Report - mail.zitic.duckdns.org/v/www.wellsfargo.com/mobile/apps

Report Overview

Submitted URL
mail.zitic.duckdns.org/v/www.wellsfargo.com/mobile/apps
IP
54.224.73.73
ASN
#14618 AMAZON-AES
Submitted
2022-10-06 10:33:02
Access
Website Title
Final URL
Tags
None
urlquery detections
DynDNS domain detected

Detections

urlquery
32
Network Intrusion Detection
0
Threat Detection Systems
30

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.9 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
connect.secure.wellsfargo.com	11812	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	308 kB	159.45.170.156
data.schemaapp.com	11806	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	1.3 kB	54.230.111.79
api.rlcdn.com	791	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	403 B	192 B	34.120.133.55
www04.wellsfargomedia.com	54757	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	443 B	1.2 kB	104.110.5.8
www17.wellsfargomedia.com	76964	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.5 kB	48 kB	104.110.27.78
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	35.161.6.128
resources.digital-cloud-prem.medallia.com	21249	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	444 B	2.2 kB	151.101.85.230
rubicon.wellsfargo.com	11786	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	563 B	1.0 kB	23.36.79.9
pdx-col.eum-appdynamics.com	4816	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	2.1 kB	35.164.27.195
mail.zitic.duckdns.org	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	26 kB	1.6 MB	54.224.73.73
www01.wellsfargomedia.com	20259	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	448 B	2.5 kB	104.110.5.8
static.wellsfargo.com	12306	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	9.6 kB	419 kB	159.45.2.178
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	656 B	1.9 kB	104.18.32.68
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	57 kB	34.120.237.76
udc-neb.kampyle.com	3039	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	1.1 kB	35.241.45.82
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.77.32
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	54.230.111.65
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	5.2 kB	93.184.220.29
cdn.schemaapp.com	12078	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.9 kB	20 kB	54.230.111.100
edge.adobedc.net	8934	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	1.6 kB	13.36.218.177

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-10-05	medium	mail.zitic.duckdns.org/v/www.wellsfargo.com/mobile/apps	Wells Fargo & Company

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-10-06	medium	mail.zitic.duckdns.org/v/www.wellsfargo.com/mobile/apps	Phishing
2022-10-06	medium	mail.zitic.duckdns.org/v/www.wellsfargo.com/mobile/apps/	Phishing
2022-10-06	medium	mail.zitic.duckdns.org/v/www.wellsfargo.com/es/mobile/apps/index.html	Phishing
2022-10-06	medium	mail.zitic.duckdns.org/v/connect.secure.wellsfargo.com/auth/login/static/js/general_altdd5c.js?single	Phishing
2022-10-06	medium	mail.zitic.duckdns.org/v/www.wellsfargo.com/js/shared/media-player-custom.js	Phishing
2022-10-06	medium	mail.zitic.duckdns.org/v/static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js	Phishing
2022-10-06	medium	mail.zitic.duckdns.org/v/static.wellsfargo.com/assets/js/wfui/container/wfui-container-top.js	Phishing
2022-10-06	medium	mail.zitic.duckdns.org/v/www.wellsfargo.com/js/vendor/video.js	Phishing
2022-10-06	medium	mail.zitic.duckdns.org/v/www.wellsfargo.com/js/vendor/jquery.min.js	Phishing
2022-10-06	medium	mail.zitic.duckdns.org/v/static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js	Phishing
2022-10-06	medium	mail.zitic.duckdns.org/v/www.wellsfargo.com/js/frameworks/slick01.js	Phishing
2022-10-06	medium	mail.zitic.duckdns.org/v/www.wellsfargo.com/js/frameworks/jq/jquery-ui.js	Phishing
2022-10-06	medium	mail.zitic.duckdns.org/v/www.wellsfargo.com/js/global/global.js	Phishing
2022-10-06	medium	mail.zitic.duckdns.org/v/static.wellsfargo.com/assets/js/wfui/ndep/websdk/nuance-websdk-loader.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (45)

	URL	Size	First Seen	Last Seen
	static.wellsfargo.com/tracking/medallia/wdcusprem/57907/onsite/medallia-digital-embed.js	2.4 kB	2023-03-07	2023-03-17
Pretty URL static.wellsfargo.com/tracking/medallia/wdcusprem/57907/onsite/medallia-digital-embed.js IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2023-03-17 09:43:25 Times Seen1 Hash 3e75b97d91e2ac07972bd84b4b260fdc 003e8e223077086f1d634da73000252f1b724672 c6b012226d1f061a86a7a176fae93e55d7976d97afad14aa805aa3f5df2cb221 Loading...

	mail.zitic.duckdns.org/v/www.wellsfargo.com/js/shared/media-player-custom.js	4.3 kB	2023-03-07	2023-03-08
Pretty URL mail.zitic.duckdns.org/v/www.wellsfargo.com/js/shared/media-player-custom.js IP 54.224.73.73 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2023-03-08 08:37:51 Times Seen1 Hash 450744f087d3aa87a28395c107742acc c8a3e69e3b1287f65b72b9de8a553d4f309d4d99 cde7904316679ef5aa42b66a914d46fdae6d0e07d11bbc28f2dcb3a64012cdd6 Loading...

	mail.zitic.duckdns.org/v/www.wellsfargo.com/es/mobile/apps/index.html	252 B	2023-03-07	2024-04-08
Pretty URL mail.zitic.duckdns.org/v/www.wellsfargo.com/es/mobile/apps/index.html IP 54.224.73.73 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-08 03:26:08 Times Seen2498 Hash 4f6526fc5cfbf8f77c674e5cb40c36d6 94bb860d263ab388eea733a7a0e7fc00717d0637 06249a30772721e1f681be4a0d74c05a58b36a266c273eafdbe86ebcca83aabc Loading...

	cdn.schemaapp.com/javascript/highlight.js	32 kB	2023-03-07	2023-03-10
Pretty URL cdn.schemaapp.com/javascript/highlight.js IP 54.230.111.100 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:20:47 Last Seen2023-03-10 11:24:14 Times Seen1 Hash a75cfd2d41ac714329a4fc6895bb082d fc0712f2a046bebe006eb92279383b4f659b6b64 6f7298ad8b3f1b09f9454047ef159a3c943b93adbf93dce07a76a1152b76f136 Loading...

	static.wellsfargo.com/tracking/main/utag.381.js?utv=ut4.48.202209121603	94 kB	2023-03-07	2023-03-08
Pretty URL static.wellsfargo.com/tracking/main/utag.381.js?utv=ut4.48.202209121603 IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:47:21 Last Seen2023-03-08 07:42:42 Times Seen1 Hash b90cbacc71e1ae0a741626c87a25d013 00bf09b1f99fa67c51fd7cfba73951a9a710a424 f20359b2efae06d66e63fbd2e0ffb187fab7c9e2953e08306a0bf69ac8a5aa36 Loading...

	static.wellsfargo.com/tracking/main/utag.384.js?utv=ut4.48.202208101746	30 kB	2023-03-07	2023-03-17
Pretty URL static.wellsfargo.com/tracking/main/utag.384.js?utv=ut4.48.202208101746 IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2023-03-17 09:43:24 Times Seen1 Hash ec515d2e0f8c06d5ce0a340cd3797fd4 7835986cd764c52d1ca821917fca951cb3081af7 cc86fbdc1bc9b57a54d136018fd8ec9006c062e65f944b4c51c90f1762986bf7 Loading...

	static.wellsfargo.com/tracking/main/utag.413.js?utv=ut4.48.202207272202	3.0 kB	2023-03-07	2024-04-08
Pretty URL static.wellsfargo.com/tracking/main/utag.413.js?utv=ut4.48.202207272202 IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2024-04-08 03:26:08 Times Seen82 Hash 6aedb7426c48b548874c016faf3f6e24 e3e8420bd3e75e7e6319a3f00a8c2aff6e33961a 8221ff8f89f7c212ab6cb02b5edf294ca06322a313ccd0fa8f5d17356cb07d88 Loading...

	static.wellsfargo.com/tracking/main/utag.505.js?utv=ut4.48.202209131956	6.5 kB	2023-03-07	2023-03-13
Pretty URL static.wellsfargo.com/tracking/main/utag.505.js?utv=ut4.48.202209131956 IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:47:21 Last Seen2023-03-13 06:40:20 Times Seen1 Hash 735658e345bcccb2e9b4f8436a45bcd3 94969ac03a39f4e244376817f674405e38b4a054 01a8d4c81581707d3d7a663057b6635f1d6bc4fcc1c49ba0d21ae4f57146d81f Loading...

	mail.zitic.duckdns.org/v/connect.secure.wellsfargo.com/auth/login/static/js/general_altdd5c.js?single	11 kB	2023-03-08	2023-03-08
Pretty URL mail.zitic.duckdns.org/v/connect.secure.wellsfargo.com/auth/login/static/js/general_altdd5c.js?single IP 54.224.73.73 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:03:23 Last Seen2023-03-08 08:14:13 Times Seen1 Hash 0b6553613de5e8b685798ce292dae7b4 a99f16ca9db7571dcc861aa515ba10857e86d1bc 3baf623ad7bc3de691d8011db2fcd0d3983dba473ee761da01510e63aef71930 Loading...

	mail.zitic.duckdns.org/v/www.wellsfargo.com/es/mobile/apps/index.html	152 B	2023-03-08	2024-04-08
Pretty URL mail.zitic.duckdns.org/v/www.wellsfargo.com/es/mobile/apps/index.html IP 54.224.73.73 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:03:38 Last Seen2024-04-08 03:26:08 Times Seen28 Hash afa56f934ec858025328b1699356dd02 d1f72151b21676534d5d063a45b6629aa105dfcb ebea6e5e1db6eb572f25ff1cda99007a155c362d69ac3f70da13086d96a1effe Loading...

	static.wellsfargo.com/tracking/main/utag.js	326 kB	2023-03-08	2023-03-08
Pretty URL static.wellsfargo.com/tracking/main/utag.js IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:03:23 Last Seen2023-03-08 07:42:42 Times Seen1 Hash 7b4ba84ab0e2728a5ab460d07d2ac628 3067acb47d78a4630389f9017e467849de044461 b3f7e20d4377aaf99d7f96583d265be6a3ef34fefac4f7072e6bd0597649ff5c Loading...

	static.wellsfargo.com/tracking/alloy/alloy.js	77 kB	2023-03-07	2024-04-08
Pretty URL static.wellsfargo.com/tracking/alloy/alloy.js IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2024-04-08 03:26:09 Times Seen87 Hash dd67ef7bf5d168e7123d934cfd21ac80 eb66ab8b5ed10640c50c460c271be086f63e0ffb 5466d536089d3af772430020c62a83dc680cd9169200840742e51181ba81fd75 Loading...

	static.wellsfargo.com/tracking/gb/detector-dom.min.js	440 kB	2023-03-08	2023-04-13
Pretty URL static.wellsfargo.com/tracking/gb/detector-dom.min.js IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:19:07 Last Seen2023-04-13 08:50:50 Times Seen267 Hash d980391562cb88335867228eb62355e0 ee7af0c08ee43ff66f6bba09c08852f7b3859a42 313c07f6e4facc5730db27563c4aeaad1a86126333d448e47c7b29adb1f806fd Loading...

	static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js	45 kB	2023-03-07	2024-04-08
Pretty URL static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-08 03:26:09 Times Seen4864 Hash 5f310e2e2a558d76b916e137aee73462 c7ff0190c9c2c414321211f3863e9e27f32b713e 385196f0fce7cea80c2c99d971780ecb73df9dea6e5b2d95d19df3aa849c7b1f Loading...

	mail.zitic.duckdns.org/v/static.wellsfargo.com/assets/js/wfui/container/wfui-container-top.js	48 kB	2023-03-07	2023-05-21
Pretty URL mail.zitic.duckdns.org/v/static.wellsfargo.com/assets/js/wfui/container/wfui-container-top.js IP 54.224.73.73 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:04 Last Seen2023-05-21 08:37:02 Times Seen11 Hash adc6bafd6d346973c15f80f542fa008f ec1f94d5fe65f25d7119488ffc067446b7af82b9 7a17bf7ddc09f705c34b0bdefe2a12142ae1702bf904a731f48cd4652c1036eb Loading...

	mail.zitic.duckdns.org/v/www.wellsfargo.com/es/mobile/apps/index.html	110 B	2023-03-08	2023-03-26
Pretty URL mail.zitic.duckdns.org/v/www.wellsfargo.com/es/mobile/apps/index.html IP 54.224.73.73 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:55:06 Last Seen2023-03-26 12:58:11 Times Seen15 Hash 0965500114b9e06be45ef195b13db9ad 19ff35590c80440b0daa72a3d1173be9911bec0b 7ba16098b2ef830b6550ec989a92f6de9a836323c27260d3f349c10d178b5016 Loading...

	connect.secure.wellsfargo.com/auth/login/static/js/general_alt.js?1js	538 kB	2023-03-08	2023-03-13
Pretty URL connect.secure.wellsfargo.com/auth/login/static/js/general_alt.js?1js IP 159.45.170.156 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:03:38 Last Seen2023-03-13 19:24:38 Times Seen1 Hash 2527531002b85960239d82afa22c7acb 602fb4f7cec1213a27fca1773c78af27678475e4 58020c2639ef4df91190872d5dda8cb517fbdde491cb2fde718916b58f3b57d1 Loading...

	static.wellsfargo.com/tracking/ga/gtag.js?id=UA-107148943-1	117 kB	2023-03-07	2023-03-26
Pretty URL static.wellsfargo.com/tracking/ga/gtag.js?id=UA-107148943-1 IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2023-03-26 09:22:04 Times Seen2 Hash 17324c64926790e7068528ee285677e0 5f7c9d7694dfa9e92d5ae871cb0ea0cc5b4776c3 79f666407709e82d49c80fc330a5a34952fc56f30de257ccc3ae432d87c6fedc Loading...

	mail.zitic.duckdns.org/v/www.wellsfargo.com/es/mobile/apps/index.html	387 B	2023-03-08	2023-03-08
Pretty URL mail.zitic.duckdns.org/v/www.wellsfargo.com/es/mobile/apps/index.html IP 54.224.73.73 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:55:06 Last Seen2023-03-08 08:14:13 Times Seen1 Hash ae09ff0db8e0073525cbfe48bebd7e3d 15045909b13f39d3fa65c4237f017bb5e10c79dc d846abc3153e1c054eac444fcbc2ecad46b32c18dd21410b6fef4f7c03df3c8d Loading...

	static.wellsfargo.com/tracking/main/utag.328.js?utv=ut4.48.202207272202	17 kB	2023-03-07	2024-04-08
Pretty URL static.wellsfargo.com/tracking/main/utag.328.js?utv=ut4.48.202207272202 IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2024-04-08 03:26:08 Times Seen87 Hash f8ed7a36884e442c03847e482647b8e1 bae9cc143bf67dfeb1a99270b8f82666290b98c2 a69e6fb58df72540553b75552e4721c8e1d57086789f1d0a84c1bf49db0b1956 Loading...

	mail.zitic.duckdns.org/v/static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js	32 kB	2023-03-07	2023-11-04
Pretty URL mail.zitic.duckdns.org/v/static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js IP 54.224.73.73 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2023-11-04 00:29:39 Times Seen29 Hash 162100f507af8b50f1406bf3fc405ce5 cf0a2bf9b914710962e0dd7899b93ba5ceb5134d e9a598a5cc23c24a8ecc364ed7413961e416f5e9ec3df513ad9a12cda625a279 Loading...

	mail.zitic.duckdns.org/v/www.wellsfargo.com/js/frameworks/slick01.js	63 kB	2023-03-08	2024-04-08
Pretty URL mail.zitic.duckdns.org/v/www.wellsfargo.com/js/frameworks/slick01.js IP 54.224.73.73 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:03:38 Last Seen2024-04-08 03:26:08 Times Seen34 Hash 0c8184819332ec4f72f81aaf7e225ae2 4e0dc10b41812b30f74e2b183e19966a525de6a2 11dea6f8a3c56ae01aeff3bd061c0b746ddf9297258c2d18c86481b3a3c10b64 Loading...

	static.wellsfargo.com/tracking/main/utag.319.js?utv=ut4.48.202209142209	7.0 kB	2023-03-08	2023-03-29
Pretty URL static.wellsfargo.com/tracking/main/utag.319.js?utv=ut4.48.202209142209 IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:03:23 Last Seen2023-03-29 22:00:36 Times Seen47 Hash 3193265899115fcee583c2662559f250 22d60605121c7dc621b04edb46f2539d98fdcf9c 2e8b86b25ab5fb19b62a69f5ca7bb0f242136e3883b688670595ba896b7e53c8 Loading...

	static.wellsfargo.com/tracking/main/utag.431.js?utv=ut4.48.202107202150	2.5 kB	2023-03-07	2024-04-08
Pretty URL static.wellsfargo.com/tracking/main/utag.431.js?utv=ut4.48.202107202150 IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2024-04-08 03:26:08 Times Seen82 Hash 47057e93093059b6ae4917b6015bd8fe c6b654398fc654f415bcd1cff05f926d9193fc65 2c7310c0bbcf2becb50249819d7d0d68636930bab7307962d020cebf0d9de42c Loading...

	static.wellsfargo.com/tracking/main/utag.471.js?utv=ut4.48.202209271731	6.7 kB	2023-03-08	2023-05-21
Pretty URL static.wellsfargo.com/tracking/main/utag.471.js?utv=ut4.48.202209271731 IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:03:23 Last Seen2023-05-21 08:37:02 Times Seen76 Hash 36ebda59de9fa37cbea1f48593d20eb1 e175622005a38183dd0c33deb423a1fb02d2ba5e d257a14d93cafce44ecdb34393fadbe76117819c7de517aff08925cfee9bfbf4 Loading...

	static.wellsfargo.com/tracking/medallia/wdcusprem/57907/onsite/generic1649789670809.js	359 kB	2023-03-07	2023-03-08
Pretty URL static.wellsfargo.com/tracking/medallia/wdcusprem/57907/onsite/generic1649789670809.js IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2023-03-08 08:37:51 Times Seen1 Hash 715c89a07de4ffd82947e57d0809a2b4 ab6c19329d498be0888af0974e9b8b5df583a13a c73ee926afebcfb5d8f974cd1f3f595e18298a724b7ed41ebf564414fed6d6d7 Loading...

	static.wellsfargo.com/tracking/main/utag.225.js?utv=ut4.48.202208301942	16 kB	2023-03-07	2023-05-21
Pretty URL static.wellsfargo.com/tracking/main/utag.225.js?utv=ut4.48.202208301942 IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2023-05-21 08:37:02 Times Seen79 Hash ede450a69bfad8ba8be6c09afec643d9 525ca9fbebba307f6a5d5c4c8ab2a3ba9afa70c2 d4c3ac2df676fc3c4c0662d5635b8078cbea41051632004adeee5e17ba9337b8 Loading...

	mail.zitic.duckdns.org/v/static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js	2.0 kB	2023-03-07	2024-04-08
Pretty URL mail.zitic.duckdns.org/v/static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js IP 54.224.73.73 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-08 03:26:08 Times Seen4778 Hash e7cf4c458b327ab7ed31e0936ccd404f 970bf05073f91ad6b8f21521f7c9886f71f2af1d 52b687a685d2239142be0db5335c5710951ba8c2b39a44431a40f156b4d9312d Loading...

	mail.zitic.duckdns.org/v/www.wellsfargo.com/es/mobile/apps/index.html	1.0 kB	2023-03-08	2023-03-08
Pretty URL mail.zitic.duckdns.org/v/www.wellsfargo.com/es/mobile/apps/index.html IP 54.224.73.73 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:04:36 Last Seen2023-03-08 08:14:13 Times Seen1 Hash b9cb24aeedc37fbfc4812d19899ecb7e 99d43f3d0245659e4603a356da6d92284778898e 2c7757b2fd1e34eeacbb979de80c1b5c26dd3fee0413c98254f68ac9c8324b7b Loading...

	mail.zitic.duckdns.org/v/www.wellsfargo.com/js/frameworks/jq/jquery-ui.js	339 kB	2023-03-07	2023-05-21
Pretty URL mail.zitic.duckdns.org/v/www.wellsfargo.com/js/frameworks/jq/jquery-ui.js IP 54.224.73.73 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2023-05-21 08:37:02 Times Seen9 Hash 9726560d23e8100d33456702719491d1 1c64bfa8088fc04d7b6633a3479cb57ec9969d3a d65fdc6b62a5f7a8a9cbc7a756b75ed80b81cf828295d507aeec9878e908ad4d Loading...

	mail.zitic.duckdns.org/v/www.wellsfargo.com/js/global/global.js	230 kB	2023-03-08	2023-03-08
Pretty URL mail.zitic.duckdns.org/v/www.wellsfargo.com/js/global/global.js IP 54.224.73.73 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:03:23 Last Seen2023-03-08 08:14:13 Times Seen1 Hash a6d222867ebc1b0e6a57eddc8bd7418b be0c5877af0cf33abf8de5c793935c7c94c5fe7e 77d1d5f3d877905d3f0f5a434b77be2e3cf34887e0022ad9cae1b5d39150f827 Loading...

	cdn.schemaapp.com/javascript/schemaFunctions.min.js	1.7 kB	2023-03-07	2023-03-17
Pretty URL cdn.schemaapp.com/javascript/schemaFunctions.min.js IP 54.230.111.100 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2023-03-17 09:43:25 Times Seen1 Hash fa714262345ea0338a058d93199f56ed 81c3f8901938669975ad01a3ae3e4b0156de6a2f fe7b9f29a6a10cc36627e652af40af6381e2900f87eba0d348a8ef92f66ebd89 Loading...

	static.wellsfargo.com/tracking/main/utag.249.js?utv=ut4.48.202103111723	4.9 kB	2023-03-07	2024-04-08
Pretty URL static.wellsfargo.com/tracking/main/utag.249.js?utv=ut4.48.202103111723 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2024-04-08 03:26:08 Times Seen70 Hash 373195f42e45544150714cf15c2e1b6b 628200927b2b0f9125cf9e2f59e134ea0c00b55c a846aca7c9641d8d211b69b9f63c5c394eba8a53b27a75f5bdea3dc09a3284db Loading...

	static.wellsfargo.com/tracking/main/utag.136.js?utv=ut4.48.202208102110	56 kB	2023-03-07	2023-04-20
Pretty URL static.wellsfargo.com/tracking/main/utag.136.js?utv=ut4.48.202208102110 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2023-04-20 19:47:50 Times Seen62 Hash 41191acbeb53131c44ad4b17b97622cf 051e9ef1d5f33662109b4d4cfc253edaebf9f3aa eaeccba3d96e1fe1f6a600ab5b9ebb2dc6bf06cac27ce733ce5b74bf3c85887f Loading...

	static.wellsfargo.com/tracking/main/utag.379.js?utv=ut4.48.202207272202	2.2 kB	2023-03-07	2024-04-08
Pretty URL static.wellsfargo.com/tracking/main/utag.379.js?utv=ut4.48.202207272202 IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2024-04-08 03:26:08 Times Seen84 Hash f4d859c7b49fa343d9c8b25c689d837e c571cf8c4aa455cd656785571a398b03bda70254 49e726aa41e4128560776f794aeae8f9648b7045769cf240ab3ff4f5d002d529 Loading...

	static.wellsfargo.com/tracking/main/utag.403.js?utv=ut4.48.202104051735	2.6 kB	2023-03-07	2023-05-21
Pretty URL static.wellsfargo.com/tracking/main/utag.403.js?utv=ut4.48.202104051735 IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2023-05-21 08:37:02 Times Seen74 Hash 211205c31f696e1bb7eee132a746fa45 f97ced5d992cf340c530a244639eb581d0767965 0cb89661317d3e3c5072364afb0da53fc3d43bb5edf3ac43327b1a57f993a251 Loading...

	mail.zitic.duckdns.org/v/www.wellsfargo.com/js/vendor/video.js	420 kB	2023-03-07	2023-03-08
Pretty URL mail.zitic.duckdns.org/v/www.wellsfargo.com/js/vendor/video.js IP 54.224.73.73 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2023-03-08 08:13:26 Times Seen1 Hash efce68f045d0687df715b0ec9634accf 1b15d7dba57fed7ca7f041ea15d87f6d709a4458 d94e88dfb3c418dc2d7f7f4464faed1788ecc8407ef1694d824330279262b834 Loading...

	static.wellsfargo.com/tracking/main/utag.166.js?utv=ut4.48.202208100004	15 kB	2023-03-07	2023-05-21
Pretty URL static.wellsfargo.com/tracking/main/utag.166.js?utv=ut4.48.202208100004 IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2023-05-21 08:37:02 Times Seen79 Hash 80f41e3e9de3719de7b98e3fd6e0f727 70d1b9891e6f319b0f3f29adbc2832f493ac3b61 cb1b454a046f8f46ee3e5ea389d3648e46bf0973db9f61faa2724162ef850b03 Loading...

	static.wellsfargo.com/tracking/main/utag.396.js?utv=ut4.48.202209192333	8.5 kB	2023-03-08	2023-03-08
Pretty URL static.wellsfargo.com/tracking/main/utag.396.js?utv=ut4.48.202209192333 IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:03:23 Last Seen2023-03-08 07:42:42 Times Seen1 Hash bfc7b10a98d0b83c34b9c5215e59acb3 c822f6bbd3dfebedd4dc5673c7abb5c9f233085b 713a7b27c18080ecb4665dab3036ae266329f318ccc648336564bb8c24e5e40c Loading...

	static.wellsfargo.com/tracking/main/utag.397.js?utv=ut4.48.202209192301	10 kB	2023-03-08	2023-03-08
Pretty URL static.wellsfargo.com/tracking/main/utag.397.js?utv=ut4.48.202209192301 IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:03:23 Last Seen2023-03-08 07:42:42 Times Seen1 Hash 0e0ff10ca293ac96202da292e0f05087 d89bbbba6a1faef3d7cc06be60bcff48ec6ee9b3 52def0dd339c631d8a4fe5320c61e38ce6f8239d0d290725e7780aac112b3d46 Loading...

	static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js	48 kB	2023-03-07	2024-04-08
Pretty URL static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-08 03:26:09 Times Seen4875 Hash aeccb854b0a76aa9f478e466c8011b29 625d31cbeb8978cf2419f58d14bba92a42dbb45c 7f0d10bc282c3d7b0eb4d7527303490f8d3b86a1c65e293c2d9f0793006441e6 Loading...

	mail.zitic.duckdns.org/v/www.wellsfargo.com/es/mobile/apps/index.html	67 B	2023-03-08	2023-03-08
Pretty URL mail.zitic.duckdns.org/v/www.wellsfargo.com/es/mobile/apps/index.html IP 54.224.73.73 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:03:38 Last Seen2023-03-08 08:37:51 Times Seen1 Hash 0e9c3fb282a3102bbc12edc089f21223 0638c5489670be5aac1dee3ffe5bdde31a260c9b 9af7f6ee055e1a99fcbcb6247d08c3c2544e6bc091501f8bb3685aac98f7773e Loading...

	mail.zitic.duckdns.org/v/www.wellsfargo.com/js/vendor/jquery.min.js	98 kB	2023-03-07	2024-04-08
Pretty URL mail.zitic.duckdns.org/v/www.wellsfargo.com/js/vendor/jquery.min.js IP 54.224.73.73 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:17 Last Seen2024-04-08 03:26:09 Times Seen142 Hash d49f5bd057488231fdcc675e2fe9f568 c81be8cda5beab5bd767a63bee8aafc08e037ce4 3c536cede8c67b4bda531f82b77f3678e52026398492010245d3870c87a1623e Loading...

	static.wellsfargo.com/tracking/main/utag.117.js?utv=ut4.48.202112070053	8.6 kB	2023-03-07	2024-04-08
Pretty URL static.wellsfargo.com/tracking/main/utag.117.js?utv=ut4.48.202112070053 IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2024-04-08 03:26:08 Times Seen81 Hash ca611e1ad5ce488baf7e687e039008f9 2152db6945b63d78a718aa87e1f1ccea350b8809 0abd344691477db2ac8e91cf0ce28160bad6b8b4ba6d192dfc000bb2e63f83e4 Loading...

	static.wellsfargo.com/tracking/main/utag.129.js?utv=ut4.48.202207272202	15 kB	2023-03-07	2024-04-08
Pretty URL static.wellsfargo.com/tracking/main/utag.129.js?utv=ut4.48.202207272202 IP 159.45.2.178 ASN #10837 WELLSFARGO-10837 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:45 Last Seen2024-04-08 03:26:08 Times Seen85 Hash 479fee1497e8ed53fe632cd4110af660 42ff77f5fe23ac8aff0d4837f9e5cb0fb8a918c0 00153616bcd7e705949fa43e3573c41b7808dfe57255d1dcc42e24c4dad5efa8 Loading...

HTTP Transactions (111)

URL IP Response Size

mail.zitic.duckdns.org/v/www.wellsfargo.com/mobile/apps

54.224.73.73

301 Moved Permanently

271 B

URL HTTP/1.1
mail.zitic.duckdns.org/v/www.wellsfargo.com/mobile/apps
IP
54.224.73.73:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
271 B (271 bytes)
Hash
906497ef01336159c5c6ea3889c18161
7edabcaf93a4512482707eae769bbc58fa08f0c1
1c2cb747fbe02b6ca3feefece55b99b4b797cad1ed8458e6c44544e894d1ce03

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
openphish	Wells Fargo & Company
fortinet	Phishing

HTTP Headers

GET /v/www.wellsfargo.com/mobile/apps HTTP/1.1
Host: mail.zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: kndctr_1BAA15F354F731E60A4C98A4_AdobeOrg_identity=CiYyODMzMzQ4OTIxNDgxNTA4Nzc5MjM5NDkyODIzMTE4ODkzMzQxMlIRCJLcsOW6MBABGAEqBElSTDHwAZLcsOW6MA==; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=MCMID|28333489214815087792394928231188933412; mdLogger=false; kampyle_userid=6fb9-2ddb-97ed-b88c-f406-776a-db7d-a6c3; kampyleUserSession=1665049309768; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Thu, 06 Oct 2022 10:32:50 GMT
Server: Apache
Location: http://mail.zitic.duckdns.org/v/www.wellsfargo.com/mobile/apps/
Content-Length: 271
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
282f6e1328452c1cb41f6a6272fff757
20b9ff1b5f4f81b645769bd4b4cf7bf7dfc16262
6a8070ebe51259cb11db68cca2c81f3c7408fad481d8c14cc1c38912442c63f4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A8070EBE51259CB11DB68CCA2C81F3C7408FAD481D8C14CC1C38912442C63F4"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7655
Expires: Thu, 06 Oct 2022 12:40:25 GMT
Date: Thu, 06 Oct 2022 10:32:50 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

54.230.111.65

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
54.230.111.65:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: fvEW_L4HkriQKmr6Sd3ozM_1x7Y8tytKxBSXIChZKslRwsTtv3kv3A==
Age: 67533

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4ab7d8709d334de0e46dcb86aabfbff1
f221138a8ad9d0bfa3c054370dcdb363a67dc310
b91d37f606eaf448b9c7dfc05566a11de004ce44503409e1a776288ee2622805

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B91D37F606EAF448B9C7DFC05566A11DE004CE44503409E1A776288EE2622805"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10502
Expires: Thu, 06 Oct 2022 13:27:53 GMT
Date: Thu, 06 Oct 2022 10:32:51 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: uK5H7HTElcVygEoJZ8b9ITH/SWPR28YidDa9CJ9VbxirkUap6r9yzTHQbzHUoA5y5F8oaw6+c1p9YpqeCrzeKg==
x-amz-request-id: EB3DVNY07W46KAZB
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 06 Oct 2022 10:30:45 GMT
age: 126
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

mail.zitic.duckdns.org/v/www.wellsfargo.com/mobile/apps/

54.224.73.73

200 OK

686 B

URL HTTP/1.1
mail.zitic.duckdns.org/v/www.wellsfargo.com/mobile/apps/
IP
54.224.73.73:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
686 B (686 bytes)
Hash
9f5f9ca4679a27dc9345c83a685971db
7d460b990d11b242aaeeff87f96a378f6d3d6e19
5e35d8b7520dd11570f211359267e98cdc4e7d8a2fb433c9eb95f40d0d9ba181

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
fortinet	Phishing

HTTP Headers

GET /v/www.wellsfargo.com/mobile/apps/ HTTP/1.1
Host: mail.zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: kndctr_1BAA15F354F731E60A4C98A4_AdobeOrg_identity=CiYyODMzMzQ4OTIxNDgxNTA4Nzc5MjM5NDkyODIzMTE4ODkzMzQxMlIRCJLcsOW6MBABGAEqBElSTDHwAZLcsOW6MA==; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=MCMID|28333489214815087792394928231188933412; mdLogger=false; kampyle_userid=6fb9-2ddb-97ed-b88c-f406-776a-db7d-a6c3; kampyleUserSession=1665049309768; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:32:51 GMT
Server: Apache
Last-Modified: Fri, 30 Sep 2022 22:53:28 GMT
Accept-Ranges: bytes
Content-Length: 686
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 10:32:51 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

mail.zitic.duckdns.org/v/www.wellsfargo.com/es/mobile/apps/index.html

54.224.73.73

200 OK

40 kB

URL HTTP/1.1
mail.zitic.duckdns.org/v/www.wellsfargo.com/es/mobile/apps/index.html
IP
54.224.73.73:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2160), with CRLF, LF line terminators
Size
40 kB (39505 bytes)
Hash
61ba1376d1160ec46192a65e9f72792f
eb6a0a18f582673e47781470b11a66ec5b641234
6982bc432dd5c438661ff2e0aebd611293f00ba5bcf01d3a1fd17692b02e0b61

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
fortinet	Phishing

HTTP Headers

GET /v/www.wellsfargo.com/es/mobile/apps/index.html HTTP/1.1
Host: mail.zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: kndctr_1BAA15F354F731E60A4C98A4_AdobeOrg_identity=CiYyODMzMzQ4OTIxNDgxNTA4Nzc5MjM5NDkyODIzMTE4ODkzMzQxMlIRCJLcsOW6MBABGAEqBElSTDHwAZLcsOW6MA==; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=MCMID|28333489214815087792394928231188933412; mdLogger=false; kampyle_userid=6fb9-2ddb-97ed-b88c-f406-776a-db7d-a6c3; kampyleUserSession=1665049309768; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:32:51 GMT
Server: Apache
Last-Modified: Fri, 30 Sep 2022 22:53:56 GMT
Accept-Ranges: bytes
Content-Length: 39505
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html

www01.wellsfargomedia.com/assets/images/css/template/homepage/homepage-horz-logo.svg

104.110.5.8

200 OK

2.0 kB

URL HTTP/2
www01.wellsfargomedia.com/assets/images/css/template/homepage/homepage-horz-logo.svg
IP
104.110.5.8:0
ASN
#16625 AKAMAI-AS

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4948)
Size
2.0 kB (1977 bytes)
Hash
e56e5d0c3a6c91daa9c9e3cb35de49ec
1ac827e855541f5059c9122c624f7b5144c5faa8
6d046903ea56f94f8a7d998d662f03035b015d3019c57d88e091f16d1bd175e8

HTTP Headers

GET /assets/images/css/template/homepage/homepage-horz-logo.svg HTTP/1.1
Host: www01.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
accept-ranges: bytes
content-encoding: br
etag: "15b8-5895bfcbfa2c0"
last-modified: Mon, 24 May 2021 14:15:37 GMT
server: Akamai Resource Optimizer
strict-transport-security: max-age=31536000; includeSubdomains;
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 1977
unused62: 8096267
cache-control: max-age=3127802
expires: Fri, 11 Nov 2022 15:22:53 GMT
date: Thu, 06 Oct 2022 10:32:51 GMT
X-Firefox-Spdy: h2

www04.wellsfargomedia.com/assets/images/css/template/homepage/homepage-lock.svg

104.110.5.8

200 OK

668 B

URL HTTP/2
www04.wellsfargomedia.com/assets/images/css/template/homepage/homepage-lock.svg
IP
104.110.5.8:0
ASN
#16625 AKAMAI-AS

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
668 B (668 bytes)
Hash
de6fd1f7ffea13b855770b5dc54daf72
0e4ab6e3433c7607280e977fd9e9c5442eb30344
deab472180f1d0240b8f200d69c896d68ddf08eba1928ef3d2f2fbd4beefbbfa

HTTP Headers

GET /assets/images/css/template/homepage/homepage-lock.svg HTTP/1.1
Host: www04.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
accept-ranges: bytes
content-encoding: br
etag: "6f8-554880386bac0"
last-modified: Wed, 25 Aug 2021 22:12:55 GMT
server: Akamai Resource Optimizer
strict-transport-security: max-age=31536000; includeSubdomains;
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 668
unused62: 8096267
cache-control: max-age=3127802
expires: Fri, 11 Nov 2022 15:22:53 GMT
date: Thu, 06 Oct 2022 10:32:51 GMT
X-Firefox-Spdy: h2

mail.zitic.duckdns.org/v/connect.secure.wellsfargo.com/auth/login/static/js/general_altdd5c.js?single

54.224.73.73

200 OK

11 kB

URL HTTP/1.1
mail.zitic.duckdns.org/v/connect.secure.wellsfargo.com/auth/login/static/js/general_altdd5c.js?single
IP
54.224.73.73:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (9269)
Size
11 kB (10797 bytes)
Hash
0b6553613de5e8b685798ce292dae7b4
a99f16ca9db7571dcc861aa515ba10857e86d1bc
3baf623ad7bc3de691d8011db2fcd0d3983dba473ee761da01510e63aef71930

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
fortinet	Phishing

HTTP Headers

GET /v/connect.secure.wellsfargo.com/auth/login/static/js/general_altdd5c.js?single HTTP/1.1
Host: mail.zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/v/www.wellsfargo.com/es/mobile/apps/index.html
Cookie: kndctr_1BAA15F354F731E60A4C98A4_AdobeOrg_identity=CiYyODMzMzQ4OTIxNDgxNTA4Nzc5MjM5NDkyODIzMTE4ODkzMzQxMlIRCJLcsOW6MBABGAEqBElSTDHwAZLcsOW6MA==; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=MCMID|28333489214815087792394928231188933412; mdLogger=false; kampyle_userid=6fb9-2ddb-97ed-b88c-f406-776a-db7d-a6c3; kampyleUserSession=1665049309768; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:32:51 GMT
Server: Apache
Last-Modified: Fri, 30 Sep 2022 22:53:16 GMT
Accept-Ranges: bytes
Content-Length: 10797
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

mail.zitic.duckdns.org/v/www.wellsfargo.com/js/shared/media-player-custom.js

54.224.73.73

200 OK

4.3 kB

URL HTTP/1.1
mail.zitic.duckdns.org/v/www.wellsfargo.com/js/shared/media-player-custom.js
IP
54.224.73.73:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (4348), with no line terminators
Size
4.3 kB (4348 bytes)
Hash
450744f087d3aa87a28395c107742acc
c8a3e69e3b1287f65b72b9de8a553d4f309d4d99
cde7904316679ef5aa42b66a914d46fdae6d0e07d11bbc28f2dcb3a64012cdd6

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
fortinet	Phishing

HTTP Headers

GET /v/www.wellsfargo.com/js/shared/media-player-custom.js HTTP/1.1
Host: mail.zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/v/www.wellsfargo.com/es/mobile/apps/index.html
Cookie: kndctr_1BAA15F354F731E60A4C98A4_AdobeOrg_identity=CiYyODMzMzQ4OTIxNDgxNTA4Nzc5MjM5NDkyODIzMTE4ODkzMzQxMlIRCJLcsOW6MBABGAEqBElSTDHwAZLcsOW6MA==; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=MCMID|28333489214815087792394928231188933412; mdLogger=false; kampyle_userid=6fb9-2ddb-97ed-b88c-f406-776a-db7d-a6c3; kampyleUserSession=1665049309768; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:32:51 GMT
Server: Apache
Last-Modified: Mon, 05 Sep 2022 09:33:20 GMT
Accept-Ranges: bytes
Content-Length: 4348
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

mail.zitic.duckdns.org/v/static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js

54.224.73.73

200 OK

2.0 kB

URL HTTP/1.1
mail.zitic.duckdns.org/v/static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js
IP
54.224.73.73:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (1952), with no line terminators
Size
2.0 kB (1952 bytes)
Hash
e7cf4c458b327ab7ed31e0936ccd404f
970bf05073f91ad6b8f21521f7c9886f71f2af1d
52b687a685d2239142be0db5335c5710951ba8c2b39a44431a40f156b4d9312d

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
fortinet	Phishing

HTTP Headers

GET /v/static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js HTTP/1.1
Host: mail.zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/v/www.wellsfargo.com/es/mobile/apps/index.html
Cookie: kndctr_1BAA15F354F731E60A4C98A4_AdobeOrg_identity=CiYyODMzMzQ4OTIxNDgxNTA4Nzc5MjM5NDkyODIzMTE4ODkzMzQxMlIRCJLcsOW6MBABGAEqBElSTDHwAZLcsOW6MA==; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=MCMID|28333489214815087792394928231188933412; mdLogger=false; kampyle_userid=6fb9-2ddb-97ed-b88c-f406-776a-db7d-a6c3; kampyleUserSession=1665049309768; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:32:51 GMT
Server: Apache
Last-Modified: Thu, 20 Jan 2022 03:38:26 GMT
Accept-Ranges: bytes
Content-Length: 1952
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

mail.zitic.duckdns.org/v/static.wellsfargo.com/assets/js/wfui/container/wfui-container-top.js

54.224.73.73

200 OK

48 kB

URL HTTP/1.1
mail.zitic.duckdns.org/v/static.wellsfargo.com/assets/js/wfui/container/wfui-container-top.js
IP
54.224.73.73:0
ASN
#14618 AMAZON-AES

File type
Unicode text, UTF-8 text, with very long lines (48287)
Size
48 kB (48367 bytes)
Hash
adc6bafd6d346973c15f80f542fa008f
ec1f94d5fe65f25d7119488ffc067446b7af82b9
7a17bf7ddc09f705c34b0bdefe2a12142ae1702bf904a731f48cd4652c1036eb

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
fortinet	Phishing

HTTP Headers

GET /v/static.wellsfargo.com/assets/js/wfui/container/wfui-container-top.js HTTP/1.1
Host: mail.zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/v/www.wellsfargo.com/es/mobile/apps/index.html
Cookie: kndctr_1BAA15F354F731E60A4C98A4_AdobeOrg_identity=CiYyODMzMzQ4OTIxNDgxNTA4Nzc5MjM5NDkyODIzMTE4ODkzMzQxMlIRCJLcsOW6MBABGAEqBElSTDHwAZLcsOW6MA==; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=MCMID|28333489214815087792394928231188933412; mdLogger=false; kampyle_userid=6fb9-2ddb-97ed-b88c-f406-776a-db7d-a6c3; kampyleUserSession=1665049309768; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:32:51 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 14:50:04 GMT
Accept-Ranges: bytes
Content-Length: 48367
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

54.230.111.65

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
54.230.111.65:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Thu, 06 Oct 2022 10:29:41 GMT
Expires: Thu, 06 Oct 2022 10:49:48 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: t9-_hO2cNmunDy0svhj4lMvzCVlDfgSkE_Be0B-z_lSHJ_6gZfHBvw==
Age: 190

mail.zitic.duckdns.org/v/www.wellsfargo.com/css/template/ui-lightness/jquery-ui.custom.css

54.224.73.73

200 OK

18 kB

URL HTTP/1.1
mail.zitic.duckdns.org/v/www.wellsfargo.com/css/template/ui-lightness/jquery-ui.custom.css
IP
54.224.73.73:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (7491)
Size
18 kB (18459 bytes)
Hash
adacfb4b14fb1a108752d26f5c02ac5c
c86acc17d8ba331340c83d3426ac4b3561a51689
4cba34e0b3855598696d187bbcefc04326cfa6e79c4c4a035efab4017e40e4d3

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /v/www.wellsfargo.com/css/template/ui-lightness/jquery-ui.custom.css HTTP/1.1
Host: mail.zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/v/www.wellsfargo.com/es/mobile/apps/index.html
Cookie: kndctr_1BAA15F354F731E60A4C98A4_AdobeOrg_identity=CiYyODMzMzQ4OTIxNDgxNTA4Nzc5MjM5NDkyODIzMTE4ODkzMzQxMlIRCJLcsOW6MBABGAEqBElSTDHwAZLcsOW6MA==; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=MCMID|28333489214815087792394928231188933412; mdLogger=false; kampyle_userid=6fb9-2ddb-97ed-b88c-f406-776a-db7d-a6c3; kampyleUserSession=1665049309768; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:32:51 GMT
Server: Apache
Last-Modified: Mon, 05 Sep 2022 09:33:24 GMT
Accept-Ranges: bytes
Content-Length: 18459
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

mail.zitic.duckdns.org/v/www.wellsfargo.com/css/vendor/video-js.css

54.224.73.73

200 OK

44 kB

URL HTTP/1.1
mail.zitic.duckdns.org/v/www.wellsfargo.com/css/vendor/video-js.css
IP
54.224.73.73:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (19597)
Size
44 kB (43928 bytes)
Hash
f8682704b21d1ed262ec8b90bb0c18d4
71e1bc05a39e85f299d5ecd5194e440f2a3d9fae
521ebc30fb48d89b4ac4808ef7e6fba9110684eb37751ad00a977ada5e74b0ef

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /v/www.wellsfargo.com/css/vendor/video-js.css HTTP/1.1
Host: mail.zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/v/www.wellsfargo.com/es/mobile/apps/index.html
Cookie: kndctr_1BAA15F354F731E60A4C98A4_AdobeOrg_identity=CiYyODMzMzQ4OTIxNDgxNTA4Nzc5MjM5NDkyODIzMTE4ODkzMzQxMlIRCJLcsOW6MBABGAEqBElSTDHwAZLcsOW6MA==; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=MCMID|28333489214815087792394928231188933412; mdLogger=false; kampyle_userid=6fb9-2ddb-97ed-b88c-f406-776a-db7d-a6c3; kampyleUserSession=1665049309768; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:32:51 GMT
Server: Apache
Last-Modified: Mon, 05 Sep 2022 09:33:24 GMT
Accept-Ranges: bytes
Content-Length: 43928
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

mail.zitic.duckdns.org/v/www.wellsfargo.com/js/vendor/video.js

54.224.73.73

200 OK

420 kB

URL HTTP/1.1
mail.zitic.duckdns.org/v/www.wellsfargo.com/js/vendor/video.js
IP
54.224.73.73:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (8169)
Size
420 kB (419580 bytes)
Hash
efce68f045d0687df715b0ec9634accf
1b15d7dba57fed7ca7f041ea15d87f6d709a4458
d94e88dfb3c418dc2d7f7f4464faed1788ecc8407ef1694d824330279262b834

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
fortinet	Phishing

HTTP Headers

GET /v/www.wellsfargo.com/js/vendor/video.js HTTP/1.1
Host: mail.zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/v/www.wellsfargo.com/es/mobile/apps/index.html
Cookie: kndctr_1BAA15F354F731E60A4C98A4_AdobeOrg_identity=CiYyODMzMzQ4OTIxNDgxNTA4Nzc5MjM5NDkyODIzMTE4ODkzMzQxMlIRCJLcsOW6MBABGAEqBElSTDHwAZLcsOW6MA==; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=MCMID|28333489214815087792394928231188933412; mdLogger=false; kampyle_userid=6fb9-2ddb-97ed-b88c-f406-776a-db7d-a6c3; kampyleUserSession=1665049309768; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:32:51 GMT
Server: Apache
Last-Modified: Mon, 05 Sep 2022 09:33:20 GMT
Accept-Ranges: bytes
Content-Length: 419580
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

mail.zitic.duckdns.org/v/www.wellsfargo.com/js/vendor/jquery.min.js

54.224.73.73

200 OK

98 kB

URL HTTP/1.1
mail.zitic.duckdns.org/v/www.wellsfargo.com/js/vendor/jquery.min.js
IP
54.224.73.73:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (8077)
Size
98 kB (97628 bytes)
Hash
d49f5bd057488231fdcc675e2fe9f568
c81be8cda5beab5bd767a63bee8aafc08e037ce4
3c536cede8c67b4bda531f82b77f3678e52026398492010245d3870c87a1623e

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
fortinet	Phishing

HTTP Headers

GET /v/www.wellsfargo.com/js/vendor/jquery.min.js HTTP/1.1
Host: mail.zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/v/www.wellsfargo.com/es/mobile/apps/index.html
Cookie: kndctr_1BAA15F354F731E60A4C98A4_AdobeOrg_identity=CiYyODMzMzQ4OTIxNDgxNTA4Nzc5MjM5NDkyODIzMTE4ODkzMzQxMlIRCJLcsOW6MBABGAEqBElSTDHwAZLcsOW6MA==; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=MCMID|28333489214815087792394928231188933412; mdLogger=false; kampyle_userid=6fb9-2ddb-97ed-b88c-f406-776a-db7d-a6c3; kampyleUserSession=1665049309768; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:32:51 GMT
Server: Apache
Last-Modified: Mon, 05 Sep 2022 09:33:20 GMT
Accept-Ranges: bytes
Content-Length: 97628
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

mail.zitic.duckdns.org/v/www.wellsfargo.com/css/template/global.css

54.224.73.73

200 OK

185 kB

URL HTTP/1.1
mail.zitic.duckdns.org/v/www.wellsfargo.com/css/template/global.css
IP
54.224.73.73:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (8262)
Size
185 kB (185441 bytes)
Hash
14d9a697a170e9accf9d8dca7ca7f869
c9e83fd2642cbb67ec5648fa04fb5850ba952a18
6d8bb4f75f6eb8608fc500cb23a7d6a09db009c91707584c1cc4f629e422d3ff

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /v/www.wellsfargo.com/css/template/global.css HTTP/1.1
Host: mail.zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/v/www.wellsfargo.com/es/mobile/apps/index.html
Cookie: kndctr_1BAA15F354F731E60A4C98A4_AdobeOrg_identity=CiYyODMzMzQ4OTIxNDgxNTA4Nzc5MjM5NDkyODIzMTE4ODkzMzQxMlIRCJLcsOW6MBABGAEqBElSTDHwAZLcsOW6MA==; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=MCMID|28333489214815087792394928231188933412; mdLogger=false; kampyle_userid=6fb9-2ddb-97ed-b88c-f406-776a-db7d-a6c3; kampyleUserSession=1665049309768; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:32:51 GMT
Server: Apache
Last-Modified: Mon, 05 Sep 2022 09:33:24 GMT
Accept-Ranges: bytes
Content-Length: 185441
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
ee9e15db28c6c174de4e0f2922e2b25c
9df4ed69f087ce66e15dec440470706a0b548474
3c2acc9d0d0eb77f7bb2e28a662473040984c2b2fe36be30b7acd45a45c504b3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6251
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 10:32:51 GMT
Last-Modified: Thu, 06 Oct 2022 08:48:40 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
8be5570b9a5ca76c580da007a824b029
38840f2ac6476bdd5608121c5653e338c7ad9715
0b94e05080ef85432b1815eb3c6c7594c9613cfde1b51eeabee46d0d9fde64b2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4822
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 10:32:51 GMT
Last-Modified: Thu, 06 Oct 2022 09:12:29 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

mail.zitic.duckdns.org/v/static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js

54.224.73.73

200 OK

32 kB

URL HTTP/1.1
mail.zitic.duckdns.org/v/static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js
IP
54.224.73.73:0
ASN
#14618 AMAZON-AES

File type
Unicode text, UTF-8 text, with very long lines (31790)
Size
32 kB (31841 bytes)
Hash
162100f507af8b50f1406bf3fc405ce5
cf0a2bf9b914710962e0dd7899b93ba5ceb5134d
e9a598a5cc23c24a8ecc364ed7413961e416f5e9ec3df513ad9a12cda625a279

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
fortinet	Phishing

HTTP Headers

GET /v/static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js HTTP/1.1
Host: mail.zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/v/www.wellsfargo.com/es/mobile/apps/index.html
Cookie: kndctr_1BAA15F354F731E60A4C98A4_AdobeOrg_identity=CiYyODMzMzQ4OTIxNDgxNTA4Nzc5MjM5NDkyODIzMTE4ODkzMzQxMlIRCJLcsOW6MBABGAEqBElSTDHwAZLcsOW6MA==; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=MCMID|28333489214815087792394928231188933412; mdLogger=false; kampyle_userid=6fb9-2ddb-97ed-b88c-f406-776a-db7d-a6c3; kampyleUserSession=1665049309768; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:32:51 GMT
Server: Apache
Last-Modified: Sat, 12 Feb 2022 18:58:28 GMT
Accept-Ranges: bytes
Content-Length: 31841
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
e2337bf4a0107b4d8450cc662461b799
7088fc2cf3e3abe042b4a8b699e716732cdffeba
42577845d496317bfbc762c7b24872a9c4e3dcaeb015cc0c001b7054e674241b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3255
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 10:32:51 GMT
Last-Modified: Thu, 06 Oct 2022 09:38:36 GMT
Server: ECS (amb/6B90)
X-Cache: HIT
Content-Length: 471

mail.zitic.duckdns.org/v/www.wellsfargo.com/js/frameworks/slick01.js

54.224.73.73

200 OK

63 kB

URL HTTP/1.1
mail.zitic.duckdns.org/v/www.wellsfargo.com/js/frameworks/slick01.js
IP
54.224.73.73:0
ASN
#14618 AMAZON-AES

File type
Unicode text, UTF-8 text, with very long lines (8157)
Size
63 kB (63057 bytes)
Hash
0c8184819332ec4f72f81aaf7e225ae2
4e0dc10b41812b30f74e2b183e19966a525de6a2
11dea6f8a3c56ae01aeff3bd061c0b746ddf9297258c2d18c86481b3a3c10b64

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
fortinet	Phishing

HTTP Headers

GET /v/www.wellsfargo.com/js/frameworks/slick01.js HTTP/1.1
Host: mail.zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/v/www.wellsfargo.com/es/mobile/apps/index.html
Cookie: kndctr_1BAA15F354F731E60A4C98A4_AdobeOrg_identity=CiYyODMzMzQ4OTIxNDgxNTA4Nzc5MjM5NDkyODIzMTE4ODkzMzQxMlIRCJLcsOW6MBABGAEqBElSTDHwAZLcsOW6MA==; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=MCMID|28333489214815087792394928231188933412; mdLogger=false; kampyle_userid=6fb9-2ddb-97ed-b88c-f406-776a-db7d-a6c3; kampyleUserSession=1665049309768; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:32:51 GMT
Server: Apache
Last-Modified: Mon, 05 Sep 2022 09:33:18 GMT
Accept-Ranges: bytes
Content-Length: 63057
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

mail.zitic.duckdns.org/v/www.wellsfargo.com/js/frameworks/jq/jquery-ui.js

54.224.73.73

200 OK

339 kB

URL HTTP/1.1
mail.zitic.duckdns.org/v/www.wellsfargo.com/js/frameworks/jq/jquery-ui.js
IP
54.224.73.73:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (8185)
Size
339 kB (339170 bytes)
Hash
9726560d23e8100d33456702719491d1
1c64bfa8088fc04d7b6633a3479cb57ec9969d3a
d65fdc6b62a5f7a8a9cbc7a756b75ed80b81cf828295d507aeec9878e908ad4d

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
fortinet	Phishing

HTTP Headers

GET /v/www.wellsfargo.com/js/frameworks/jq/jquery-ui.js HTTP/1.1
Host: mail.zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/v/www.wellsfargo.com/es/mobile/apps/index.html
Cookie: kndctr_1BAA15F354F731E60A4C98A4_AdobeOrg_identity=CiYyODMzMzQ4OTIxNDgxNTA4Nzc5MjM5NDkyODIzMTE4ODkzMzQxMlIRCJLcsOW6MBABGAEqBElSTDHwAZLcsOW6MA==; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=MCMID|28333489214815087792394928231188933412; mdLogger=false; kampyle_userid=6fb9-2ddb-97ed-b88c-f406-776a-db7d-a6c3; kampyleUserSession=1665049309768; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:32:51 GMT
Server: Apache
Last-Modified: Mon, 05 Sep 2022 09:33:18 GMT
Accept-Ranges: bytes
Content-Length: 339170
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

mail.zitic.duckdns.org/v/www04.wellsfargomedia.com/assets/images/icons/227x140/Mobile_Account_Alert_IconImage_227x140.png

54.224.73.73

200 OK

785 B

URL HTTP/1.1
mail.zitic.duckdns.org/v/www04.wellsfargomedia.com/assets/images/icons/227x140/Mobile_Account_Alert_IconImage_227x140.png
IP
54.224.73.73:0
ASN
#14618 AMAZON-AES

File type
PNG image data, 227 x 140, 8-bit colormap, non-interlaced\012- data
Size
785 B (785 bytes)
Hash
bf2ecbc6d2640d699085e2d4863dd3af
f8990648290931fcd96caa33b6e27f6888a88ab3
a65040647041108e73cb56e3b3c05d78dec706eeaa63d51f8d616dd63779582b

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /v/www04.wellsfargomedia.com/assets/images/icons/227x140/Mobile_Account_Alert_IconImage_227x140.png HTTP/1.1
Host: mail.zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/v/www.wellsfargo.com/es/mobile/apps/index.html
Cookie: kndctr_1BAA15F354F731E60A4C98A4_AdobeOrg_identity=CiYyODMzMzQ4OTIxNDgxNTA4Nzc5MjM5NDkyODIzMTE4ODkzMzQxMlIRCJLcsOW6MBABGAEqBElSTDHwAZLcsOW6MA==; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=MCMID|28333489214815087792394928231188933412; mdLogger=false; kampyle_userid=6fb9-2ddb-97ed-b88c-f406-776a-db7d-a6c3; kampyleUserSession=1665049309768; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:32:52 GMT
Server: Apache
Last-Modified: Wed, 06 Apr 2022 23:56:54 GMT
Accept-Ranges: bytes
Content-Length: 785
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png

mail.zitic.duckdns.org/v/www01.wellsfargomedia.com/assets/images/icons/227x140/Mobile_TransferPay_IconImage_227x140.png

54.224.73.73

200 OK

1.6 kB

URL HTTP/1.1
mail.zitic.duckdns.org/v/www01.wellsfargomedia.com/assets/images/icons/227x140/Mobile_TransferPay_IconImage_227x140.png
IP
54.224.73.73:0
ASN
#14618 AMAZON-AES

File type
PNG image data, 227 x 140, 8-bit colormap, non-interlaced\012- data
Size
1.6 kB (1624 bytes)
Hash
6cc3af21862c681d0cb9c070c3dc6ad3
73b0c1f1b139539863997bf63ba715a3760478a9
d17966a462a442da87045bc7f96739d1f09a97ba2287778daecbf2f4ace87b6a

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /v/www01.wellsfargomedia.com/assets/images/icons/227x140/Mobile_TransferPay_IconImage_227x140.png HTTP/1.1
Host: mail.zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/v/www.wellsfargo.com/es/mobile/apps/index.html
Cookie: kndctr_1BAA15F354F731E60A4C98A4_AdobeOrg_identity=CiYyODMzMzQ4OTIxNDgxNTA4Nzc5MjM5NDkyODIzMTE4ODkzMzQxMlIRCJLcsOW6MBABGAEqBElSTDHwAZLcsOW6MA==; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=MCMID|28333489214815087792394928231188933412; mdLogger=false; kampyle_userid=6fb9-2ddb-97ed-b88c-f406-776a-db7d-a6c3; kampyleUserSession=1665049309768; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:32:52 GMT
Server: Apache
Last-Modified: Fri, 21 Jan 2022 23:12:40 GMT
Accept-Ranges: bytes
Content-Length: 1624
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

mail.zitic.duckdns.org/v/www.wellsfargo.com/css/template/print.css

54.224.73.73

200 OK

570 B

URL HTTP/1.1
mail.zitic.duckdns.org/v/www.wellsfargo.com/css/template/print.css
IP
54.224.73.73:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (570), with no line terminators
Size
570 B (570 bytes)
Hash
95b4de8b86db5e33fc29372eb35bf21a
e75af300af9a609a69e3c11e8c4325637b1a0284
8dee9644ead3af242cdb9c56bfa5a795cc33154be20a7fac97d4357238ad7243

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /v/www.wellsfargo.com/css/template/print.css HTTP/1.1
Host: mail.zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/v/www.wellsfargo.com/es/mobile/apps/index.html
Cookie: kndctr_1BAA15F354F731E60A4C98A4_AdobeOrg_identity=CiYyODMzMzQ4OTIxNDgxNTA4Nzc5MjM5NDkyODIzMTE4ODkzMzQxMlIRCJLcsOW6MBABGAEqBElSTDHwAZLcsOW6MA==; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=MCMID|28333489214815087792394928231188933412; mdLogger=false; kampyle_userid=6fb9-2ddb-97ed-b88c-f406-776a-db7d-a6c3; kampyleUserSession=1665049309768; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:32:52 GMT
Server: Apache
Last-Modified: Mon, 05 Sep 2022 09:33:24 GMT
Accept-Ranges: bytes
Content-Length: 570
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css

www17.wellsfargomedia.com/assets/images/css/template/chevron-right-blue.png

104.110.27.78

200 OK

140 B

URL HTTP/2
www17.wellsfargomedia.com/assets/images/css/template/chevron-right-blue.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image\012- data
Size
140 B (140 bytes)
Hash
7838430f8f3db208f1791d12275f882c
f099b34e9cd7bb9b8ccfbe0284cf818ef1747a9a
15edc68516d9016f5df0651edcd4eedfd5c2f440d85f932f7a2b973b70d37883

HTTP Headers

GET /assets/images/css/template/chevron-right-blue.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
etag: "519fc766-3fc"
last-modified: Mon, 25 Jul 2022 06:04:22 GMT
server: Akamai Image Manager
x-serial: 1189
x-check-cacheable: YES
content-length: 140
content-type: image/webp
cache-control: private, no-transform, max-age=779876
expires: Sat, 15 Oct 2022 11:10:48 GMT
date: Thu, 06 Oct 2022 10:32:52 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/fonts/wellsfargosans-rg.woff2

104.110.27.78

200 OK

22 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-rg.woff2
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
Web Open Font Format (Version 2), TrueType, length 22424, version 1.13107\012- data
Size
22 kB (22424 bytes)
Hash
0a1639ebe9fab396657a62aa5233c832
9b58164729ad918dd7255e4856f9da7f3a90bfde
631f3b6267a831a8d67c45e480b5d5a2601f10ff8708bcf3a45a41b377a129cc

HTTP Headers

GET /assets/fonts/wellsfargosans-rg.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://mail.zitic.duckdns.org
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: font/woff2
content-length: 22424
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-5798"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=7251266
expires: Thu, 29 Dec 2022 08:47:18 GMT
date: Thu, 06 Oct 2022 10:32:52 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/fonts/wellsfargosans-bd.woff2

104.110.27.78

200 OK

22 kB

URL HTTP/2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-bd.woff2
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
Web Open Font Format (Version 2), TrueType, length 22172, version 1.13107\012- data
Size
22 kB (22172 bytes)
Hash
f0307736c3a6ef356722f1dc3e9fa3f4
e29ea90ba786f0e08caa770dcfdfe923f619bebd
6bc7e16d4b6822a6867d7dd9f9d29f5fd77cd803750b0fe38a92309d9eb00704

HTTP Headers

GET /assets/fonts/wellsfargosans-bd.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://mail.zitic.duckdns.org
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: font/woff2
content-length: 22172
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-569c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=7228060
expires: Thu, 29 Dec 2022 02:20:32 GMT
date: Thu, 06 Oct 2022 10:32:52 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/css/template/homepage/homepage-magnifying-glass.png

104.110.27.78

200 OK

236 B

URL HTTP/2
www17.wellsfargomedia.com/assets/images/css/template/homepage/homepage-magnifying-glass.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image\012- data
Size
236 B (236 bytes)
Hash
8cf6735df721c60affadb70ad95732eb
ae8a42ebbd6b60630e2c612e924c4fd66a4aca33
8dc5436dce4423f0e53e85904b6dc0552c1c8bbde0dd4ec1c929a1c272201c4c

HTTP Headers

GET /assets/images/css/template/homepage/homepage-magnifying-glass.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
etag: "59c2114b-12e"
last-modified: Sat, 23 Jul 2022 13:52:11 GMT
server: Akamai Image Manager
content-length: 236
content-type: image/webp
cache-control: private, no-transform, max-age=673985
expires: Fri, 14 Oct 2022 05:45:57 GMT
date: Thu, 06 Oct 2022 10:32:52 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/css/template/chevron-right-grey.png

104.110.27.78

200 OK

82 B

URL HTTP/2
www17.wellsfargomedia.com/assets/images/css/template/chevron-right-grey.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 8x9, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
82 B (82 bytes)
Hash
8a64ca48888869867604fec4ca5a2300
05ecffa2687820e76c82f487d0347a5120615dd1
fb39d6b03e532d8c65acd85e6be42ac3fd7d781451a4bb1c616286a231c80cfa

HTTP Headers

GET /assets/images/css/template/chevron-right-grey.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
etag: "519fc766-3ed"
last-modified: Sat, 23 Jul 2022 13:52:12 GMT
server: Akamai Image Manager
x-serial: 612
x-check-cacheable: YES
content-length: 82
content-type: image/webp
cache-control: private, no-transform, max-age=628178
expires: Thu, 13 Oct 2022 17:02:30 GMT
date: Thu, 06 Oct 2022 10:32:52 GMT
X-Firefox-Spdy: h2

mail.zitic.duckdns.org/v/www01.wellsfargomedia.com/assets/images/photography/lifestyle/413x185/man-on-the-bridge-holding-phone-413x185.jpg

54.224.73.73

200 OK

16 kB

URL HTTP/1.1
mail.zitic.duckdns.org/v/www01.wellsfargomedia.com/assets/images/photography/lifestyle/413x185/man-on-the-bridge-holding-phone-413x185.jpg
IP
54.224.73.73:0
ASN
#14618 AMAZON-AES

File type
JPEG image data, JFIF standard 1.01, resolution (DPCM), density 28x28, segment length 16, progressive, precision 8, 413x185, components 3\012- data
Size
16 kB (16319 bytes)
Hash
6b9221bed4e8c80b203016eea9de5a9d
51138d1a0bb9e2f60a95658dbf3f393675599f67
feab236e6b63e28b7ea0743b85d35c4f9bb73c474e1e14ad58ec9929e026b4bc

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /v/www01.wellsfargomedia.com/assets/images/photography/lifestyle/413x185/man-on-the-bridge-holding-phone-413x185.jpg HTTP/1.1
Host: mail.zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/v/www.wellsfargo.com/es/mobile/apps/index.html
Cookie: kndctr_1BAA15F354F731E60A4C98A4_AdobeOrg_identity=CiYyODMzMzQ4OTIxNDgxNTA4Nzc5MjM5NDkyODIzMTE4ODkzMzQxMlIRCJLcsOW6MBABGAEqBElSTDHwAZLcsOW6MA==; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=MCMID|28333489214815087792394928231188933412; mdLogger=false; kampyle_userid=6fb9-2ddb-97ed-b88c-f406-776a-db7d-a6c3; kampyleUserSession=1665049309768; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:32:52 GMT
Server: Apache
Last-Modified: Fri, 17 Jun 2022 20:24:40 GMT
Accept-Ranges: bytes
Content-Length: 16319
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg

mail.zitic.duckdns.org/v/www17.wellsfargomedia.com/assets/images/css/template/img_print.png

54.224.73.73

200 OK

134 B

URL HTTP/1.1
mail.zitic.duckdns.org/v/www17.wellsfargomedia.com/assets/images/css/template/img_print.png
IP
54.224.73.73:0
ASN
#14618 AMAZON-AES

File type
PNG image data, 14 x 12, 8-bit grayscale, non-interlaced\012- data
Size
134 B (134 bytes)
Hash
ed07b484af73610193cb8c7850a060d3
6acdb6fa2eb7890a132b7e24938a27b548ccb544
d6d272e61ccf4d57b23962568358f87656a7f820f580ab071d11fde58f6e45e6

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /v/www17.wellsfargomedia.com/assets/images/css/template/img_print.png HTTP/1.1
Host: mail.zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/v/www.wellsfargo.com/css/template/global.css
Cookie: kndctr_1BAA15F354F731E60A4C98A4_AdobeOrg_identity=CiYyODMzMzQ4OTIxNDgxNTA4Nzc5MjM5NDkyODIzMTE4ODkzMzQxMlIRCJLcsOW6MBABGAEqBElSTDHwAZLcsOW6MA==; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=MCMID|28333489214815087792394928231188933412; mdLogger=false; kampyle_userid=6fb9-2ddb-97ed-b88c-f406-776a-db7d-a6c3; kampyleUserSession=1665049309768; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:32:52 GMT
Server: Apache
Last-Modified: Mon, 25 Jul 2022 22:08:46 GMT
Accept-Ranges: bytes
Content-Length: 134
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png

mail.zitic.duckdns.org/v/www01.wellsfargomedia.com/assets/images/icons/469x140/google-play-badge_469x140.jpg

54.224.73.73

200 OK

4.4 kB

URL HTTP/1.1
mail.zitic.duckdns.org/v/www01.wellsfargomedia.com/assets/images/icons/469x140/google-play-badge_469x140.jpg
IP
54.224.73.73:0
ASN
#14618 AMAZON-AES

File type
JPEG image data, JFIF standard 1.01, resolution (DPCM), density 28x28, segment length 16, progressive, precision 8, 469x140, components 3\012- data
Size
4.4 kB (4379 bytes)
Hash
9ac8713af6838c09d6c788c2ff352985
72a1e49aacc1560130494552cdf8fac183541e5b
b7c82b563d61552e58a325819d6ae194be256483c88695b1c01026412191c509

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /v/www01.wellsfargomedia.com/assets/images/icons/469x140/google-play-badge_469x140.jpg HTTP/1.1
Host: mail.zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/v/www.wellsfargo.com/es/mobile/apps/index.html
Cookie: kndctr_1BAA15F354F731E60A4C98A4_AdobeOrg_identity=CiYyODMzMzQ4OTIxNDgxNTA4Nzc5MjM5NDkyODIzMTE4ODkzMzQxMlIRCJLcsOW6MBABGAEqBElSTDHwAZLcsOW6MA==; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=MCMID|28333489214815087792394928231188933412; mdLogger=false; kampyle_userid=6fb9-2ddb-97ed-b88c-f406-776a-db7d-a6c3; kampyleUserSession=1665049309768; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:32:52 GMT
Server: Apache
Last-Modified: Thu, 26 Aug 2021 02:34:04 GMT
Accept-Ranges: bytes
Content-Length: 4379
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg

mail.zitic.duckdns.org/v/www04.wellsfargomedia.com/assets/images/icons/469x140/app-store-badge_469x140.jpg

54.224.73.73

200 OK

4.5 kB

URL HTTP/1.1
mail.zitic.duckdns.org/v/www04.wellsfargomedia.com/assets/images/icons/469x140/app-store-badge_469x140.jpg
IP
54.224.73.73:0
ASN
#14618 AMAZON-AES

File type
JPEG image data, JFIF standard 1.01, resolution (DPCM), density 28x28, segment length 16, progressive, precision 8, 469x140, components 3\012- data
Size
4.5 kB (4454 bytes)
Hash
5901dc53dee9597f0c1259adee1e2b84
215d6bce5a79709151aa6adc1a4cf988949c4c81
5af123a57f0c386b80c98109bed24d71bdc1a0cbc4e94560344dbd92e85aee60

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /v/www04.wellsfargomedia.com/assets/images/icons/469x140/app-store-badge_469x140.jpg HTTP/1.1
Host: mail.zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/v/www.wellsfargo.com/es/mobile/apps/index.html
Cookie: kndctr_1BAA15F354F731E60A4C98A4_AdobeOrg_identity=CiYyODMzMzQ4OTIxNDgxNTA4Nzc5MjM5NDkyODIzMTE4ODkzMzQxMlIRCJLcsOW6MBABGAEqBElSTDHwAZLcsOW6MA==; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=MCMID|28333489214815087792394928231188933412; mdLogger=false; kampyle_userid=6fb9-2ddb-97ed-b88c-f406-776a-db7d-a6c3; kampyleUserSession=1665049309768; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:32:52 GMT
Server: Apache
Last-Modified: Thu, 26 Aug 2021 02:34:04 GMT
Accept-Ranges: bytes
Content-Length: 4454
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg

mail.zitic.duckdns.org/v/www04.wellsfargomedia.com/assets/images/icons/227x140/Mobile_Check_Deposit_IconImage_227x140.png

54.224.73.73

200 OK

684 B

URL HTTP/1.1
mail.zitic.duckdns.org/v/www04.wellsfargomedia.com/assets/images/icons/227x140/Mobile_Check_Deposit_IconImage_227x140.png
IP
54.224.73.73:0
ASN
#14618 AMAZON-AES

File type
PNG image data, 227 x 140, 8-bit colormap, non-interlaced\012- data
Size
684 B (684 bytes)
Hash
4ddd12b62d626253008431f7ee61c97c
ab5c4ef42ce25bfbbbb3ef1f8155a3114554a548
3800bef34e102acb639de4259cd11a8ee09f4e0b3d387ddb2e6530bdc7ae73b9

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /v/www04.wellsfargomedia.com/assets/images/icons/227x140/Mobile_Check_Deposit_IconImage_227x140.png HTTP/1.1
Host: mail.zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/v/www.wellsfargo.com/es/mobile/apps/index.html
Cookie: kndctr_1BAA15F354F731E60A4C98A4_AdobeOrg_identity=CiYyODMzMzQ4OTIxNDgxNTA4Nzc5MjM5NDkyODIzMTE4ODkzMzQxMlIRCJLcsOW6MBABGAEqBElSTDHwAZLcsOW6MA==; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=MCMID|28333489214815087792394928231188933412; mdLogger=false; kampyle_userid=6fb9-2ddb-97ed-b88c-f406-776a-db7d-a6c3; kampyleUserSession=1665049309768; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:32:52 GMT
Server: Apache
Last-Modified: Fri, 21 Jan 2022 23:13:02 GMT
Accept-Ranges: bytes
Content-Length: 684
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png

mail.zitic.duckdns.org/v/www.wellsfargo.com/js/global/global.js

54.224.73.73

200 OK

230 kB

URL HTTP/1.1
mail.zitic.duckdns.org/v/www.wellsfargo.com/js/global/global.js
IP
54.224.73.73:0
ASN
#14618 AMAZON-AES

File type
HTML document, Unicode text, UTF-8 text, with very long lines (8155)
Size
230 kB (230254 bytes)
Hash
a6d222867ebc1b0e6a57eddc8bd7418b
be0c5877af0cf33abf8de5c793935c7c94c5fe7e
77d1d5f3d877905d3f0f5a434b77be2e3cf34887e0022ad9cae1b5d39150f827

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
fortinet	Phishing

HTTP Headers

GET /v/www.wellsfargo.com/js/global/global.js HTTP/1.1
Host: mail.zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/v/www.wellsfargo.com/es/mobile/apps/index.html
Cookie: kndctr_1BAA15F354F731E60A4C98A4_AdobeOrg_identity=CiYyODMzMzQ4OTIxNDgxNTA4Nzc5MjM5NDkyODIzMTE4ODkzMzQxMlIRCJLcsOW6MBABGAEqBElSTDHwAZLcsOW6MA==; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=MCMID|28333489214815087792394928231188933412; mdLogger=false; kampyle_userid=6fb9-2ddb-97ed-b88c-f406-776a-db7d-a6c3; kampyleUserSession=1665049309768; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:32:51 GMT
Server: Apache
Last-Modified: Mon, 05 Sep 2022 09:33:24 GMT
Accept-Ranges: bytes
Content-Length: 230254
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

mail.zitic.duckdns.org/v/www01.wellsfargomedia.com/assets/images/icons/227x140/Mobile_Biometric_IconImage_227x140.png

54.224.73.73

200 OK

1.1 kB

URL HTTP/1.1
mail.zitic.duckdns.org/v/www01.wellsfargomedia.com/assets/images/icons/227x140/Mobile_Biometric_IconImage_227x140.png
IP
54.224.73.73:0
ASN
#14618 AMAZON-AES

File type
PNG image data, 227 x 140, 8-bit colormap, non-interlaced\012- data
Size
1.1 kB (1109 bytes)
Hash
634f61613636f26de2ba753476b33b05
13775f8db07159af6b90e21ced29cd48729eb469
36368e093b0f74e5a3c4d0c22e813b77228fc0c6744467a31b95fe70a3e1f344

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /v/www01.wellsfargomedia.com/assets/images/icons/227x140/Mobile_Biometric_IconImage_227x140.png HTTP/1.1
Host: mail.zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/v/www.wellsfargo.com/es/mobile/apps/index.html
Cookie: kndctr_1BAA15F354F731E60A4C98A4_AdobeOrg_identity=CiYyODMzMzQ4OTIxNDgxNTA4Nzc5MjM5NDkyODIzMTE4ODkzMzQxMlIRCJLcsOW6MBABGAEqBElSTDHwAZLcsOW6MA==; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=MCMID|28333489214815087792394928231188933412; mdLogger=false; kampyle_userid=6fb9-2ddb-97ed-b88c-f406-776a-db7d-a6c3; kampyleUserSession=1665049309768; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:32:52 GMT
Server: Apache
Last-Modified: Tue, 28 Jun 2022 08:59:10 GMT
Accept-Ranges: bytes
Content-Length: 1109
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png

mail.zitic.duckdns.org/v/www.wellsfargo.com/assets/images/global/s5934.gif?log=1&cb=1664574835691&event=PageLoad&pid=tcm:282-17426-64&ptid=tcm:282-170471-128&pageUrl=https%3A%2F%2Fwww.wellsfargo.com%2Fes%2Fmobile%2Fapps%2F&clist=283-158303-16~223-4119-32|84-181409-16~91-2049-32|283-200333-16~223-6259-32|283-170735-16~91-1924-32|283-116050-16~91-1924-32|283-164790-16~91-1924-32|283-142296-16~91-1924-32|283-159874-16~91-1924-32|283-212724-16~91-1924-32|283-172233-16~91-1924-32|283-161919-16~91-1924-32|283-148263-16~91-1924-32|283-38072-16~91-1924-32|283-6793-16~91-1924-32|84-230142-16~91-1924-32|84-207757-16~91-1924-32|283-8259-16~302-1865-32|283-36430-16~91-2830-32|283-200317-16~223-122394-32|283-200320-16~223-6249-32|283-200322-16~91-2808-32|283-225355-16~223-3757-32|283-200318-16~223-122394-32|283-158319-16~223-6249-32|283-200319-16~223-122394-32|283-8253-16~91-1866-32

54.224.73.73

200 OK

43 B

URL HTTP/1.1
mail.zitic.duckdns.org/v/www.wellsfargo.com/assets/images/global/s5934.gif?log=1&cb=1664574835691&event=PageLoad&pid=tcm:282-17426-64&ptid=tcm:282-170471-128&pageUrl=https%3A%2F%2Fwww.wellsfargo.com%2Fes%2Fmobile%2Fapps%2F&clist=283-158303-16~223-4119-32|84-181409-16~91-2049-32|283-200333-16~223-6259-32|283-170735-16~91-1924-32|283-116050-16~91-1924-32|283-164790-16~91-1924-32|283-142296-16~91-1924-32|283-159874-16~91-1924-32|283-212724-16~91-1924-32|283-172233-16~91-1924-32|283-161919-16~91-1924-32|283-148263-16~91-1924-32|283-38072-16~91-1924-32|283-6793-16~91-1924-32|84-230142-16~91-1924-32|84-207757-16~91-1924-32|283-8259-16~302-1865-32|283-36430-16~91-2830-32|283-200317-16~223-122394-32|283-200320-16~223-6249-32|283-200322-16~91-2808-32|283-225355-16~223-3757-32|283-200318-16~223-122394-32|283-158319-16~223-6249-32|283-200319-16~223-122394-32|283-8253-16~91-1866-32
IP
54.224.73.73:0
ASN
#14618 AMAZON-AES

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /v/www.wellsfargo.com/assets/images/global/s5934.gif?log=1&cb=1664574835691&event=PageLoad&pid=tcm:282-17426-64&ptid=tcm:282-170471-128&pageUrl=https%3A%2F%2Fwww.wellsfargo.com%2Fes%2Fmobile%2Fapps%2F&clist=283-158303-16~223-4119-32|84-181409-16~91-2049-32|283-200333-16~223-6259-32|283-170735-16~91-1924-32|283-116050-16~91-1924-32|283-164790-16~91-1924-32|283-142296-16~91-1924-32|283-159874-16~91-1924-32|283-212724-16~91-1924-32|283-172233-16~91-1924-32|283-161919-16~91-1924-32|283-148263-16~91-1924-32|283-38072-16~91-1924-32|283-6793-16~91-1924-32|84-230142-16~91-1924-32|84-207757-16~91-1924-32|283-8259-16~302-1865-32|283-36430-16~91-2830-32|283-200317-16~223-122394-32|283-200320-16~223-6249-32|283-200322-16~91-2808-32|283-225355-16~223-3757-32|283-200318-16~223-122394-32|283-158319-16~223-6249-32|283-200319-16~223-122394-32|283-8253-16~91-1866-32 HTTP/1.1
Host: mail.zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/v/www.wellsfargo.com/es/mobile/apps/index.html
Cookie: kndctr_1BAA15F354F731E60A4C98A4_AdobeOrg_identity=CiYyODMzMzQ4OTIxNDgxNTA4Nzc5MjM5NDkyODIzMTE4ODkzMzQxMlIRCJLcsOW6MBABGAEqBElSTDHwAZLcsOW6MA==; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=MCMID|28333489214815087792394928231188933412; mdLogger=false; kampyle_userid=6fb9-2ddb-97ed-b88c-f406-776a-db7d-a6c3; kampyleUserSession=1665049309768; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:32:52 GMT
Server: Apache
Last-Modified: Fri, 24 May 2013 21:08:06 GMT
Accept-Ranges: bytes
Content-Length: 43
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/gif

mail.zitic.duckdns.org/v/www01.wellsfargomedia.com/assets/images/icons/70x70/secure-technology-icon.png

54.224.73.73

200 OK

1.6 kB

URL HTTP/1.1
mail.zitic.duckdns.org/v/www01.wellsfargomedia.com/assets/images/icons/70x70/secure-technology-icon.png
IP
54.224.73.73:0
ASN
#14618 AMAZON-AES

File type
PNG image data, 70 x 70, 8-bit colormap, non-interlaced\012- data
Size
1.6 kB (1553 bytes)
Hash
9a56d2dd55eccd1f85d5dde63dc2fc96
7d8bb4ce6da831bcb95623786ea68a09e1daa4d8
76ec948ba7e8a4a9c98ade679ee412d96a22d2d3a04c8aa3a17ce25ff90c03b2

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /v/www01.wellsfargomedia.com/assets/images/icons/70x70/secure-technology-icon.png HTTP/1.1
Host: mail.zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/v/www.wellsfargo.com/es/mobile/apps/index.html
Cookie: kndctr_1BAA15F354F731E60A4C98A4_AdobeOrg_identity=CiYyODMzMzQ4OTIxNDgxNTA4Nzc5MjM5NDkyODIzMTE4ODkzMzQxMlIRCJLcsOW6MBABGAEqBElSTDHwAZLcsOW6MA==; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=MCMID|28333489214815087792394928231188933412; mdLogger=false; kampyle_userid=6fb9-2ddb-97ed-b88c-f406-776a-db7d-a6c3; kampyleUserSession=1665049309768; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:32:52 GMT
Server: Apache
Last-Modified: Thu, 26 Aug 2021 02:32:08 GMT
Accept-Ranges: bytes
Content-Length: 1553
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png

mail.zitic.duckdns.org/v/www04.wellsfargomedia.com/assets/images/icons/70x70/biometrics-icon.png

54.224.73.73

200 OK

1.4 kB

URL HTTP/1.1
mail.zitic.duckdns.org/v/www04.wellsfargomedia.com/assets/images/icons/70x70/biometrics-icon.png
IP
54.224.73.73:0
ASN
#14618 AMAZON-AES

File type
PNG image data, 70 x 70, 8-bit colormap, non-interlaced\012- data
Size
1.4 kB (1365 bytes)
Hash
0fc47fec9f3a234fa2d621d2fbd8140e
191907888ac17555ca1cd8ad6ef683f5efe37572
bc924bf3f9258f57c0009b952ece9f066dbb1333eacf41e49358bde2a10f527b

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /v/www04.wellsfargomedia.com/assets/images/icons/70x70/biometrics-icon.png HTTP/1.1
Host: mail.zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/v/www.wellsfargo.com/es/mobile/apps/index.html
Cookie: kndctr_1BAA15F354F731E60A4C98A4_AdobeOrg_identity=CiYyODMzMzQ4OTIxNDgxNTA4Nzc5MjM5NDkyODIzMTE4ODkzMzQxMlIRCJLcsOW6MBABGAEqBElSTDHwAZLcsOW6MA==; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=MCMID|28333489214815087792394928231188933412; mdLogger=false; kampyle_userid=6fb9-2ddb-97ed-b88c-f406-776a-db7d-a6c3; kampyleUserSession=1665049309768; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:32:52 GMT
Server: Apache
Last-Modified: Thu, 26 Aug 2021 02:32:12 GMT
Accept-Ranges: bytes
Content-Length: 1365
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png

push.services.mozilla.com/

35.161.6.128

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.161.6.128:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: PewPZRL6zkb8J8eYw3B0UA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: tD+4FY8aqp4517ufNTguhGj0Lxs=

mail.zitic.duckdns.org/v/static.wellsfargo.com/assets/js/wfui/ndep/websdk/nuance-websdk-loader.js

54.224.73.73

404 Not Found

315 B

URL HTTP/1.1
mail.zitic.duckdns.org/v/static.wellsfargo.com/assets/js/wfui/ndep/websdk/nuance-websdk-loader.js
IP
54.224.73.73:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
fortinet	Phishing

HTTP Headers

GET /v/static.wellsfargo.com/assets/js/wfui/ndep/websdk/nuance-websdk-loader.js HTTP/1.1
Host: mail.zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/v/www.wellsfargo.com/es/mobile/apps/index.html
Cookie: kndctr_1BAA15F354F731E60A4C98A4_AdobeOrg_identity=CiYyODMzMzQ4OTIxNDgxNTA4Nzc5MjM5NDkyODIzMTE4ODkzMzQxMlIRCJLcsOW6MBABGAEqBElSTDHwAZLcsOW6MA==; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=MCMID|28333489214815087792394928231188933412; mdLogger=false; kampyle_userid=6fb9-2ddb-97ed-b88c-f406-776a-db7d-a6c3; kampyleUserSession=1665049309768; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1

HTTP/1.1 404 Not Found
Date: Thu, 06 Oct 2022 10:32:52 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

www17.wellsfargomedia.com/assets/images/css/template/img_facebook.png

104.110.27.78

200 OK

158 B

URL HTTP/2
www17.wellsfargomedia.com/assets/images/css/template/img_facebook.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 20x20, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
158 B (158 bytes)
Hash
2b29e2ab0a181b675c3a91a5daf2322c
7986adeec12fb7dfb3386f793662f634c842eb66
73b31bddb3e9b9e841725f10be78071daae55db39b60719eb73ffa94186edbbf

HTTP Headers

GET /assets/images/css/template/img_facebook.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "55209ab9-52d"
last-modified: Mon, 08 Aug 2022 16:03:34 GMT
server: Akamai Image Manager
content-length: 158
content-type: image/webp
cache-control: private, no-transform, max-age=2146745
expires: Mon, 31 Oct 2022 06:51:57 GMT
date: Thu, 06 Oct 2022 10:32:52 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/css/template/img_twitter.png

104.110.27.78

200 OK

186 B

URL HTTP/2
www17.wellsfargomedia.com/assets/images/css/template/img_twitter.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 20x20, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
186 B (186 bytes)
Hash
bf36c83f327f106b40a4a25396f68892
a47a4d66d99520946122236f23ec139c2252cae3
8bda07b34e5b9b98bc5b1609c1cb4327f829ec74484a558ae3873dd19b75953b

HTTP Headers

GET /assets/images/css/template/img_twitter.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "55209ab9-5a4"
last-modified: Mon, 25 Jul 2022 07:26:18 GMT
server: Akamai Image Manager
x-serial: 1787
x-check-cacheable: YES
content-length: 186
content-type: image/webp
cache-control: private, no-transform, max-age=713805
expires: Fri, 14 Oct 2022 16:49:37 GMT
date: Thu, 06 Oct 2022 10:32:52 GMT
X-Firefox-Spdy: h2

www17.wellsfargomedia.com/assets/images/css/template/social_show.png

104.110.27.78

200 OK

84 B

URL HTTP/2
www17.wellsfargomedia.com/assets/images/css/template/social_show.png
IP
104.110.27.78:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 16x16, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
84 B (84 bytes)
Hash
6550aa7b280e5283194471eb87085983
b76e2eaf71fb1ae900ece375e4f0be5b23bc1ed0
daf8f3105a0bae551331bc9859b06561b50313d2cc0e3aa1b1aee9b7acd09cd4

HTTP Headers

GET /assets/images/css/template/social_show.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "55209ab9-3ca"
last-modified: Mon, 25 Jul 2022 08:19:23 GMT
server: Akamai Image Manager
content-length: 84
content-type: image/webp
cache-control: private, no-transform, max-age=944771
expires: Mon, 17 Oct 2022 08:59:03 GMT
date: Thu, 06 Oct 2022 10:32:52 GMT
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
60e15c331eace6c365b7907684305d5b
0bd2b17c8e69678b43b2beb1beb81cb059f848b7
9fba594974e3d01120b06149dbe25cbdd65a33f81a5a362283146b3472aa0aaa

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 300
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 10:32:52 GMT
Last-Modified: Thu, 06 Oct 2022 10:27:52 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

mail.zitic.duckdns.org/v/www.wellsfargo.com/favicon.ico

54.224.73.73

200 OK

3.8 kB

URL HTTP/1.1
mail.zitic.duckdns.org/v/www.wellsfargo.com/favicon.ico
IP
54.224.73.73:0
ASN
#14618 AMAZON-AES

File type
MS Windows icon resource - 1 icon, 48x48, 8 bits/pixel\012- data
Size
3.8 kB (3774 bytes)
Hash
fc6d7821d387a8d5e630daa63ec39f10
91d3962918d4caf70de23cdf245f85881883c789
2420e2dd77fbe0494070da2c201f6fcdd613c7652c06d086137e8c41d129f254

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /v/www.wellsfargo.com/favicon.ico HTTP/1.1
Host: mail.zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/v/www.wellsfargo.com/es/mobile/apps/index.html
Cookie: kndctr_1BAA15F354F731E60A4C98A4_AdobeOrg_identity=CiYyODMzMzQ4OTIxNDgxNTA4Nzc5MjM5NDkyODIzMTE4ODkzMzQxMlIRCJLcsOW6MBABGAEqBElSTDHwAZLcsOW6MA==; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=MCMID|28333489214815087792394928231188933412; mdLogger=false; kampyle_userid=6fb9-2ddb-97ed-b88c-f406-776a-db7d-a6c3; kampyleUserSession=1665049309768; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:32:52 GMT
Server: Apache
Last-Modified: Mon, 05 Sep 2022 09:30:50 GMT
Accept-Ranges: bytes
Content-Length: 3774
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/x-icon

mail.zitic.duckdns.org/v/www17.wellsfargomedia.com/assets/images/icons/icon-hires_192x192.png

54.224.73.73

200 OK

2.5 kB

URL HTTP/1.1
mail.zitic.duckdns.org/v/www17.wellsfargomedia.com/assets/images/icons/icon-hires_192x192.png
IP
54.224.73.73:0
ASN
#14618 AMAZON-AES

File type
PNG image data, 192 x 192, 8-bit colormap, non-interlaced\012- data
Size
2.5 kB (2507 bytes)
Hash
47110b47911b785cd36f5a35379eb99c
39ec47a3fa466348e787c21de6dedbb217f8a1e3
9ada0ef473cc526ec17a25f7729960acb965a5c2bfd22688b0252421c1b833d5

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /v/www17.wellsfargomedia.com/assets/images/icons/icon-hires_192x192.png HTTP/1.1
Host: mail.zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/v/www.wellsfargo.com/es/mobile/apps/index.html
Cookie: kndctr_1BAA15F354F731E60A4C98A4_AdobeOrg_identity=CiYyODMzMzQ4OTIxNDgxNTA4Nzc5MjM5NDkyODIzMTE4ODkzMzQxMlIRCJLcsOW6MBABGAEqBElSTDHwAZLcsOW6MA==; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=MCMID|28333489214815087792394928231188933412; mdLogger=false; kampyle_userid=6fb9-2ddb-97ed-b88c-f406-776a-db7d-a6c3; kampyleUserSession=1665049309768; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:32:52 GMT
Server: Apache
Last-Modified: Thu, 14 Jul 2022 03:02:38 GMT
Accept-Ranges: bytes
Content-Length: 2507
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png

static.wellsfargo.com/tracking/main/utag.js

159.45.2.178

200 OK

54 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.js
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
Unicode text, UTF-8 text, with very long lines (21397)
Size
54 kB (53864 bytes)
Hash
26bb07cb24ec9407cc5e5b66a69874ba
3b7a1b1f6e96cccdd1eb3cd04e81598619eb94fc
35d1ca2c89af89baebef9b8a93866f5a90ab51831cc3b8db9718e276ab28c0d4

HTTP Headers

GET /tracking/main/utag.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:32:52 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 04 Oct 2022 20:01:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"633c9124-4fa06"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

connect.secure.wellsfargo.com/auth/login/static/js/general_alt.js?1js

159.45.170.156

200 OK

306 kB

URL HTTP/1.1
connect.secure.wellsfargo.com/auth/login/static/js/general_alt.js?1js
IP
159.45.170.156:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (65356)
Size
306 kB (305866 bytes)
Hash
0a73606e47133a2d2a13f7b5e1750e3c
8faaf759f275f0b66491df1c5077939099282044
cadbb05fc74ea8549b09ebed74da9dddf5499847acbcfaf7775b67a48abfc1ed

HTTP Headers

GET /auth/login/static/js/general_alt.js?1js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:32:52 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=3600, immutable
Content-Encoding: gzip

data.schemaapp.com/WellsFargo/aHR0cDovL21haWwueml0aWMuZHVja2Rucy5vcmcvdi93d3cud2VsbHNmYXJnby5jb20vZXMvbW9iaWxlL2FwcHMvaW5kZXguaHRtbA

54.230.111.79

200 OK

0 B

URL HTTP/2
data.schemaapp.com/WellsFargo/aHR0cDovL21haWwueml0aWMuZHVja2Rucy5vcmcvdi93d3cud2VsbHNmYXJnby5jb20vZXMvbW9iaWxlL2FwcHMvaW5kZXguaHRtbA
IP
54.230.111.79:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /WellsFargo/aHR0cDovL21haWwueml0aWMuZHVja2Rucy5vcmcvdi93d3cud2VsbHNmYXJnby5jb20vZXMvbW9iaWxlL2FwcHMvaW5kZXguaHRtbA HTTP/1.1
Host: data.schemaapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-api-key
Referer: http://mail.zitic.duckdns.org/
Origin: http://mail.zitic.duckdns.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-length: 0
date: Thu, 06 Oct 2022 10:18:47 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-headers: x-api-key
access-control-expose-headers: x-amz-meta-source
access-control-max-age: 3000
server: AmazonS3
strict-transport-security: max-age=31536000; includeSubDomains;
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: q_LHM1WfdtfPceDaDgcAvmBxoQL9GGPEgA8xqril_Az-1wopEVdWFQ==
age: 847
X-Firefox-Spdy: h2

data.schemaapp.com/WellsFargo/aHR0cDovL21haWwueml0aWMuZHVja2Rucy5vcmcvdi93d3cud2VsbHNmYXJnby5jb20vZXMvbW9iaWxlL2FwcHMvaW5kZXguaHRtbA

54.230.111.79

200 OK

0 B

URL HTTP/2
data.schemaapp.com/WellsFargo/aHR0cDovL21haWwueml0aWMuZHVja2Rucy5vcmcvdi93d3cud2VsbHNmYXJnby5jb20vZXMvbW9iaWxlL2FwcHMvaW5kZXguaHRtbA
IP
54.230.111.79:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WellsFargo/aHR0cDovL21haWwueml0aWMuZHVja2Rucy5vcmcvdi93d3cud2VsbHNmYXJnby5jb20vZXMvbW9iaWxlL2FwcHMvaW5kZXguaHRtbA HTTP/1.1
Host: data.schemaapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-api-key: XPJKP-GI7DG-FVNWZ-45W51
Origin: http://mail.zitic.duckdns.org
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/json
content-length: 0
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: x-amz-meta-source
access-control-max-age: 3000
date: Thu, 06 Oct 2022 10:18:46 GMT
server: AmazonS3
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: max-age=14400
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: t-S0q-tTUlYcdbeqX5mfRDP7FljbKmtcNRET_YB6gylzb6fIosmH6g==
age: 847
X-Firefox-Spdy: h2

static.wellsfargo.com/tracking/ga/gtag.js?id=UA-107148943-1

159.45.2.178

200 OK

45 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/ga/gtag.js?id=UA-107148943-1
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (65508)
Size
45 kB (45086 bytes)
Hash
f0bce3a74e635ab88b299b1f625c99a4
345faf01029820b11abc73022ece8fb8e51cc321
faebd8dced2c15d37da85427c6e60aecb6a1a5f75e888280d447e93e64102c8e

HTTP Headers

GET /tracking/ga/gtag.js?id=UA-107148943-1 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:32:53 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"613a44c0-1ca73"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
da760bd41ef8ff9370254bfa22f58538
d2913d670acf488ba2460758095e8238c1d47966
92af768a29358479e72788fbbb20cfd27aad26588b07a3218968710da11a2d37

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:32:53 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2022 13:42:54 GMT
Expires: Wed, 12 Oct 2022 13:42:53 GMT
Etag: "d2913d670acf488ba2460758095e8238c1d47966"
Cache-Control: max-age=529199,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 755dbc54ec7cb4f9-OSL

api.rlcdn.com/api/identity/idl?pid=1317

34.120.133.55

451 Unavailable For Legal Reasons

0 B

URL HTTP/2
api.rlcdn.com/api/identity/idl?pid=1317
IP
34.120.133.55:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api/identity/idl?pid=1317 HTTP/1.1
Host: api.rlcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://mail.zitic.duckdns.org
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 451 Unavailable For Legal Reasons
date: Thu, 06 Oct 2022 10:32:53 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.schemaapp.com/javascript/schemaFunctions.min.js

54.230.111.100

200 OK

2.6 kB

URL HTTP/2
cdn.schemaapp.com/javascript/schemaFunctions.min.js
IP
54.230.111.100:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (1769)
Size
2.6 kB (2568 bytes)
Hash
1d92cce45e3fae908d70b151d360db2b
121641bab8e9147d43a8154fba3ee1f2b15103ee
b7f8545911c44a9591700f728f2dc759e8b39e6471fff9fef60fde37d48b1ec3

HTTP Headers

GET /javascript/schemaFunctions.min.js HTTP/1.1
Host: cdn.schemaapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
x-amz-replication-status: COMPLETED
last-modified: Thu, 03 Jun 2021 19:02:30 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: ebtKiJ.k06e6HWGVnUjCEswYzQTrKhD5
server: AmazonS3
content-encoding: gzip
date: Thu, 29 Sep 2022 21:19:59 GMT
cache-control: max-age=699840
etag: W/"fa714262345ea0338a058d93199f56ed"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: N57Dll00rOGrirFZLfWIxX2eVDafQXgrf15BxvCcp18H-Y9PCC-jow==
age: 565994
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15027
Expires: Thu, 06 Oct 2022 14:43:20 GMT
Date: Thu, 06 Oct 2022 10:32:53 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15027
Expires: Thu, 06 Oct 2022 14:43:20 GMT
Date: Thu, 06 Oct 2022 10:32:53 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15027
Expires: Thu, 06 Oct 2022 14:43:20 GMT
Date: Thu, 06 Oct 2022 10:32:53 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15027
Expires: Thu, 06 Oct 2022 14:43:20 GMT
Date: Thu, 06 Oct 2022 10:32:53 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg

34.120.237.76

200 OK

7.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.3 kB (7270 bytes)
Hash
e238ccaa3b9fa88476a8514855e8232f
447cbf348ef10d0136a1811e843c46937defbba1
43dce3c1eb388dfaddca4176acb6eb32f76fc4c03fca18e7a315c9ddb43d2b02

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7270
x-amzn-requestid: e5d0bb7a-b9d5-49b1-b51c-8db019da641f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjQOGEQloAMFjgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633dfa5a-519d91fb0b83920960da479d;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:42:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: l1HGT5ycH36vVojsOPFptRSU1YJFvLbBsgiWJqzRlRIGgm2o5vf6jg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:58:56 GMT
etag: "447cbf348ef10d0136a1811e843c46937defbba1"
content-type: image/jpeg
age: 45237
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feda182b7-6bc8-4aea-82c3-d9fa08748b61.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.4 kB (7385 bytes)
Hash
e5a5ee14d41747f46e71f04782e1a3d3
b0205176a58913f57056b91674097bfb58046e97
b3bae0b56b50374cb85fc7fe4c9b551383d1969bf31e7adccb867e3467c59269

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feda182b7-6bc8-4aea-82c3-d9fa08748b61.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7385
x-amzn-requestid: 7ada8e43-9cb5-4793-9289-e308e9565e7d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjOZoF7aIAMF43A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df770-73da01595d32809e08b93a83;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:30:24 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: 14qQi5wDI-_EgyghHCMjRtdZliSj3L6veSqIeBoEjCTfdZfrKb-UzA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 7d01bcfcfe27ce0b8979cf621dd081de.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:37:06 GMT
etag: "b0205176a58913f57056b91674097bfb58046e97"
content-type: image/jpeg
age: 46547
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5b87135-538c-4c9f-b146-1da5b13ce157.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.4 kB (8360 bytes)
Hash
a7bcc50ecfeeca47de68cb437e966f29
e98c870fd29b56fa4c3847008bedc0f01f222744
47a82bb40ead4346323b68c886cb88528cb2162666e9549b2ab215b86a499985

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5b87135-538c-4c9f-b146-1da5b13ce157.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8360
x-amzn-requestid: c1f21bfa-3ceb-4661-97b8-0d7475f0e911
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZKLlLG0joAMFQqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6333f2ed-43993b1377e9fbaf4e9443d2;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 07:08:29 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: kyp8p-Jm92bA3VDbsKDiD_JnS2eekJFUkMjYXquZ1D15WthqXoSlsA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:57:01 GMT
age: 45352
etag: "e98c870fd29b56fa4c3847008bedc0f01f222744"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccecc8c9-b6da-4470-b2be-fa8d46df1cc2.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.0 kB (9044 bytes)
Hash
70ea26af79226e9ff06d6198e2c019dc
ae2c476667f63c7f642f0d9f4d0bc0d846b0ef57
f9393e7b8cbaedc8e1ef87fd89c617cf102f58813d84d866ff68e3124f94d44c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccecc8c9-b6da-4470-b2be-fa8d46df1cc2.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9044
x-amzn-requestid: 127bce04-9f75-4bb1-bbe7-33bf1694d96c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZdZPmHG5oAMFehw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ba263-3896085b3b73ff5403237206;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 03:02:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: E4yZTPRLFdK717YfwjOIFOJDi0wYpyA736dQELeM5iPLvGDXBosEWg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 05:04:17 GMT
age: 19716
etag: "ae2c476667f63c7f642f0d9f4d0bc0d846b0ef57"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7511 bytes)
Hash
9e520f87cae411cfc2ed1c8a14184385
69ad212cb7ae309d4f02019552887135bfae67da
723b10bfbcde201b5811e3bd0560f02f90775e4d18b28d19e6c814899f2da71a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7511
x-amzn-requestid: 995b51dd-5484-4b4c-ad40-550f7fd85930
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO6uG70IAMFjBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df844-70f17f6f24dce0003d03902a;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:33:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: BddSUzh-PKiFmfw2p9gPW-B0qtrXWxCXfee29Pk-wLqN7RO21Yic6g==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 f7283f3fe2c258cf54f8b7d3dd272e0e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:37:06 GMT
age: 46547
etag: "69ad212cb7ae309d4f02019552887135bfae67da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

static.wellsfargo.com/tracking/main/utag.319.js?utv=ut4.48.202209142209

159.45.2.178

200 OK

2.6 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.319.js?utv=ut4.48.202209142209
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (2571)
Size
2.6 kB (2613 bytes)
Hash
270dd8154d461df44b468039bd358e3d
75cfff528bf6a5b8cf3f2b186c06bf3facb78538
591ddca6ea1ce23bccb267ca1e5fc99ce9c4a463361905e8dc2ff7d544710c0b

HTTP Headers

GET /tracking/main/utag.319.js?utv=ut4.48.202209142209 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:32:53 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 22 Sep 2022 20:06:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"632cc04d-1b84"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fac259b-7a22-4aa2-ba3f-682cb749091c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11080 bytes)
Hash
2277f8f2d93b4bc3b05d348343177892
531d9e4ec9078cd2d7376a19fcb287084af36c82
62907648de4a2ed390232a71ab7dce49f1e9c3363cde6a2f30ecae10ab67f93a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fac259b-7a22-4aa2-ba3f-682cb749091c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11080
x-amzn-requestid: 8fa4d19d-87a5-46c5-96c5-4aec793daad9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO7xE5eoAMFQLw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df84b-5c422c7a168c014f57559037;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:34:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: LySueW1si-yWLwecUILV1s57IEV2FdcQ9_pH1Aoe4AYISi7QXXfd3A==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:39:28 GMT
age: 46405
etag: "531d9e4ec9078cd2d7376a19fcb287084af36c82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

cdn.schemaapp.com/highlighter/prod/WellsFargo/aHR0cDovL21haWwueml0aWMuZHVja2Rucy5vcmc

54.230.111.100

200 OK

0 B

URL HTTP/2
cdn.schemaapp.com/highlighter/prod/WellsFargo/aHR0cDovL21haWwueml0aWMuZHVja2Rucy5vcmc
IP
54.230.111.100:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /highlighter/prod/WellsFargo/aHR0cDovL21haWwueml0aWMuZHVja2Rucy5vcmc HTTP/1.1
Host: cdn.schemaapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-account-id,x-api-key
Referer: http://mail.zitic.duckdns.org/
Origin: http://mail.zitic.duckdns.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
TE: trailers

HTTP/2 200 OK
content-length: 0
date: Thu, 06 Oct 2022 10:32:54 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-headers: x-account-id, x-api-key
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: HJ0NgeZ7M0Xy8GECx-Lp0gsKjmfembj4xabTJVTEdgdksBSwa9K9gA==
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
da760bd41ef8ff9370254bfa22f58538
d2913d670acf488ba2460758095e8238c1d47966
92af768a29358479e72788fbbb20cfd27aad26588b07a3218968710da11a2d37

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:32:53 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2022 13:42:54 GMT
Expires: Wed, 12 Oct 2022 13:42:53 GMT
Etag: "d2913d670acf488ba2460758095e8238c1d47966"
Cache-Control: max-age=529199,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 755dbc55cd5bb4f9-OSL

static.wellsfargo.com/tracking/main/utag.117.js?utv=ut4.48.202112070053

159.45.2.178

200 OK

1.5 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.117.js?utv=ut4.48.202112070053
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (8097)
Size
1.5 kB (1541 bytes)
Hash
98ea64d15274eed87401b2a479775049
54835f985edf79c1911926f35a454eed5462d672
ca6044266cd44788cd4fa4910c8bcae5bef1bc1c213eafb436c00cea0db2c79b

HTTP Headers

GET /tracking/main/utag.117.js?utv=ut4.48.202112070053 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:32:53 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 18 Feb 2021 22:15:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"602ee6f8-2166"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/tracking/main/utag.328.js?utv=ut4.48.202207272202

159.45.2.178

200 OK

2.2 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.328.js?utv=ut4.48.202207272202
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (15058)
Size
2.2 kB (2248 bytes)
Hash
420683ca7854e6bef9d5433124c6040e
aad1b9f71f2c30deee478658bb6e453c2c7f3a5a
8851d5126d7413e67465c2cb8bc2adaba4dd4b39deac58a33c9dc2e4d53f8268

HTTP Headers

GET /tracking/main/utag.328.js?utv=ut4.48.202207272202 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:32:53 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 28 Jul 2022 20:08:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62e2eca5-413e"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/tracking/main/utag.129.js?utv=ut4.48.202207272202

159.45.2.178

200 OK

2.0 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.129.js?utv=ut4.48.202207272202
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (14899)
Size
2.0 kB (2012 bytes)
Hash
3955ea8eef1163d5a03b223080bb369b
afdc4ffc48f5b5454bec0d211d81bf5a29a88300
773e4bda27c4b159fa2f2ddfc6b0a940fe149e1b2d6e9d68af4798d80f453b94

HTTP Headers

GET /tracking/main/utag.129.js?utv=ut4.48.202207272202 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:32:53 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 28 Jul 2022 20:08:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62e2eca7-3bf8"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/tracking/main/utag.166.js?utv=ut4.48.202208100004

159.45.2.178

200 OK

2.6 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.166.js?utv=ut4.48.202208100004
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (13150), with CRLF line terminators
Size
2.6 kB (2600 bytes)
Hash
af5ecbbfa71cf9fb1890a16293a849ea
7c3917f40470f704d11d8410be7e975af7f180b0
2e134150a5652a1405756a04815f3cb049d3aac6dd8cc9be842a3455dda567ea

HTTP Headers

GET /tracking/main/utag.166.js?utv=ut4.48.202208100004 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:32:53 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 11 Aug 2022 20:02:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62f56058-39d1"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

cdn.schemaapp.com/javascript/highlight.js

54.230.111.100

200 OK

15 kB

URL HTTP/2
cdn.schemaapp.com/javascript/highlight.js
IP
54.230.111.100:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (32892), with CRLF line terminators
Size
15 kB (14642 bytes)
Hash
b23b02962232869e2f3c4cf5e2575086
78342e3ddae0d530e59dad5ef50f923155bd9bc1
315ba39dacafab1d87fd3791661c9741c3de848d2f36ee523df3a41b8d986634

HTTP Headers

GET /javascript/highlight.js HTTP/1.1
Host: cdn.schemaapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
date: Thu, 29 Sep 2022 17:49:18 GMT
x-amz-replication-status: COMPLETED
last-modified: Tue, 13 Sep 2022 13:00:40 GMT
etag: W/"a75cfd2d41ac714329a4fc6895bb082d"
x-amz-server-side-encryption: AES256
cache-control: max-age=699840
x-amz-version-id: yuc1pGbDhqDdI_gLgLi7faeJw6LKcbDu
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sVi--I_UFmat5sp8a-CrRD4aVgbcz0bA9R9qkyMXbnesin8-2r6tdw==
age: 578616
X-Firefox-Spdy: h2

static.wellsfargo.com/tracking/main/utag.225.js?utv=ut4.48.202208301942

159.45.2.178

200 OK

2.0 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.225.js?utv=ut4.48.202208301942
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (14389), with CRLF line terminators
Size
2.0 kB (2028 bytes)
Hash
0a1f28ee2d9f4400d8cf7b2084cd75ef
881c3d612b62db99ee20be8dc123976041a99ae8
d0212788e34ae02ba53fcf465c24b34daaa894ea8194255d7c75fbbb1d6e7561

HTTP Headers

GET /tracking/main/utag.225.js?utv=ut4.48.202208301942 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:32:53 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 11 Aug 2022 20:02:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62f56054-3ea8"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/tracking/main/utag.379.js?utv=ut4.48.202207272202

159.45.2.178

200 OK

1.1 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.379.js?utv=ut4.48.202207272202
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (1071)
Size
1.1 kB (1132 bytes)
Hash
be33c3150315d92aaae2dd3f471f7e4e
e8807f0617c3f06b238aec8ebcf93ab846e619af
15ee0686aeb15b05f562cd16166152540f132425c01ed5268d70a53d8a81cb7a

HTTP Headers

GET /tracking/main/utag.379.js?utv=ut4.48.202207272202 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:32:53 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 28 Jul 2022 20:08:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62e2eca5-86e"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/tracking/main/utag.381.js?utv=ut4.48.202209121603

159.45.2.178

200 OK

8.9 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.381.js?utv=ut4.48.202209121603
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (53448)
Size
8.9 kB (8905 bytes)
Hash
fa32a86db1201fd16a1ffad9bd9f7227
d03c84e85b4ecdfb12c65ad199d2ea35a4218fd7
6f152dcff72a37369ae8eac535bc29ed8ff4575fc220b9362535a1c5c1ab0ee9

HTTP Headers

GET /tracking/main/utag.381.js?utv=ut4.48.202209121603 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:32:53 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 15 Sep 2022 20:12:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6323871b-16edd"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/tracking/main/utag.384.js?utv=ut4.48.202208101746

159.45.2.178

200 OK

4.5 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.384.js?utv=ut4.48.202208101746
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (20219), with CRLF line terminators
Size
4.5 kB (4498 bytes)
Hash
4c0349dd734ccb6d8e8e7623b1f7ae6d
b7b4c964104051333ba40303abf04653021319e7
78cb0c0a2e99cba235f7f99b436f3175f27f45872905afaffbae7a278c53e09b

HTTP Headers

GET /tracking/main/utag.384.js?utv=ut4.48.202208101746 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:32:53 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 11 Aug 2022 20:02:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62f56055-74c7"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/tracking/main/utag.396.js?utv=ut4.48.202209192333

159.45.2.178

200 OK

1.6 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.396.js?utv=ut4.48.202209192333
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (6813), with CRLF line terminators
Size
1.6 kB (1628 bytes)
Hash
b0eaf99033dacb91df01cca9f18c5efd
c36cef3a700b34b9d1298bf2c93e396b95a27222
916f35f839cc40c2eccad5d01538ed4adb46de9d51e9b95bdb9dd3598a3c8d0f

HTTP Headers

GET /tracking/main/utag.396.js?utv=ut4.48.202209192333 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:32:53 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 22 Sep 2022 20:06:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"632cc033-2110"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/tracking/main/utag.431.js?utv=ut4.48.202107202150

159.45.2.178

200 OK

1.3 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.431.js?utv=ut4.48.202107202150
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (1071)
Size
1.3 kB (1302 bytes)
Hash
6b1893e708596451fe24ba0542af6968
64f6d916c0fa5d4ed53d7af241edc228403f7733
d02ba9b5bff6d6dd10c51121cfa90bee0a178af4fd5bc5b7d2401e4717c2fbc0

HTTP Headers

GET /tracking/main/utag.431.js?utv=ut4.48.202107202150 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:32:53 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 29 Jul 2021 21:00:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"610316f8-9eb"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/tracking/main/utag.397.js?utv=ut4.48.202209192301

159.45.2.178

200 OK

1.8 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.397.js?utv=ut4.48.202209192301
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (8790), with CRLF line terminators
Size
1.8 kB (1799 bytes)
Hash
83ec4867fa7d7a18fe8379520ca7c873
549c4bc01430a3a6aeddf8e235438bcd19d4d40a
88bb418f969436f16382dca8ded387c0513dda2648a6e11f61ff338e28d16f35

HTTP Headers

GET /tracking/main/utag.397.js?utv=ut4.48.202209192301 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:32:53 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 22 Sep 2022 20:06:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"632cc032-28c9"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/tracking/main/utag.403.js?utv=ut4.48.202104051735

159.45.2.178

200 OK

1.3 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.403.js?utv=ut4.48.202104051735
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (1071)
Size
1.3 kB (1298 bytes)
Hash
d9e09275c6f22e92f2ba7f907f9d1c31
712ff938b4ae788338fa1d926af874b7fbe7ab58
15c605e2b2babb99517d3b0f36ef52191d80d7a448b0089d0f254ac52559d217

HTTP Headers

GET /tracking/main/utag.403.js?utv=ut4.48.202104051735 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:32:53 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 15 Apr 2021 21:15:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6078ace7-a3a"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/tracking/main/utag.413.js?utv=ut4.48.202207272202

159.45.2.178

200 OK

1.4 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.413.js?utv=ut4.48.202207272202
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (1317)
Size
1.4 kB (1352 bytes)
Hash
7d2d9e509acf171d299a8fd31ef8ca0d
64cd01f823e796aa972ba0bd3349b21847dee603
c47666bd3cde639619863664b81db5e312723c4e87287993b4ebb1f12af0733c

HTTP Headers

GET /tracking/main/utag.413.js?utv=ut4.48.202207272202 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:32:53 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 28 Jul 2022 20:08:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62e2eca1-b91"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/tracking/main/utag.471.js?utv=ut4.48.202209271731

159.45.2.178

200 OK

2.5 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.471.js?utv=ut4.48.202209271731
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (995)
Size
2.5 kB (2457 bytes)
Hash
5245bcf67d3ef6caa0e9c2185d20c08a
aa2ad19ae558fe7f58b3770873c8683ce91fba4c
343bc115dd405111bb74587ffb571d9c0f7fe4c9da381b88109998c2c7cf5f48

HTTP Headers

GET /tracking/main/utag.471.js?utv=ut4.48.202209271731 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:32:53 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 04 Oct 2022 20:01:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"633c9122-19fb"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/tracking/main/utag.505.js?utv=ut4.48.202209131956

159.45.2.178

200 OK

2.8 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/main/utag.505.js?utv=ut4.48.202209131956
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (1430)
Size
2.8 kB (2760 bytes)
Hash
b2e03f6d954a4357a7268c29f963c4f0
33e8f489c2444aa2ac08b82d692c995836020fcf
7ed82ca71abf90288110fed75cb12480d77721dca21fc258f21d3e6536df8db8

HTTP Headers

GET /tracking/main/utag.505.js?utv=ut4.48.202209131956 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:32:53 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 15 Sep 2022 20:12:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6323871b-197d"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

cdn.schemaapp.com/highlighter/prod/WellsFargo/aHR0cDovL21haWwueml0aWMuZHVja2Rucy5vcmc

54.230.111.100

200 OK

2 B

URL HTTP/2
cdn.schemaapp.com/highlighter/prod/WellsFargo/aHR0cDovL21haWwueml0aWMuZHVja2Rucy5vcmc
IP
54.230.111.100:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

HTTP Headers

GET /highlighter/prod/WellsFargo/aHR0cDovL21haWwueml0aWMuZHVja2Rucy5vcmc HTTP/1.1
Host: cdn.schemaapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://mail.zitic.duckdns.org/
x-account-id: WellsFargo
x-api-key: XPJKP-GI7DG-FVNWZ-45W51
Origin: http://mail.zitic.duckdns.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/json
content-length: 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
last-modified: Tue, 11 Dec 2018 16:01:38 GMT
x-amz-version-id: 4FsmemwQuur.Z0jxvea6XGJagB0M87fi
accept-ranges: bytes
server: AmazonS3
date: Thu, 06 Oct 2022 10:11:08 GMT
etag: "99914b932bd37a50b983c5e7c90ae93b"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Error from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Y-gEklvol4rW2zBBRd56_Wg4kWQ-V0EZ2pqj3iCPclQprHxmFSAZhw==
age: 2138
X-Firefox-Spdy: h2

static.wellsfargo.com/tracking/medallia/wdcusprem/57907/onsite/medallia-digital-embed.js

159.45.2.178

200 OK

961 B

URL HTTP/1.1
static.wellsfargo.com/tracking/medallia/wdcusprem/57907/onsite/medallia-digital-embed.js
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (577)
Size
961 B (961 bytes)
Hash
fdb41e651caf483e7aef91805f810c24
91fc1ceef8d8466f20133e680e77b4dc6de9e8f4
ffd6d341df741ab75634dc5345d0bb8b489fb84de377ef4c2445c4e355fc9cc3

HTTP Headers

GET /tracking/medallia/wdcusprem/57907/onsite/medallia-digital-embed.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:32:53 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 28 Apr 2022 00:53:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6269e590-96c"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/tracking/alloy/alloy.js

159.45.2.178

200 OK

25 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/alloy/alloy.js
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
Unicode text, UTF-8 text, with very long lines (65505)
Size
25 kB (24609 bytes)
Hash
9a021c3b9dea16b9bedb216b6b195cdd
f767ed7dba6d08b08ffc5b35fb0468eb00c66a25
54b94b3b7c4900d7012f824d21f9fa94928055f6cae6c59c23d88a10eaa79e95

HTTP Headers

GET /tracking/alloy/alloy.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:32:53 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 25 Aug 2022 20:01:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6307d531-12d93"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
cd4b79bba0fd50aa52ce7651c802a4c2
f2c9a468baeee591930a52768f69d03b32a6f9d9
895dd9332f266d5e1fd15b2ad883fe80d0fdfbd4fe61e85942b2785da969fd90

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6118
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 10:32:54 GMT
Last-Modified: Thu, 06 Oct 2022 08:50:56 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471

static.wellsfargo.com/tracking/gb/detector-dom.min.js

159.45.2.178

200 OK

132 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/gb/detector-dom.min.js
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (65434)
Size
132 kB (131829 bytes)
Hash
73ad7a8f8ccda765b898b038f90d8274
756ac35ad2422d93a0b327dfeff7fe9200695883
60ccc38cf175aba7cbe63bf1ec6319b5c1648d9a52014dfefa6ec718476a17b7

HTTP Headers

GET /tracking/gb/detector-dom.min.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:32:53 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 22 Sep 2022 20:03:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"632cbfa4-6b8d3"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

static.wellsfargo.com/tracking/medallia/wdcusprem/57907/onsite/generic1649789670809.js

159.45.2.178

200 OK

82 kB

URL HTTP/1.1
static.wellsfargo.com/tracking/medallia/wdcusprem/57907/onsite/generic1649789670809.js
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
Unicode text, UTF-8 text, with very long lines (11631)
Size
82 kB (81476 bytes)
Hash
94d4aed186bc1e91168480ab7abe9623
086e008f5989cfd43dbb39a4506013a3e458319b
f8b0db24893cab8e4a951ea60ac3c65b7803b9ca558ca7527df58d534d8d8b08

HTTP Headers

GET /tracking/medallia/wdcusprem/57907/onsite/generic1649789670809.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:32:54 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 28 Apr 2022 00:53:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6269e590-57c18"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip

rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=775ccb30-7f6a-46f9-b999-987fad1af42c%3A0&_cls_v=3acff16c-3cb7-427e-80e1-b63cd0e5935f&pv=2&f_cls_s=true

23.36.79.9

200 OK

76 B

URL HTTP/1.1
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=775ccb30-7f6a-46f9-b999-987fad1af42c%3A0&_cls_v=3acff16c-3cb7-427e-80e1-b63cd0e5935f&pv=2&f_cls_s=true
IP
23.36.79.9:0
ASN
#20940 Akamai International B.V.

File type
JSON data\012- , ASCII text, with no line terminators
Size
76 B (76 bytes)
Hash
aedeef4b6d942ced4e321a01ba86845a
36e751c734fa129bfb9bafe0ad471b2fc1877130
8298b5cebea104f9e795351ddae6bb1d8f3bd63be9ed70b2c0d02d4b325cd28d

HTTP Headers

GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=775ccb30-7f6a-46f9-b999-987fad1af42c%3A0&_cls_v=3acff16c-3cb7-427e-80e1-b63cd0e5935f&pv=2&f_cls_s=true HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://mail.zitic.duckdns.org
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://mail.zitic.duckdns.org
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 76
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: origin, Accept-Encoding
Date: Thu, 06 Oct 2022 10:32:54 GMT
Connection: keep-alive
Set-Cookie: _cls_v=3acff16c-3cb7-427e-80e1-b63cd0e5935f; Secure; SameSite=None;HttpOnly;Secure
_cls_s=775ccb30-7f6a-46f9-b999-987fad1af42c:0; Secure; SameSite=None;HttpOnly;Secure
ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!RuR8zp+9cevoyRHjbMKMZ0gdoDa2efgW9m+m2Sc2ijzXobzrNIyonf+lXctyug1yYyYO0YIvGBP9rNM=; path=/; Httponly; Secure
DCID=t27xVhlueP4D56JEz9sJHyJKk+co09ae0cCt8lHj9Gc%3d; Domain=rubicon.wellsfargo.com; Path=/; Expires=Thu, 06 Oct 2022 10:47:54 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains

resources.digital-cloud-prem.medallia.com/wdcusprem/57907/onsite/onsiteData.json

151.101.85.230

200 OK

1.5 kB

URL HTTP/2
resources.digital-cloud-prem.medallia.com/wdcusprem/57907/onsite/onsiteData.json
IP
151.101.85.230:0
ASN
#54113 FASTLY

File type
JSON data\012- , ASCII text, with very long lines (2056)
Size
1.5 kB (1456 bytes)
Hash
c9e0528f64d1e24fbfea3ed57c48a781
5c68095e947a74761541c7e78517e5ec7da48f99
edbcc863269fbfbc0aa044b7a54a4c06538f254869b87c25ab24628a40a97560

HTTP Headers

GET /wdcusprem/57907/onsite/onsiteData.json HTTP/1.1
Host: resources.digital-cloud-prem.medallia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://mail.zitic.duckdns.org
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: uxyB8aCGqOqiMLhWek+ms91byROlBpG+9oq5B0LY6ylUg7kYIVfv07w3RqBrNKkmulBF4oq8yuo=
x-amz-request-id: 6Q220M36ZA4Q7HGT
last-modified: Mon, 29 Aug 2022 14:36:24 GMT
etag: "4dd8128146b81339a1aabe91b5ddbafa"
x-amz-version-id: h0XCleBJUwMzYgUwLc_VpXobL_hX1j6f
content-type: application/json
server: AmazonS3
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
access-control-allow-origin: *
cache-control: max-age=0,must-revalidate
accept-ranges: bytes
date: Thu, 06 Oct 2022 10:32:54 GMT
age: 1083519
x-served-by: cache-pao12023-PAO, cache-bma1622-BMA
x-cache: HIT, HIT
x-cache-hits: 193, 9
x-timer: S1665052375.721268,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=31557600
content-length: 1456
X-Firefox-Spdy: h2

edge.adobedc.net/ee/irl1/v1/interact?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=0ea75f4a-2fac-451b-a75a-d0e56d449fbf

13.36.218.177

200 OK

292 B

URL HTTP/2
edge.adobedc.net/ee/irl1/v1/interact?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=0ea75f4a-2fac-451b-a75a-d0e56d449fbf
IP
13.36.218.177:0
ASN
#16509 AMAZON-02

File type
data
Size
292 B (292 bytes)
Hash
569a35257fe7142480038152c59190f1
c4be06d248eb34679d47b63b608519287af9e627
c497cb52ae996c73382d975ebf6102ec04a48e89beb984a1d14a581c4990dcd0

HTTP Headers

POST /ee/irl1/v1/interact?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=0ea75f4a-2fac-451b-a75a-d0e56d449fbf HTTP/1.1
Host: edge.adobedc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://mail.zitic.duckdns.org/
Content-Type: text/plain; charset=UTF-8
Origin: http://mail.zitic.duckdns.org
Content-Length: 3939
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-request-id: 0ea75f4a-2fac-451b-a75a-d0e56d449fbf
x-rate-limit-remaining: 599
vary: Origin
access-control-allow-origin: http://mail.zitic.duckdns.org
access-control-allow-credentials: true
access-control-expose-headers: Retry-After, X-Adobe-Edge, X-Request-ID
date: Thu, 06 Oct 2022 10:32:53 GMT
x-konductor: 22.10.1:d2d3a42e
x-adobe-edge: IRL1;6
server: jag
content-encoding: deflate
content-type: application/json;charset=utf-8
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js

159.45.2.178

200 OK

14 kB

URL HTTP/1.1
static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (32088), with CRLF line terminators
Size
14 kB (14304 bytes)
Hash
3aebe41731e9656c48b87e8e8b2d1177
43369d1732f4ad8a5e7a1e9a3e133d96945afe02
6cf0cd136cefa8b4cce2da6ead22c33b83af4af3e87d7e4e9589b60f6ce4e395

HTTP Headers

GET /assets/js/wfui/appdynamics/adrum-ext.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:32:54 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 09 Mar 2021 18:36:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6047c047-b11c"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip

udc-neb.kampyle.com/v1/qceuv8449dzg58ptt1bhda9g8ue19c7s/track

35.241.45.82

200 OK

59 B

URL HTTP/1.1
udc-neb.kampyle.com/v1/qceuv8449dzg58ptt1bhda9g8ue19c7s/track
IP
35.241.45.82:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
59 B (59 bytes)
Hash
0ab969c512ad71613832d03710eadde2
f64271cfa7e4b386fed80e18a958a90ffd1e3893
cbc1399b82e42018fbc8b8b9277200665d6367c9134ead9308ea5e568b00e459

HTTP Headers

POST /v1/qceuv8449dzg58ptt1bhda9g8ue19c7s/track HTTP/1.1
Host: udc-neb.kampyle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-type: application/x-www-form-urlencoded
Content-Length: 2038
Origin: http://mail.zitic.duckdns.org
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:32:54 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://mail.zitic.duckdns.org
Access-Control-Allow-Methods: GET, POST, PUT, DELETE
Access-Control-Allow-Headers: X-Requested-With, Origin, Content-Type, Accept
Access-Control-Max-Age: 1800
X-ME: prod-instance-gatewayservice-blue-3s2n
X-Application-Context: application:9090
Content-Type: text/plain;charset=ISO-8859-1
Content-Length: 59
Server: Jetty(9.2.11.v20150529)
Via: 1.1 google

udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInBhZ2VfdGl0bGUiOiAiQXBwIGRlIFdlbGxzIEZhcmdvIHBhcmEgZGlzcG9zaXRpdm9zIEFwcGxlIHkgQW5kcm9pZCB8IFdlbGxzIEZhcmdvIiwicGFnZV91cmwiOiAiaHR0cDovL21haWwueml0aWMuZHVja2Rucy5vcmcvdi93d3cud2VsbHNmYXJnby5jb20vZXMvbW9iaWxlL2FwcHMvaW5kZXguaHRtbCIsInRyYWNrZXJfdHlwZSI6ICJqYXZhc2NyaXB0IiwidHJhY2tlcl92ZXJzaW9uIjogIjIuMi4yMCIsImV2ZW50X25hbWUiOiAibmVidWxhX3BhZ2VfdmlldyIsImV2ZW50X3RpbWVzdGFtcF9lcG9jaCI6ICIxNjY1MDUyMzc0NzU0IiwiZXZlbnRfdGltZXpvbmVfb2Zmc2V0IjogMCwidXNlcl9pZCI6ICIxODNhY2FjMzFkYjM5My0wNjkxNTQwODhiNDQwNDgtMzA2ZDQ2NGEtMTQwMDAwLTE4M2FjYWMzMWRjMjEzIiwiZW52aXJvbWVudCI6ICJkaWdpdGFsLWNsb3VkLXVzLXByZW0iLCJhY2NvdW50SWQiOiA1NzkwNSwidXJsIjogImh0dHA6Ly9tYWlsLnppdGljLmR1Y2tkbnMub3JnL3Yvd3d3LndlbGxzZmFyZ28uY29tL2VzL21vYmlsZS9hcHBzL2luZGV4Lmh0bWwiLCJ3ZWJzaXRlSWQiOiA1NzkwNywiZm9ybUlkIjogbnVsbCwiZm9ybVRyaWdnZXJUeXBlIjogbnVsbCwia2FtcHlsZV9kYXRhIjogeyJMQVNUX0lOVklUQVRJT05fVklFVyI6ICIiLCJERUNMSU5FRF9EQVRFIjogIiIsImthbXB5bGVJbnZpdGVQcmVzZW50ZWQiOiAiIiwia2FtcHlsZV91c2VyaWQiOiAiNmZiOS0yZGRiLTk3ZWQtYjg4Yy1mNDA2LTc3NmEtZGI3ZC1hNmMzIiwia2FtcHlsZVVzZXJTZXNzaW9uIjogIjE2NjUwNTIzNzQ3NTMiLCJrYW1weWxlVXNlclBlcmNlbnRpbGUiOiAiIiwiU1VCTUlUVEVEX0RBVEUiOiAiIn0sImNvb2tpZV9zaXplIjogNjkyLCJrYW1weWxlX3ZlcnNpb24iOiAiMi40MS4wIiwib25zaXRlX3ZlcnNpb24iOiAiMi40MS4wIiwiaGlzdG9yeV9sZW5ndGgiOiAxLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNjY1MDUyMzc0NzU0LCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZSwicGFja2FnZVZlcnNpb24iOiAiMi40MS4xXzIwMjIwNDEyMTg1NDMwIn0KXX0=

35.241.45.82

200 OK

0 B

URL HTTP/1.1
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInBhZ2VfdGl0bGUiOiAiQXBwIGRlIFdlbGxzIEZhcmdvIHBhcmEgZGlzcG9zaXRpdm9zIEFwcGxlIHkgQW5kcm9pZCB8IFdlbGxzIEZhcmdvIiwicGFnZV91cmwiOiAiaHR0cDovL21haWwueml0aWMuZHVja2Rucy5vcmcvdi93d3cud2VsbHNmYXJnby5jb20vZXMvbW9iaWxlL2FwcHMvaW5kZXguaHRtbCIsInRyYWNrZXJfdHlwZSI6ICJqYXZhc2NyaXB0IiwidHJhY2tlcl92ZXJzaW9uIjogIjIuMi4yMCIsImV2ZW50X25hbWUiOiAibmVidWxhX3BhZ2VfdmlldyIsImV2ZW50X3RpbWVzdGFtcF9lcG9jaCI6ICIxNjY1MDUyMzc0NzU0IiwiZXZlbnRfdGltZXpvbmVfb2Zmc2V0IjogMCwidXNlcl9pZCI6ICIxODNhY2FjMzFkYjM5My0wNjkxNTQwODhiNDQwNDgtMzA2ZDQ2NGEtMTQwMDAwLTE4M2FjYWMzMWRjMjEzIiwiZW52aXJvbWVudCI6ICJkaWdpdGFsLWNsb3VkLXVzLXByZW0iLCJhY2NvdW50SWQiOiA1NzkwNSwidXJsIjogImh0dHA6Ly9tYWlsLnppdGljLmR1Y2tkbnMub3JnL3Yvd3d3LndlbGxzZmFyZ28uY29tL2VzL21vYmlsZS9hcHBzL2luZGV4Lmh0bWwiLCJ3ZWJzaXRlSWQiOiA1NzkwNywiZm9ybUlkIjogbnVsbCwiZm9ybVRyaWdnZXJUeXBlIjogbnVsbCwia2FtcHlsZV9kYXRhIjogeyJMQVNUX0lOVklUQVRJT05fVklFVyI6ICIiLCJERUNMSU5FRF9EQVRFIjogIiIsImthbXB5bGVJbnZpdGVQcmVzZW50ZWQiOiAiIiwia2FtcHlsZV91c2VyaWQiOiAiNmZiOS0yZGRiLTk3ZWQtYjg4Yy1mNDA2LTc3NmEtZGI3ZC1hNmMzIiwia2FtcHlsZVVzZXJTZXNzaW9uIjogIjE2NjUwNTIzNzQ3NTMiLCJrYW1weWxlVXNlclBlcmNlbnRpbGUiOiAiIiwiU1VCTUlUVEVEX0RBVEUiOiAiIn0sImNvb2tpZV9zaXplIjogNjkyLCJrYW1weWxlX3ZlcnNpb24iOiAiMi40MS4wIiwib25zaXRlX3ZlcnNpb24iOiAiMi40MS4wIiwiaGlzdG9yeV9sZW5ndGgiOiAxLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNjY1MDUyMzc0NzU0LCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZSwicGFja2FnZVZlcnNpb24iOiAiMi40MS4xXzIwMjIwNDEyMTg1NDMwIn0KXX0=
IP
35.241.45.82:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInBhZ2VfdGl0bGUiOiAiQXBwIGRlIFdlbGxzIEZhcmdvIHBhcmEgZGlzcG9zaXRpdm9zIEFwcGxlIHkgQW5kcm9pZCB8IFdlbGxzIEZhcmdvIiwicGFnZV91cmwiOiAiaHR0cDovL21haWwueml0aWMuZHVja2Rucy5vcmcvdi93d3cud2VsbHNmYXJnby5jb20vZXMvbW9iaWxlL2FwcHMvaW5kZXguaHRtbCIsInRyYWNrZXJfdHlwZSI6ICJqYXZhc2NyaXB0IiwidHJhY2tlcl92ZXJzaW9uIjogIjIuMi4yMCIsImV2ZW50X25hbWUiOiAibmVidWxhX3BhZ2VfdmlldyIsImV2ZW50X3RpbWVzdGFtcF9lcG9jaCI6ICIxNjY1MDUyMzc0NzU0IiwiZXZlbnRfdGltZXpvbmVfb2Zmc2V0IjogMCwidXNlcl9pZCI6ICIxODNhY2FjMzFkYjM5My0wNjkxNTQwODhiNDQwNDgtMzA2ZDQ2NGEtMTQwMDAwLTE4M2FjYWMzMWRjMjEzIiwiZW52aXJvbWVudCI6ICJkaWdpdGFsLWNsb3VkLXVzLXByZW0iLCJhY2NvdW50SWQiOiA1NzkwNSwidXJsIjogImh0dHA6Ly9tYWlsLnppdGljLmR1Y2tkbnMub3JnL3Yvd3d3LndlbGxzZmFyZ28uY29tL2VzL21vYmlsZS9hcHBzL2luZGV4Lmh0bWwiLCJ3ZWJzaXRlSWQiOiA1NzkwNywiZm9ybUlkIjogbnVsbCwiZm9ybVRyaWdnZXJUeXBlIjogbnVsbCwia2FtcHlsZV9kYXRhIjogeyJMQVNUX0lOVklUQVRJT05fVklFVyI6ICIiLCJERUNMSU5FRF9EQVRFIjogIiIsImthbXB5bGVJbnZpdGVQcmVzZW50ZWQiOiAiIiwia2FtcHlsZV91c2VyaWQiOiAiNmZiOS0yZGRiLTk3ZWQtYjg4Yy1mNDA2LTc3NmEtZGI3ZC1hNmMzIiwia2FtcHlsZVVzZXJTZXNzaW9uIjogIjE2NjUwNTIzNzQ3NTMiLCJrYW1weWxlVXNlclBlcmNlbnRpbGUiOiAiIiwiU1VCTUlUVEVEX0RBVEUiOiAiIn0sImNvb2tpZV9zaXplIjogNjkyLCJrYW1weWxlX3ZlcnNpb24iOiAiMi40MS4wIiwib25zaXRlX3ZlcnNpb24iOiAiMi40MS4wIiwiaGlzdG9yeV9sZW5ndGgiOiAxLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNjY1MDUyMzc0NzU0LCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZSwicGFja2FnZVZlcnNpb24iOiAiMi40MS4xXzIwMjIwNDEyMTg1NDMwIn0KXX0= HTTP/1.1
Host: udc-neb.kampyle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:32:54 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PUT, DELETE
Access-Control-Allow-Headers: X-Requested-With, Origin, Content-Type, Accept
Access-Control-Max-Age: 1800
X-ME: prod-instance-gatewayservice-blue-sj3q
X-Application-Context: application:9090
Content-Type: image/gif; charset=UTF-8
Content-Length: 0
Server: Jetty(9.2.11.v20150529)
Via: 1.1 google

static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js

159.45.2.178

200 OK

16 kB

URL HTTP/1.1
static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js
IP
159.45.2.178:0
ASN
#10837 WELLSFARGO-10837

File type
ASCII text, with very long lines (599)
Size
16 kB (15970 bytes)
Hash
18a9dcc7cee831010cf1647c8e39088a
731f39c30835414c6e165dd4687bf4071fe0eb10
1dc439a17ef08f995584c4869ccc397120b2502b57ba40240887df28e347be9b

HTTP Headers

GET /assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 10:32:54 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 03 Mar 2021 23:46:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60401fd0-bbed"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip

connect.secure.wellsfargo.com/dti_apg/api/dc/sed-wellsfargo-9de6abb8?key=AIzaSyDsCAtzgd6ckzbiXwzmWMJoC0UPQEu9QhA

159.45.170.156

200 OK

175 B

URL HTTP/1.1
connect.secure.wellsfargo.com/dti_apg/api/dc/sed-wellsfargo-9de6abb8?key=AIzaSyDsCAtzgd6ckzbiXwzmWMJoC0UPQEu9QhA
IP
159.45.170.156:0
ASN
#10837 WELLSFARGO-10837

File type
JSON data\012- , ASCII text, with no line terminators
Size
175 B (175 bytes)
Hash
bd659b0677f9fbe2cafdda7a72caed7f
7a2f0cacac7906e1730ba431fc3f5a0e83652f20
5d6bf357fd2a4d43f2c3b8a6e856edb9c062e2d1db17cebfd3dda5a3f95aad41

HTTP Headers

POST /dti_apg/api/dc/sed-wellsfargo-9de6abb8?key=AIzaSyDsCAtzgd6ckzbiXwzmWMJoC0UPQEu9QhA HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/plain,*/*;q=0.9
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://mail.zitic.duckdns.org/
Content-Type: multipart/form-data; boundary=---------------------------1824921916409072321690582378
Origin: http://mail.zitic.duckdns.org
Content-Length: 167
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
server: KONICHIWA/1.1
date: Thu, 06 Oct 2022 10:32:55 GMT
content-type: text/html; charset=utf-8
content-length: 175
access-control-allow-origin: http://mail.zitic.duckdns.org
vary: Origin, Accept-Encoding
x-envoy-decorator-operation: ingress DeviceCategoryPost4
Via: 1.1 google
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly

connect.secure.wellsfargo.com/dti_apg/api/dip/v1/dip

159.45.170.156

200 OK

206 B

URL HTTP/1.1
connect.secure.wellsfargo.com/dti_apg/api/dip/v1/dip
IP
159.45.170.156:0
ASN
#10837 WELLSFARGO-10837

File type
JSON data\012- , ASCII text, with no line terminators
Size
206 B (206 bytes)
Hash
900032d57fcea1d2ddc57cfdaf2dae60
73d4797391270dffefead923e3a4f04a774c91a3
39758675718e510a77fa6c9acbff47057c925ebfdd369c5b8e01233f25b59c83

HTTP Headers

POST /dti_apg/api/dip/v1/dip HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 2008
Origin: http://mail.zitic.duckdns.org
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
server: KONICHIWA/1.1
date: Thu, 06 Oct 2022 10:32:55 GMT
content-type: text/html; charset=utf-8
content-length: 206
access-control-allow-origin: http://mail.zitic.duckdns.org
vary: Origin, Accept-Encoding
x-envoy-upstream-service-time: 73
Via: 1.1 google
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
9f9550b4cc5b1f340bca768bcb13d029
7303e5a8e538c87ac031f96626e7ed6044a0e3d5
f02de708407cbfb3f6baa04e1171103a886e53d0f7fef119b64dc4c6c8b302f0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5114
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 10:32:55 GMT
Last-Modified: Thu, 06 Oct 2022 09:07:41 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
9f9550b4cc5b1f340bca768bcb13d029
7303e5a8e538c87ac031f96626e7ed6044a0e3d5
f02de708407cbfb3f6baa04e1171103a886e53d0f7fef119b64dc4c6c8b302f0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1833
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 10:32:55 GMT
Last-Modified: Thu, 06 Oct 2022 10:02:23 GMT
Server: ECS (amb/6B88)
X-Cache: HIT
Content-Length: 471

pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50

35.164.27.195

200 OK

291 B

URL HTTP/2
pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50
IP
35.164.27.195:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
291 B (291 bytes)
Hash
69dadcd93e5a1c96d0b5a8a212497c7a
f15bdd329560c35a9655c1fd22fcde2de890a9ea
0ac074b322459a912801d16ce5e1427033b8bbee83ffc404f10d3a1368abdd2d

HTTP Headers

GET /eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50 HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 06 Oct 2022 10:32:56 GMT
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
expires: 0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2

connect.secure.wellsfargo.com/dti_apg/api/imp/v1.0/report/?x

159.45.170.156

200 OK

0 B

URL HTTP/1.1
connect.secure.wellsfargo.com/dti_apg/api/imp/v1.0/report/?x
IP
159.45.170.156:0
ASN
#10837 WELLSFARGO-10837

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /dti_apg/api/imp/v1.0/report/?x HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/plain,*/*;q=0.9
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://mail.zitic.duckdns.org/
content-type: text/plain;charset=UTF-8
Origin: http://mail.zitic.duckdns.org
Content-Length: 324
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods: OPTIONS, GET, POST
Access-Control-Allow-Origin: http://mail.zitic.duckdns.org
Date: Thu, 06 Oct 2022 10:32:59 GMT
Content-Length: 0
Via: 1.1 google
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
Server: KONICHIWA/1.1

pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M51

35.164.27.195

200 OK

0 B

URL HTTP/2
pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M51
IP
35.164.27.195:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M51 HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 06 Oct 2022 10:32:56 GMT
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
expires: 0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2

pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum

35.164.27.195

200 OK

0 B

URL HTTP/2
pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum
IP
35.164.27.195:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 14193
Origin: http://mail.zitic.duckdns.org
Connection: keep-alive
Referer: http://mail.zitic.duckdns.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 06 Oct 2022 10:32:56 GMT
content-type: text/html
expires: 0
set-cookie: ADRUM_BTa=R:30|g:c97cb270-91d8-49cd-8bfd-ab042dc3680b;Path=/;Expires=Thu, 06-Oct-2022 10:33:26 GMT;Max-Age=30
ADRUM_BTa=R:30|g:c97cb270-91d8-49cd-8bfd-ab042dc3680b|n:appdynamics_eee1d4f8-67a2-498e-a725-47e29803822e;Path=/;Expires=Thu, 06-Oct-2022 10:33:26 GMT;Max-Age=30
SameSite=None;Path=/;Expires=Thu, 06-Oct-2022 10:33:26 GMT;Max-Age=30;Secure
ADRUM_BT1=R:30|i:559461;Path=/;Expires=Thu, 06-Oct-2022 10:33:26 GMT;Max-Age=30
ADRUM_BT1=R:30|i:559461|e:14;Path=/;Expires=Thu, 06-Oct-2022 10:33:26 GMT;Max-Age=30
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2

edge.adobedc.net/ee/v1/identity/acquire?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=e006fc2b-7800-4b44-b744-f8815a79d7fb

13.36.218.177

200 OK

0 B

URL HTTP/2
edge.adobedc.net/ee/v1/identity/acquire?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=e006fc2b-7800-4b44-b744-f8815a79d7fb
IP
13.36.218.177:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /ee/v1/identity/acquire?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=e006fc2b-7800-4b44-b744-f8815a79d7fb HTTP/1.1
Host: edge.adobedc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://mail.zitic.duckdns.org/
Content-Type: text/plain; charset=UTF-8
Origin: http://mail.zitic.duckdns.org
Content-Length: 286
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-request-id: e006fc2b-7800-4b44-b744-f8815a79d7fb
x-rate-limit-remaining: 599
vary: Origin
access-control-allow-origin: http://mail.zitic.duckdns.org
access-control-allow-credentials: true
access-control-expose-headers: Retry-After, X-Adobe-Edge, X-Request-ID
date: Thu, 06 Oct 2022 10:32:53 GMT
x-konductor: 22.10.1:d2d3a42e
x-adobe-edge: IRL1;6
server: jag
content-encoding: deflate
content-type: application/json;charset=utf-8
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (45)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations