.48.202208301942	16 kB	2023-03-07	2023-05-21
Pretty URL static.wellsfargo.com/tracking/main/utag.225.js?utv=ut4.48.202208301942 IP 159.45.66.178 ASN #4196 WELLSFARGO-4196 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2023-05-21 08:37:02 Times Seen79 Hash ede450a69bfad8ba8be6c09afec643d9 525ca9fbebba307f6a5d5c4c8ab2a3ba9afa70c2 d4c3ac2df676fc3c4c0662d5635b8078cbea41051632004adeee5e17ba9337b8 Loading...

	static.wellsfargo.com/tracking/main/utag.471.js?utv=ut4.48.202209271731	6.7 kB	2023-03-08	2023-05-21
Pretty URL static.wellsfargo.com/tracking/main/utag.471.js?utv=ut4.48.202209271731 IP 159.45.66.178 ASN #4196 WELLSFARGO-4196 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:03:23 Last Seen2023-05-21 08:37:02 Times Seen76 Hash 36ebda59de9fa37cbea1f48593d20eb1 e175622005a38183dd0c33deb423a1fb02d2ba5e d257a14d93cafce44ecdb34393fadbe76117819c7de517aff08925cfee9bfbf4 Loading...

	media-wellsfargo.nod-glb.nuance.com/media/launch/site_10006005_default_jssdk.js?codeVersion=1664936708888	145 kB	2023-03-08	2023-03-08
Pretty URL media-wellsfargo.nod-glb.nuance.com/media/launch/site_10006005_default_jssdk.js?codeVersion=1664936708888 IP 8.39.193.5 ASN #54396 NUANCE-MOBILITY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:03:52 Last Seen2023-03-08 08:13:26 Times Seen1 Hash 3fef62da82bb057e35f9fa1c5deae5fd a9429641c317311e7aa7c907987deae6bbd71789 ddf307fb9b8f55dd387f9146d421befdebf8106c3d0d884d5d856754007ba77f Loading...

	zitic.duckdns.org/v/static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js	2.0 kB	2023-03-07	2024-04-08
Pretty URL zitic.duckdns.org/v/static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js IP 54.224.73.73 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-08 03:26:08 Times Seen4778 Hash e7cf4c458b327ab7ed31e0936ccd404f 970bf05073f91ad6b8f21521f7c9886f71f2af1d 52b687a685d2239142be0db5335c5710951ba8c2b39a44431a40f156b4d9312d Loading...

	static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js	32 kB	2023-03-07	2023-11-04
Pretty URL static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js IP 159.45.66.178 ASN #4196 WELLSFARGO-4196 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2023-11-04 00:29:39 Times Seen29 Hash 162100f507af8b50f1406bf3fc405ce5 cf0a2bf9b914710962e0dd7899b93ba5ceb5134d e9a598a5cc23c24a8ecc364ed7413961e416f5e9ec3df513ad9a12cda625a279 Loading...

	www.wellsfargo.com/js/global/global.js	230 kB	2023-03-08	2023-03-08
Pretty URL www.wellsfargo.com/js/global/global.js IP 159.45.2.145 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:03:23 Last Seen2023-03-08 08:14:13 Times Seen1 Hash a6d222867ebc1b0e6a57eddc8bd7418b be0c5877af0cf33abf8de5c793935c7c94c5fe7e 77d1d5f3d877905d3f0f5a434b77be2e3cf34887e0022ad9cae1b5d39150f827 Loading...

	www.wellsfargo.com/js/frameworks/jq/jquery-ui.js	339 kB	2023-03-07	2023-05-21
Pretty URL www.wellsfargo.com/js/frameworks/jq/jquery-ui.js IP 159.45.2.145 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2023-05-21 08:37:02 Times Seen9 Hash 9726560d23e8100d33456702719491d1 1c64bfa8088fc04d7b6633a3479cb57ec9969d3a d65fdc6b62a5f7a8a9cbc7a756b75ed80b81cf828295d507aeec9878e908ad4d Loading...

	static.wellsfargo.com/assets/js/wfui/ndep/websdk/nuance-websdk-loader.js	36 kB	2023-03-07	2023-03-17
Pretty URL static.wellsfargo.com/assets/js/wfui/ndep/websdk/nuance-websdk-loader.js IP 159.45.66.178 ASN #4196 WELLSFARGO-4196 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2023-03-17 11:41:13 Times Seen1 Hash a87d017094c294b72c41efb2cfbf49aa 86590309a3f44265fd4acd0b35c5911c18047ca8 c19b2cfb96a4e34bf9537736e5ca1fcea2fa89b6f0c05ec2e7e2c7a017bafdb6 Loading...

	static.wellsfargo.com/tracking/main/utag.166.js?utv=ut4.48.202208100004	15 kB	2023-03-07	2023-05-21
Pretty URL static.wellsfargo.com/tracking/main/utag.166.js?utv=ut4.48.202208100004 IP 159.45.66.178 ASN #4196 WELLSFARGO-4196 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2023-05-21 08:37:02 Times Seen79 Hash 80f41e3e9de3719de7b98e3fd6e0f727 70d1b9891e6f319b0f3f29adbc2832f493ac3b61 cb1b454a046f8f46ee3e5ea389d3648e46bf0973db9f61faa2724162ef850b03 Loading...

	tag-wellsfargo.nod-glb.nuance.com/tagserver/postToServer.min.htm?siteID=10006005&codeVersion=1664936708888	21 kB	2023-03-07	2023-07-06
Pretty URL tag-wellsfargo.nod-glb.nuance.com/tagserver/postToServer.min.htm?siteID=10006005&codeVersion=1664936708888 IP 8.39.193.5 ASN #54396 NUANCE-MOBILITY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:04 Last Seen2023-07-06 01:44:31 Times Seen101 Hash ceff19d6f6c2b1a641348fe75922e31d 0f49f9408d2499018f89a9c651dbeb869120ae64 7455230adb5d30b14d3ce23c11e2937451ce1eecb55a592703bbcd2044711cea Loading...

	zitic.duckdns.org/v/www.wellsfargo.com/mortgage/mortgage-refinance-v3/index.html	1.2 kB	2023-03-08	2023-03-08
Pretty URL zitic.duckdns.org/v/www.wellsfargo.com/mortgage/mortgage-refinance-v3/index.html IP 54.224.73.73 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:03:52 Last Seen2023-03-08 08:13:26 Times Seen1 Hash f44c7fab129a766c3bb64da48883981d 92442db80268741d9227fcf9f820d0d146d3fb28 97806b8f94d73ed3f62519ca7910519621c0f0e3900b06fb7331d3b1e13e38a0 Loading...

	static.wellsfargo.com/tracking/main/utag.413.js?utv=ut4.48.202207272202	3.0 kB	2023-03-07	2024-04-08
Pretty URL static.wellsfargo.com/tracking/main/utag.413.js?utv=ut4.48.202207272202 IP 159.45.66.178 ASN #4196 WELLSFARGO-4196 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2024-04-08 03:26:08 Times Seen82 Hash 6aedb7426c48b548874c016faf3f6e24 e3e8420bd3e75e7e6319a3f00a8c2aff6e33961a 8221ff8f89f7c212ab6cb02b5edf294ca06322a313ccd0fa8f5d17356cb07d88 Loading...

HTTP Transactions (133)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

54.230.111.118

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
54.230.111.118:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: WkZ7tYe1FbU7Xk9WbqKZCYN_E3QcKB4mO7ALH8nA6doSbIF6-Ve1jA==
Age: 67233

zitic.duckdns.org/v/www.wellsfargo.com/mortgage/mortgage-refinance-v3/index.html

54.224.73.73

200 OK

28 kB

URL HTTP/1.1
zitic.duckdns.org/v/www.wellsfargo.com/mortgage/mortgage-refinance-v3/index.html
IP
54.224.73.73:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1412), with CRLF, LF line terminators
Size
28 kB (28341 bytes)
Hash
b4082402a17a03da3c848d9385140a11
1c0804eb357cbc66adffbe71726e24384390729d
7dce0a95ed970496747c3fb6d51bda6a07586d9ecc73a92ca0336f3f9e7c47e6

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
openphish	Wells Fargo & Company
fortinet	Phishing

HTTP Headers

GET /v/www.wellsfargo.com/mortgage/mortgage-refinance-v3/index.html HTTP/1.1
Host: zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:27:51 GMT
Server: Apache
Last-Modified: Fri, 30 Sep 2022 22:54:30 GMT
Accept-Ranges: bytes
Content-Length: 28341
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
282f6e1328452c1cb41f6a6272fff757
20b9ff1b5f4f81b645769bd4b4cf7bf7dfc16262
6a8070ebe51259cb11db68cca2c81f3c7408fad481d8c14cc1c38912442c63f4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A8070EBE51259CB11DB68CCA2C81F3C7408FAD481D8C14CC1C38912442C63F4"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7906
Expires: Thu, 06 Oct 2022 12:39:38 GMT
Date: Thu, 06 Oct 2022 10:27:52 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

54.230.111.7

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
54.230.111.7:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 06 Oct 2022 04:02:33 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: tG_Dw1zUpoa5dn7nNuFAexc9VFuoUszo7L122PbAOnJkM6hHhgMqEw==
age: 23120
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 10:27:52 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

zitic.duckdns.org/v/static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js

54.224.73.73

200 OK

2.0 kB

URL HTTP/1.1
zitic.duckdns.org/v/static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js
IP
54.224.73.73:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (1952), with no line terminators
Size
2.0 kB (1952 bytes)
Hash
e7cf4c458b327ab7ed31e0936ccd404f
970bf05073f91ad6b8f21521f7c9886f71f2af1d
52b687a685d2239142be0db5335c5710951ba8c2b39a44431a40f156b4d9312d

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
fortinet	Phishing

HTTP Headers

GET /v/static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js HTTP/1.1
Host: zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://zitic.duckdns.org/v/www.wellsfargo.com/mortgage/mortgage-refinance-v3/index.html

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:27:52 GMT
Server: Apache
Last-Modified: Thu, 20 Jan 2022 03:38:26 GMT
Accept-Ranges: bytes
Content-Length: 1952
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
ee9e15db28c6c174de4e0f2922e2b25c
9df4ed69f087ce66e15dec440470706a0b548474
3c2acc9d0d0eb77f7bb2e28a662473040984c2b2fe36be30b7acd45a45c504b3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1879
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 10:27:52 GMT
Last-Modified: Thu, 06 Oct 2022 09:56:33 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
ee9e15db28c6c174de4e0f2922e2b25c
9df4ed69f087ce66e15dec440470706a0b548474
3c2acc9d0d0eb77f7bb2e28a662473040984c2b2fe36be30b7acd45a45c504b3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1879
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 10:27:52 GMT
Last-Modified: Thu, 06 Oct 2022 09:56:33 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
ee9e15db28c6c174de4e0f2922e2b25c
9df4ed69f087ce66e15dec440470706a0b548474
3c2acc9d0d0eb77f7bb2e28a662473040984c2b2fe36be30b7acd45a45c504b3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4815
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 10:27:52 GMT
Last-Modified: Thu, 06 Oct 2022 09:07:37 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
ee9e15db28c6c174de4e0f2922e2b25c
9df4ed69f087ce66e15dec440470706a0b548474
3c2acc9d0d0eb77f7bb2e28a662473040984c2b2fe36be30b7acd45a45c504b3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3044
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 10:27:52 GMT
Last-Modified: Thu, 06 Oct 2022 09:37:09 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
ee9e15db28c6c174de4e0f2922e2b25c
9df4ed69f087ce66e15dec440470706a0b548474
3c2acc9d0d0eb77f7bb2e28a662473040984c2b2fe36be30b7acd45a45c504b3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 258
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 10:27:52 GMT
Last-Modified: Thu, 06 Oct 2022 10:23:34 GMT
Server: ECS (amb/6BA1)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
714884a57375646cad1baef2220eb6cf
6e905029a7c31f9b759aabb08340e0b3b9b6a43d
9c11fc482233d4c4c5d05ea70270e08d29a45e00fa18f439be416fc561099c1c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 221
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 10:27:52 GMT
Last-Modified: Thu, 06 Oct 2022 10:24:11 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
714884a57375646cad1baef2220eb6cf
6e905029a7c31f9b759aabb08340e0b3b9b6a43d
9c11fc482233d4c4c5d05ea70270e08d29a45e00fa18f439be416fc561099c1c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4904
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 10:27:52 GMT
Last-Modified: Thu, 06 Oct 2022 09:06:08 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
60e15c331eace6c365b7907684305d5b
0bd2b17c8e69678b43b2beb1beb81cb059f848b7
9fba594974e3d01120b06149dbe25cbdd65a33f81a5a362283146b3472aa0aaa

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4100
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 10:27:52 GMT
Last-Modified: Thu, 06 Oct 2022 09:19:32 GMT
Server: ECS (amb/6B89)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
714884a57375646cad1baef2220eb6cf
6e905029a7c31f9b759aabb08340e0b3b9b6a43d
9c11fc482233d4c4c5d05ea70270e08d29a45e00fa18f439be416fc561099c1c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6444
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 10:27:52 GMT
Last-Modified: Thu, 06 Oct 2022 08:40:28 GMT
Server: ECS (amb/6B73)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
714884a57375646cad1baef2220eb6cf
6e905029a7c31f9b759aabb08340e0b3b9b6a43d
9c11fc482233d4c4c5d05ea70270e08d29a45e00fa18f439be416fc561099c1c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 10:27:52 GMT
Server: ECS (amb/6B89)
Content-Length: 471

www.wellsfargo.com/css/vendor/video-js.css

159.45.2.145

200 OK

14 kB

URL HTTP/1.1
www.wellsfargo.com/css/vendor/video-js.css
IP
159.45.2.145:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (19577)
Size
14 kB (13980 bytes)
Hash
e8bc91c72d762cbbef2808777d5a9bcf
5ba83a1b3904a42fa83588d83ba81b4e17c48928
c039b9caa0e841feb7fd71b9084ac9729c92bf1eec41d16e1ecf8bc218739851

HTTP Headers

GET /css/vendor/video-js.css HTTP/1.1
Host: www.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:27:52 GMT
Content-Type: text/css
Last-Modified: Mon, 05 Sep 2022 08:33:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6315b454-ab84"
Expires: Thu, 06 Oct 2022 10:57:52 GMT
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com

static.wellsfargo.com/assets/js/wfui/container/wfui-container-top.js

159.45.66.178

200 OK

17 kB

URL HTTP/1.1
static.wellsfargo.com/assets/js/wfui/container/wfui-container-top.js
IP
159.45.66.178:0
ASN
#4196 WELLSFARGO-4196

File type
Unicode text, UTF-8 text, with very long lines (48287)
Size
17 kB (16778 bytes)
Hash
a75fd8e10b107df2ef26038f1783ac4e
b27d8fc62fd83f944d638b93140ec05bd050ded4
9baeb568dd185db9aeaefd009c3778e3fe04b59acfa6c04fe96bdf608c8f2299

HTTP Headers

GET /assets/js/wfui/container/wfui-container-top.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:27:52 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Sat, 13 Aug 2022 13:50:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62f7ac0c-bcef"
Cache-Control: max-age=1800
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip

www.wellsfargo.com/css/tools/homelending/homelending.css

159.45.2.145

200 OK

3.2 kB

URL HTTP/1.1
www.wellsfargo.com/css/tools/homelending/homelending.css
IP
159.45.2.145:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (8055)
Size
3.2 kB (3190 bytes)
Hash
b4b979d861a3f9b5f0f275b86a389619
59c4cf8d452ef7886017909808fa0c45620bfbc1
adc2bd1767db2dea0bbe9d9846f392c90b5840f119473be1e43319248adde2ac

HTTP Headers

GET /css/tools/homelending/homelending.css HTTP/1.1
Host: www.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:27:52 GMT
Content-Type: text/css
Last-Modified: Mon, 05 Sep 2022 08:33:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6315b454-2f0c"
Expires: Thu, 06 Oct 2022 10:57:52 GMT
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com

www.wellsfargo.com/css/template/ui-lightness/jquery-ui.custom.css

159.45.2.145

200 OK

3.5 kB

URL HTTP/1.1
www.wellsfargo.com/css/template/ui-lightness/jquery-ui.custom.css
IP
159.45.2.145:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (7443)
Size
3.5 kB (3484 bytes)
Hash
bd26fea19f8cd25a2f0e7049bfbf20e5
bef14c1fd36f7c5038c88ce6c9942477ef673634
28e648cccfc26b07acdebac605f7b16d9de18e0fc4bfae55da3d2e2196c79df2

HTTP Headers

GET /css/template/ui-lightness/jquery-ui.custom.css HTTP/1.1
Host: www.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:27:52 GMT
Content-Type: text/css
Last-Modified: Mon, 05 Sep 2022 08:33:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6315b454-47e3"
Expires: Thu, 06 Oct 2022 10:57:52 GMT
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com

www.wellsfargo.com/js/shared/media-player-custom.js

159.45.2.145

200 OK

1.1 kB

URL HTTP/1.1
www.wellsfargo.com/js/shared/media-player-custom.js
IP
159.45.2.145:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (4348), with no line terminators
Size
1.1 kB (1072 bytes)
Hash
093678f8ad7bdbc8cd585c56e790a897
d902c5e10098748cd595696e2dfd6477af38d6d2
dcc204775e343aca84f7c8cfa23a2addc3e9681567d5cd071e6f05ba8606dd89

HTTP Headers

GET /js/shared/media-player-custom.js HTTP/1.1
Host: www.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:27:52 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Mon, 05 Sep 2022 08:33:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6315b450-10fc"
Expires: Thu, 06 Oct 2022 10:57:52 GMT
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
60e15c331eace6c365b7907684305d5b
0bd2b17c8e69678b43b2beb1beb81cb059f848b7
9fba594974e3d01120b06149dbe25cbdd65a33f81a5a362283146b3472aa0aaa

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 10:27:52 GMT
Server: ECS (amb/6B88)
Content-Length: 471

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

54.230.111.118

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
54.230.111.118:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Thu, 06 Oct 2022 09:29:41 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Thu, 06 Oct 2022 10:00:53 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: oRz2F646VVRFiMhqadt8LZUzJs-RnhHYSk3R9yt1OjRfyTeppXH_Dw==
Age: 3491

www.wellsfargo.com/js/frameworks/slick01.js

159.45.2.145

200 OK

14 kB

URL HTTP/1.1
www.wellsfargo.com/js/frameworks/slick01.js
IP
159.45.2.145:0
ASN
#10837 WELLSFARGO-10837

File type
Unicode text, UTF-8 text, with very long lines (8157)
Size
14 kB (13861 bytes)
Hash
f3b4fe3b70d7879d03983a1f0c7bfb02
d9e7bd3d0fafdf62a785057f98585e3aee716888
e42bf212ab8bc25a50408cfc448b8fd27ab21553564e866699a808e880390435

HTTP Headers

GET /js/frameworks/slick01.js HTTP/1.1
Host: www.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:27:52 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Mon, 05 Sep 2022 08:33:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6315b44e-f651"
Expires: Thu, 06 Oct 2022 10:57:52 GMT
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com

static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js

159.45.66.178

200 OK

11 kB

URL HTTP/1.1
static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js
IP
159.45.66.178:0
ASN
#4196 WELLSFARGO-4196

File type
Unicode text, UTF-8 text, with very long lines (31790)
Size
11 kB (11076 bytes)
Hash
6d79a0dbc6ea2602aa38bbf53e43124e
8b53e45df3e4aea81cbfaa90081f6795bcfe39fc
d2aa003ecdd6c31e12964104bd23498a60e94fa2d163c6d1ff285db59f61bb6a

HTTP Headers

GET /assets/js/wfui/container/wfui-container-bottom.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:27:52 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Sat, 12 Feb 2022 17:58:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6207f544-7c61"
Cache-Control: max-age=1800
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip

www.wellsfargo.com/js/vendor/jquery.min.js

159.45.2.145

200 OK

33 kB

URL HTTP/1.1
www.wellsfargo.com/js/vendor/jquery.min.js
IP
159.45.2.145:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (8077)
Size
33 kB (33308 bytes)
Hash
168e3db9aed10d5a534287cbff2304e0
169ff7955da23134626a75db6337232feeebef4a
1140ecb834e6e1aa2a5ec74793e9a5ce3d6a1c47b384b63f7a61646ca0b54618

HTTP Headers

GET /js/vendor/jquery.min.js HTTP/1.1
Host: www.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:27:52 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Mon, 05 Sep 2022 08:33:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6315b450-17d5c"
Expires: Thu, 06 Oct 2022 10:57:52 GMT
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com

www.wellsfargo.com/css/template/global.css

159.45.2.145

200 OK

34 kB

URL HTTP/1.1
www.wellsfargo.com/css/template/global.css
IP
159.45.2.145:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (8261)
Size
34 kB (33875 bytes)
Hash
bde2c1be77c92f84fb05e75fb791ced3
6fa898da825712388a330c5a55341f1bc6ea841f
bdfa97725a18f7ef601a99479f2ffc4db97c661e432dbb8c5318748edeabd71b

HTTP Headers

GET /css/template/global.css HTTP/1.1
Host: www.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:27:52 GMT
Content-Type: text/css
Last-Modified: Mon, 05 Sep 2022 08:33:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6315b454-2d449"
Expires: Thu, 06 Oct 2022 10:57:52 GMT
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
8be5570b9a5ca76c580da007a824b029
38840f2ac6476bdd5608121c5653e338c7ad9715
0b94e05080ef85432b1815eb3c6c7594c9613cfde1b51eeabee46d0d9fde64b2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5306
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 10:27:53 GMT
Last-Modified: Thu, 06 Oct 2022 08:59:27 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

www.wellsfargo.com/js/vendor/video.js

159.45.2.145

200 OK

78 kB

URL HTTP/1.1
www.wellsfargo.com/js/vendor/video.js
IP
159.45.2.145:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (8169)
Size
78 kB (78047 bytes)
Hash
5832f5704f0825e0ffd440d53c3b955c
a4c1609efee7e03f0ce9d0f20fd42015c315aef4
5175be972567e37ed17b1e33fe2f9ad422eaefcc187f6b49f1369ebf3234e875

HTTP Headers

GET /js/vendor/video.js HTTP/1.1
Host: www.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:27:52 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Mon, 05 Sep 2022 08:33:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6315b450-666fc"
Expires: Thu, 06 Oct 2022 10:57:52 GMT
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com

www04.wellsfargomedia.com/assets/images/css/template/homepage/homepage-lock.svg

104.110.5.8

200 OK

668 B

URL HTTP/2
www04.wellsfargomedia.com/assets/images/css/template/homepage/homepage-lock.svg
IP
104.110.5.8:0
ASN
#16625 AKAMAI-AS

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
668 B (668 bytes)
Hash
de6fd1f7ffea13b855770b5dc54daf72
0e4ab6e3433c7607280e977fd9e9c5442eb30344
deab472180f1d0240b8f200d69c896d68ddf08eba1928ef3d2f2fbd4beefbbfa

HTTP Headers

GET /assets/images/css/template/homepage/homepage-lock.svg HTTP/1.1
Host: www04.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/svg+xml
accept-ranges: bytes
content-encoding: br
etag: "6f8-554880386bac0"
last-modified: Wed, 25 Aug 2021 22:12:55 GMT
server: Akamai Resource Optimizer
strict-transport-security: max-age=31536000; includeSubdomains;
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 668
unused62: 8096267
cache-control: max-age=3128100
expires: Fri, 11 Nov 2022 15:22:53 GMT
date: Thu, 06 Oct 2022 10:27:53 GMT
X-Firefox-Spdy: h2

www01.wellsfargomedia.com/assets/images/global/btn-close-x.png

104.110.5.8

200 OK

1.3 kB

URL HTTP/2
www01.wellsfargomedia.com/assets/images/global/btn-close-x.png
IP
104.110.5.8:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.3 kB (1338 bytes)
Hash
51f9ce35922f8fd2a8f332ecab96fadf
219d30a9ae5bc02d9b3f3032ef40329cb65a2f70
df18094841a0d00f767d5928cdc130069ca22c4f4e7ced49cb21c5b571ae0f33

HTTP Headers

GET /assets/images/global/btn-close-x.png HTTP/1.1
Host: www01.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
etag: "5ad-4dd7c5a174400"
last-modified: Thu, 26 Aug 2021 01:32:57 GMT
server: Akamai Image Manager
x-serial: 1801
x-check-cacheable: YES
content-length: 1338
content-type: image/webp
unused62: 8096267
cache-control: private, no-transform, max-age=15552000
expires: Tue, 04 Apr 2023 10:27:53 GMT
date: Thu, 06 Oct 2022 10:27:53 GMT
X-Firefox-Spdy: h2

www01.wellsfargomedia.com/assets/images/css/template/homepage/homepage-horz-logo.svg

104.110.5.8

200 OK

2.0 kB

URL HTTP/2
www01.wellsfargomedia.com/assets/images/css/template/homepage/homepage-horz-logo.svg
IP
104.110.5.8:0
ASN
#16625 AKAMAI-AS

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4948)
Size
2.0 kB (1977 bytes)
Hash
e56e5d0c3a6c91daa9c9e3cb35de49ec
1ac827e855541f5059c9122c624f7b5144c5faa8
6d046903ea56f94f8a7d998d662f03035b015d3019c57d88e091f16d1bd175e8

HTTP Headers

GET /assets/images/css/template/homepage/homepage-horz-logo.svg HTTP/1.1
Host: www01.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/svg+xml
accept-ranges: bytes
content-encoding: br
etag: "15b8-5895bfcbfa2c0"
last-modified: Mon, 24 May 2021 14:15:37 GMT
server: Akamai Resource Optimizer
strict-transport-security: max-age=31536000; includeSubdomains;
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 1977
unused62: 8096267
cache-control: max-age=3128100
expires: Fri, 11 Nov 2022 15:22:53 GMT
date: Thu, 06 Oct 2022 10:27:53 GMT
X-Firefox-Spdy: h2

www.wellsfargo.com/js/global/global.js

159.45.2.145

200 OK

56 kB

URL HTTP/1.1
www.wellsfargo.com/js/global/global.js
IP
159.45.2.145:0
ASN
#10837 WELLSFARGO-10837

File type
HTML document, Unicode text, UTF-8 text, with very long lines (8155)
Size
56 kB (55848 bytes)
Hash
3cc3c4c3e87a4c2f327b4443edc4d687
038aa8880f1aef9d6a5c670982794ca5f081bdd4
3814f430533d4045e91765252403aa9687628839d98abec1a6bf1ac4325b65dd

HTTP Headers

GET /js/global/global.js HTTP/1.1
Host: www.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:27:52 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Mon, 05 Sep 2022 08:33:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6315b454-3836e"
Expires: Thu, 06 Oct 2022 10:57:52 GMT
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com

www04.wellsfargomedia.com/assets/images/home-lending-shared/hide_for_hmc.png

104.110.5.8

200 OK

107 B

URL HTTP/2
www04.wellsfargomedia.com/assets/images/home-lending-shared/hide_for_hmc.png
IP
104.110.5.8:0
ASN
#16625 AKAMAI-AS

File type
PNG image data, 1 x 1, 1-bit grayscale, non-interlaced\012- data
Size
107 B (107 bytes)
Hash
e29502ab2e7a78a984fe5ae3f0bd8f80
9e0f73bcf8e412d61b5c7ddaa23eb2bd10cd24c3
d7ec07781b09c2777c423e36467fd093d55b95cca0b53f7add06a3b0e8f1cc9a

HTTP Headers

GET /assets/images/home-lending-shared/hide_for_hmc.png HTTP/1.1
Host: www04.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
etag: "61c0f0a5-cf7"
last-modified: Fri, 04 Feb 2022 23:09:52 GMT
server: Akamai Image Manager
x-serial: 1777
x-check-cacheable: YES
content-length: 107
content-type: image/png
unused62: 8096267
cache-control: private, no-transform, max-age=15552000
expires: Tue, 04 Apr 2023 10:27:53 GMT
date: Thu, 06 Oct 2022 10:27:53 GMT
X-Firefox-Spdy: h2

www.wellsfargo.com/js/frameworks/jq/jquery-ui.js

159.45.2.145

200 OK

80 kB

URL HTTP/1.1
www.wellsfargo.com/js/frameworks/jq/jquery-ui.js
IP
159.45.2.145:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (8185)
Size
80 kB (80063 bytes)
Hash
9ff54c8cd2a89ba19317dc2d21dd7b70
c72ce00b74f7e5f79b20127d3fdf2f27e9f695f6
f9fe644ca857fecf364b2560911254ab12d934588c4aa8bab0b1ffcc76ad8f12

HTTP Headers

GET /js/frameworks/jq/jquery-ui.js HTTP/1.1
Host: www.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:27:52 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Mon, 05 Sep 2022 08:33:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6315b44e-52ce2"
Expires: Thu, 06 Oct 2022 10:57:52 GMT
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com

www04.wellsfargomedia.com/assets/images/photography/lifestyle/147x91/advisor_showing_couple_loan_options_147x91.png

104.110.5.8

200 OK

4.3 kB

URL HTTP/2
www04.wellsfargomedia.com/assets/images/photography/lifestyle/147x91/advisor_showing_couple_loan_options_147x91.png
IP
104.110.5.8:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 147x91, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
4.3 kB (4254 bytes)
Hash
b52f7401a29bd06d3cf89462ada318b5
4637ff25f8b77cfad1574d7709214ebdcfe767f0
373fde17fdb06024831fc8a43fa36a5f2c4bedc212f3353714e829446515a6d1

HTTP Headers

GET /assets/images/photography/lifestyle/147x91/advisor_showing_couple_loan_options_147x91.png HTTP/1.1
Host: www04.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
etag: "7574-58b230c0f5180"
last-modified: Thu, 26 Aug 2021 01:35:21 GMT
server: Akamai Image Manager
content-length: 4254
content-type: image/webp
cache-control: private, no-transform, max-age=15552000
expires: Tue, 04 Apr 2023 10:27:53 GMT
date: Thu, 06 Oct 2022 10:27:53 GMT
X-Firefox-Spdy: h2

www01.wellsfargomedia.com/assets/images/photography/lifestyle/970x275/couple_reviewing_their_finances_970x275.jpg

104.110.5.8

200 OK

61 kB

URL HTTP/2
www01.wellsfargomedia.com/assets/images/photography/lifestyle/970x275/couple_reviewing_their_finances_970x275.jpg
IP
104.110.5.8:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 970x275, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
61 kB (60734 bytes)
Hash
bbaee97abbde594e892ffc1fda15a574
3f8498eaac323c35ac6d096a170ac9a37721b83a
6e925a97920fd5d0b8a8e1da92af5ccb373989e8bb01344c29ea4a7b8c8e2453

HTTP Headers

GET /assets/images/photography/lifestyle/970x275/couple_reviewing_their_finances_970x275.jpg HTTP/1.1
Host: www01.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
etag: "38aec-58b230c0f5180"
last-modified: Thu, 26 Aug 2021 01:35:10 GMT
server: Akamai Image Manager
unused62: 8096267
content-length: 60734
content-type: image/webp
cache-control: private, no-transform, max-age=15552000
expires: Tue, 04 Apr 2023 10:27:53 GMT
date: Thu, 06 Oct 2022 10:27:53 GMT
X-Firefox-Spdy: h2

www01.wellsfargomedia.com/assets/images/photography/lifestyle/147x91/happy_senior_couple_riding_scooter_147x91.jpg

104.110.5.8

200 OK

6.4 kB

URL HTTP/2
www01.wellsfargomedia.com/assets/images/photography/lifestyle/147x91/happy_senior_couple_riding_scooter_147x91.jpg
IP
104.110.5.8:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 147x91, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
6.4 kB (6396 bytes)
Hash
7fdf435812884d0d2167ee16d916b882
e5e10d11c20d3efaa67c316b1abc5474a37de6de
3c47e897249a33662977bd30ab9ab4224b64713cf0263e54387fff2b29914176

HTTP Headers

GET /assets/images/photography/lifestyle/147x91/happy_senior_couple_riding_scooter_147x91.jpg HTTP/1.1
Host: www01.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
etag: "5d012a96-76a7"
last-modified: Wed, 10 Nov 2021 22:40:02 GMT
server: Akamai Image Manager
content-length: 6396
content-type: image/webp
cache-control: private, no-transform, max-age=15552000
expires: Tue, 04 Apr 2023 10:27:53 GMT
date: Thu, 06 Oct 2022 10:27:53 GMT
X-Firefox-Spdy: h2

www.wellsfargo.com/css/template/print.css

159.45.2.145

200 OK

280 B

URL HTTP/1.1
www.wellsfargo.com/css/template/print.css
IP
159.45.2.145:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (570), with no line terminators
Size
280 B (280 bytes)
Hash
0bedbeb280ad7fe4984c41a5310dcf5d
21437c76f6acfc98cb62e778521229a95f520ea0
a58b9ecd2517292e12277596f941bd00a57ea10a884f0b02063a60386ca9a50e

HTTP Headers

GET /css/template/print.css HTTP/1.1
Host: www.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:27:53 GMT
Content-Type: text/css
Last-Modified: Mon, 05 Sep 2022 08:33:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6315b454-23a"
Expires: Thu, 06 Oct 2022 10:57:53 GMT
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com

www.wellsfargo.com/assets/images/global/s.gif?log=1&cb=1664574870046&event=PageLoad&pid=tcm:222-239797-64&ptid=tcm:222-170471-128&pageUrl=https%3A%2F%2Fwww.wellsfargo.com%2Fmortgage%2Fmortgage-refinance-v3%2F&clist=84-177353-16~91-122371-32|182-215726-16~91-2052-32|182-26518-16~223-3765-32|84-5531-16~91-2045-32|84-39242-16~91-1924-32|84-207758-16~91-1924-32|84-8259-16~91-1865-32|84-36594-16~91-2830-32|182-175852-16~223-3757-32|182-221991-16~91-2049-32|182-175247-16~223-122394-32|182-175256-16~223-122392-32|182-251842-16~223-122392-32|84-7805-16~91-6211-32|182-215730-16~91-2049-32|84-7805-16~91-6211-32|182-175251-16~223-122394-32|182-175425-16~223-6249-32|182-212397-16~223-3757-32|182-212496-16~223-3755-32|182-212402-16~223-3755-32|182-212497-16~223-3755-32|84-7805-16~91-6211-32|182-236397-16~223-199718-32|84-8253-16~91-1866-32

159.45.2.145

200 OK

43 B

URL HTTP/1.1
www.wellsfargo.com/assets/images/global/s.gif?log=1&cb=1664574870046&event=PageLoad&pid=tcm:222-239797-64&ptid=tcm:222-170471-128&pageUrl=https%3A%2F%2Fwww.wellsfargo.com%2Fmortgage%2Fmortgage-refinance-v3%2F&clist=84-177353-16~91-122371-32|182-215726-16~91-2052-32|182-26518-16~223-3765-32|84-5531-16~91-2045-32|84-39242-16~91-1924-32|84-207758-16~91-1924-32|84-8259-16~91-1865-32|84-36594-16~91-2830-32|182-175852-16~223-3757-32|182-221991-16~91-2049-32|182-175247-16~223-122394-32|182-175256-16~223-122392-32|182-251842-16~223-122392-32|84-7805-16~91-6211-32|182-215730-16~91-2049-32|84-7805-16~91-6211-32|182-175251-16~223-122394-32|182-175425-16~223-6249-32|182-212397-16~223-3757-32|182-212496-16~223-3755-32|182-212402-16~223-3755-32|182-212497-16~223-3755-32|84-7805-16~91-6211-32|182-236397-16~223-199718-32|84-8253-16~91-1866-32
IP
159.45.2.145:0
ASN
#10837 WELLSFARGO-10837

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

HTTP Headers

GET /assets/images/global/s.gif?log=1&cb=1664574870046&event=PageLoad&pid=tcm:222-239797-64&ptid=tcm:222-170471-128&pageUrl=https%3A%2F%2Fwww.wellsfargo.com%2Fmortgage%2Fmortgage-refinance-v3%2F&clist=84-177353-16~91-122371-32|182-215726-16~91-2052-32|182-26518-16~223-3765-32|84-5531-16~91-2045-32|84-39242-16~91-1924-32|84-207758-16~91-1924-32|84-8259-16~91-1865-32|84-36594-16~91-2830-32|182-175852-16~223-3757-32|182-221991-16~91-2049-32|182-175247-16~223-122394-32|182-175256-16~223-122392-32|182-251842-16~223-122392-32|84-7805-16~91-6211-32|182-215730-16~91-2049-32|84-7805-16~91-6211-32|182-175251-16~223-122394-32|182-175425-16~223-6249-32|182-212397-16~223-3757-32|182-212496-16~223-3755-32|182-212402-16~223-3755-32|182-212497-16~223-3755-32|84-7805-16~91-6211-32|182-236397-16~223-199718-32|84-8253-16~91-1866-32 HTTP/1.1
Host: www.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:27:53 GMT
Content-Type: image/gif
Content-Length: 43
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
Connection: keep-alive
ETag: "519fc8a6-2b"
Expires: Wed, 05 Oct 2022 10:27:53 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com

www17.wellsfargomedia.com/assets/images/css/template/homepage/homepage-magnifying-glass.png

104.110.27.78

200 OK

236 B

URL HTTP/2
www17.wellsfargomedia.com/assets/images/css/template/homepage/homepage-magnifying-glass.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image\012- data
Size
236 B (236 bytes)
Hash
8cf6735df721c60affadb70ad95732eb
ae8a42ebbd6b60630e2c612e924c4fd66a4aca33
8dc5436dce4423f0e53e85904b6dc0552c1c8bbde0dd4ec1c929a1c272201c4c

HTTP Headers

GET /assets/images/css/template/homepage/homepage-magnifying-glass.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wellsfargo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
etag: "59c2114b-12e"
last-modified: Sat, 23 Jul 2022 13:52:11 GMT
server: Akamai Image Manager
content-length: 236
content-type: image/webp
cache-control: private, no-transform, max-age=674284
expires: Fri, 14 Oct 2022 05:45:57 GMT
date: Thu, 06 Oct 2022 10:27:53 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/css/template/equal_housing_lender.png

104.110.27.78

200 OK

146 B

URL HTTP/2
www17.wellsfargomedia.com/assets/images/css/template/equal_housing_lender.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 14x10, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
146 B (146 bytes)
Hash
c73303512a820b836d024a0efc538d22
2b30f51905546ab930bfc316a0fe508a73cd0eb3
4c9381cad294a8fadeceba5b80bd34158c900eb9a401095d013c77644030598c

HTTP Headers

GET /assets/images/css/template/equal_housing_lender.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wellsfargo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "519fc768-443"
last-modified: Mon, 25 Jul 2022 07:26:21 GMT
server: Akamai Image Manager
x-serial: 2004
x-check-cacheable: YES
content-length: 146
content-type: image/webp
cache-control: private, no-transform, max-age=939864
expires: Mon, 17 Oct 2022 07:32:17 GMT
date: Thu, 06 Oct 2022 10:27:53 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/fonts/wellsfargosans-bd.woff2

104.110.27.78

200 OK

22 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-bd.woff2
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
Web Open Font Format (Version 2), TrueType, length 22172, version 1.13107\012- data
Size
22 kB (22172 bytes)
Hash
f0307736c3a6ef356722f1dc3e9fa3f4
e29ea90ba786f0e08caa770dcfdfe923f619bebd
6bc7e16d4b6822a6867d7dd9f9d29f5fd77cd803750b0fe38a92309d9eb00704

HTTP Headers

GET /assets/fonts/wellsfargosans-bd.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://zitic.duckdns.org
Connection: keep-alive
Referer: https://www.wellsfargo.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: font/woff2
content-length: 22172
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-569c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=7228359
expires: Thu, 29 Dec 2022 02:20:32 GMT
date: Thu, 06 Oct 2022 10:27:53 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/css/template/chevron-right-grey.png

104.110.27.78

200 OK

82 B

URL HTTP/2
www17.wellsfargomedia.com/assets/images/css/template/chevron-right-grey.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 8x9, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
82 B (82 bytes)
Hash
8a64ca48888869867604fec4ca5a2300
05ecffa2687820e76c82f487d0347a5120615dd1
fb39d6b03e532d8c65acd85e6be42ac3fd7d781451a4bb1c616286a231c80cfa

HTTP Headers

GET /assets/images/css/template/chevron-right-grey.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wellsfargo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
etag: "519fc766-3ed"
last-modified: Sat, 23 Jul 2022 13:52:12 GMT
server: Akamai Image Manager
x-serial: 612
x-check-cacheable: YES
content-length: 82
content-type: image/webp
cache-control: private, no-transform, max-age=628477
expires: Thu, 13 Oct 2022 17:02:30 GMT
date: Thu, 06 Oct 2022 10:27:53 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/fonts/wellsfargosans-rg.woff2

104.110.27.78

200 OK

22 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-rg.woff2
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
Web Open Font Format (Version 2), TrueType, length 22424, version 1.13107\012- data
Size
22 kB (22424 bytes)
Hash
0a1639ebe9fab396657a62aa5233c832
9b58164729ad918dd7255e4856f9da7f3a90bfde
631f3b6267a831a8d67c45e480b5d5a2601f10ff8708bcf3a45a41b377a129cc

HTTP Headers

GET /assets/fonts/wellsfargosans-rg.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://zitic.duckdns.org
Connection: keep-alive
Referer: https://www.wellsfargo.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: font/woff2
content-length: 22424
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-5798"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=7251565
expires: Thu, 29 Dec 2022 08:47:18 GMT
date: Thu, 06 Oct 2022 10:27:53 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/css/template/chevron-right-blue.png

104.110.27.78

200 OK

140 B

URL HTTP/2
www17.wellsfargomedia.com/assets/images/css/template/chevron-right-blue.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image\012- data
Size
140 B (140 bytes)
Hash
7838430f8f3db208f1791d12275f882c
f099b34e9cd7bb9b8ccfbe0284cf818ef1747a9a
15edc68516d9016f5df0651edcd4eedfd5c2f440d85f932f7a2b973b70d37883

HTTP Headers

GET /assets/images/css/template/chevron-right-blue.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wellsfargo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
etag: "519fc766-3fc"
last-modified: Mon, 25 Jul 2022 06:04:22 GMT
server: Akamai Image Manager
x-serial: 1189
x-check-cacheable: YES
content-length: 140
content-type: image/webp
cache-control: private, no-transform, max-age=780175
expires: Sat, 15 Oct 2022 11:10:48 GMT
date: Thu, 06 Oct 2022 10:27:53 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/css/template/arrow-right-gray.png

104.110.27.78

200 OK

102 B

URL HTTP/2
www17.wellsfargomedia.com/assets/images/css/template/arrow-right-gray.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image\012- data
Size
102 B (102 bytes)
Hash
24a47218c6a6be92ed8ddc28b0365af7
837d6923fda7215a73ce3050aa03673504907f88
303132675de7ecc1ad7822db460c6c6c30a72fb102620c4ca489c3fbb41e9e8f

HTTP Headers

GET /assets/images/css/template/arrow-right-gray.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wellsfargo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
etag: "519fc73e-40c"
last-modified: Mon, 25 Jul 2022 06:04:23 GMT
server: Akamai Image Manager
content-length: 102
content-type: image/webp
cache-control: private, no-transform, max-age=821622
expires: Sat, 15 Oct 2022 22:41:35 GMT
date: Thu, 06 Oct 2022 10:27:53 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/css/template/bg-footer.png

104.110.27.78

200 OK

481 B

URL HTTP/2
www17.wellsfargomedia.com/assets/images/css/template/bg-footer.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
GIF image data, version 89a, 9 x 60\012- data
Size
481 B (481 bytes)
Hash
a396c960e8b70984da1bbfe391e57e74
6963daf90a847a7383d69bd1b34f84c748614945
6060d85ee1d931efbe90cf1f903f53a63b506eb1e6b16c9a7a0feb3b5dcb9c69

HTTP Headers

GET /assets/images/css/template/bg-footer.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wellsfargo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
etag: "5a7f02f5-393"
last-modified: Mon, 25 Jul 2022 06:04:23 GMT
server: Akamai Image Manager
x-serial: 1720
x-check-cacheable: YES
content-length: 481
content-type: image/gif
cache-control: private, no-transform, max-age=816260
expires: Sat, 15 Oct 2022 21:12:13 GMT
date: Thu, 06 Oct 2022 10:27:53 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/css/template/img_print.png

104.110.27.78

200 OK

98 B

URL HTTP/2
www17.wellsfargomedia.com/assets/images/css/template/img_print.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 14x12, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
98 B (98 bytes)
Hash
dbe4baa4fabf22f2030bedd4b77cf124
49be649c1a5572d2ed0cd43561066c747395fa95
60e215de6e3f74e07a38051e5c810b9de9aa0f683c8b3eab3ffe9678c77f3efd

HTTP Headers

GET /assets/images/css/template/img_print.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wellsfargo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
etag: "55209ab9-407"
last-modified: Mon, 25 Jul 2022 21:08:46 GMT
server: Akamai Image Manager
x-serial: 1046
x-check-cacheable: YES
content-length: 98
content-type: image/webp
cache-control: private, no-transform, max-age=770881
expires: Sat, 15 Oct 2022 08:35:54 GMT
date: Thu, 06 Oct 2022 10:27:53 GMT
X-Firefox-Spdy: h2

push.services.mozilla.com/

44.236.232.139

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.236.232.139:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 163Rfa9eUcO64J4vuqIiEA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: A404uTBeX3fjmMboDCpf6uOFoq4=

static.wellsfargo.com/assets/js/wfui/ndep/websdk/nuance-websdk-loader.js

159.45.66.178

200 OK

11 kB

URL HTTP/1.1
static.wellsfargo.com/assets/js/wfui/ndep/websdk/nuance-websdk-loader.js
IP
159.45.66.178:0
ASN
#4196 WELLSFARGO-4196

File type
Unicode text, UTF-8 text, with very long lines (35814)
Size
11 kB (11411 bytes)
Hash
1d081a456e54c7c623d773fa473a4533
14aeab37af44fcabcde3e3419f3d46b0e427524b
b9ad6838ec4946d6494773e8f5c2c1b16bb361e98d435af2137a7bc9fb12f879

HTTP Headers

GET /assets/js/wfui/ndep/websdk/nuance-websdk-loader.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:27:53 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 11 May 2022 04:38:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"627b3dac-8c18"
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip

www17.wellsfargomedia.com/assets/images/global/plus-showhide.png

104.110.27.78

200 OK

171 B

URL HTTP/2
www17.wellsfargomedia.com/assets/images/global/plus-showhide.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
PNG image data, 33 x 33, 4-bit colormap, non-interlaced\012- data
Size
171 B (171 bytes)
Hash
3088abae83f642d1a71c7f4ba82e7ef9
68d3a9bd2767b887ae516d7eb844ecbb09d9df50
ca5f95c78b18ddee63ea92ff1bd75ef33a518c595f1f9aaf1fa9c7343c85ca9a

HTTP Headers

GET /assets/images/global/plus-showhide.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wellsfargo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "5761a09f-ec"
last-modified: Mon, 25 Jul 2022 08:24:11 GMT
server: Akamai Image Manager
content-length: 171
content-type: image/png
cache-control: private, no-transform, max-age=751669
expires: Sat, 15 Oct 2022 03:15:42 GMT
date: Thu, 06 Oct 2022 10:27:53 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/css/template/img_facebook.png

104.110.27.78

200 OK

158 B

URL HTTP/2
www17.wellsfargomedia.com/assets/images/css/template/img_facebook.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 20x20, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
158 B (158 bytes)
Hash
2b29e2ab0a181b675c3a91a5daf2322c
7986adeec12fb7dfb3386f793662f634c842eb66
73b31bddb3e9b9e841725f10be78071daae55db39b60719eb73ffa94186edbbf

HTTP Headers

GET /assets/images/css/template/img_facebook.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wellsfargo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "55209ab9-52d"
last-modified: Mon, 08 Aug 2022 16:03:34 GMT
server: Akamai Image Manager
content-length: 158
content-type: image/webp
cache-control: private, no-transform, max-age=2147044
expires: Mon, 31 Oct 2022 06:51:57 GMT
date: Thu, 06 Oct 2022 10:27:53 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/css/template/img_twitter.png

104.110.27.78

200 OK

186 B

URL HTTP/2
www17.wellsfargomedia.com/assets/images/css/template/img_twitter.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 20x20, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
186 B (186 bytes)
Hash
bf36c83f327f106b40a4a25396f68892
a47a4d66d99520946122236f23ec139c2252cae3
8bda07b34e5b9b98bc5b1609c1cb4327f829ec74484a558ae3873dd19b75953b

HTTP Headers

GET /assets/images/css/template/img_twitter.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wellsfargo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "55209ab9-5a4"
last-modified: Mon, 25 Jul 2022 07:26:18 GMT
server: Akamai Image Manager
x-serial: 1787
x-check-cacheable: YES
content-length: 186
content-type: image/webp
cache-control: private, no-transform, max-age=714104
expires: Fri, 14 Oct 2022 16:49:37 GMT
date: Thu, 06 Oct 2022 10:27:53 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/css/template/social_show.png

104.110.27.78

200 OK

84 B

URL HTTP/2
www17.wellsfargomedia.com/assets/images/css/template/social_show.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 16x16, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
84 B (84 bytes)
Hash
6550aa7b280e5283194471eb87085983
b76e2eaf71fb1ae900ece375e4f0be5b23bc1ed0
daf8f3105a0bae551331bc9859b06561b50313d2cc0e3aa1b1aee9b7acd09cd4

HTTP Headers

GET /assets/images/css/template/social_show.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wellsfargo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "55209ab9-3ca"
last-modified: Mon, 25 Jul 2022 08:19:23 GMT
server: Akamai Image Manager
content-length: 84
content-type: image/webp
cache-control: private, no-transform, max-age=945070
expires: Mon, 17 Oct 2022 08:59:03 GMT
date: Thu, 06 Oct 2022 10:27:53 GMT
X-Firefox-Spdy: h2

static.wellsfargo.com/tracking/main/utag.js

159.45.66.178

200 OK

54 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.js
IP
159.45.66.178:0
ASN
#4196 WELLSFARGO-4196

File type
Unicode text, UTF-8 text, with very long lines (21397)
Size
54 kB (53864 bytes)
Hash
26bb07cb24ec9407cc5e5b66a69874ba
3b7a1b1f6e96cccdd1eb3cd04e81598619eb94fc
35d1ca2c89af89baebef9b8a93866f5a90ab51831cc3b8db9718e276ab28c0d4

HTTP Headers

GET /tracking/main/utag.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:27:53 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 04 Oct 2022 20:01:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"633c9124-4fa06"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/assets/js/wfui/ndep/css/nuance-c2c-button.css

159.45.66.178

200 OK

2.7 kB

URL HTTP/1.1
static.wellsfargo.com/assets/js/wfui/ndep/css/nuance-c2c-button.css
IP
159.45.66.178:0
ASN
#4196 WELLSFARGO-4196

File type
ASCII text, with CRLF line terminators
Size
2.7 kB (2671 bytes)
Hash
5257c2e188d24ddc00cc92573e5f2cfb
3526eb21d812e9ebfcb3514cc2ff9ad53abe442e
ae7a3a2c2db5a1dc74814e5001e439aeeae648e3b31cdb7474856dc52ea0b223

HTTP Headers

GET /assets/js/wfui/ndep/css/nuance-c2c-button.css HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:27:53 GMT
Content-Type: text/css
Last-Modified: Wed, 14 Jul 2021 10:08:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60eeb797-2bb3"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/assets/js/wfui/ndep/css/nuance-chat.css

159.45.66.178

200 OK

505 B

URL HTTP/1.1
static.wellsfargo.com/assets/js/wfui/ndep/css/nuance-chat.css
IP
159.45.66.178:0
ASN
#4196 WELLSFARGO-4196

File type
ASCII text, with CRLF, LF line terminators
Size
505 B (505 bytes)
Hash
e2966fedd68930d5281a2ed6ea61c0d3
1ede5572cf49f251c212abdbd6f2df4bb48de1fe
c2ef5abb39d304068b5476114ebc952a97c091ea59348c8ba3adeadc715976ad

HTTP Headers

GET /assets/js/wfui/ndep/css/nuance-chat.css HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:27:53 GMT
Content-Type: text/css
Last-Modified: Tue, 17 Nov 2020 14:00:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5fb3d782-52b"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

cdn.schemaapp.com/javascript/highlight.js

54.230.111.100

200 OK

10 kB

URL HTTP/2
cdn.schemaapp.com/javascript/highlight.js
IP
54.230.111.100:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (32535), with no line terminators
Size
10 kB (10313 bytes)
Hash
7d548e4c9cc3af465bb24239e15218d6
7a85efc1f41ff3e21f459eefd6f6a870b5bfa748
df15e088ea3d46065b9570e10e03e92026880c39294d94824c307f0e7d70b45b

HTTP Headers

GET /javascript/highlight.js HTTP/1.1
Host: cdn.schemaapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
date: Thu, 29 Sep 2022 17:49:18 GMT
x-amz-replication-status: COMPLETED
last-modified: Tue, 13 Sep 2022 13:00:40 GMT
etag: W/"a75cfd2d41ac714329a4fc6895bb082d"
x-amz-server-side-encryption: AES256
cache-control: max-age=699840
x-amz-version-id: yuc1pGbDhqDdI_gLgLi7faeJw6LKcbDu
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KbKLhVkJUMveRYqzwWMW2sCOKdR1KEHl1gXpf5sEbVJj8L1R_JYeZg==
age: 578316
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

54.230.245.100

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.100:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
c720c89d8b62506651e8be4de05e87e8
c4ca73950df6866719532ef1ed5be96aec02d96e
07cbe2b1885f4bcd6221eaa579f31e1cc87114df1977027e2bd0706c53f6039b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 06 Oct 2022 10:27:53 GMT
Last-Modified: Thu, 06 Oct 2022 09:20:49 GMT
Server: ECS (nyb/1D0D)
X-Cache: Miss from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: jBiZuid06lOl4JSyL_rL9Yx0_Ig4CvMGvyOEpGX5ZONc92S0LhFHow==
Age: 4024

static.wellsfargo.com/assets/js/wfui/ndep/js/nuan_websdk_bootstrap.js

159.45.66.178

200 OK

19 kB

URL HTTP/1.1
static.wellsfargo.com/assets/js/wfui/ndep/js/nuan_websdk_bootstrap.js
IP
159.45.66.178:0
ASN
#4196 WELLSFARGO-4196

File type
ASCII text, with very long lines (65536), with no line terminators
Size
19 kB (18728 bytes)
Hash
55392b773646f8d0ce7447669d57b9df
a2ac835f802e03d4315bf3eee9cb51b1320b15c9
58ebbc236c9018a279c0059043036b148d40b90eb78ad799d4812bbda1058f2b

HTTP Headers

GET /assets/js/wfui/ndep/js/nuan_websdk_bootstrap.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:27:54 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 11 Aug 2022 02:16:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62f4668c-10199"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/assets/js/wfui/ndep/js/nuan-c2c.js

159.45.66.178

200 OK

5.6 kB

URL HTTP/1.1
static.wellsfargo.com/assets/js/wfui/ndep/js/nuan-c2c.js
IP
159.45.66.178:0
ASN
#4196 WELLSFARGO-4196

File type
ASCII text, with very long lines (928), with CRLF line terminators
Size
5.6 kB (5649 bytes)
Hash
00e6f77045d9c92840a490cfcdc9ff6a
22f273b66fe0c5d43cf747fb9868b0904d5ee4b8
4d144f941f05ff42f2a818328b7524c6d3f2b6efc1fe93a09794af14ad262f6c

HTTP Headers

GET /assets/js/wfui/ndep/js/nuan-c2c.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:27:54 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 16 Mar 2022 05:41:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62317886-590b"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

www17.wellsfargomedia.com/assets/images/global/icon_quick_help_2x.png

104.110.27.78

200 OK

1.3 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/global/icon_quick_help_2x.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.3 kB (1304 bytes)
Hash
9a07cc4be45e6074f7117964b8be820b
2a57973b7c34db57fe75f125ca681e6aa83c6118
56c2d8b0532908ad0bdaa016f0422f682a7de84ae2c6b15ed8fe2fd77cd2c7a2

HTTP Headers

GET /assets/images/global/icon_quick_help_2x.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wellsfargo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "5761a09f-c78"
last-modified: Mon, 25 Jul 2022 07:26:22 GMT
server: Akamai Image Manager
content-length: 1304
content-type: image/webp
cache-control: private, no-transform, max-age=686545
expires: Fri, 14 Oct 2022 09:10:19 GMT
date: Thu, 06 Oct 2022 10:27:54 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/global/icon_call_us_2x.png

104.110.27.78

200 OK

1.0 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/global/icon_call_us_2x.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.0 kB (1038 bytes)
Hash
43e65d20159d0c85c6a87b5694c825c9
189db8fb7a2405878bc81c5c24531a84ee7a8922
b0b4ae909f2977142be68a2555ee28f57d481fecc11e2cb3b22c26fb04ced4a0

HTTP Headers

GET /assets/images/global/icon_call_us_2x.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wellsfargo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "5761a09f-b80"
last-modified: Mon, 25 Jul 2022 07:26:22 GMT
server: Akamai Image Manager
x-serial: 980
x-check-cacheable: YES
content-length: 1038
content-type: image/webp
cache-control: private, no-transform, max-age=943126
expires: Mon, 17 Oct 2022 08:26:40 GMT
date: Thu, 06 Oct 2022 10:27:54 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/global/icn-let-us-contact-you_desktop_horz-contact-bar_32x41px.png

104.110.27.78

200 OK

562 B

URL HTTP/2
www17.wellsfargomedia.com/assets/images/global/icn-let-us-contact-you_desktop_horz-contact-bar_32x41px.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image\012- data
Size
562 B (562 bytes)
Hash
785d99387a2bcc976e6c50df2663eaa3
a89afc8b95aac2a2a51cd854fdfd8a2fe79e3c5d
793dfb914944428025a6aa5fd2c460cf6710166184d35778e8b0f3cc5083ab63

HTTP Headers

GET /assets/images/global/icn-let-us-contact-you_desktop_horz-contact-bar_32x41px.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wellsfargo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "57d7f889-314"
last-modified: Mon, 25 Jul 2022 07:26:22 GMT
server: Akamai Image Manager
content-length: 562
content-type: image/webp
cache-control: private, no-transform, max-age=810317
expires: Sat, 15 Oct 2022 19:33:11 GMT
date: Thu, 06 Oct 2022 10:27:54 GMT
X-Firefox-Spdy: h2

cdn.schemaapp.com/javascript/schemaFunctions.min.js

54.230.111.100

200 OK

597 B

URL HTTP/2
cdn.schemaapp.com/javascript/schemaFunctions.min.js
IP
54.230.111.100:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (1662), with no line terminators
Size
597 B (597 bytes)
Hash
a9d070b4f43384f496337a4fc82a9e7d
b6a5f71b2539c8fdf06bfcf3ea36887de1e33faf
876a5546b9d0c582062195515832086b5e597ce500093f764457e2d2e9fbebe9

HTTP Headers

GET /javascript/schemaFunctions.min.js HTTP/1.1
Host: cdn.schemaapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
x-amz-replication-status: COMPLETED
last-modified: Thu, 03 Jun 2021 19:02:30 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: ebtKiJ.k06e6HWGVnUjCEswYzQTrKhD5
server: AmazonS3
content-encoding: gzip
date: Thu, 29 Sep 2022 21:19:59 GMT
cache-control: max-age=699840
etag: W/"fa714262345ea0338a058d93199f56ed"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: IAwebtI-SVPuh4XmzsOgMY7aODs2lEhcNdZIn6gdAdzRjpG01czVnQ==
age: 565694
X-Firefox-Spdy: h2

cdn.schemaapp.com/highlighter/prod/WellsFargo/aHR0cDovL3ppdGljLmR1Y2tkbnMub3Jn

54.230.111.100

200 OK

2 B

URL HTTP/2
cdn.schemaapp.com/highlighter/prod/WellsFargo/aHR0cDovL3ppdGljLmR1Y2tkbnMub3Jn
IP
54.230.111.100:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

HTTP Headers

GET /highlighter/prod/WellsFargo/aHR0cDovL3ppdGljLmR1Y2tkbnMub3Jn HTTP/1.1
Host: cdn.schemaapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://zitic.duckdns.org/
x-account-id: WellsFargo
x-api-key: XPJKP-GI7DG-FVNWZ-45W51
Origin: http://zitic.duckdns.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/json
content-length: 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
last-modified: Tue, 11 Dec 2018 16:01:38 GMT
x-amz-version-id: 4FsmemwQuur.Z0jxvea6XGJagB0M87fi
accept-ranges: bytes
server: AmazonS3
date: Thu, 06 Oct 2022 10:24:13 GMT
etag: "99914b932bd37a50b983c5e7c90ae93b"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Error from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zS8qrQHN74XP5EjsYXJcxk3N1fV-ArajENnrNZ9rw2keJvkR4m9CdA==
age: 463
X-Firefox-Spdy: h2

static.wellsfargo.com/tracking/main/utag.117.js?utv=ut4.48.202112070053

159.45.66.178

200 OK

1.5 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.117.js?utv=ut4.48.202112070053
IP
159.45.66.178:0
ASN
#4196 WELLSFARGO-4196

File type
ASCII text, with very long lines (8097)
Size
1.5 kB (1541 bytes)
Hash
98ea64d15274eed87401b2a479775049
54835f985edf79c1911926f35a454eed5462d672
ca6044266cd44788cd4fa4910c8bcae5bef1bc1c213eafb436c00cea0db2c79b

HTTP Headers

GET /tracking/main/utag.117.js?utv=ut4.48.202112070053 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:27:54 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 18 Feb 2021 22:15:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"602ee6f8-2166"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/tracking/main/utag.129.js?utv=ut4.48.202207272202

159.45.66.178

200 OK

2.0 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.129.js?utv=ut4.48.202207272202
IP
159.45.66.178:0
ASN
#4196 WELLSFARGO-4196

File type
ASCII text, with very long lines (14899)
Size
2.0 kB (2012 bytes)
Hash
3955ea8eef1163d5a03b223080bb369b
afdc4ffc48f5b5454bec0d211d81bf5a29a88300
773e4bda27c4b159fa2f2ddfc6b0a940fe149e1b2d6e9d68af4798d80f453b94

HTTP Headers

GET /tracking/main/utag.129.js?utv=ut4.48.202207272202 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:27:54 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 28 Jul 2022 20:08:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62e2eca7-3bf8"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/tracking/main/utag.136.js?utv=ut4.48.202208102110

159.45.66.178

200 OK

4.3 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.136.js?utv=ut4.48.202208102110
IP
159.45.66.178:0
ASN
#4196 WELLSFARGO-4196

File type
ASCII text, with very long lines (55064), with CRLF line terminators
Size
4.3 kB (4329 bytes)
Hash
d0411178a32feb6cf283839f7d2adc0f
b48614403124421a7c1072238276d834c8c16fbc
9d4f430c94cc8de26993a0b05eaaedc4c5121f5c69a47aa13cb7ddf44cd1521f

HTTP Headers

GET /tracking/main/utag.136.js?utv=ut4.48.202208102110 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:27:54 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 11 Aug 2022 20:02:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62f56058-d8e3"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/tracking/main/utag.225.js?utv=ut4.48.202208301942

159.45.66.178

200 OK

2.0 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.225.js?utv=ut4.48.202208301942
IP
159.45.66.178:0
ASN
#4196 WELLSFARGO-4196

File type
ASCII text, with very long lines (14389), with CRLF line terminators
Size
2.0 kB (2028 bytes)
Hash
0a1f28ee2d9f4400d8cf7b2084cd75ef
881c3d612b62db99ee20be8dc123976041a99ae8
d0212788e34ae02ba53fcf465c24b34daaa894ea8194255d7c75fbbb1d6e7561

HTTP Headers

GET /tracking/main/utag.225.js?utv=ut4.48.202208301942 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:27:54 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 11 Aug 2022 20:02:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62f56054-3ea8"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
da760bd41ef8ff9370254bfa22f58538
d2913d670acf488ba2460758095e8238c1d47966
92af768a29358479e72788fbbb20cfd27aad26588b07a3218968710da11a2d37

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:27:54 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2022 13:42:54 GMT
Expires: Wed, 12 Oct 2022 13:42:53 GMT
Etag: "d2913d670acf488ba2460758095e8238c1d47966"
Cache-Control: max-age=529498,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 755db50988cf0b49-OSL

static.wellsfargo.com/tracking/main/utag.379.js?utv=ut4.48.202207272202

159.45.66.178

200 OK

1.1 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.379.js?utv=ut4.48.202207272202
IP
159.45.66.178:0
ASN
#4196 WELLSFARGO-4196

File type
ASCII text, with very long lines (1071)
Size
1.1 kB (1132 bytes)
Hash
be33c3150315d92aaae2dd3f471f7e4e
e8807f0617c3f06b238aec8ebcf93ab846e619af
15ee0686aeb15b05f562cd16166152540f132425c01ed5268d70a53d8a81cb7a

HTTP Headers

GET /tracking/main/utag.379.js?utv=ut4.48.202207272202 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:27:54 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 28 Jul 2022 20:08:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62e2eca5-86e"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15318
Expires: Thu, 06 Oct 2022 14:43:12 GMT
Date: Thu, 06 Oct 2022 10:27:54 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
a4a6b82d27a071b8b95da77d7f1949dd
ad9854c34179bfd41b84d8c6936cb03843604145
d20638bbbffcd45f4d614ad87662e7c608c44288ff59d1b1e92af362000313f7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5836
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 10:27:54 GMT
Last-Modified: Thu, 06 Oct 2022 08:50:38 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15318
Expires: Thu, 06 Oct 2022 14:43:12 GMT
Date: Thu, 06 Oct 2022 10:27:54 GMT
Connection: keep-alive

static.wellsfargo.com/tracking/main/utag.381.js?utv=ut4.48.202209121603

159.45.66.178

200 OK

8.9 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.381.js?utv=ut4.48.202209121603
IP
159.45.66.178:0
ASN
#4196 WELLSFARGO-4196

File type
ASCII text, with very long lines (53448)
Size
8.9 kB (8905 bytes)
Hash
fa32a86db1201fd16a1ffad9bd9f7227
d03c84e85b4ecdfb12c65ad199d2ea35a4218fd7
6f152dcff72a37369ae8eac535bc29ed8ff4575fc220b9362535a1c5c1ab0ee9

HTTP Headers

GET /tracking/main/utag.381.js?utv=ut4.48.202209121603 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:27:54 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 15 Sep 2022 20:12:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6323871b-16edd"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15318
Expires: Thu, 06 Oct 2022 14:43:12 GMT
Date: Thu, 06 Oct 2022 10:27:54 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg

34.120.237.76

200 OK

7.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.3 kB (7270 bytes)
Hash
e238ccaa3b9fa88476a8514855e8232f
447cbf348ef10d0136a1811e843c46937defbba1
43dce3c1eb388dfaddca4176acb6eb32f76fc4c03fca18e7a315c9ddb43d2b02

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7270
x-amzn-requestid: e5d0bb7a-b9d5-49b1-b51c-8db019da641f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjQOGEQloAMFjgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633dfa5a-519d91fb0b83920960da479d;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:42:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: l1HGT5ycH36vVojsOPFptRSU1YJFvLbBsgiWJqzRlRIGgm2o5vf6jg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:58:56 GMT
etag: "447cbf348ef10d0136a1811e843c46937defbba1"
content-type: image/jpeg
age: 44938
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feda182b7-6bc8-4aea-82c3-d9fa08748b61.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.4 kB (7385 bytes)
Hash
e5a5ee14d41747f46e71f04782e1a3d3
b0205176a58913f57056b91674097bfb58046e97
b3bae0b56b50374cb85fc7fe4c9b551383d1969bf31e7adccb867e3467c59269

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feda182b7-6bc8-4aea-82c3-d9fa08748b61.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7385
x-amzn-requestid: 7ada8e43-9cb5-4793-9289-e308e9565e7d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjOZoF7aIAMF43A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df770-73da01595d32809e08b93a83;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:30:24 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: 14qQi5wDI-_EgyghHCMjRtdZliSj3L6veSqIeBoEjCTfdZfrKb-UzA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 7d01bcfcfe27ce0b8979cf621dd081de.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:37:06 GMT
etag: "b0205176a58913f57056b91674097bfb58046e97"
content-type: image/jpeg
age: 46248
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5b87135-538c-4c9f-b146-1da5b13ce157.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.4 kB (8360 bytes)
Hash
a7bcc50ecfeeca47de68cb437e966f29
e98c870fd29b56fa4c3847008bedc0f01f222744
47a82bb40ead4346323b68c886cb88528cb2162666e9549b2ab215b86a499985

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5b87135-538c-4c9f-b146-1da5b13ce157.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8360
x-amzn-requestid: c1f21bfa-3ceb-4661-97b8-0d7475f0e911
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZKLlLG0joAMFQqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6333f2ed-43993b1377e9fbaf4e9443d2;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 07:08:29 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: kyp8p-Jm92bA3VDbsKDiD_JnS2eekJFUkMjYXquZ1D15WthqXoSlsA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:57:01 GMT
age: 45053
etag: "e98c870fd29b56fa4c3847008bedc0f01f222744"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fac259b-7a22-4aa2-ba3f-682cb749091c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11080 bytes)
Hash
2277f8f2d93b4bc3b05d348343177892
531d9e4ec9078cd2d7376a19fcb287084af36c82
62907648de4a2ed390232a71ab7dce49f1e9c3363cde6a2f30ecae10ab67f93a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fac259b-7a22-4aa2-ba3f-682cb749091c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11080
x-amzn-requestid: 8fa4d19d-87a5-46c5-96c5-4aec793daad9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO7xE5eoAMFQLw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df84b-5c422c7a168c014f57559037;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:34:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: LySueW1si-yWLwecUILV1s57IEV2FdcQ9_pH1Aoe4AYISi7QXXfd3A==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:39:28 GMT
age: 46106
etag: "531d9e4ec9078cd2d7376a19fcb287084af36c82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7511 bytes)
Hash
9e520f87cae411cfc2ed1c8a14184385
69ad212cb7ae309d4f02019552887135bfae67da
723b10bfbcde201b5811e3bd0560f02f90775e4d18b28d19e6c814899f2da71a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7511
x-amzn-requestid: 995b51dd-5484-4b4c-ad40-550f7fd85930
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO6uG70IAMFjBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df844-70f17f6f24dce0003d03902a;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:33:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: BddSUzh-PKiFmfw2p9gPW-B0qtrXWxCXfee29Pk-wLqN7RO21Yic6g==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 f7283f3fe2c258cf54f8b7d3dd272e0e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:37:06 GMT
age: 46248
etag: "69ad212cb7ae309d4f02019552887135bfae67da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccecc8c9-b6da-4470-b2be-fa8d46df1cc2.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.0 kB (9044 bytes)
Hash
70ea26af79226e9ff06d6198e2c019dc
ae2c476667f63c7f642f0d9f4d0bc0d846b0ef57
f9393e7b8cbaedc8e1ef87fd89c617cf102f58813d84d866ff68e3124f94d44c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccecc8c9-b6da-4470-b2be-fa8d46df1cc2.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9044
x-amzn-requestid: 127bce04-9f75-4bb1-bbe7-33bf1694d96c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZdZPmHG5oAMFehw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ba263-3896085b3b73ff5403237206;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 03:02:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: E4yZTPRLFdK717YfwjOIFOJDi0wYpyA736dQELeM5iPLvGDXBosEWg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 05:04:17 GMT
age: 19417
etag: "ae2c476667f63c7f642f0d9f4d0bc0d846b0ef57"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

data.schemaapp.com/WellsFargo/aHR0cDovL3ppdGljLmR1Y2tkbnMub3JnL3Yvd3d3LndlbGxzZmFyZ28uY29tL21vcnRnYWdlL21vcnRnYWdlLXJlZmluYW5jZS12My9pbmRleC5odG1s

54.230.111.53

200 OK

0 B

URL HTTP/2
data.schemaapp.com/WellsFargo/aHR0cDovL3ppdGljLmR1Y2tkbnMub3JnL3Yvd3d3LndlbGxzZmFyZ28uY29tL21vcnRnYWdlL21vcnRnYWdlLXJlZmluYW5jZS12My9pbmRleC5odG1s
IP
54.230.111.53:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WellsFargo/aHR0cDovL3ppdGljLmR1Y2tkbnMub3JnL3Yvd3d3LndlbGxzZmFyZ28uY29tL21vcnRnYWdlL21vcnRnYWdlLXJlZmluYW5jZS12My9pbmRleC5odG1s HTTP/1.1
Host: data.schemaapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-api-key: XPJKP-GI7DG-FVNWZ-45W51
Origin: http://zitic.duckdns.org
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/json
content-length: 0
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: x-amz-meta-source
access-control-max-age: 3000
date: Thu, 06 Oct 2022 10:27:54 GMT
server: AmazonS3
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: max-age=14400
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GgqKpv93vQNg057Udb2B1Kti5pr5qgEukXB2K9OAxiGf7t-RT2ycTw==
X-Firefox-Spdy: h2

static.wellsfargo.com/tracking/main/utag.384.js?utv=ut4.48.202208101746

159.45.66.178

200 OK

4.5 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.384.js?utv=ut4.48.202208101746
IP
159.45.66.178:0
ASN
#4196 WELLSFARGO-4196

File type
ASCII text, with very long lines (20219), with CRLF line terminators
Size
4.5 kB (4498 bytes)
Hash
4c0349dd734ccb6d8e8e7623b1f7ae6d
b7b4c964104051333ba40303abf04653021319e7
78cb0c0a2e99cba235f7f99b436f3175f27f45872905afaffbae7a278c53e09b

HTTP Headers

GET /tracking/main/utag.384.js?utv=ut4.48.202208101746 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:27:54 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 11 Aug 2022 20:02:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62f56055-74c7"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/tracking/main/utag.249.js?utv=ut4.48.202103111723

159.45.66.178

200 OK

2.0 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.249.js?utv=ut4.48.202103111723
IP
159.45.66.178:0
ASN
#4196 WELLSFARGO-4196

File type
ASCII text, with very long lines (1280)
Size
2.0 kB (1971 bytes)
Hash
028aad0d319ba7357204d8bc9bfca330
6d391340b147026435eed039b322b297195d976f
8ea1397b96ad59126143e4ce576d94d1193772eefc90ef06acd785fcef164592

HTTP Headers

GET /tracking/main/utag.249.js?utv=ut4.48.202103111723 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:27:54 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 25 Mar 2021 21:15:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"605cfd72-133d"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/tracking/main/utag.166.js?utv=ut4.48.202208100004

159.45.66.178

200 OK

2.6 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.166.js?utv=ut4.48.202208100004
IP
159.45.66.178:0
ASN
#4196 WELLSFARGO-4196

File type
ASCII text, with very long lines (13150), with CRLF line terminators
Size
2.6 kB (2600 bytes)
Hash
af5ecbbfa71cf9fb1890a16293a849ea
7c3917f40470f704d11d8410be7e975af7f180b0
2e134150a5652a1405756a04815f3cb049d3aac6dd8cc9be842a3455dda567ea

HTTP Headers

GET /tracking/main/utag.166.js?utv=ut4.48.202208100004 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:27:54 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 11 Aug 2022 20:02:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62f56058-39d1"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/tracking/main/utag.319.js?utv=ut4.48.202209142209

159.45.66.178

200 OK

2.6 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.319.js?utv=ut4.48.202209142209
IP
159.45.66.178:0
ASN
#4196 WELLSFARGO-4196

File type
ASCII text, with very long lines (2571)
Size
2.6 kB (2613 bytes)
Hash
270dd8154d461df44b468039bd358e3d
75cfff528bf6a5b8cf3f2b186c06bf3facb78538
591ddca6ea1ce23bccb267ca1e5fc99ce9c4a463361905e8dc2ff7d544710c0b

HTTP Headers

GET /tracking/main/utag.319.js?utv=ut4.48.202209142209 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:27:54 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 22 Sep 2022 20:06:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"632cc04d-1b84"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/tracking/main/utag.328.js?utv=ut4.48.202207272202

159.45.66.178

200 OK

2.2 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.328.js?utv=ut4.48.202207272202
IP
159.45.66.178:0
ASN
#4196 WELLSFARGO-4196

File type
ASCII text, with very long lines (15058)
Size
2.2 kB (2248 bytes)
Hash
420683ca7854e6bef9d5433124c6040e
aad1b9f71f2c30deee478658bb6e453c2c7f3a5a
8851d5126d7413e67465c2cb8bc2adaba4dd4b39deac58a33c9dc2e4d53f8268

HTTP Headers

GET /tracking/main/utag.328.js?utv=ut4.48.202207272202 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:27:54 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 28 Jul 2022 20:08:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62e2eca5-413e"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/tracking/main/utag.431.js?utv=ut4.48.202107202150

159.45.66.178

200 OK

1.3 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.431.js?utv=ut4.48.202107202150
IP
159.45.66.178:0
ASN
#4196 WELLSFARGO-4196

File type
ASCII text, with very long lines (1071)
Size
1.3 kB (1302 bytes)
Hash
6b1893e708596451fe24ba0542af6968
64f6d916c0fa5d4ed53d7af241edc228403f7733
d02ba9b5bff6d6dd10c51121cfa90bee0a178af4fd5bc5b7d2401e4717c2fbc0

HTTP Headers

GET /tracking/main/utag.431.js?utv=ut4.48.202107202150 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:27:54 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 29 Jul 2021 21:00:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"610316f8-9eb"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/tracking/main/utag.396.js?utv=ut4.48.202209192333

159.45.66.178

200 OK

1.6 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.396.js?utv=ut4.48.202209192333
IP
159.45.66.178:0
ASN
#4196 WELLSFARGO-4196

File type
ASCII text, with very long lines (6813), with CRLF line terminators
Size
1.6 kB (1628 bytes)
Hash
b0eaf99033dacb91df01cca9f18c5efd
c36cef3a700b34b9d1298bf2c93e396b95a27222
916f35f839cc40c2eccad5d01538ed4adb46de9d51e9b95bdb9dd3598a3c8d0f

HTTP Headers

GET /tracking/main/utag.396.js?utv=ut4.48.202209192333 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:27:54 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 22 Sep 2022 20:06:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"632cc033-2110"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/tracking/main/utag.397.js?utv=ut4.48.202209192301

159.45.66.178

200 OK

1.8 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.397.js?utv=ut4.48.202209192301
IP
159.45.66.178:0
ASN
#4196 WELLSFARGO-4196

File type
ASCII text, with very long lines (8790), with CRLF line terminators
Size
1.8 kB (1799 bytes)
Hash
83ec4867fa7d7a18fe8379520ca7c873
549c4bc01430a3a6aeddf8e235438bcd19d4d40a
88bb418f969436f16382dca8ded387c0513dda2648a6e11f61ff338e28d16f35

HTTP Headers

GET /tracking/main/utag.397.js?utv=ut4.48.202209192301 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:27:54 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 22 Sep 2022 20:06:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"632cc032-28c9"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/tracking/main/utag.403.js?utv=ut4.48.202104051735

159.45.66.178

200 OK

1.3 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.403.js?utv=ut4.48.202104051735
IP
159.45.66.178:0
ASN
#4196 WELLSFARGO-4196

File type
ASCII text, with very long lines (1071)
Size
1.3 kB (1298 bytes)
Hash
d9e09275c6f22e92f2ba7f907f9d1c31
712ff938b4ae788338fa1d926af874b7fbe7ab58
15c605e2b2babb99517d3b0f36ef52191d80d7a448b0089d0f254ac52559d217

HTTP Headers

GET /tracking/main/utag.403.js?utv=ut4.48.202104051735 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:27:54 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 15 Apr 2021 21:15:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6078ace7-a3a"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/tracking/main/utag.413.js?utv=ut4.48.202207272202

159.45.66.178

200 OK

1.4 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.413.js?utv=ut4.48.202207272202
IP
159.45.66.178:0
ASN
#4196 WELLSFARGO-4196

File type
ASCII text, with very long lines (1317)
Size
1.4 kB (1352 bytes)
Hash
7d2d9e509acf171d299a8fd31ef8ca0d
64cd01f823e796aa972ba0bd3349b21847dee603
c47666bd3cde639619863664b81db5e312723c4e87287993b4ebb1f12af0733c

HTTP Headers

GET /tracking/main/utag.413.js?utv=ut4.48.202207272202 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:27:54 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 28 Jul 2022 20:08:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62e2eca1-b91"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

tag-wellsfargo.nod-glb.nuance.com/tagserver/nuanceChat.html?UUID=WF_10006005

8.39.193.5

200 OK

266 B

URL HTTP/1.1
tag-wellsfargo.nod-glb.nuance.com/tagserver/nuanceChat.html?UUID=WF_10006005
IP
8.39.193.5:0
ASN
#54396 NUANCE-MOBILITY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
266 B (266 bytes)
Hash
a671bc4e541aadc71fd7812d93af15e7
3b8c76ac113e54f3d413e09807f3661c72d0f6b5
ef16255038c7c5847295c3c434243418d898b7b40a9095aeeb65e3ddb7579383

HTTP Headers

GET /tagserver/nuanceChat.html?UUID=WF_10006005 HTTP/1.1
Host: tag-wellsfargo.nod-glb.nuance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: TouchCommerce Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
Cache-Control: max-age=3600
P3P: policyref="http://tag-wellsfargo.nod-glb.nuance.com/w3c/p3p.xml", CP="NON DSP LAW CUR ADMi TAIi PSAi PSD TELi OUR SAMi IND
ETag: "+6ZNxP/6RTk"
Last-Modified: Wed, 21 Sep 2022 04:43:58 GMT
Accept-Ranges: bytes
Content-Type: text/html; charset=utf-8
Content-Length: 266
Date: Thu, 06 Oct 2022 10:27:54 GMT

static.wellsfargo.com/tracking/ga/gtag.js?id=UA-107148943-1

159.45.66.178

200 OK

45 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/ga/gtag.js?id=UA-107148943-1
IP
159.45.66.178:0
ASN
#4196 WELLSFARGO-4196

File type
ASCII text, with very long lines (65508)
Size
45 kB (45086 bytes)
Hash
f0bce3a74e635ab88b299b1f625c99a4
345faf01029820b11abc73022ece8fb8e51cc321
faebd8dced2c15d37da85427c6e60aecb6a1a5f75e888280d447e93e64102c8e

HTTP Headers

GET /tracking/ga/gtag.js?id=UA-107148943-1 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:27:54 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"613a44c0-1ca73"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/tracking/main/utag.471.js?utv=ut4.48.202209271731

159.45.66.178

200 OK

2.5 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.471.js?utv=ut4.48.202209271731
IP
159.45.66.178:0
ASN
#4196 WELLSFARGO-4196

File type
ASCII text, with very long lines (995)
Size
2.5 kB (2457 bytes)
Hash
5245bcf67d3ef6caa0e9c2185d20c08a
aa2ad19ae558fe7f58b3770873c8683ce91fba4c
343bc115dd405111bb74587ffb571d9c0f7fe4c9da381b88109998c2c7cf5f48

HTTP Headers

GET /tracking/main/utag.471.js?utv=ut4.48.202209271731 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:27:55 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 04 Oct 2022 20:01:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"633c9122-19fb"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/tracking/main/utag.505.js?utv=ut4.48.202209131956

159.45.66.178

200 OK

2.8 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.505.js?utv=ut4.48.202209131956
IP
159.45.66.178:0
ASN
#4196 WELLSFARGO-4196

File type
ASCII text, with very long lines (1430)
Size
2.8 kB (2760 bytes)
Hash
b2e03f6d954a4357a7268c29f963c4f0
33e8f489c2444aa2ac08b82d692c995836020fcf
7ed82ca71abf90288110fed75cb12480d77721dca21fc258f21d3e6536df8db8

HTTP Headers

GET /tracking/main/utag.505.js?utv=ut4.48.202209131956 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:27:55 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 15 Sep 2022 20:12:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6323871b-197d"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js

159.45.66.178

200 OK

14 kB

URL HTTP/1.1
static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js
IP
159.45.66.178:0
ASN
#4196 WELLSFARGO-4196

File type
ASCII text, with very long lines (32088), with CRLF line terminators
Size
14 kB (14304 bytes)
Hash
3aebe41731e9656c48b87e8e8b2d1177
43369d1732f4ad8a5e7a1e9a3e133d96945afe02
6cf0cd136cefa8b4cce2da6ead22c33b83af4af3e87d7e4e9589b60f6ce4e395

HTTP Headers

GET /assets/js/wfui/appdynamics/adrum-ext.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:27:55 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 09 Mar 2021 18:36:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6047c047-b11c"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip

tag-wellsfargo.nod-glb.nuance.com/tagserver/frame-bridge.js

8.39.193.5

200 OK

5.8 kB

URL HTTP/1.1
tag-wellsfargo.nod-glb.nuance.com/tagserver/frame-bridge.js
IP
8.39.193.5:0
ASN
#54396 NUANCE-MOBILITY

File type
ASCII text
Size
5.8 kB (5817 bytes)
Hash
2567a541f33a261f8fca11dad46b636a
0f23cb71788652af10a4b226be05648d0f763d4f
0fd35a0d2ac21f42f443ec000ea11e55a3498e777b8b91938ceeedca8456d37a

HTTP Headers

GET /tagserver/frame-bridge.js HTTP/1.1
Host: tag-wellsfargo.nod-glb.nuance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tag-wellsfargo.nod-glb.nuance.com/tagserver/nuanceChat.html?UUID=WF_10006005
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: TouchCommerce Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
Cache-Control: max-age=3600
P3P: policyref="http://tag-wellsfargo.nod-glb.nuance.com/w3c/p3p.xml", CP="NON DSP LAW CUR ADMi TAIi PSAi PSD TELi OUR SAMi IND
ETag: "/sVCUwsi+1l"
Last-Modified: Wed, 21 Sep 2022 04:43:54 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: application/javascript
Content-Length: 5817
Date: Thu, 06 Oct 2022 10:27:55 GMT

static.wellsfargo.com/tracking/medallia/wdcusprem/57907/onsite/medallia-digital-embed.js

159.45.66.178

200 OK

961 B

URL HTTP/1.1
static.wellsfargo.com/tracking/medallia/wdcusprem/57907/onsite/medallia-digital-embed.js
IP
159.45.66.178:0
ASN
#4196 WELLSFARGO-4196

File type
ASCII text, with very long lines (577)
Size
961 B (961 bytes)
Hash
fdb41e651caf483e7aef91805f810c24
91fc1ceef8d8466f20133e680e77b4dc6de9e8f4
ffd6d341df741ab75634dc5345d0bb8b489fb84de377ef4c2445c4e355fc9cc3

HTTP Headers

GET /tracking/medallia/wdcusprem/57907/onsite/medallia-digital-embed.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:27:55 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 28 Apr 2022 00:53:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6269e590-96c"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/tracking/alloy/alloy.js

159.45.66.178

200 OK

25 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/alloy/alloy.js
IP
159.45.66.178:0
ASN
#4196 WELLSFARGO-4196

File type
Unicode text, UTF-8 text, with very long lines (65505)
Size
25 kB (24609 bytes)
Hash
9a021c3b9dea16b9bedb216b6b195cdd
f767ed7dba6d08b08ffc5b35fb0468eb00c66a25
54b94b3b7c4900d7012f824d21f9fa94928055f6cae6c59c23d88a10eaa79e95

HTTP Headers

GET /tracking/alloy/alloy.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:27:55 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 25 Aug 2022 20:01:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6307d531-12d93"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js

159.45.66.178

200 OK

16 kB

URL HTTP/1.1
static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js
IP
159.45.66.178:0
ASN
#4196 WELLSFARGO-4196

File type
ASCII text, with very long lines (599)
Size
16 kB (15970 bytes)
Hash
18a9dcc7cee831010cf1647c8e39088a
731f39c30835414c6e165dd4687bf4071fe0eb10
1dc439a17ef08f995584c4869ccc397120b2502b57ba40240887df28e347be9b

HTTP Headers

GET /assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:27:55 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 03 Mar 2021 23:46:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60401fd0-bbed"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip

static.wellsfargo.com/tracking/medallia/wdcusprem/57907/onsite/generic1649789670809.js

159.45.66.178

200 OK

82 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/medallia/wdcusprem/57907/onsite/generic1649789670809.js
IP
159.45.66.178:0
ASN
#4196 WELLSFARGO-4196

File type
Unicode text, UTF-8 text, with very long lines (11631)
Size
82 kB (81476 bytes)
Hash
94d4aed186bc1e91168480ab7abe9623
086e008f5989cfd43dbb39a4506013a3e458319b
f8b0db24893cab8e4a951ea60ac3c65b7803b9ca558ca7527df58d534d8d8b08

HTTP Headers

GET /tracking/medallia/wdcusprem/57907/onsite/generic1649789670809.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:27:55 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 28 Apr 2022 00:53:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6269e590-57c18"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

tag-wellsfargo.nod-glb.nuance.com/chatskins/launch/inqChatLaunch10006005.js?chatVersion=sdk

8.39.193.5

200 OK

2.0 kB

URL HTTP/1.1
tag-wellsfargo.nod-glb.nuance.com/chatskins/launch/inqChatLaunch10006005.js?chatVersion=sdk
IP
8.39.193.5:0
ASN
#54396 NUANCE-MOBILITY

File type
ASCII text, with very long lines (1080)
Size
2.0 kB (1993 bytes)
Hash
ebe861d8b2696e611422ab6c67c7e224
10b8cf65aca0c2f258d2005d6a77678da9bfb538
53478e9ebc9f55313778c9018758a8470342b8a9e8a30d65d435d6e9ec99a9d2

HTTP Headers

GET /chatskins/launch/inqChatLaunch10006005.js?chatVersion=sdk HTTP/1.1
Host: tag-wellsfargo.nod-glb.nuance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tag-wellsfargo.nod-glb.nuance.com/tagserver/nuanceChat.html?UUID=WF_10006005
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: TouchCommerce Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: *
Cache-Control: no-cache
ETag: "+cKwS2dKEZR"
Last-Modified: Wed, 05 Oct 2022 02:25:25 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Type: application/javascript
Content-Length: 1993
Date: Thu, 06 Oct 2022 10:27:55 GMT

static.wellsfargo.com/tracking/gb/detector-dom.min.js

159.45.66.178

200 OK

132 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/gb/detector-dom.min.js
IP
159.45.66.178:0
ASN
#4196 WELLSFARGO-4196

File type
ASCII text, with very long lines (65434)
Size
132 kB (131829 bytes)
Hash
73ad7a8f8ccda765b898b038f90d8274
756ac35ad2422d93a0b327dfeff7fe9200695883
60ccc38cf175aba7cbe63bf1ec6319b5c1648d9a52014dfefa6ec718476a17b7

HTTP Headers

GET /tracking/gb/detector-dom.min.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:27:55 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 22 Sep 2022 20:03:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"632cbfa4-6b8d3"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

resources.digital-cloud-prem.medallia.com/wdcusprem/57907/onsite/onsiteData.json

151.101.85.230

200 OK

1.5 kB

URL HTTP/2
resources.digital-cloud-prem.medallia.com/wdcusprem/57907/onsite/onsiteData.json
IP
151.101.85.230:0
ASN
#54113 FASTLY

File type
JSON data\012- , ASCII text, with very long lines (2056)
Size
1.5 kB (1456 bytes)
Hash
c9e0528f64d1e24fbfea3ed57c48a781
5c68095e947a74761541c7e78517e5ec7da48f99
edbcc863269fbfbc0aa044b7a54a4c06538f254869b87c25ab24628a40a97560

HTTP Headers

GET /wdcusprem/57907/onsite/onsiteData.json HTTP/1.1
Host: resources.digital-cloud-prem.medallia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://zitic.duckdns.org
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: uxyB8aCGqOqiMLhWek+ms91byROlBpG+9oq5B0LY6ylUg7kYIVfv07w3RqBrNKkmulBF4oq8yuo=
x-amz-request-id: 6Q220M36ZA4Q7HGT
last-modified: Mon, 29 Aug 2022 14:36:24 GMT
etag: "4dd8128146b81339a1aabe91b5ddbafa"
x-amz-version-id: h0XCleBJUwMzYgUwLc_VpXobL_hX1j6f
content-type: application/json
server: AmazonS3
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
access-control-allow-origin: *
cache-control: max-age=0,must-revalidate
accept-ranges: bytes
date: Thu, 06 Oct 2022 10:27:55 GMT
age: 1083219
x-served-by: cache-pao12023-PAO, cache-bma1671-BMA
x-cache: HIT, HIT
x-cache-hits: 193, 5
x-timer: S1665052076.518133,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=31557600
content-length: 1456
X-Firefox-Spdy: h2

udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInBhZ2VfdGl0bGUiOiAiTW9ydGdhZ2UgUmVmaW5hbmNpbmcgfCBXZWxscyBGYXJnbyIsInBhZ2VfdXJsIjogImh0dHA6Ly96aXRpYy5kdWNrZG5zLm9yZy92L3d3dy53ZWxsc2ZhcmdvLmNvbS9tb3J0Z2FnZS9tb3J0Z2FnZS1yZWZpbmFuY2UtdjMvaW5kZXguaHRtbCIsInRyYWNrZXJfdHlwZSI6ICJqYXZhc2NyaXB0IiwidHJhY2tlcl92ZXJzaW9uIjogIjIuMi4yMCIsImV2ZW50X25hbWUiOiAibmVidWxhX2JlZm9yZV9odHRwX2dldF9yZXF1ZXN0IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE2NjUwNTIwNzU0NDciLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAwLCJ1c2VyX2lkIjogIjE4M2FjZDY2NWI0MjBiLTBkYTI0ZDQ1ODdhNGYtMzA2ZDQ2NGEtMTQwMDAwLTE4M2FjZDY2NWI1NDM4IiwiZW52aXJvbWVudCI6ICJkaWdpdGFsLWNsb3VkLXVzLXByZW0iLCJhY2NvdW50SWQiOiA1NzkwNSwidXJsIjogImh0dHA6Ly96aXRpYy5kdWNrZG5zLm9yZy92L3d3dy53ZWxsc2ZhcmdvLmNvbS9tb3J0Z2FnZS9tb3J0Z2FnZS1yZWZpbmFuY2UtdjMvaW5kZXguaHRtbCIsIndlYnNpdGVJZCI6IDU3OTA3LCJmb3JtSWQiOiBudWxsLCJmb3JtVHJpZ2dlclR5cGUiOiBudWxsLCJrYW1weWxlX2RhdGEiOiB7IkxBU1RfSU5WSVRBVElPTl9WSUVXIjogIiIsIkRFQ0xJTkVEX0RBVEUiOiAiIiwia2FtcHlsZUludml0ZVByZXNlbnRlZCI6ICIiLCJrYW1weWxlX3VzZXJpZCI6ICJkNTY2LTU0NDItYTYyMy0wNzgxLWRiOTMtNmI3Yi0wY2E3LTY4OTQiLCJrYW1weWxlVXNlclNlc3Npb24iOiAiIiwia2FtcHlsZVVzZXJQZXJjZW50aWxlIjogIiIsIlNVQk1JVFRFRF9EQVRFIjogIiIsImh0dHBSZXF1ZXN0RGF0YSI6IHsiYXR0ZW1wdE51bWJlciI6IDAsInVybCI6ICJodHRwczovL3Jlc291cmNlcy5kaWdpdGFsLWNsb3VkLXByZW0ubWVkYWxsaWEuY29tL3dkY3VzcHJlbS81NzkwNy9vbnNpdGUvb25zaXRlRGF0YS5qc29uIn19LCJjb29raWVfc2l6ZSI6IDk1LCJrYW1weWxlX3ZlcnNpb24iOiAiMi40MS4wIiwib25zaXRlX3ZlcnNpb24iOiAiMi40MS4wIiwiaGlzdG9yeV9sZW5ndGgiOiAxLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNjY1MDUyMDc1NDQ3LCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZSwicGFja2FnZVZlcnNpb24iOiAiMi40MS4xXzIwMjIwNDEyMTg1NDMwIn0KXX0=

35.241.45.82

200 OK

0 B

URL HTTP/1.1
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInBhZ2VfdGl0bGUiOiAiTW9ydGdhZ2UgUmVmaW5hbmNpbmcgfCBXZWxscyBGYXJnbyIsInBhZ2VfdXJsIjogImh0dHA6Ly96aXRpYy5kdWNrZG5zLm9yZy92L3d3dy53ZWxsc2ZhcmdvLmNvbS9tb3J0Z2FnZS9tb3J0Z2FnZS1yZWZpbmFuY2UtdjMvaW5kZXguaHRtbCIsInRyYWNrZXJfdHlwZSI6ICJqYXZhc2NyaXB0IiwidHJhY2tlcl92ZXJzaW9uIjogIjIuMi4yMCIsImV2ZW50X25hbWUiOiAibmVidWxhX2JlZm9yZV9odHRwX2dldF9yZXF1ZXN0IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE2NjUwNTIwNzU0NDciLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAwLCJ1c2VyX2lkIjogIjE4M2FjZDY2NWI0MjBiLTBkYTI0ZDQ1ODdhNGYtMzA2ZDQ2NGEtMTQwMDAwLTE4M2FjZDY2NWI1NDM4IiwiZW52aXJvbWVudCI6ICJkaWdpdGFsLWNsb3VkLXVzLXByZW0iLCJhY2NvdW50SWQiOiA1NzkwNSwidXJsIjogImh0dHA6Ly96aXRpYy5kdWNrZG5zLm9yZy92L3d3dy53ZWxsc2ZhcmdvLmNvbS9tb3J0Z2FnZS9tb3J0Z2FnZS1yZWZpbmFuY2UtdjMvaW5kZXguaHRtbCIsIndlYnNpdGVJZCI6IDU3OTA3LCJmb3JtSWQiOiBudWxsLCJmb3JtVHJpZ2dlclR5cGUiOiBudWxsLCJrYW1weWxlX2RhdGEiOiB7IkxBU1RfSU5WSVRBVElPTl9WSUVXIjogIiIsIkRFQ0xJTkVEX0RBVEUiOiAiIiwia2FtcHlsZUludml0ZVByZXNlbnRlZCI6ICIiLCJrYW1weWxlX3VzZXJpZCI6ICJkNTY2LTU0NDItYTYyMy0wNzgxLWRiOTMtNmI3Yi0wY2E3LTY4OTQiLCJrYW1weWxlVXNlclNlc3Npb24iOiAiIiwia2FtcHlsZVVzZXJQZXJjZW50aWxlIjogIiIsIlNVQk1JVFRFRF9EQVRFIjogIiIsImh0dHBSZXF1ZXN0RGF0YSI6IHsiYXR0ZW1wdE51bWJlciI6IDAsInVybCI6ICJodHRwczovL3Jlc291cmNlcy5kaWdpdGFsLWNsb3VkLXByZW0ubWVkYWxsaWEuY29tL3dkY3VzcHJlbS81NzkwNy9vbnNpdGUvb25zaXRlRGF0YS5qc29uIn19LCJjb29raWVfc2l6ZSI6IDk1LCJrYW1weWxlX3ZlcnNpb24iOiAiMi40MS4wIiwib25zaXRlX3ZlcnNpb24iOiAiMi40MS4wIiwiaGlzdG9yeV9sZW5ndGgiOiAxLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNjY1MDUyMDc1NDQ3LCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZSwicGFja2FnZVZlcnNpb24iOiAiMi40MS4xXzIwMjIwNDEyMTg1NDMwIn0KXX0=
IP
35.241.45.82:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInBhZ2VfdGl0bGUiOiAiTW9ydGdhZ2UgUmVmaW5hbmNpbmcgfCBXZWxscyBGYXJnbyIsInBhZ2VfdXJsIjogImh0dHA6Ly96aXRpYy5kdWNrZG5zLm9yZy92L3d3dy53ZWxsc2ZhcmdvLmNvbS9tb3J0Z2FnZS9tb3J0Z2FnZS1yZWZpbmFuY2UtdjMvaW5kZXguaHRtbCIsInRyYWNrZXJfdHlwZSI6ICJqYXZhc2NyaXB0IiwidHJhY2tlcl92ZXJzaW9uIjogIjIuMi4yMCIsImV2ZW50X25hbWUiOiAibmVidWxhX2JlZm9yZV9odHRwX2dldF9yZXF1ZXN0IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE2NjUwNTIwNzU0NDciLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAwLCJ1c2VyX2lkIjogIjE4M2FjZDY2NWI0MjBiLTBkYTI0ZDQ1ODdhNGYtMzA2ZDQ2NGEtMTQwMDAwLTE4M2FjZDY2NWI1NDM4IiwiZW52aXJvbWVudCI6ICJkaWdpdGFsLWNsb3VkLXVzLXByZW0iLCJhY2NvdW50SWQiOiA1NzkwNSwidXJsIjogImh0dHA6Ly96aXRpYy5kdWNrZG5zLm9yZy92L3d3dy53ZWxsc2ZhcmdvLmNvbS9tb3J0Z2FnZS9tb3J0Z2FnZS1yZWZpbmFuY2UtdjMvaW5kZXguaHRtbCIsIndlYnNpdGVJZCI6IDU3OTA3LCJmb3JtSWQiOiBudWxsLCJmb3JtVHJpZ2dlclR5cGUiOiBudWxsLCJrYW1weWxlX2RhdGEiOiB7IkxBU1RfSU5WSVRBVElPTl9WSUVXIjogIiIsIkRFQ0xJTkVEX0RBVEUiOiAiIiwia2FtcHlsZUludml0ZVByZXNlbnRlZCI6ICIiLCJrYW1weWxlX3VzZXJpZCI6ICJkNTY2LTU0NDItYTYyMy0wNzgxLWRiOTMtNmI3Yi0wY2E3LTY4OTQiLCJrYW1weWxlVXNlclNlc3Npb24iOiAiIiwia2FtcHlsZVVzZXJQZXJjZW50aWxlIjogIiIsIlNVQk1JVFRFRF9EQVRFIjogIiIsImh0dHBSZXF1ZXN0RGF0YSI6IHsiYXR0ZW1wdE51bWJlciI6IDAsInVybCI6ICJodHRwczovL3Jlc291cmNlcy5kaWdpdGFsLWNsb3VkLXByZW0ubWVkYWxsaWEuY29tL3dkY3VzcHJlbS81NzkwNy9vbnNpdGUvb25zaXRlRGF0YS5qc29uIn19LCJjb29raWVfc2l6ZSI6IDk1LCJrYW1weWxlX3ZlcnNpb24iOiAiMi40MS4wIiwib25zaXRlX3ZlcnNpb24iOiAiMi40MS4wIiwiaGlzdG9yeV9sZW5ndGgiOiAxLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNjY1MDUyMDc1NDQ3LCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZSwicGFja2FnZVZlcnNpb24iOiAiMi40MS4xXzIwMjIwNDEyMTg1NDMwIn0KXX0= HTTP/1.1
Host: udc-neb.kampyle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://zitic.duckdns.org/

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:27:55 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PUT, DELETE
Access-Control-Allow-Headers: X-Requested-With, Origin, Content-Type, Accept
Access-Control-Max-Age: 1800
X-ME: prod-instance-gatewayservice-blue-41kv
X-Application-Context: application:9090
Content-Type: image/gif; charset=UTF-8
Content-Length: 0
Server: Jetty(9.2.11.v20150529)
Via: 1.1 google

edge.adobedc.net/ee/v1/identity/acquire?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=a8c1c1d1-e478-4614-8253-735605b36c5a

15.188.95.229

200 OK

741 B

URL HTTP/2
edge.adobedc.net/ee/v1/identity/acquire?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=a8c1c1d1-e478-4614-8253-735605b36c5a
IP
15.188.95.229:0
ASN
#16509 AMAZON-02

File type
OpenPGP Secret Key\012- data
Size
741 B (741 bytes)
Hash
724e171e2fad331cfc9eeaa18bc2de84
e08e5fbecef0c9855502dfe585ca8afdf2671fe3
20903e8f5393d198980aca5fb4b4ce73703d0e153522fe735bc4262117b77cc6

HTTP Headers

POST /ee/v1/identity/acquire?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=a8c1c1d1-e478-4614-8253-735605b36c5a HTTP/1.1
Host: edge.adobedc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://zitic.duckdns.org/
Content-Type: text/plain; charset=UTF-8
Origin: http://zitic.duckdns.org
Content-Length: 111
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-request-id: a8c1c1d1-e478-4614-8253-735605b36c5a
x-rate-limit-remaining: 599
vary: Origin
access-control-allow-origin: http://zitic.duckdns.org
access-control-allow-credentials: true
access-control-expose-headers: Retry-After, X-Adobe-Edge, X-Request-ID
date: Thu, 06 Oct 2022 10:27:55 GMT
x-konductor: 22.10.1:d2d3a42e
x-adobe-edge: IRL1;6
server: jag
content-encoding: deflate
content-type: application/json;charset=utf-8
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInBhZ2VfdGl0bGUiOiAiTW9ydGdhZ2UgUmVmaW5hbmNpbmcgfCBXZWxscyBGYXJnbyIsInBhZ2VfdXJsIjogImh0dHA6Ly96aXRpYy5kdWNrZG5zLm9yZy92L3d3dy53ZWxsc2ZhcmdvLmNvbS9tb3J0Z2FnZS9tb3J0Z2FnZS1yZWZpbmFuY2UtdjMvaW5kZXguaHRtbCIsInRyYWNrZXJfdHlwZSI6ICJqYXZhc2NyaXB0IiwidHJhY2tlcl92ZXJzaW9uIjogIjIuMi4yMCIsImV2ZW50X25hbWUiOiAibmVidWxhX3BhZ2VfdmlldyIsImV2ZW50X3RpbWVzdGFtcF9lcG9jaCI6ICIxNjY1MDUyMDc1NTY3IiwiZXZlbnRfdGltZXpvbmVfb2Zmc2V0IjogMCwidXNlcl9pZCI6ICIxODNhY2Q2NjViNDIwYi0wZGEyNGQ0NTg3YTRmLTMwNmQ0NjRhLTE0MDAwMC0xODNhY2Q2NjViNTQzOCIsImVudmlyb21lbnQiOiAiZGlnaXRhbC1jbG91ZC11cy1wcmVtIiwiYWNjb3VudElkIjogNTc5MDUsInVybCI6ICJodHRwOi8veml0aWMuZHVja2Rucy5vcmcvdi93d3cud2VsbHNmYXJnby5jb20vbW9ydGdhZ2UvbW9ydGdhZ2UtcmVmaW5hbmNlLXYzL2luZGV4Lmh0bWwiLCJ3ZWJzaXRlSWQiOiA1NzkwNywiZm9ybUlkIjogbnVsbCwiZm9ybVRyaWdnZXJUeXBlIjogbnVsbCwia2FtcHlsZV9kYXRhIjogeyJMQVNUX0lOVklUQVRJT05fVklFVyI6ICIiLCJERUNMSU5FRF9EQVRFIjogIiIsImthbXB5bGVJbnZpdGVQcmVzZW50ZWQiOiAiIiwia2FtcHlsZV91c2VyaWQiOiAiZDU2Ni01NDQyLWE2MjMtMDc4MS1kYjkzLTZiN2ItMGNhNy02ODk0Iiwia2FtcHlsZVVzZXJTZXNzaW9uIjogIjE2NjUwNTIwNzU1NjUiLCJrYW1weWxlVXNlclBlcmNlbnRpbGUiOiAiIiwiU1VCTUlUVEVEX0RBVEUiOiAiIn0sImNvb2tpZV9zaXplIjogNTE2LCJrYW1weWxlX3ZlcnNpb24iOiAiMi40MS4wIiwib25zaXRlX3ZlcnNpb24iOiAiMi40MS4wIiwiaGlzdG9yeV9sZW5ndGgiOiAxLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNjY1MDUyMDc1NTY3LCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZSwicGFja2FnZVZlcnNpb24iOiAiMi40MS4xXzIwMjIwNDEyMTg1NDMwIn0KXX0=

35.241.45.82

200 OK

0 B

URL HTTP/1.1
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInBhZ2VfdGl0bGUiOiAiTW9ydGdhZ2UgUmVmaW5hbmNpbmcgfCBXZWxscyBGYXJnbyIsInBhZ2VfdXJsIjogImh0dHA6Ly96aXRpYy5kdWNrZG5zLm9yZy92L3d3dy53ZWxsc2ZhcmdvLmNvbS9tb3J0Z2FnZS9tb3J0Z2FnZS1yZWZpbmFuY2UtdjMvaW5kZXguaHRtbCIsInRyYWNrZXJfdHlwZSI6ICJqYXZhc2NyaXB0IiwidHJhY2tlcl92ZXJzaW9uIjogIjIuMi4yMCIsImV2ZW50X25hbWUiOiAibmVidWxhX3BhZ2VfdmlldyIsImV2ZW50X3RpbWVzdGFtcF9lcG9jaCI6ICIxNjY1MDUyMDc1NTY3IiwiZXZlbnRfdGltZXpvbmVfb2Zmc2V0IjogMCwidXNlcl9pZCI6ICIxODNhY2Q2NjViNDIwYi0wZGEyNGQ0NTg3YTRmLTMwNmQ0NjRhLTE0MDAwMC0xODNhY2Q2NjViNTQzOCIsImVudmlyb21lbnQiOiAiZGlnaXRhbC1jbG91ZC11cy1wcmVtIiwiYWNjb3VudElkIjogNTc5MDUsInVybCI6ICJodHRwOi8veml0aWMuZHVja2Rucy5vcmcvdi93d3cud2VsbHNmYXJnby5jb20vbW9ydGdhZ2UvbW9ydGdhZ2UtcmVmaW5hbmNlLXYzL2luZGV4Lmh0bWwiLCJ3ZWJzaXRlSWQiOiA1NzkwNywiZm9ybUlkIjogbnVsbCwiZm9ybVRyaWdnZXJUeXBlIjogbnVsbCwia2FtcHlsZV9kYXRhIjogeyJMQVNUX0lOVklUQVRJT05fVklFVyI6ICIiLCJERUNMSU5FRF9EQVRFIjogIiIsImthbXB5bGVJbnZpdGVQcmVzZW50ZWQiOiAiIiwia2FtcHlsZV91c2VyaWQiOiAiZDU2Ni01NDQyLWE2MjMtMDc4MS1kYjkzLTZiN2ItMGNhNy02ODk0Iiwia2FtcHlsZVVzZXJTZXNzaW9uIjogIjE2NjUwNTIwNzU1NjUiLCJrYW1weWxlVXNlclBlcmNlbnRpbGUiOiAiIiwiU1VCTUlUVEVEX0RBVEUiOiAiIn0sImNvb2tpZV9zaXplIjogNTE2LCJrYW1weWxlX3ZlcnNpb24iOiAiMi40MS4wIiwib25zaXRlX3ZlcnNpb24iOiAiMi40MS4wIiwiaGlzdG9yeV9sZW5ndGgiOiAxLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNjY1MDUyMDc1NTY3LCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZSwicGFja2FnZVZlcnNpb24iOiAiMi40MS4xXzIwMjIwNDEyMTg1NDMwIn0KXX0=
IP
35.241.45.82:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInBhZ2VfdGl0bGUiOiAiTW9ydGdhZ2UgUmVmaW5hbmNpbmcgfCBXZWxscyBGYXJnbyIsInBhZ2VfdXJsIjogImh0dHA6Ly96aXRpYy5kdWNrZG5zLm9yZy92L3d3dy53ZWxsc2ZhcmdvLmNvbS9tb3J0Z2FnZS9tb3J0Z2FnZS1yZWZpbmFuY2UtdjMvaW5kZXguaHRtbCIsInRyYWNrZXJfdHlwZSI6ICJqYXZhc2NyaXB0IiwidHJhY2tlcl92ZXJzaW9uIjogIjIuMi4yMCIsImV2ZW50X25hbWUiOiAibmVidWxhX3BhZ2VfdmlldyIsImV2ZW50X3RpbWVzdGFtcF9lcG9jaCI6ICIxNjY1MDUyMDc1NTY3IiwiZXZlbnRfdGltZXpvbmVfb2Zmc2V0IjogMCwidXNlcl9pZCI6ICIxODNhY2Q2NjViNDIwYi0wZGEyNGQ0NTg3YTRmLTMwNmQ0NjRhLTE0MDAwMC0xODNhY2Q2NjViNTQzOCIsImVudmlyb21lbnQiOiAiZGlnaXRhbC1jbG91ZC11cy1wcmVtIiwiYWNjb3VudElkIjogNTc5MDUsInVybCI6ICJodHRwOi8veml0aWMuZHVja2Rucy5vcmcvdi93d3cud2VsbHNmYXJnby5jb20vbW9ydGdhZ2UvbW9ydGdhZ2UtcmVmaW5hbmNlLXYzL2luZGV4Lmh0bWwiLCJ3ZWJzaXRlSWQiOiA1NzkwNywiZm9ybUlkIjogbnVsbCwiZm9ybVRyaWdnZXJUeXBlIjogbnVsbCwia2FtcHlsZV9kYXRhIjogeyJMQVNUX0lOVklUQVRJT05fVklFVyI6ICIiLCJERUNMSU5FRF9EQVRFIjogIiIsImthbXB5bGVJbnZpdGVQcmVzZW50ZWQiOiAiIiwia2FtcHlsZV91c2VyaWQiOiAiZDU2Ni01NDQyLWE2MjMtMDc4MS1kYjkzLTZiN2ItMGNhNy02ODk0Iiwia2FtcHlsZVVzZXJTZXNzaW9uIjogIjE2NjUwNTIwNzU1NjUiLCJrYW1weWxlVXNlclBlcmNlbnRpbGUiOiAiIiwiU1VCTUlUVEVEX0RBVEUiOiAiIn0sImNvb2tpZV9zaXplIjogNTE2LCJrYW1weWxlX3ZlcnNpb24iOiAiMi40MS4wIiwib25zaXRlX3ZlcnNpb24iOiAiMi40MS4wIiwiaGlzdG9yeV9sZW5ndGgiOiAxLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNjY1MDUyMDc1NTY3LCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZSwicGFja2FnZVZlcnNpb24iOiAiMi40MS4xXzIwMjIwNDEyMTg1NDMwIn0KXX0= HTTP/1.1
Host: udc-neb.kampyle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://zitic.duckdns.org/

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:27:55 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PUT, DELETE
Access-Control-Allow-Headers: X-Requested-With, Origin, Content-Type, Accept
Access-Control-Max-Age: 1800
X-ME: prod-instance-gatewayservice-blue-lm7p
X-Application-Context: application:9090
Content-Type: image/gif; charset=UTF-8
Content-Length: 0
Server: Jetty(9.2.11.v20150529)
Via: 1.1 google

rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=a7395d4f-9918-43a8-882f-f4735e8e9f7b%3A0&_cls_v=bf2ca19a-a299-4ce5-aab8-d9aa37e8efc1&pv=2&f_cls_s=true

23.36.79.9

200 OK

76 B

URL HTTP/1.1
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=a7395d4f-9918-43a8-882f-f4735e8e9f7b%3A0&_cls_v=bf2ca19a-a299-4ce5-aab8-d9aa37e8efc1&pv=2&f_cls_s=true
IP
23.36.79.9:0
ASN
#20940 Akamai International B.V.

File type
JSON data\012- , ASCII text, with no line terminators
Size
76 B (76 bytes)
Hash
723555cfefb3e4c0df5fcd4a43670f9e
2b774ca8ed585de5450e899709028486eada3c6a
8da6eb75b88b4a8c6a21567d4f37fd00a817312f351766b63d0a99e311cfea93

HTTP Headers

GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=a7395d4f-9918-43a8-882f-f4735e8e9f7b%3A0&_cls_v=bf2ca19a-a299-4ce5-aab8-d9aa37e8efc1&pv=2&f_cls_s=true HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://zitic.duckdns.org
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://zitic.duckdns.org
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 76
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: origin, Accept-Encoding
Date: Thu, 06 Oct 2022 10:27:55 GMT
Connection: keep-alive
Set-Cookie: _cls_v=bf2ca19a-a299-4ce5-aab8-d9aa37e8efc1; Secure; SameSite=None;HttpOnly;Secure
_cls_s=a7395d4f-9918-43a8-882f-f4735e8e9f7b:0; Secure; SameSite=None;HttpOnly;Secure
ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!NYb2LPaaSiYhhZTjbMKMZ0gdoDa2eX5A4zGJ5zqMybVAJnhs8P4XGv4tOdqbwBp1TktMm9QiUCddCmA=; path=/; Httponly; Secure
DCID=Xx5JxxW2%2f11QGINWlPMdEZPWvrHXXvPXPQDjqq%2fXaXM%3d; Domain=rubicon.wellsfargo.com; Path=/; Expires=Thu, 06 Oct 2022 10:42:55 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains

www17.wellsfargomedia.com/assets/images/icons/icon-hires_192x192.png

104.110.27.78

200 OK

1.6 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/images/icons/icon-hires_192x192.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 192x192, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
1.6 kB (1636 bytes)
Hash
b9d2c719de3d6701349f1134e129defe
703a51a2f72672f6b34a3dcf8d07c351143f9151
95ae72a8f3b1f5794802b2704b74bef2f29fe1b8da1f06c97a8e7ab2acb5e435

HTTP Headers

GET /assets/images/icons/icon-hires_192x192.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "6116f9a6-dcf"
last-modified: Thu, 14 Jul 2022 02:02:37 GMT
server: Akamai Image Manager
content-length: 1636
content-type: image/webp
cache-control: private, no-transform, max-age=2234110
expires: Tue, 01 Nov 2022 07:03:05 GMT
date: Thu, 06 Oct 2022 10:27:55 GMT
X-Firefox-Spdy: h2

www.facebook.com/tr?id=1578146899100389&ev=MTG_C_Page_Mortage_MortgageRefinanceStart&cd[currency]=USD&cd[value]=0.00&cd[Product]=&cd[Subproduct]=&cd[PageID]=&cd[CustomerType]=&cd[CustomerStatus]=n&dpo=LDU&dpoco=0&dpost=0&_rnd=0.18231051497340467

31.13.72.36

301 Moved Permanently

0 B

URL HTTP/1.1
www.facebook.com/tr?id=1578146899100389&ev=MTG_C_Page_Mortage_MortgageRefinanceStart&cd[currency]=USD&cd[value]=0.00&cd[Product]=&cd[Subproduct]=&cd[PageID]=&cd[CustomerType]=&cd[CustomerStatus]=n&dpo=LDU&dpoco=0&dpost=0&_rnd=0.18231051497340467
IP
31.13.72.36:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tr?id=1578146899100389&ev=MTG_C_Page_Mortage_MortgageRefinanceStart&cd[currency]=USD&cd[value]=0.00&cd[Product]=&cd[Subproduct]=&cd[PageID]=&cd[CustomerType]=&cd[CustomerStatus]=n&dpo=LDU&dpoco=0&dpost=0&_rnd=0.18231051497340467 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://zitic.duckdns.org/

HTTP/1.1 301 Moved Permanently
Location: https://www.facebook.com/tr?id=1578146899100389&ev=MTG_C_Page_Mortage_MortgageRefinanceStart&cd[currency]=USD&cd[value]=0.00&cd[Product]=&cd[Subproduct]=&cd[PageID]=&cd[CustomerType]=&cd[CustomerStatus]=n&dpo=LDU&dpoco=0&dpost=0&_rnd=0.18231051497340467
Content-Type: text/plain
Server: proxygen-bolt
Date: Thu, 06 Oct 2022 10:27:55 GMT
Connection: keep-alive
Content-Length: 0

pixel.everesttech.net/px2/2622?px_evt=t&ev_MTG_ALL_Page_Mortgage_Adobe_Refinance=1&ev_transid=1120220930145315569472507_1665053873813

52.210.55.46

301 Moved Permanently

134 B

URL HTTP/1.1
pixel.everesttech.net/px2/2622?px_evt=t&ev_MTG_ALL_Page_Mortgage_Adobe_Refinance=1&ev_transid=1120220930145315569472507_1665053873813
IP
52.210.55.46:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
134 B (134 bytes)
Hash
4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a

HTTP Headers

GET /px2/2622?px_evt=t&ev_MTG_ALL_Page_Mortgage_Adobe_Refinance=1&ev_transid=1120220930145315569472507_1665053873813 HTTP/1.1
Host: pixel.everesttech.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://zitic.duckdns.org/

HTTP/1.1 301 Moved Permanently
Server: awselb/2.0
Date: Thu, 06 Oct 2022 10:27:55 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://pixel.everesttech.net:443/px2/2622?px_evt=t&ev_MTG_ALL_Page_Mortgage_Adobe_Refinance=1&ev_transid=1120220930145315569472507_1665053873813

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
b3791fae35fa0754166a153c17b4d33c
2416c0ebeb59a5dbb874c88a747242fa03e32bb6
6ed8a41c16f75035977b43d3574fc577c3473b46db106480c4a64ca72462458a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5318
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 10:27:55 GMT
Last-Modified: Thu, 06 Oct 2022 08:59:18 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

ct.pinterest.com/v3/?tid=2612664219518&event=PageVisit&ed[order_id]=&ed[search_query]=_mortgage_mortgage-refinance_&ed[custom]=

151.101.84.84

200 OK

35 B

URL HTTP/2
ct.pinterest.com/v3/?tid=2612664219518&event=PageVisit&ed[order_id]=&ed[search_query]=_mortgage_mortgage-refinance_&ed[custom]=
IP
151.101.84.84:0
ASN
#54113 FASTLY

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
9b8d19f4310c758344e40bf17fbc7e85
2290ef058812d5f5e398736e2316cba8cf8093cf
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

HTTP Headers

GET /v3/?tid=2612664219518&event=PageVisit&ed[order_id]=&ed[search_query]=_mortgage_mortgage-refinance_&ed[custom]= HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: image/gif
access-control-allow-origin: *
set-cookie: _pinterest_ct_ua="TWc9PSYwY0tlQmRET0lwZ2QwRkZIcFNueGpkdVMrcGVuNVhkTmtBQ2pDNXlwNlAxaU5lWmkzN0FSR05hWlNJUXlndFdYaENEdVlnaWpIOVlGYzN0RVNOZmFHME9SeDFpbFMvTlJVZ3M3aXZYcTJNST0mcG5ya2xuTjZSdVV5NnlRR0ViaDVwdWRnZnJZPQ=="; Expires=Fri, 06 Oct 2023 10:27:55 GMT; Path=/; Domain=ct.pinterest.com; Secure; SameSite=None
x-envoy-upstream-service-time: 2
referrer-policy: origin
x-pinterest-rid: 1070408222186937
date: Thu, 06 Oct 2022 10:27:55 GMT
x-cdn: fastly
content-length: 35
X-Firefox-Spdy: h2

31.13.72.36

200 OK

0 B

URL HTTP/2
www.facebook.com/tr?id=1578146899100389&ev=MTG_C_Page_Mortage_MortgageRefinanceStart&cd[currency]=USD&cd[value]=0.00&cd[Product]=&cd[Subproduct]=&cd[PageID]=&cd[CustomerType]=&cd[CustomerStatus]=n&dpo=LDU&dpoco=0&dpost=0&_rnd=0.18231051497340467
IP
31.13.72.36:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tr?id=1578146899100389&ev=MTG_C_Page_Mortage_MortgageRefinanceStart&cd[currency]=USD&cd[value]=0.00&cd[Product]=&cd[Subproduct]=&cd[PageID]=&cd[CustomerType]=&cd[CustomerStatus]=n&dpo=LDU&dpoco=0&dpost=0&_rnd=0.18231051497340467 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://zitic.duckdns.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Thu, 06 Oct 2022 10:27:55 GMT
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
58abf3dc0ca8d44d05c24a7fd01075cd
017c2f7733e73afcb2554881c3241d99550999b7
7a4694d5883981b2069b3b0d857375d2d927cdc7f49cdfcc982e794d1ec2cf91

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2606
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 10:27:55 GMT
Last-Modified: Thu, 06 Oct 2022 09:44:29 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

www.wellsfargo.com/favicon.ico

159.45.2.145

200 OK

3.8 kB

URL HTTP/1.1
www.wellsfargo.com/favicon.ico
IP
159.45.2.145:0
ASN
#10837 WELLSFARGO-10837

File type
MS Windows icon resource - 1 icon, 48x48, 8 bits/pixel\012- data
Size
3.8 kB (3774 bytes)
Hash
fc6d7821d387a8d5e630daa63ec39f10
91d3962918d4caf70de23cdf245f85881883c789
2420e2dd77fbe0494070da2c201f6fcdd613c7652c06d086137e8c41d129f254

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:27:55 GMT
Content-Type: image/x-icon
Content-Length: 3774
Last-Modified: Mon, 05 Sep 2022 08:30:50 GMT
Connection: keep-alive
ETag: "6315b3ba-ebe"
Expires: Fri, 07 Oct 2022 10:27:55 GMT
Cache-Control: max-age=86400
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com

ocsp.sca1b.amazontrust.com/

54.230.245.100

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.100:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
c80499e3ccd937651c4d56769e245c5e
b5b4b80c63b6c1459f9d127d1cb76502dc64c85b
fd7a20166e3f2062babd11638e75ba6af15e1c577674a006831fcd2930095638

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 06 Oct 2022 10:27:55 GMT
Last-Modified: Thu, 06 Oct 2022 08:38:21 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: qB4llyNKnSVM7aJTfFTmEB2qXTdmRx6LRDHnUoYV8k1S7qd_oLH0hA==
Age: 6574

pixel.everesttech.net/px2/2622?px_evt=t&ev_MTG_ALL_Page_Mortgage_Adobe_Refinance=1&ev_transid=1120220930145315569472507_1665053873813

52.210.55.46

200 OK

128 B

URL HTTP/1.1
pixel.everesttech.net/px2/2622?px_evt=t&ev_MTG_ALL_Page_Mortgage_Adobe_Refinance=1&ev_transid=1120220930145315569472507_1665053873813
IP
52.210.55.46:0
ASN
#16509 AMAZON-02

File type
PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size
128 B (128 bytes)
Hash
d06d40e8b1fde7bb11eb3609eb4e708d
7d4923f8b6358c29a36123d65d672b9224c5d84a
bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

HTTP Headers

GET /px2/2622?px_evt=t&ev_MTG_ALL_Page_Mortgage_Adobe_Refinance=1&ev_transid=1120220930145315569472507_1665053873813 HTTP/1.1
Host: pixel.everesttech.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://zitic.duckdns.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:27:56 GMT
Content-Type: image/png
Content-Length: 128
Connection: keep-alive
Server: Apache
Set-Cookie: everest_g_v2=g_surferid~Yz6trAAAAMpYxxB9; path=/; domain=.everesttech.net; expires=Fri, 06-Oct-2023 10:27:56 GMT
everest_session_v2=Yz6trAAAAMpYxxB9; path=/; domain=.everesttech.net
Cache-Control: no-cache, no-cache
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

media-wellsfargo.nod-glb.nuance.com/media/launch/sdkChatLoader.min.js?codeVersion=1664936708888

8.39.193.5

200 OK

2.3 kB

URL HTTP/1.1
media-wellsfargo.nod-glb.nuance.com/media/launch/sdkChatLoader.min.js?codeVersion=1664936708888
IP
8.39.193.5:0
ASN
#54396 NUANCE-MOBILITY

File type
ASCII text, with very long lines (7108), with no line terminators
Size
2.3 kB (2292 bytes)
Hash
69248df2e4cd19badf361961108eec5e
86054d9394816797a159f91274bf9c97033a9024
4879bdd8f9d0bd0597e5df3170a4164ca2ca3aaab294b91dd49332db9d36f290

HTTP Headers

GET /media/launch/sdkChatLoader.min.js?codeVersion=1664936708888 HTTP/1.1
Host: media-wellsfargo.nod-glb.nuance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tag-wellsfargo.nod-glb.nuance.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Server: TouchCommerce Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
ETag: "6Cu8yUJ1UkL"
Last-Modified: Wed, 21 Sep 2022 04:43:17 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: application/javascript
Content-Length: 2292
Date: Thu, 06 Oct 2022 10:27:55 GMT

media-wellsfargo.nod-glb.nuance.com/media/launch/site_10006005_default_helper.js?codeVersion=1664936708888

8.39.193.5

200 OK

32 kB

URL HTTP/1.1
media-wellsfargo.nod-glb.nuance.com/media/launch/site_10006005_default_helper.js?codeVersion=1664936708888
IP
8.39.193.5:0
ASN
#54396 NUANCE-MOBILITY

File type
Unicode text, UTF-8 text, with very long lines (59866)
Size
32 kB (32153 bytes)
Hash
0ebafc7f35214ee56bdde838f9f6f473
e8caf55a23ec76e4cee5bd4b59853a020d2ba7b2
89bb7aea85d2785fcd8cd0267009c0c98b27075693ea280a216f775de50c71ef

HTTP Headers

GET /media/launch/site_10006005_default_helper.js?codeVersion=1664936708888 HTTP/1.1
Host: media-wellsfargo.nod-glb.nuance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tag-wellsfargo.nod-glb.nuance.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Server: TouchCommerce Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
ETag: "H7DpMeHDie0"
Last-Modified: Wed, 05 Oct 2022 02:25:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: application/javascript
Transfer-Encoding: chunked
Date: Thu, 06 Oct 2022 10:27:56 GMT

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
9f9550b4cc5b1f340bca768bcb13d029
7303e5a8e538c87ac031f96626e7ed6044a0e3d5
f02de708407cbfb3f6baa04e1171103a886e53d0f7fef119b64dc4c6c8b302f0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3160
Cache-Control: max-age=107399
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 10:27:56 GMT
Etag: "633da1db-1d7"
Expires: Fri, 07 Oct 2022 16:17:55 GMT
Last-Modified: Wed, 05 Oct 2022 15:25:15 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

media-wellsfargo.nod-glb.nuance.com/media/launch/site_10006005_default_jssdk.js?codeVersion=1664936708888

8.39.193.5

200 OK

26 kB

URL HTTP/1.1
media-wellsfargo.nod-glb.nuance.com/media/launch/site_10006005_default_jssdk.js?codeVersion=1664936708888
IP
8.39.193.5:0
ASN
#54396 NUANCE-MOBILITY

File type
ASCII text, with very long lines (5905)
Size
26 kB (25916 bytes)
Hash
60283e9423308a0b7a585769559147fd
11ba339e7a3a8f804ff0491dac8c1019d247ab3d
272a4e08c79eb1ff65fc59fc702eb267bc2368953987ed8a141a9c3120ae50df

HTTP Headers

GET /media/launch/site_10006005_default_jssdk.js?codeVersion=1664936708888 HTTP/1.1
Host: media-wellsfargo.nod-glb.nuance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tag-wellsfargo.nod-glb.nuance.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Server: TouchCommerce Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
ETag: "9kPrmEHr7Tj"
Last-Modified: Wed, 05 Oct 2022 02:25:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: application/javascript
Transfer-Encoding: chunked
Date: Thu, 06 Oct 2022 10:27:56 GMT

media-wellsfargo.nod-glb.nuance.com/media/launch/all_10006005.json?codeVersion=1664936708888

8.39.193.5

200 OK

137 kB

URL HTTP/1.1
media-wellsfargo.nod-glb.nuance.com/media/launch/all_10006005.json?codeVersion=1664936708888
IP
8.39.193.5:0
ASN
#54396 NUANCE-MOBILITY

File type
Unicode text, UTF-8 text
Size
137 kB (136689 bytes)
Hash
c4f58de1ecc5d045e5776764f6ad9f4c
c4472a98f4c56523e1cacb1258c944b8d5c1b45b
a299d4d2fbc04e15110ac5111e48b6d053eba23bee4a73a89b485b9269302bb7

HTTP Headers

GET /media/launch/all_10006005.json?codeVersion=1664936708888 HTTP/1.1
Host: media-wellsfargo.nod-glb.nuance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tag-wellsfargo.nod-glb.nuance.com
Connection: keep-alive
Referer: https://tag-wellsfargo.nod-glb.nuance.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Server: TouchCommerce Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
ETag: "Hx2qQlaVdMf"
Last-Modified: Wed, 05 Oct 2022 02:25:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: application/json
Transfer-Encoding: chunked
Date: Thu, 06 Oct 2022 10:27:57 GMT

media-wellsfargo.nod-glb.nuance.com/media/launch/tcFramework_jssdk.min.js?codeVersion=1664936708888

8.39.193.5

200 OK

132 kB

URL HTTP/1.1
media-wellsfargo.nod-glb.nuance.com/media/launch/tcFramework_jssdk.min.js?codeVersion=1664936708888
IP
8.39.193.5:0
ASN
#54396 NUANCE-MOBILITY

File type
ASCII text, with very long lines (65536), with no line terminators
Size
132 kB (132437 bytes)
Hash
11230cf34df33055ed40777bec3f09c5
02c411378aeef6a85361b0663f35ed7fb1a2a25b
e52774445064fa6006fa516e09df931ffd30f1aac549ee94ef510b70e67b433e

HTTP Headers

GET /media/launch/tcFramework_jssdk.min.js?codeVersion=1664936708888 HTTP/1.1
Host: media-wellsfargo.nod-glb.nuance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tag-wellsfargo.nod-glb.nuance.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Server: TouchCommerce Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
ETag: "9VzjEfzg+kJ"
Last-Modified: Wed, 21 Sep 2022 04:43:17 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: application/javascript
Transfer-Encoding: chunked
Date: Thu, 06 Oct 2022 10:27:58 GMT

tag-wellsfargo.nod-glb.nuance.com/tagserver/postToServer.min.htm?siteID=10006005&codeVersion=1664936708888

8.39.193.5

200 OK

6.5 kB

URL HTTP/1.1
tag-wellsfargo.nod-glb.nuance.com/tagserver/postToServer.min.htm?siteID=10006005&codeVersion=1664936708888
IP
8.39.193.5:0
ASN
#54396 NUANCE-MOBILITY

File type
HTML document text\012- HTML document text\012- HTML document text\012- Java source text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (807)
Size
6.5 kB (6470 bytes)
Hash
92c92a14d7348502d53a96ffb124e505
541bcbda5db19216712a37552092329b09a6301e
9f86b1cce23c8debd8f30ae3d4284689d83fe289f2e006e623e62eb0f90cbf67

HTTP Headers

GET /tagserver/postToServer.min.htm?siteID=10006005&codeVersion=1664936708888 HTTP/1.1
Host: tag-wellsfargo.nod-glb.nuance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tag-wellsfargo.nod-glb.nuance.com/tagserver/nuanceChat.html?UUID=WF_10006005
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: TouchCommerce Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
Cache-Control: max-age=3600
P3P: policyref="http://tag-wellsfargo.nod-glb.nuance.com/w3c/p3p.xml", CP="NON DSP LAW CUR ADMi TAIi PSAi PSD TELi OUR SAMi IND
ETag: "AN7QOU24IDr"
Last-Modified: Wed, 21 Sep 2022 04:43:54 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Content-Length: 6470
Date: Thu, 06 Oct 2022 10:27:58 GMT

pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum

54.69.177.24

200 OK

0 B

URL HTTP/2
pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum
IP
54.69.177.24:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 9733
Origin: http://zitic.duckdns.org
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 06 Oct 2022 10:27:56 GMT
content-type: text/html
expires: 0
set-cookie: ADRUM_BTa=R:25|g:0bcf19e6-5dfc-4672-8d5d-bee50b909ae9;Path=/;Expires=Thu, 06-Oct-2022 10:28:26 GMT;Max-Age=30
ADRUM_BTa=R:25|g:0bcf19e6-5dfc-4672-8d5d-bee50b909ae9|n:appdynamics_eee1d4f8-67a2-498e-a725-47e29803822e;Path=/;Expires=Thu, 06-Oct-2022 10:28:26 GMT;Max-Age=30
SameSite=None;Path=/;Expires=Thu, 06-Oct-2022 10:28:26 GMT;Max-Age=30;Secure
ADRUM_BT1=R:25|i:559461;Path=/;Expires=Thu, 06-Oct-2022 10:28:26 GMT;Max-Age=30
ADRUM_BT1=R:25|i:559461|e:2;Path=/;Expires=Thu, 06-Oct-2022 10:28:26 GMT;Max-Age=30
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2

tag-wellsfargo.nod-glb.nuance.com/tagserver/init/initFramework

8.39.193.5

200 OK

273 B

URL HTTP/1.1
tag-wellsfargo.nod-glb.nuance.com/tagserver/init/initFramework
IP
8.39.193.5:0
ASN
#54396 NUANCE-MOBILITY

File type
JSON data\012- , ASCII text, with no line terminators
Size
273 B (273 bytes)
Hash
274a511cb725d3a674df931436b5ecc4
ca8fe7d293da734a2ba0ea202ed1ed5cdc4e0c12
e3bcb7b2241e70617e765dacb854f4c75f3d504d0d63ad851f69be54ee281618

HTTP Headers

POST /tagserver/init/initFramework HTTP/1.1
Host: tag-wellsfargo.nod-glb.nuance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 204
Origin: https://tag-wellsfargo.nod-glb.nuance.com
Connection: keep-alive
Referer: https://tag-wellsfargo.nod-glb.nuance.com/tagserver/postToServer.min.htm?siteID=10006005&codeVersion=1664936708888
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: TouchCommerce Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://tag-wellsfargo.nod-glb.nuance.com
Vary: Origin
Access-Control-Allow-Credentials: true
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
P3P: policyref="http://tag-wellsfargo.nod-glb.nuance.com/w3c/p3p.xml", CP="NON DSP LAW CUR ADMi TAIi PSAi PSD TELi OUR SAMi IND
Content-Language: en-US
Content-Type: application/json; charset=UTF-8
Content-Length: 273
Date: Thu, 06 Oct 2022 10:27:59 GMT

media-wellsfargo.nod-glb.nuance.com/media/launch/ci/InqFrameworkService.js?codeVersion=1664936708888

8.39.193.5

200 OK

74 kB

URL HTTP/1.1
media-wellsfargo.nod-glb.nuance.com/media/launch/ci/InqFrameworkService.js?codeVersion=1664936708888
IP
8.39.193.5:0
ASN
#54396 NUANCE-MOBILITY

File type
ASCII text, with very long lines (65536), with no line terminators
Size
74 kB (73754 bytes)
Hash
864ede161397df71c4acf4f6f64c69d2
144b1983c6ef03cee50ab3c0a014fc55059c13c7
2f8c042d4470162397d906a63268fc20988a5b7b1de2087e826a612e7f1f2ca5

HTTP Headers

GET /media/launch/ci/InqFrameworkService.js?codeVersion=1664936708888 HTTP/1.1
Host: media-wellsfargo.nod-glb.nuance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://tag-wellsfargo.nod-glb.nuance.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Server: TouchCommerce Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
ETag: "FU7Yc21iU/N"
Last-Modified: Wed, 21 Sep 2022 04:43:16 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: application/javascript
Transfer-Encoding: chunked
Date: Thu, 06 Oct 2022 10:27:59 GMT

tag-wellsfargo.nod-glb.nuance.com/tagserver/incrementality/onEvent

8.39.193.5

200 OK

0 B

URL HTTP/1.1
tag-wellsfargo.nod-glb.nuance.com/tagserver/incrementality/onEvent
IP
8.39.193.5:0
ASN
#54396 NUANCE-MOBILITY

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /tagserver/incrementality/onEvent HTTP/1.1
Host: tag-wellsfargo.nod-glb.nuance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 350
Origin: https://tag-wellsfargo.nod-glb.nuance.com
Connection: keep-alive
Referer: https://tag-wellsfargo.nod-glb.nuance.com/tagserver/postToServer.min.htm?siteID=10006005&codeVersion=1664936708888
Cookie: inqVital_10006005=%7B%22INQ%22%3A%7B%22custID%22%3A%22-4299421148199717996%22%7D%2C%22v%22%3A3%2C%22vcnt%22%3A0%2C%22vtime%22%3A1665052079091%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: TouchCommerce Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://tag-wellsfargo.nod-glb.nuance.com
Vary: Origin
Access-Control-Allow-Credentials: true
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
P3P: policyref="http://tag-wellsfargo.nod-glb.nuance.com/w3c/p3p.xml", CP="NON DSP LAW CUR ADMi TAIi PSAi PSD TELi OUR SAMi IND
Content-Language: en-US
Content-Type: application/json; charset=UTF-8
Content-Length: 0
Date: Thu, 06 Oct 2022 10:27:59 GMT

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (53)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations