firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 12:04:33 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 99c9ffdbfc5207f9665251bb3284f588.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: 5xdd1QDStrNd4faIYrvKTKrbSwLndJkEXvJyUAGobP6QL8W1rV9Njg==
Age: 2249
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 282f6e1328452c1cb41f6a6272fff757
20b9ff1b5f4f81b645769bd4b4cf7bf7dfc16262
6a8070ebe51259cb11db68cca2c81f3c7408fad481d8c14cc1c38912442c63f4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A8070EBE51259CB11DB68CCA2C81F3C7408FAD481D8C14CC1C38912442C63F4"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16340
Expires: Wed, 05 Oct 2022 17:14:22 GMT
Date: Wed, 05 Oct 2022 12:42:02 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 05 Oct 2022 02:17:30 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 18fbcb8ad4e399469c0cb85776d11098.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P4
x-amz-cf-id: ZVwAKu2sv6GnSDo86Gfug67Z40iBoTMoNq-k_J2lJTpSjzDLhsu5Ag==
age: 37473
X-Firefox-Spdy: h2
zitic.duckdns.org/v/www.wellsfargo.com/investing/retirement/ira/select/full-service/index.html
200 OK 25 kB URL HTTP/1.1 zitic.duckdns.org/v/www.wellsfargo.com/investing/retirement/ira/select/full-service/index.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1390), with CRLF, LF line terminators
Hash 088c6c01103f4d24a80e0b12b6e63027
7698149b206413e5e5d6d7931ad91ffc8f5ba0e0
21de94e8e58f1a12fbdc75878062f1ebbdbe24ae0f4378ddabcb1c2d46befe96
Analyzer Verdict Alert urlquery DynDNS domain detected
openphish Wells Fargo & Company
fortinet Phishing
GET /v/www.wellsfargo.com/investing/retirement/ira/select/full-service/index.html HTTP/1.1
Host: zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:42:02 GMT
Server: Apache
Last-Modified: Fri, 30 Sep 2022 23:04:38 GMT
Accept-Ranges: bytes
Content-Length: 25224
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 12:42:02 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www01.wellsfargomedia.com/assets/images/css/template/homepage/homepage-lock.svg
200 OK 668 B URL HTTP/2 www01.wellsfargomedia.com/assets/images/css/template/homepage/homepage-lock.svg
IP
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash de6fd1f7ffea13b855770b5dc54daf72
0e4ab6e3433c7607280e977fd9e9c5442eb30344
deab472180f1d0240b8f200d69c896d68ddf08eba1928ef3d2f2fbd4beefbbfa
GET /assets/images/css/template/homepage/homepage-lock.svg HTTP/1.1
Host: www01.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
accept-ranges: bytes
content-encoding: br
etag: "6f8-554880386bac0"
last-modified: Wed, 25 Aug 2021 22:12:55 GMT
server: Akamai Resource Optimizer
strict-transport-security: max-age=31536000; includeSubdomains;
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 668
unused62: 8096267
cache-control: max-age=3206450
expires: Fri, 11 Nov 2022 15:22:53 GMT
date: Wed, 05 Oct 2022 12:42:03 GMT
X-Firefox-Spdy: h2
www01.wellsfargomedia.com/assets/images/css/template/homepage/homepage-horz-logo.svg
200 OK 2.0 kB URL HTTP/2 www01.wellsfargomedia.com/assets/images/css/template/homepage/homepage-horz-logo.svg
IP
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4948)
Hash e56e5d0c3a6c91daa9c9e3cb35de49ec
1ac827e855541f5059c9122c624f7b5144c5faa8
6d046903ea56f94f8a7d998d662f03035b015d3019c57d88e091f16d1bd175e8
GET /assets/images/css/template/homepage/homepage-horz-logo.svg HTTP/1.1
Host: www01.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
accept-ranges: bytes
content-encoding: br
etag: "15b8-5895bfcbfa2c0"
last-modified: Mon, 24 May 2021 14:15:37 GMT
server: Akamai Resource Optimizer
strict-transport-security: max-age=31536000; includeSubdomains;
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 1977
unused62: 8096267
cache-control: max-age=3206450
expires: Fri, 11 Nov 2022 15:22:53 GMT
date: Wed, 05 Oct 2022 12:42:03 GMT
X-Firefox-Spdy: h2
zitic.duckdns.org/v/static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js
200 OK 2.0 kB URL HTTP/1.1 zitic.duckdns.org/v/static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js
IP
File type ASCII text, with very long lines (1952), with no line terminators
Hash e7cf4c458b327ab7ed31e0936ccd404f
970bf05073f91ad6b8f21521f7c9886f71f2af1d
52b687a685d2239142be0db5335c5710951ba8c2b39a44431a40f156b4d9312d
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /v/static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js HTTP/1.1
Host: zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://zitic.duckdns.org/v/www.wellsfargo.com/investing/retirement/ira/select/full-service/index.html
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:42:03 GMT
Server: Apache
Last-Modified: Thu, 20 Jan 2022 03:38:26 GMT
Accept-Ranges: bytes
Content-Length: 1952
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
zitic.duckdns.org/v/www.wellsfargo.com/js/shared/media-player-custom.js
200 OK 4.3 kB URL HTTP/1.1 zitic.duckdns.org/v/www.wellsfargo.com/js/shared/media-player-custom.js
IP
File type ASCII text, with very long lines (4348), with no line terminators
Hash 450744f087d3aa87a28395c107742acc
c8a3e69e3b1287f65b72b9de8a553d4f309d4d99
cde7904316679ef5aa42b66a914d46fdae6d0e07d11bbc28f2dcb3a64012cdd6
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /v/www.wellsfargo.com/js/shared/media-player-custom.js HTTP/1.1
Host: zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://zitic.duckdns.org/v/www.wellsfargo.com/investing/retirement/ira/select/full-service/index.html
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:42:03 GMT
Server: Apache
Last-Modified: Mon, 05 Sep 2022 09:33:20 GMT
Accept-Ranges: bytes
Content-Length: 4348
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
zitic.duckdns.org/v/www.wellsfargo.com/css/template/global.css
200 OK 185 kB URL HTTP/1.1 zitic.duckdns.org/v/www.wellsfargo.com/css/template/global.css
IP
File type ASCII text, with very long lines (8262)
Size 185 kB (185441 bytes)
Hash 14d9a697a170e9accf9d8dca7ca7f869
c9e83fd2642cbb67ec5648fa04fb5850ba952a18
6d8bb4f75f6eb8608fc500cb23a7d6a09db009c91707584c1cc4f629e422d3ff
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /v/www.wellsfargo.com/css/template/global.css HTTP/1.1
Host: zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://zitic.duckdns.org/v/www.wellsfargo.com/investing/retirement/ira/select/full-service/index.html
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:42:03 GMT
Server: Apache
Last-Modified: Mon, 05 Sep 2022 09:33:24 GMT
Accept-Ranges: bytes
Content-Length: 185441
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
zitic.duckdns.org/v/www.wellsfargo.com/css/template/ui-lightness/jquery-ui.custom.css
200 OK 18 kB URL HTTP/1.1 zitic.duckdns.org/v/www.wellsfargo.com/css/template/ui-lightness/jquery-ui.custom.css
IP
File type ASCII text, with very long lines (7491)
Hash adacfb4b14fb1a108752d26f5c02ac5c
c86acc17d8ba331340c83d3426ac4b3561a51689
4cba34e0b3855598696d187bbcefc04326cfa6e79c4c4a035efab4017e40e4d3
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /v/www.wellsfargo.com/css/template/ui-lightness/jquery-ui.custom.css HTTP/1.1
Host: zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://zitic.duckdns.org/v/www.wellsfargo.com/investing/retirement/ira/select/full-service/index.html
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:42:03 GMT
Server: Apache
Last-Modified: Mon, 05 Sep 2022 09:33:24 GMT
Accept-Ranges: bytes
Content-Length: 18459
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Wed, 05 Oct 2022 12:32:55 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Wed, 05 Oct 2022 12:44:09 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 7d9efc042e7adb5feec60cb3e228036c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: O5Jg69leSpWMA9FA86zpQTRS5tlxll2QoqeWiegaExPt2H9B-TsSKA==
Age: 550
zitic.duckdns.org/v/www.wellsfargo.com/css/vendor/video-js.css
200 OK 44 kB URL HTTP/1.1 zitic.duckdns.org/v/www.wellsfargo.com/css/vendor/video-js.css
IP
File type ASCII text, with very long lines (19597)
Hash f8682704b21d1ed262ec8b90bb0c18d4
71e1bc05a39e85f299d5ecd5194e440f2a3d9fae
521ebc30fb48d89b4ac4808ef7e6fba9110684eb37751ad00a977ada5e74b0ef
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /v/www.wellsfargo.com/css/vendor/video-js.css HTTP/1.1
Host: zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://zitic.duckdns.org/v/www.wellsfargo.com/investing/retirement/ira/select/full-service/index.html
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:42:03 GMT
Server: Apache
Last-Modified: Mon, 05 Sep 2022 09:33:24 GMT
Accept-Ranges: bytes
Content-Length: 43928
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
zitic.duckdns.org/v/static.wellsfargo.com/assets/js/wfui/container/wfui-container-top.js
200 OK 48 kB URL HTTP/1.1 zitic.duckdns.org/v/static.wellsfargo.com/assets/js/wfui/container/wfui-container-top.js
IP
File type Unicode text, UTF-8 text, with very long lines (48287)
Hash adc6bafd6d346973c15f80f542fa008f
ec1f94d5fe65f25d7119488ffc067446b7af82b9
7a17bf7ddc09f705c34b0bdefe2a12142ae1702bf904a731f48cd4652c1036eb
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /v/static.wellsfargo.com/assets/js/wfui/container/wfui-container-top.js HTTP/1.1
Host: zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://zitic.duckdns.org/v/www.wellsfargo.com/investing/retirement/ira/select/full-service/index.html
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:42:03 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 14:50:04 GMT
Accept-Ranges: bytes
Content-Length: 48367
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
zitic.duckdns.org/v/static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js
200 OK 32 kB URL HTTP/1.1 zitic.duckdns.org/v/static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js
IP
File type Unicode text, UTF-8 text, with very long lines (31790)
Hash 162100f507af8b50f1406bf3fc405ce5
cf0a2bf9b914710962e0dd7899b93ba5ceb5134d
e9a598a5cc23c24a8ecc364ed7413961e416f5e9ec3df513ad9a12cda625a279
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /v/static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js HTTP/1.1
Host: zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://zitic.duckdns.org/v/www.wellsfargo.com/investing/retirement/ira/select/full-service/index.html
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:42:03 GMT
Server: Apache
Last-Modified: Sat, 12 Feb 2022 18:58:28 GMT
Accept-Ranges: bytes
Content-Length: 31841
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
zitic.duckdns.org/v/www.wellsfargo.com/js/frameworks/jq/jquery-ui.js
200 OK 339 kB URL HTTP/1.1 zitic.duckdns.org/v/www.wellsfargo.com/js/frameworks/jq/jquery-ui.js
IP
File type ASCII text, with very long lines (8185)
Size 339 kB (339170 bytes)
Hash 9726560d23e8100d33456702719491d1
1c64bfa8088fc04d7b6633a3479cb57ec9969d3a
d65fdc6b62a5f7a8a9cbc7a756b75ed80b81cf828295d507aeec9878e908ad4d
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /v/www.wellsfargo.com/js/frameworks/jq/jquery-ui.js HTTP/1.1
Host: zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://zitic.duckdns.org/v/www.wellsfargo.com/investing/retirement/ira/select/full-service/index.html
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:42:03 GMT
Server: Apache
Last-Modified: Mon, 05 Sep 2022 09:33:18 GMT
Accept-Ranges: bytes
Content-Length: 339170
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
zitic.duckdns.org/v/www.wellsfargo.com/js/vendor/jquery.min.js
200 OK 98 kB URL HTTP/1.1 zitic.duckdns.org/v/www.wellsfargo.com/js/vendor/jquery.min.js
IP
File type ASCII text, with very long lines (8077)
Hash d49f5bd057488231fdcc675e2fe9f568
c81be8cda5beab5bd767a63bee8aafc08e037ce4
3c536cede8c67b4bda531f82b77f3678e52026398492010245d3870c87a1623e
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /v/www.wellsfargo.com/js/vendor/jquery.min.js HTTP/1.1
Host: zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://zitic.duckdns.org/v/www.wellsfargo.com/investing/retirement/ira/select/full-service/index.html
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:42:03 GMT
Server: Apache
Last-Modified: Mon, 05 Sep 2022 09:33:20 GMT
Accept-Ranges: bytes
Content-Length: 97628
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
zitic.duckdns.org/v/www.wellsfargo.com/js/vendor/video.js
200 OK 420 kB URL HTTP/1.1 zitic.duckdns.org/v/www.wellsfargo.com/js/vendor/video.js
IP
File type ASCII text, with very long lines (8169)
Size 420 kB (419580 bytes)
Hash efce68f045d0687df715b0ec9634accf
1b15d7dba57fed7ca7f041ea15d87f6d709a4458
d94e88dfb3c418dc2d7f7f4464faed1788ecc8407ef1694d824330279262b834
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /v/www.wellsfargo.com/js/vendor/video.js HTTP/1.1
Host: zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://zitic.duckdns.org/v/www.wellsfargo.com/investing/retirement/ira/select/full-service/index.html
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:42:03 GMT
Server: Apache
Last-Modified: Mon, 05 Sep 2022 09:33:20 GMT
Accept-Ranges: bytes
Content-Length: 419580
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.digicert.com/
200 OK 471 B IP
Hash 1561c6be7c89d1357a80d12de47b6e74
9a705277922ecca583c867af58b3efce099f83bd
e33dc034dbf4b3b627cd3c1af2d942e2ca5704ec9a4aad5c46ad39eb070e82ab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6111
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 12:42:03 GMT
Last-Modified: Wed, 05 Oct 2022 11:00:12 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
zitic.duckdns.org/v/www.wellsfargo.com/js/global/global.js
200 OK 230 kB URL HTTP/1.1 zitic.duckdns.org/v/www.wellsfargo.com/js/global/global.js
IP
File type HTML document, Unicode text, UTF-8 text, with very long lines (8155)
Size 230 kB (230254 bytes)
Hash a6d222867ebc1b0e6a57eddc8bd7418b
be0c5877af0cf33abf8de5c793935c7c94c5fe7e
77d1d5f3d877905d3f0f5a434b77be2e3cf34887e0022ad9cae1b5d39150f827
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /v/www.wellsfargo.com/js/global/global.js HTTP/1.1
Host: zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://zitic.duckdns.org/v/www.wellsfargo.com/investing/retirement/ira/select/full-service/index.html
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:42:03 GMT
Server: Apache
Last-Modified: Mon, 05 Sep 2022 09:33:24 GMT
Accept-Ranges: bytes
Content-Length: 230254
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
zitic.duckdns.org/v/www.wellsfargo.com/assets/images/global/s65e3.gif?log=1&cb=1664575478583&event=PageLoad&pid=222-15985-64&ptid=91-6232-128&pageUrl=https%3A%2F%2Fwww.wellsfargo.com%2Finvesting%2Fretirement%2Fira%2Fselect%2Ffull-service%2F&clist=182-15998-16~223-3757-32|182-15999-16~223-3749-32|182-20875-16~223-3757-32|182-20876-16~223-3757-32|84-205969-16~91-1924-32|84-7225-16~91-1924-32|84-5529-16~91-2045-32|84-15318-16~91-1924-32|84-118701-16~91-1924-32|84-4808-16~91-1924-32|84-97635-16~91-1924-32|84-226384-16~91-1924-32|84-15929-16~91-1889-32|84-15930-16~91-1889-32|84-15946-16~91-6222-32
200 OK 43 B URL HTTP/1.1 zitic.duckdns.org/v/www.wellsfargo.com/assets/images/global/s65e3.gif?log=1&cb=1664575478583&event=PageLoad&pid=222-15985-64&ptid=91-6232-128&pageUrl=https%3A%2F%2Fwww.wellsfargo.com%2Finvesting%2Fretirement%2Fira%2Fselect%2Ffull-service%2F&clist=182-15998-16~223-3757-32|182-15999-16~223-3749-32|182-20875-16~223-3757-32|182-20876-16~223-3757-32|84-205969-16~91-1924-32|84-7225-16~91-1924-32|84-5529-16~91-2045-32|84-15318-16~91-1924-32|84-118701-16~91-1924-32|84-4808-16~91-1924-32|84-97635-16~91-1924-32|84-226384-16~91-1924-32|84-15929-16~91-1889-32|84-15930-16~91-1889-32|84-15946-16~91-6222-32
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /v/www.wellsfargo.com/assets/images/global/s65e3.gif?log=1&cb=1664575478583&event=PageLoad&pid=222-15985-64&ptid=91-6232-128&pageUrl=https%3A%2F%2Fwww.wellsfargo.com%2Finvesting%2Fretirement%2Fira%2Fselect%2Ffull-service%2F&clist=182-15998-16~223-3757-32|182-15999-16~223-3749-32|182-20875-16~223-3757-32|182-20876-16~223-3757-32|84-205969-16~91-1924-32|84-7225-16~91-1924-32|84-5529-16~91-2045-32|84-15318-16~91-1924-32|84-118701-16~91-1924-32|84-4808-16~91-1924-32|84-97635-16~91-1924-32|84-226384-16~91-1924-32|84-15929-16~91-1889-32|84-15930-16~91-1889-32|84-15946-16~91-6222-32 HTTP/1.1
Host: zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://zitic.duckdns.org/v/www.wellsfargo.com/investing/retirement/ira/select/full-service/index.html
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:42:03 GMT
Server: Apache
Last-Modified: Fri, 24 May 2013 21:08:06 GMT
Accept-Ranges: bytes
Content-Length: 43
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/gif
zitic.duckdns.org/v/www.wellsfargo.com/css/template/print.css
200 OK 570 B URL HTTP/1.1 zitic.duckdns.org/v/www.wellsfargo.com/css/template/print.css
IP
File type ASCII text, with very long lines (570), with no line terminators
Hash 95b4de8b86db5e33fc29372eb35bf21a
e75af300af9a609a69e3c11e8c4325637b1a0284
8dee9644ead3af242cdb9c56bfa5a795cc33154be20a7fac97d4357238ad7243
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /v/www.wellsfargo.com/css/template/print.css HTTP/1.1
Host: zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://zitic.duckdns.org/v/www.wellsfargo.com/investing/retirement/ira/select/full-service/index.html
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:42:03 GMT
Server: Apache
Last-Modified: Mon, 05 Sep 2022 09:33:24 GMT
Accept-Ranges: bytes
Content-Length: 570
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
zitic.duckdns.org/v/www01.wellsfargomedia.com/assets/images/global/btn-close-x.png
200 OK 1.5 kB URL HTTP/1.1 zitic.duckdns.org/v/www01.wellsfargomedia.com/assets/images/global/btn-close-x.png
IP
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 9921173323f53b9e476d01269ce6bc2b
41e125b4a816f5c346159ce28c32659a3ab4d80f
869e94fbe314e86261ff0dcfd5a52175d02298b8c6633140cdc0a544bb7721c5
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /v/www01.wellsfargomedia.com/assets/images/global/btn-close-x.png HTTP/1.1
Host: zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://zitic.duckdns.org/v/www.wellsfargo.com/investing/retirement/ira/select/full-service/index.html
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:42:03 GMT
Server: Apache
Last-Modified: Thu, 26 Aug 2021 02:32:58 GMT
Accept-Ranges: bytes
Content-Length: 1453
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
www17.wellsfargomedia.com/assets/images/css/template/homepage/homepage-magnifying-glass.png
200 OK 236 B URL HTTP/2 www17.wellsfargomedia.com/assets/images/css/template/homepage/homepage-magnifying-glass.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 8cf6735df721c60affadb70ad95732eb
ae8a42ebbd6b60630e2c612e924c4fd66a4aca33
8dc5436dce4423f0e53e85904b6dc0552c1c8bbde0dd4ec1c929a1c272201c4c
GET /assets/images/css/template/homepage/homepage-magnifying-glass.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "59c2114b-12e"
last-modified: Sat, 23 Jul 2022 13:52:11 GMT
server: Akamai Image Manager
content-length: 236
content-type: image/webp
cache-control: private, no-transform, max-age=752634
expires: Fri, 14 Oct 2022 05:45:57 GMT
date: Wed, 05 Oct 2022 12:42:03 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/css/template/bg-c16header.png
200 OK 112 B URL HTTP/2 www17.wellsfargomedia.com/assets/images/css/template/bg-c16header.png
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 9x33, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 08717a42a51902911c1eda963e838541
59811f290b3056e0a17ce38185702cdada633652
1c0efb4533dd3790e5099ef3156ecc1bd9d6b08e625a11853fccef20e0936b8e
GET /assets/images/css/template/bg-c16header.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "519fc746-552"
last-modified: Mon, 25 Jul 2022 08:24:35 GMT
server: Akamai Image Manager
x-serial: 1042
x-check-cacheable: YES
content-length: 112
content-type: image/webp
cache-control: private, no-transform, max-age=892003
expires: Sat, 15 Oct 2022 20:28:46 GMT
date: Wed, 05 Oct 2022 12:42:03 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/css/template/chevron-right-grey.png
200 OK 82 B URL HTTP/2 www17.wellsfargomedia.com/assets/images/css/template/chevron-right-grey.png
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 8x9, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8a64ca48888869867604fec4ca5a2300
05ecffa2687820e76c82f487d0347a5120615dd1
fb39d6b03e532d8c65acd85e6be42ac3fd7d781451a4bb1c616286a231c80cfa
GET /assets/images/css/template/chevron-right-grey.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "519fc766-3ed"
last-modified: Sat, 23 Jul 2022 13:52:12 GMT
server: Akamai Image Manager
x-serial: 612
x-check-cacheable: YES
content-length: 82
content-type: image/webp
cache-control: private, no-transform, max-age=706827
expires: Thu, 13 Oct 2022 17:02:30 GMT
date: Wed, 05 Oct 2022 12:42:03 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/css/template/arrow-right-gray.png
200 OK 102 B URL HTTP/2 www17.wellsfargomedia.com/assets/images/css/template/arrow-right-gray.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 24a47218c6a6be92ed8ddc28b0365af7
837d6923fda7215a73ce3050aa03673504907f88
303132675de7ecc1ad7822db460c6c6c30a72fb102620c4ca489c3fbb41e9e8f
GET /assets/images/css/template/arrow-right-gray.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "519fc73e-40c"
last-modified: Mon, 25 Jul 2022 06:04:23 GMT
server: Akamai Image Manager
content-length: 102
content-type: image/webp
cache-control: private, no-transform, max-age=899972
expires: Sat, 15 Oct 2022 22:41:35 GMT
date: Wed, 05 Oct 2022 12:42:03 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-rg.woff2
200 OK 22 kB URL HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-rg.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 22424, version 1.13107\012- data
Hash 0a1639ebe9fab396657a62aa5233c832
9b58164729ad918dd7255e4856f9da7f3a90bfde
631f3b6267a831a8d67c45e480b5d5a2601f10ff8708bcf3a45a41b377a129cc
GET /assets/fonts/wellsfargosans-rg.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://zitic.duckdns.org
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: font/woff2
content-length: 22424
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-5798"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=7329915
expires: Thu, 29 Dec 2022 08:47:18 GMT
date: Wed, 05 Oct 2022 12:42:03 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-bd.woff2
200 OK 22 kB URL HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-bd.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 22172, version 1.13107\012- data
Hash f0307736c3a6ef356722f1dc3e9fa3f4
e29ea90ba786f0e08caa770dcfdfe923f619bebd
6bc7e16d4b6822a6867d7dd9f9d29f5fd77cd803750b0fe38a92309d9eb00704
GET /assets/fonts/wellsfargosans-bd.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://zitic.duckdns.org
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: font/woff2
content-length: 22172
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-569c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=7306709
expires: Thu, 29 Dec 2022 02:20:32 GMT
date: Wed, 05 Oct 2022 12:42:03 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/css/template/bg_cta_sheen.png
200 OK 16 kB URL HTTP/2 www17.wellsfargomedia.com/assets/images/css/template/bg_cta_sheen.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash cf146beff5e1251bc57290b741db80b4
abef4d3ad1dae178c301b63e73ecda3ba70a5ada
756bed348999b9c11b888c741e4ff7ef4000035e86c30ef638502a74f0bb8028
GET /assets/images/css/template/bg_cta_sheen.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "519fc762-7010"
last-modified: Mon, 25 Jul 2022 17:00:09 GMT
server: Akamai Image Manager
x-serial: 1612
x-check-cacheable: YES
content-length: 15710
content-type: image/webp
cache-control: private, no-transform, max-age=1000890
expires: Mon, 17 Oct 2022 02:43:33 GMT
date: Wed, 05 Oct 2022 12:42:03 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/css/template/service-module-divider.png
200 OK 96 B URL HTTP/2 www17.wellsfargomedia.com/assets/images/css/template/service-module-divider.png
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 190x3, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 593fd38a13a214c862ad93a1713334a7
68e602d9b77aa7d52f1433bd41379bb0bd1b842c
5e655c21536df98ff042551c74ca69c1282aada3bb35d43a1f64f9b289fe8888
GET /assets/images/css/template/service-module-divider.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "519fc774-40b"
last-modified: Fri, 23 Sep 2022 16:25:26 GMT
server: Akamai Image Manager
content-length: 96
content-type: image/webp
cache-control: private, no-transform, max-age=1568599
expires: Sun, 23 Oct 2022 16:25:22 GMT
date: Wed, 05 Oct 2022 12:42:03 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/css/template/bg-c68-contactbar-top.png
200 OK 706 B URL HTTP/2 www17.wellsfargomedia.com/assets/images/css/template/bg-c68-contactbar-top.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 2cf75c65bae129474c19476f72985c9b
14db1a49477682d2e17ebaf4ed81a3d54f0e229b
30d7aa03684a1a793b3d5803597c327af08ee4e0dba727ff059449405501dd99
GET /assets/images/css/template/bg-c68-contactbar-top.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "519fc754-5b2"
last-modified: Mon, 25 Jul 2022 08:24:34 GMT
server: Akamai Image Manager
content-length: 706
content-type: image/webp
cache-control: private, no-transform, max-age=479631
expires: Tue, 11 Oct 2022 01:55:54 GMT
date: Wed, 05 Oct 2022 12:42:03 GMT
X-Firefox-Spdy: h2
zitic.duckdns.org/v/www17.wellsfargomedia.com/assets/images/css/template/img_print.png
200 OK 134 B URL HTTP/1.1 zitic.duckdns.org/v/www17.wellsfargomedia.com/assets/images/css/template/img_print.png
IP
File type PNG image data, 14 x 12, 8-bit grayscale, non-interlaced\012- data
Hash ed07b484af73610193cb8c7850a060d3
6acdb6fa2eb7890a132b7e24938a27b548ccb544
d6d272e61ccf4d57b23962568358f87656a7f820f580ab071d11fde58f6e45e6
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /v/www17.wellsfargomedia.com/assets/images/css/template/img_print.png HTTP/1.1
Host: zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://zitic.duckdns.org/v/www.wellsfargo.com/css/template/global.css
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:42:03 GMT
Server: Apache
Last-Modified: Mon, 25 Jul 2022 22:08:46 GMT
Accept-Ranges: bytes
Content-Length: 134
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
zitic.duckdns.org/v/www01.wellsfargomedia.com/assets/images/css/template/bg-prod1photo.gif
200 OK 73 B URL HTTP/1.1 zitic.duckdns.org/v/www01.wellsfargomedia.com/assets/images/css/template/bg-prod1photo.gif
IP
File type GIF image data, version 89a, 1 x 69\012- data
Hash ac39a10b0ec7ac3cb231e7d60d2cd314
f562a0e32c64153e393af5ad7ce020239ba8dfe7
833bdde60911d739e0bb8d5c90640384b7e52d4630ca98137ca9004905ad7f16
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /v/www01.wellsfargomedia.com/assets/images/css/template/bg-prod1photo.gif HTTP/1.1
Host: zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://zitic.duckdns.org/v/www.wellsfargo.com/css/template/global.css
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:42:03 GMT
Server: Apache
Last-Modified: Thu, 26 Aug 2021 02:44:54 GMT
Accept-Ranges: bytes
Content-Length: 73
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/gif
zitic.duckdns.org/v/static.wellsfargo.com/assets/js/wfui/ndep/websdk/nuance-websdk-loader.js
404 Not Found 315 B URL HTTP/1.1 zitic.duckdns.org/v/static.wellsfargo.com/assets/js/wfui/ndep/websdk/nuance-websdk-loader.js
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /v/static.wellsfargo.com/assets/js/wfui/ndep/websdk/nuance-websdk-loader.js HTTP/1.1
Host: zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://zitic.duckdns.org/v/www.wellsfargo.com/investing/retirement/ira/select/full-service/index.html
HTTP/1.1 404 Not Found
Date: Wed, 05 Oct 2022 12:42:03 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www17.wellsfargomedia.com/assets/images/css/template/c68-icon-call-us.png
200 OK 442 B URL HTTP/2 www17.wellsfargomedia.com/assets/images/css/template/c68-icon-call-us.png
IP
File type PNG image data, 19 x 19, 8-bit colormap, non-interlaced\012- data
Hash 021849d41b4b6156d850e5adf457001d
8af29aa10cd36c8045ea9ebb23850ebb218b0fab
48e3c79b5c5738c7cfd37a3efafba2948f3ea14a8f15f33809bde7527d5187da
GET /assets/images/css/template/c68-icon-call-us.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "519fc764-1e7"
last-modified: Mon, 25 Jul 2022 08:24:35 GMT
server: Akamai Image Manager
content-length: 442
content-type: image/png
cache-control: private, no-transform, max-age=752334
expires: Fri, 14 Oct 2022 05:40:58 GMT
date: Wed, 05 Oct 2022 12:42:04 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/global/plus-button.png
200 OK 110 B URL HTTP/2 www17.wellsfargomedia.com/assets/images/global/plus-button.png
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 16x16, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 638efa83286ae3064086affec9ffa155
4f10a2ea2997fc670e693a2b9e49d66daedd010b
100ce535567998d54849a28ae56816f4b36177814655d15ca924df55a8537820
GET /assets/images/global/plus-button.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "519fc8a4-544"
last-modified: Mon, 25 Jul 2022 08:24:36 GMT
server: Akamai Image Manager
content-length: 110
content-type: image/webp
cache-control: private, no-transform, max-age=850524
expires: Sat, 15 Oct 2022 08:57:28 GMT
date: Wed, 05 Oct 2022 12:42:04 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/css/template/img_facebook.png
200 OK 158 B URL HTTP/2 www17.wellsfargomedia.com/assets/images/css/template/img_facebook.png
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 20x20, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2b29e2ab0a181b675c3a91a5daf2322c
7986adeec12fb7dfb3386f793662f634c842eb66
73b31bddb3e9b9e841725f10be78071daae55db39b60719eb73ffa94186edbbf
GET /assets/images/css/template/img_facebook.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "55209ab9-52d"
last-modified: Mon, 08 Aug 2022 16:03:34 GMT
server: Akamai Image Manager
content-length: 158
content-type: image/webp
cache-control: private, no-transform, max-age=2225393
expires: Mon, 31 Oct 2022 06:51:57 GMT
date: Wed, 05 Oct 2022 12:42:04 GMT
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: hcY7BPwS0MvCArWfnwYHXQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: QzZTrhUrd4FDsOHDOEMaItnXLAA=
www17.wellsfargomedia.com/assets/images/css/template/img_twitter.png
200 OK 186 B URL HTTP/2 www17.wellsfargomedia.com/assets/images/css/template/img_twitter.png
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 20x20, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash bf36c83f327f106b40a4a25396f68892
a47a4d66d99520946122236f23ec139c2252cae3
8bda07b34e5b9b98bc5b1609c1cb4327f829ec74484a558ae3873dd19b75953b
GET /assets/images/css/template/img_twitter.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "55209ab9-5a4"
last-modified: Mon, 25 Jul 2022 07:26:18 GMT
server: Akamai Image Manager
x-serial: 1787
x-check-cacheable: YES
content-length: 186
content-type: image/webp
cache-control: private, no-transform, max-age=792453
expires: Fri, 14 Oct 2022 16:49:37 GMT
date: Wed, 05 Oct 2022 12:42:04 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/css/template/social_show.png
200 OK 84 B URL HTTP/2 www17.wellsfargomedia.com/assets/images/css/template/social_show.png
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 16x16, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6550aa7b280e5283194471eb87085983
b76e2eaf71fb1ae900ece375e4f0be5b23bc1ed0
daf8f3105a0bae551331bc9859b06561b50313d2cc0e3aa1b1aee9b7acd09cd4
GET /assets/images/css/template/social_show.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "55209ab9-3ca"
last-modified: Mon, 25 Jul 2022 08:19:23 GMT
server: Akamai Image Manager
content-length: 84
content-type: image/webp
cache-control: private, no-transform, max-age=1023419
expires: Mon, 17 Oct 2022 08:59:03 GMT
date: Wed, 05 Oct 2022 12:42:04 GMT
X-Firefox-Spdy: h2
www04.wellsfargomedia.com/favicon.ico
200 OK 3.8 kB URL HTTP/2 www04.wellsfargomedia.com/favicon.ico
IP
File type MS Windows icon resource - 1 icon, 48x48, 8 bits/pixel\012- data
Hash fc6d7821d387a8d5e630daa63ec39f10
91d3962918d4caf70de23cdf245f85881883c789
2420e2dd77fbe0494070da2c201f6fcdd613c7652c06d086137e8c41d129f254
GET /favicon.ico HTTP/1.1
Host: www04.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/x-icon
content-length: 3774
last-modified: Mon, 05 Sep 2022 08:30:50 GMT
etag: "6315b3ba-ebe"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=80435
expires: Thu, 06 Oct 2022 11:02:39 GMT
date: Wed, 05 Oct 2022 12:42:04 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 88bc4838e6e6b6a047cce7d43b78b059
52491f25f0535fea8fe5938462fbe1cd45b36271
b1a22a4193c15b908c2c689ee4c2da419a07727c82064cd41e6443b1e9a48fbe
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4906
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 12:42:04 GMT
Last-Modified: Wed, 05 Oct 2022 11:20:18 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
zitic.duckdns.org/v/www.wellsfargo.com/assets/images/icons/icon-hires_192x192.png
200 OK 3.5 kB URL HTTP/1.1 zitic.duckdns.org/v/www.wellsfargo.com/assets/images/icons/icon-hires_192x192.png
IP
File type PNG image data, 192 x 192, 8-bit colormap, non-interlaced\012- data
Hash 747ec8a6d8d3fba144f633730beed248
b964bae36903dc313023c922808a2956e21a77fe
ec992654b49d3bd0e6bec47d8dc6b4c82cb763c17edbd5a4d6da2f4b27846825
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /v/www.wellsfargo.com/assets/images/icons/icon-hires_192x192.png HTTP/1.1
Host: zitic.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://zitic.duckdns.org/v/www.wellsfargo.com/investing/retirement/ira/select/full-service/index.html
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:42:04 GMT
Server: Apache
Last-Modified: Sat, 14 Aug 2021 00:00:54 GMT
Accept-Ranges: bytes
Content-Length: 3535
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
static.wellsfargo.com/tracking/main/utag.js
200 OK 54 kB URL HTTP/1.1 static.wellsfargo.com/tracking/main/utag.js
IP
ASN #10837 WELLSFARGO-10837
File type Unicode text, UTF-8 text, with very long lines (21397)
Hash 26bb07cb24ec9407cc5e5b66a69874ba
3b7a1b1f6e96cccdd1eb3cd04e81598619eb94fc
35d1ca2c89af89baebef9b8a93866f5a90ab51831cc3b8db9718e276ab28c0d4
GET /tracking/main/utag.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:42:04 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 04 Oct 2022 20:01:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"633c9124-4fa06"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15328
Expires: Wed, 05 Oct 2022 16:57:33 GMT
Date: Wed, 05 Oct 2022 12:42:05 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15328
Expires: Wed, 05 Oct 2022 16:57:33 GMT
Date: Wed, 05 Oct 2022 12:42:05 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15328
Expires: Wed, 05 Oct 2022 16:57:33 GMT
Date: Wed, 05 Oct 2022 12:42:05 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23595c4d-609a-48f3-a52f-e88e478d7653.jpeg
200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23595c4d-609a-48f3-a52f-e88e478d7653.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3257b782efae9b64e6e18a547866ec50
4daf0c001e86af8477fb097e8ca932edb8e5f981
899f9692e86405aa288d88dd285a6fe26bedab1a2ca4693212476063890b01a5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23595c4d-609a-48f3-a52f-e88e478d7653.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5832
x-amzn-requestid: c4427edd-3d71-47d0-a2d3-b3bfed089535
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zf8s1FuUoAMFhBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ca7eb-46ddff150da4141d23fc0d8a;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 21:38:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: iR82CJ6A06dpqy_nm6JrmjeUJT-uhI5rr0dr6ZnhrQQo9Jqxh10qRQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 21:43:43 GMT
age: 53902
etag: "4daf0c001e86af8477fb097e8ca932edb8e5f981"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07ed6d4e-f8d6-4fa4-a7da-a497e3667e10.jpeg
200 OK 17 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07ed6d4e-f8d6-4fa4-a7da-a497e3667e10.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 420f8420af76fa258690bb842ff38db7
a37e39e4429d869abcf95cf3cb2c74675e174040
1d45d4f188ff54b5f66cd3c828affdd5d90b621c875c58a9fa6cd265f456d622
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07ed6d4e-f8d6-4fa4-a7da-a497e3667e10.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 17279
x-amzn-requestid: 381c1622-0b7a-407a-a98e-ad5e10b67a33
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zf8s1ExxoAMFsAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ca7eb-4ed02978326aebf338ccd998;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 21:38:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CIZCBfsULoj_hm3G56Um57QTYuGUjN63x_H1Bb3xPKeacmsrTLqLYw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 21:43:45 GMT
age: 53900
etag: "a37e39e4429d869abcf95cf3cb2c74675e174040"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4fc2ddd86450d64d3fb659ab4e78be58
bbe71936b78a8c34d03ab87948dc840b35c6948f
84a760397a5912bd05f61bc8a953c13a88a677e2d17fbbf74bdf7d7ff4d3942f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10158
x-amzn-requestid: def1fc7e-8008-466f-9271-20fa1ab0fa5a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaqZCH7doAMFcPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a8aa0-7fd2fb1249366f2277d719d6;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 07:09:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: aeOU8fGkf5uHuYZ79k17EzxiFnwm0_z7SeZJElgwECzRyhR2N_SYJA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 04:06:09 GMT
age: 30956
etag: "bbe71936b78a8c34d03ab87948dc840b35c6948f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F727060c5-cdba-4c73-92c7-eb01c35aff59.jpeg
200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F727060c5-cdba-4c73-92c7-eb01c35aff59.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1bc04f249ff8da1e71ebd8bc5dfda85d
da3f9add6816af819df6aac08796dc7478dd0517
9f4a02cde38c7d61352f390a8d91cf9028652395ad55a3a49966df4a63642a85
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F727060c5-cdba-4c73-92c7-eb01c35aff59.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9907
x-amzn-requestid: b1b9a896-c745-496a-89df-b253d458f903
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWRm_EkKoAMF4cQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338c95f-3330e14379849de85eb3dda4;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:12:31 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: rrf-jHPj_RmO82bA9cfmwFZunZ8E-EhFZ3AEdBbbPn0dI6GOcpveCQ==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 11:26:43 GMT
age: 4522
etag: "da3f9add6816af819df6aac08796dc7478dd0517"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb178720-854c-4c9e-85c1-58cb5419ca69.jpeg
200 OK 3.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb178720-854c-4c9e-85c1-58cb5419ca69.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5d7d7df8d4c440f9db445c3d99e818d6
612b6dbd4ba895c167964ff7e6d9263013b52b0a
bf527a814c78f9e010cce4ba593c9146d54a2137d1f147f7a6250fbad81956ac
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb178720-854c-4c9e-85c1-58cb5419ca69.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3585
x-amzn-requestid: 43c510d4-d87c-4665-a132-d798b836d415
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaJbLHEOoAMFfxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a55e0-614faff31425ff183b7ca4dd;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 03:24:16 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: d1LCc44Gj_0Je8adu7Iv3I9MwkaDPgWqlNHI96UAtZub22l210J65A==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 04:53:07 GMT
age: 28138
etag: "612b6dbd4ba895c167964ff7e6d9263013b52b0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5704624d-eb81-4a5b-bcb7-08db5681c677.jpeg
200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5704624d-eb81-4a5b-bcb7-08db5681c677.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1de7c17a0ba9295135e7f8b490b6a8d3
70e8d1589f3daf71378965dd197934e220fb6aa4
ee559ce3166479e2b930be7d18525f5c2d164aed8ca005302ddaf3bfe37eec24
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5704624d-eb81-4a5b-bcb7-08db5681c677.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8926
x-amzn-requestid: 27fc8976-af8d-40a3-b701-0642fa135ec4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zf8s1GSbIAMFTiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ca7eb-4d4c7837576e0fdb5828fe3b;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 21:38:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YzVofPSJC-YVU1Q1V9AnjNeQTa1BQEh6ZiH2HjSeeX5RygysFP7oAA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 21:43:25 GMT
age: 53920
etag: "70e8d1589f3daf71378965dd197934e220fb6aa4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash d0cccf4ce8253fd53286a85fef0716e8
12094e4f75e6d03415180d178cfc097ef2aeffd6
83f2b3c3564f374e97a8104b9d2dd8e731b17d886bdbe2d003f36179c0271890
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:42:05 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 02 Oct 2022 01:42:55 GMT
Expires: Sun, 09 Oct 2022 01:42:54 GMT
Etag: "12094e4f75e6d03415180d178cfc097ef2aeffd6"
Cache-Control: max-age=305448,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75563c35fd7c0b49-OSL
static.wellsfargo.com/tracking/ga/gtag.js?id=UA-107148943-1
200 OK 45 kB URL HTTP/1.1 static.wellsfargo.com/tracking/ga/gtag.js?id=UA-107148943-1
IP
ASN #10837 WELLSFARGO-10837
File type ASCII text, with very long lines (65508)
Hash f0bce3a74e635ab88b299b1f625c99a4
345faf01029820b11abc73022ece8fb8e51cc321
faebd8dced2c15d37da85427c6e60aecb6a1a5f75e888280d447e93e64102c8e
GET /tracking/ga/gtag.js?id=UA-107148943-1 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:42:05 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"613a44c0-1ca73"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip
cdn.schemaapp.com/highlighter/prod/WellsFargo/aHR0cDovL3ppdGljLmR1Y2tkbnMub3Jn
200 OK 0 B URL HTTP/2 cdn.schemaapp.com/highlighter/prod/WellsFargo/aHR0cDovL3ppdGljLmR1Y2tkbnMub3Jn
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /highlighter/prod/WellsFargo/aHR0cDovL3ppdGljLmR1Y2tkbnMub3Jn HTTP/1.1
Host: cdn.schemaapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-account-id,x-api-key
Referer: http://zitic.duckdns.org/
Origin: http://zitic.duckdns.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
TE: trailers
HTTP/2 200 OK
content-length: 0
date: Wed, 05 Oct 2022 12:42:06 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-headers: x-account-id, x-api-key
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 7cb11ed28173c541fc01b012ea9b85aa.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P3
x-amz-cf-id: DauGW4-64-cvphm-JEslpkRtUEk5BwZKRAQXdLS4npacCDZc6_aLGA==
X-Firefox-Spdy: h2
static.wellsfargo.com/tracking/main/utag.249.js?utv=ut4.48.202103111723
200 OK 2.0 kB URL HTTP/1.1 static.wellsfargo.com/tracking/main/utag.249.js?utv=ut4.48.202103111723
IP
ASN #10837 WELLSFARGO-10837
File type ASCII text, with very long lines (1280)
Hash 028aad0d319ba7357204d8bc9bfca330
6d391340b147026435eed039b322b297195d976f
8ea1397b96ad59126143e4ce576d94d1193772eefc90ef06acd785fcef164592
GET /tracking/main/utag.249.js?utv=ut4.48.202103111723 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:42:05 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 25 Mar 2021 21:15:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"605cfd72-133d"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip
data.schemaapp.com/WellsFargo/aHR0cDovL3ppdGljLmR1Y2tkbnMub3JnL3Yvd3d3LndlbGxzZmFyZ28uY29tL2ludmVzdGluZy9yZXRpcmVtZW50L2lyYS9zZWxlY3QvZnVsbC1zZXJ2aWNlL2luZGV4Lmh0bWw
200 OK 0 B URL HTTP/2 data.schemaapp.com/WellsFargo/aHR0cDovL3ppdGljLmR1Y2tkbnMub3JnL3Yvd3d3LndlbGxzZmFyZ28uY29tL2ludmVzdGluZy9yZXRpcmVtZW50L2lyYS9zZWxlY3QvZnVsbC1zZXJ2aWNlL2luZGV4Lmh0bWw
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /WellsFargo/aHR0cDovL3ppdGljLmR1Y2tkbnMub3JnL3Yvd3d3LndlbGxzZmFyZ28uY29tL2ludmVzdGluZy9yZXRpcmVtZW50L2lyYS9zZWxlY3QvZnVsbC1zZXJ2aWNlL2luZGV4Lmh0bWw HTTP/1.1
Host: data.schemaapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-api-key
Referer: http://zitic.duckdns.org/
Origin: http://zitic.duckdns.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
date: Wed, 05 Oct 2022 12:42:06 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-headers: x-api-key
access-control-expose-headers: x-amz-meta-source
access-control-max-age: 3000
server: AmazonS3
strict-transport-security: max-age=31536000; includeSubDomains;
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Miss from cloudfront
via: 1.1 71d62f2b54e1ac2dcda3d438900cc504.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P2
x-amz-cf-id: oCPCq3ue3R4R3svFddTFyLel9dNmM_LHYFmOypJUzcyAeMtt2pmEJA==
X-Firefox-Spdy: h2
static.wellsfargo.com/tracking/main/utag.117.js?utv=ut4.48.202112070053
200 OK 1.5 kB URL HTTP/1.1 static.wellsfargo.com/tracking/main/utag.117.js?utv=ut4.48.202112070053
IP
ASN #10837 WELLSFARGO-10837
File type ASCII text, with very long lines (8097)
Hash 98ea64d15274eed87401b2a479775049
54835f985edf79c1911926f35a454eed5462d672
ca6044266cd44788cd4fa4910c8bcae5bef1bc1c213eafb436c00cea0db2c79b
GET /tracking/main/utag.117.js?utv=ut4.48.202112070053 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:42:05 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 18 Feb 2021 22:15:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"602ee6f8-2166"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip
static.wellsfargo.com/tracking/main/utag.136.js?utv=ut4.48.202208102110
200 OK 4.3 kB URL HTTP/1.1 static.wellsfargo.com/tracking/main/utag.136.js?utv=ut4.48.202208102110
IP
ASN #10837 WELLSFARGO-10837
File type ASCII text, with very long lines (55064), with CRLF line terminators
Hash d0411178a32feb6cf283839f7d2adc0f
b48614403124421a7c1072238276d834c8c16fbc
9d4f430c94cc8de26993a0b05eaaedc4c5121f5c69a47aa13cb7ddf44cd1521f
GET /tracking/main/utag.136.js?utv=ut4.48.202208102110 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:42:05 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 11 Aug 2022 20:02:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62f56058-d8e3"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip
static.wellsfargo.com/tracking/main/utag.129.js?utv=ut4.48.202207272202
200 OK 2.0 kB URL HTTP/1.1 static.wellsfargo.com/tracking/main/utag.129.js?utv=ut4.48.202207272202
IP
ASN #10837 WELLSFARGO-10837
File type ASCII text, with very long lines (14899)
Hash 3955ea8eef1163d5a03b223080bb369b
afdc4ffc48f5b5454bec0d211d81bf5a29a88300
773e4bda27c4b159fa2f2ddfc6b0a940fe149e1b2d6e9d68af4798d80f453b94
GET /tracking/main/utag.129.js?utv=ut4.48.202207272202 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:42:05 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 28 Jul 2022 20:08:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62e2eca7-3bf8"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip
static.wellsfargo.com/tracking/main/utag.166.js?utv=ut4.48.202208100004
200 OK 2.6 kB URL HTTP/1.1 static.wellsfargo.com/tracking/main/utag.166.js?utv=ut4.48.202208100004
IP
ASN #10837 WELLSFARGO-10837
File type ASCII text, with very long lines (13150), with CRLF line terminators
Hash af5ecbbfa71cf9fb1890a16293a849ea
7c3917f40470f704d11d8410be7e975af7f180b0
2e134150a5652a1405756a04815f3cb049d3aac6dd8cc9be842a3455dda567ea
GET /tracking/main/utag.166.js?utv=ut4.48.202208100004 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:42:05 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 11 Aug 2022 20:02:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62f56058-39d1"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip
static.wellsfargo.com/tracking/main/utag.319.js?utv=ut4.48.202209142209
200 OK 2.6 kB URL HTTP/1.1 static.wellsfargo.com/tracking/main/utag.319.js?utv=ut4.48.202209142209
IP
ASN #10837 WELLSFARGO-10837
File type ASCII text, with very long lines (2571)
Hash 270dd8154d461df44b468039bd358e3d
75cfff528bf6a5b8cf3f2b186c06bf3facb78538
591ddca6ea1ce23bccb267ca1e5fc99ce9c4a463361905e8dc2ff7d544710c0b
GET /tracking/main/utag.319.js?utv=ut4.48.202209142209 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:42:05 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 22 Sep 2022 20:06:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"632cc04d-1b84"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip
static.wellsfargo.com/tracking/main/utag.225.js?utv=ut4.48.202208301942
200 OK 2.0 kB URL HTTP/1.1 static.wellsfargo.com/tracking/main/utag.225.js?utv=ut4.48.202208301942
IP
ASN #10837 WELLSFARGO-10837
File type ASCII text, with very long lines (14389), with CRLF line terminators
Hash 0a1f28ee2d9f4400d8cf7b2084cd75ef
881c3d612b62db99ee20be8dc123976041a99ae8
d0212788e34ae02ba53fcf465c24b34daaa894ea8194255d7c75fbbb1d6e7561
GET /tracking/main/utag.225.js?utv=ut4.48.202208301942 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:42:05 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 11 Aug 2022 20:02:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62f56054-3ea8"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip
cdn.schemaapp.com/highlighter/prod/WellsFargo/aHR0cDovL3ppdGljLmR1Y2tkbnMub3Jn
200 OK 2 B URL HTTP/2 cdn.schemaapp.com/highlighter/prod/WellsFargo/aHR0cDovL3ppdGljLmR1Y2tkbnMub3Jn
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
GET /highlighter/prod/WellsFargo/aHR0cDovL3ppdGljLmR1Y2tkbnMub3Jn HTTP/1.1
Host: cdn.schemaapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://zitic.duckdns.org/
x-account-id: WellsFargo
x-api-key: XPJKP-GI7DG-FVNWZ-45W51
Origin: http://zitic.duckdns.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
last-modified: Tue, 11 Dec 2018 16:01:38 GMT
x-amz-version-id: 4FsmemwQuur.Z0jxvea6XGJagB0M87fi
accept-ranges: bytes
server: AmazonS3
date: Wed, 05 Oct 2022 12:38:15 GMT
etag: "99914b932bd37a50b983c5e7c90ae93b"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Error from cloudfront
via: 1.1 7cb11ed28173c541fc01b012ea9b85aa.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P3
x-amz-cf-id: T8BNTnp0zmxXvuKQtF8E1_w8lrJxd1xMBCaSX6vyLr8PfekP3PLAWg==
age: 231
X-Firefox-Spdy: h2
static.wellsfargo.com/tracking/main/utag.328.js?utv=ut4.48.202207272202
200 OK 2.2 kB URL HTTP/1.1 static.wellsfargo.com/tracking/main/utag.328.js?utv=ut4.48.202207272202
IP
ASN #10837 WELLSFARGO-10837
File type ASCII text, with very long lines (15058)
Hash 420683ca7854e6bef9d5433124c6040e
aad1b9f71f2c30deee478658bb6e453c2c7f3a5a
8851d5126d7413e67465c2cb8bc2adaba4dd4b39deac58a33c9dc2e4d53f8268
GET /tracking/main/utag.328.js?utv=ut4.48.202207272202 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:42:05 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 28 Jul 2022 20:08:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62e2eca5-413e"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip
static.wellsfargo.com/tracking/main/utag.379.js?utv=ut4.48.202207272202
200 OK 1.1 kB URL HTTP/1.1 static.wellsfargo.com/tracking/main/utag.379.js?utv=ut4.48.202207272202
IP
ASN #10837 WELLSFARGO-10837
File type ASCII text, with very long lines (1071)
Hash be33c3150315d92aaae2dd3f471f7e4e
e8807f0617c3f06b238aec8ebcf93ab846e619af
15ee0686aeb15b05f562cd16166152540f132425c01ed5268d70a53d8a81cb7a
GET /tracking/main/utag.379.js?utv=ut4.48.202207272202 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:42:05 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 28 Jul 2022 20:08:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62e2eca5-86e"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip
static.wellsfargo.com/tracking/main/utag.381.js?utv=ut4.48.202209121603
200 OK 8.9 kB URL HTTP/1.1 static.wellsfargo.com/tracking/main/utag.381.js?utv=ut4.48.202209121603
IP
ASN #10837 WELLSFARGO-10837
File type ASCII text, with very long lines (53448)
Hash fa32a86db1201fd16a1ffad9bd9f7227
d03c84e85b4ecdfb12c65ad199d2ea35a4218fd7
6f152dcff72a37369ae8eac535bc29ed8ff4575fc220b9362535a1c5c1ab0ee9
GET /tracking/main/utag.381.js?utv=ut4.48.202209121603 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:42:05 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 15 Sep 2022 20:12:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6323871b-16edd"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip
static.wellsfargo.com/tracking/main/utag.384.js?utv=ut4.48.202208101746
200 OK 4.5 kB URL HTTP/1.1 static.wellsfargo.com/tracking/main/utag.384.js?utv=ut4.48.202208101746
IP
ASN #10837 WELLSFARGO-10837
File type ASCII text, with very long lines (20219), with CRLF line terminators
Hash 4c0349dd734ccb6d8e8e7623b1f7ae6d
b7b4c964104051333ba40303abf04653021319e7
78cb0c0a2e99cba235f7f99b436f3175f27f45872905afaffbae7a278c53e09b
GET /tracking/main/utag.384.js?utv=ut4.48.202208101746 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:42:05 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 11 Aug 2022 20:02:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62f56055-74c7"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip
static.wellsfargo.com/tracking/main/utag.431.js?utv=ut4.48.202107202150
200 OK 1.3 kB URL HTTP/1.1 static.wellsfargo.com/tracking/main/utag.431.js?utv=ut4.48.202107202150
IP
ASN #10837 WELLSFARGO-10837
File type ASCII text, with very long lines (1071)
Hash 6b1893e708596451fe24ba0542af6968
64f6d916c0fa5d4ed53d7af241edc228403f7733
d02ba9b5bff6d6dd10c51121cfa90bee0a178af4fd5bc5b7d2401e4717c2fbc0
GET /tracking/main/utag.431.js?utv=ut4.48.202107202150 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:42:05 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 29 Jul 2021 21:00:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"610316f8-9eb"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip
static.wellsfargo.com/tracking/main/utag.396.js?utv=ut4.48.202209192333
200 OK 1.6 kB URL HTTP/1.1 static.wellsfargo.com/tracking/main/utag.396.js?utv=ut4.48.202209192333
IP
ASN #10837 WELLSFARGO-10837
File type ASCII text, with very long lines (6813), with CRLF line terminators
Hash b0eaf99033dacb91df01cca9f18c5efd
c36cef3a700b34b9d1298bf2c93e396b95a27222
916f35f839cc40c2eccad5d01538ed4adb46de9d51e9b95bdb9dd3598a3c8d0f
GET /tracking/main/utag.396.js?utv=ut4.48.202209192333 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:42:05 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 22 Sep 2022 20:06:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"632cc033-2110"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip
data.schemaapp.com/WellsFargo/aHR0cDovL3ppdGljLmR1Y2tkbnMub3JnL3Yvd3d3LndlbGxzZmFyZ28uY29tL2ludmVzdGluZy9yZXRpcmVtZW50L2lyYS9zZWxlY3QvZnVsbC1zZXJ2aWNlL2luZGV4Lmh0bWw
200 OK 0 B URL HTTP/2 data.schemaapp.com/WellsFargo/aHR0cDovL3ppdGljLmR1Y2tkbnMub3JnL3Yvd3d3LndlbGxzZmFyZ28uY29tL2ludmVzdGluZy9yZXRpcmVtZW50L2lyYS9zZWxlY3QvZnVsbC1zZXJ2aWNlL2luZGV4Lmh0bWw
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WellsFargo/aHR0cDovL3ppdGljLmR1Y2tkbnMub3JnL3Yvd3d3LndlbGxzZmFyZ28uY29tL2ludmVzdGluZy9yZXRpcmVtZW50L2lyYS9zZWxlY3QvZnVsbC1zZXJ2aWNlL2luZGV4Lmh0bWw HTTP/1.1
Host: data.schemaapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-api-key: XPJKP-GI7DG-FVNWZ-45W51
Origin: http://zitic.duckdns.org
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 0
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: x-amz-meta-source
access-control-max-age: 3000
date: Wed, 05 Oct 2022 12:42:05 GMT
server: AmazonS3
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: max-age=14400
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Miss from cloudfront
via: 1.1 71d62f2b54e1ac2dcda3d438900cc504.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P2
x-amz-cf-id: rBdWbiDNeoQiQh7c_Aq2Iydy6gJ4tEcqH626rTDcFVealIVYyCuj3A==
X-Firefox-Spdy: h2
static.wellsfargo.com/tracking/main/utag.397.js?utv=ut4.48.202209192301
200 OK 1.8 kB URL HTTP/1.1 static.wellsfargo.com/tracking/main/utag.397.js?utv=ut4.48.202209192301
IP
ASN #10837 WELLSFARGO-10837
File type ASCII text, with very long lines (8790), with CRLF line terminators
Hash 83ec4867fa7d7a18fe8379520ca7c873
549c4bc01430a3a6aeddf8e235438bcd19d4d40a
88bb418f969436f16382dca8ded387c0513dda2648a6e11f61ff338e28d16f35
GET /tracking/main/utag.397.js?utv=ut4.48.202209192301 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:42:05 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 22 Sep 2022 20:06:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"632cc032-28c9"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip
static.wellsfargo.com/tracking/main/utag.403.js?utv=ut4.48.202104051735
200 OK 1.3 kB URL HTTP/1.1 static.wellsfargo.com/tracking/main/utag.403.js?utv=ut4.48.202104051735
IP
ASN #10837 WELLSFARGO-10837
File type ASCII text, with very long lines (1071)
Hash d9e09275c6f22e92f2ba7f907f9d1c31
712ff938b4ae788338fa1d926af874b7fbe7ab58
15c605e2b2babb99517d3b0f36ef52191d80d7a448b0089d0f254ac52559d217
GET /tracking/main/utag.403.js?utv=ut4.48.202104051735 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:42:05 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 15 Apr 2021 21:15:19 GMT
Transfer-Encoding: chunked
X-Cnection: close
Vary: Accept-Encoding
ETag: W/"6078ace7-a3a"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip
static.wellsfargo.com/tracking/main/utag.471.js?utv=ut4.48.202209271731
200 OK 2.5 kB URL HTTP/1.1 static.wellsfargo.com/tracking/main/utag.471.js?utv=ut4.48.202209271731
IP
ASN #10837 WELLSFARGO-10837
File type ASCII text, with very long lines (995)
Hash 5245bcf67d3ef6caa0e9c2185d20c08a
aa2ad19ae558fe7f58b3770873c8683ce91fba4c
343bc115dd405111bb74587ffb571d9c0f7fe4c9da381b88109998c2c7cf5f48
GET /tracking/main/utag.471.js?utv=ut4.48.202209271731 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:42:05 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 04 Oct 2022 20:01:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"633c9122-19fb"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip
static.wellsfargo.com/tracking/main/utag.413.js?utv=ut4.48.202207272202
200 OK 1.4 kB URL HTTP/1.1 static.wellsfargo.com/tracking/main/utag.413.js?utv=ut4.48.202207272202
IP
ASN #10837 WELLSFARGO-10837
File type ASCII text, with very long lines (1317)
Hash 7d2d9e509acf171d299a8fd31ef8ca0d
64cd01f823e796aa972ba0bd3349b21847dee603
c47666bd3cde639619863664b81db5e312723c4e87287993b4ebb1f12af0733c
GET /tracking/main/utag.413.js?utv=ut4.48.202207272202 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:42:05 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 28 Jul 2022 20:08:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62e2eca1-b91"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip
static.wellsfargo.com/tracking/main/utag.505.js?utv=ut4.48.202209131956
200 OK 2.8 kB URL HTTP/1.1 static.wellsfargo.com/tracking/main/utag.505.js?utv=ut4.48.202209131956
IP
ASN #10837 WELLSFARGO-10837
File type ASCII text, with very long lines (1430)
Hash b2e03f6d954a4357a7268c29f963c4f0
33e8f489c2444aa2ac08b82d692c995836020fcf
7ed82ca71abf90288110fed75cb12480d77721dca21fc258f21d3e6536df8db8
GET /tracking/main/utag.505.js?utv=ut4.48.202209131956 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:42:05 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 15 Sep 2022 20:12:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6323871b-197d"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip
static.wellsfargo.com/tracking/medallia/wdcusprem/57907/onsite/medallia-digital-embed.js
200 OK 961 B URL HTTP/1.1 static.wellsfargo.com/tracking/medallia/wdcusprem/57907/onsite/medallia-digital-embed.js
IP
ASN #10837 WELLSFARGO-10837
File type ASCII text, with very long lines (577)
Hash fdb41e651caf483e7aef91805f810c24
91fc1ceef8d8466f20133e680e77b4dc6de9e8f4
ffd6d341df741ab75634dc5345d0bb8b489fb84de377ef4c2445c4e355fc9cc3
GET /tracking/medallia/wdcusprem/57907/onsite/medallia-digital-embed.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:42:06 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 28 Apr 2022 00:53:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6269e590-96c"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip
static.wellsfargo.com/tracking/alloy/alloy.js
200 OK 25 kB URL HTTP/1.1 static.wellsfargo.com/tracking/alloy/alloy.js
IP
ASN #10837 WELLSFARGO-10837
File type Unicode text, UTF-8 text, with very long lines (65505)
Hash 9a021c3b9dea16b9bedb216b6b195cdd
f767ed7dba6d08b08ffc5b35fb0468eb00c66a25
54b94b3b7c4900d7012f824d21f9fa94928055f6cae6c59c23d88a10eaa79e95
GET /tracking/alloy/alloy.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:42:06 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 25 Aug 2022 20:01:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6307d531-12d93"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip
ocsp.digicert.com/
200 OK 471 B IP
Hash 61cf17a098963bddff974ecbd551d43a
9815b78817023eafa348876aefbc2ca1d6017eb4
fcb5d62e4d4cf1a359e503ed33cae92e7bde72647a6c5bda78be657e5c4af9ca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5044
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 12:42:06 GMT
Last-Modified: Wed, 05 Oct 2022 11:18:02 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
static.wellsfargo.com/tracking/gb/detector-dom.min.js
200 OK 132 kB URL HTTP/1.1 static.wellsfargo.com/tracking/gb/detector-dom.min.js
IP
ASN #10837 WELLSFARGO-10837
File type ASCII text, with very long lines (65434)
Size 132 kB (131829 bytes)
Hash 73ad7a8f8ccda765b898b038f90d8274
756ac35ad2422d93a0b327dfeff7fe9200695883
60ccc38cf175aba7cbe63bf1ec6319b5c1648d9a52014dfefa6ec718476a17b7
GET /tracking/gb/detector-dom.min.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:42:05 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 22 Sep 2022 20:03:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"632cbfa4-6b8d3"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Cache-Control: max-age=1800
Content-Encoding: gzip
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=267d133c-d822-4bea-8cfb-5a61a56b906f%3A0&_cls_v=c36e288e-f825-4104-9a30-ad3ba2670abd&pv=2&f_cls_s=true
200 OK 76 B URL HTTP/1.1 rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=267d133c-d822-4bea-8cfb-5a61a56b906f%3A0&_cls_v=c36e288e-f825-4104-9a30-ad3ba2670abd&pv=2&f_cls_s=true
IP
ASN #20940 Akamai International B.V.
File type JSON data\012- , ASCII text, with no line terminators
Hash 989f36a01b7f9fee14a98d79343a722f
7b2b6d1eda4e0202bd5f3b930f898e3ed7dd20ea
937319edccd845eff949058cd6ca4ba5d51bc600e6ab7455ef88de47f187b08b
GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=267d133c-d822-4bea-8cfb-5a61a56b906f%3A0&_cls_v=c36e288e-f825-4104-9a30-ad3ba2670abd&pv=2&f_cls_s=true HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://zitic.duckdns.org
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://zitic.duckdns.org
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 76
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Vary: origin, Accept-Encoding
Date: Wed, 05 Oct 2022 12:42:06 GMT
Connection: keep-alive
Set-Cookie: _cls_s=267d133c-d822-4bea-8cfb-5a61a56b906f:0; Secure; SameSite=None;HttpOnly;Secure
_cls_v=c36e288e-f825-4104-9a30-ad3ba2670abd; Secure; SameSite=None;HttpOnly;Secure
ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!b6L+/AUCbGgqozsR0YpcGl4FPg9joeaqv/Gp5TP1OvYc71KhGs1074s6XBkeoyXX0cH0L1kbAjoj6Q==; path=/; Httponly; Secure
DCID=iEvyDvMcsNJVImItily+wf1xLS2+D5YRgvQgI3CKlYKT6hPeEDXFscWCnOFURLVX; Domain=rubicon.wellsfargo.com; Path=/; Expires=Wed, 05 Oct 2022 12:57:06 GMT;Httponly; Secure
static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js
200 OK 14 kB URL HTTP/1.1 static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js
IP
ASN #10837 WELLSFARGO-10837
File type ASCII text, with very long lines (32088), with CRLF line terminators
Hash 3aebe41731e9656c48b87e8e8b2d1177
43369d1732f4ad8a5e7a1e9a3e133d96945afe02
6cf0cd136cefa8b4cce2da6ead22c33b83af4af3e87d7e4e9589b60f6ce4e395
GET /assets/js/wfui/appdynamics/adrum-ext.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:42:06 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 09 Mar 2021 18:36:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6047c047-b11c"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
edge.adobedc.net/ee/v1/identity/acquire?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=86c8bb79-0618-4722-b0e8-96ca8daeb897
200 OK 82 kB URL HTTP/2 edge.adobedc.net/ee/v1/identity/acquire?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=86c8bb79-0618-4722-b0e8-96ca8daeb897
IP
File type OpenPGP Secret Key\012- data
Hash 964a82ae8981c84fbe4c89f3ee31769f
66bc218df9aa7bbba77ee211b3b9941647f6a15d
4fa535d4f9c24e19d0a6db0b37bc138129d7656541fb1e2cb98ca831f49395b6
POST /ee/v1/identity/acquire?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=86c8bb79-0618-4722-b0e8-96ca8daeb897 HTTP/1.1
Host: edge.adobedc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://zitic.duckdns.org/
Content-Type: text/plain; charset=UTF-8
Origin: http://zitic.duckdns.org
Content-Length: 111
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-request-id: 86c8bb79-0618-4722-b0e8-96ca8daeb897
x-rate-limit-remaining: 599
vary: Origin
access-control-allow-origin: http://zitic.duckdns.org
access-control-allow-credentials: true
access-control-expose-headers: Retry-After, X-Adobe-Edge, X-Request-ID
date: Wed, 05 Oct 2022 12:42:05 GMT
x-konductor: 22.9.54:a77b84d1
x-adobe-edge: IRL1;6
server: jag
content-encoding: deflate
content-type: application/json;charset=utf-8
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
resources.digital-cloud-prem.medallia.com/wdcusprem/57907/onsite/onsiteData.json
200 OK 1.5 kB URL HTTP/2 resources.digital-cloud-prem.medallia.com/wdcusprem/57907/onsite/onsiteData.json
IP
File type JSON data\012- , ASCII text, with very long lines (2056)
Hash c9e0528f64d1e24fbfea3ed57c48a781
5c68095e947a74761541c7e78517e5ec7da48f99
edbcc863269fbfbc0aa044b7a54a4c06538f254869b87c25ab24628a40a97560
GET /wdcusprem/57907/onsite/onsiteData.json HTTP/1.1
Host: resources.digital-cloud-prem.medallia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://zitic.duckdns.org
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: iDBZf83PeQARAeD4T1KmKmChB5BV6y+SNYuXBIk/kpyBOBRcZ2uAVY03AgsnMeuY7lpfGgjXrlk=
x-amz-request-id: 9Q9NHEFN1AWA2Z5C
last-modified: Mon, 29 Aug 2022 14:36:24 GMT
etag: "4dd8128146b81339a1aabe91b5ddbafa"
x-amz-version-id: h0XCleBJUwMzYgUwLc_VpXobL_hX1j6f
content-type: application/json
server: AmazonS3
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
access-control-allow-origin: *
cache-control: max-age=0,must-revalidate
accept-ranges: bytes
date: Wed, 05 Oct 2022 12:42:07 GMT
age: 2702632
x-served-by: cache-pao12023-PAO, cache-bma1627-BMA
x-cache: HIT, HIT
x-cache-hits: 33, 1
x-timer: S1664973727.132976,VS0,VE1
vary: Accept-Encoding
strict-transport-security: max-age=31557600
content-length: 1456
X-Firefox-Spdy: h2
edge.adobedc.net/ee/irl1/v1/interact?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=f90c3df9-b305-43d0-890c-5e1c2502d42d
200 OK 16 kB URL HTTP/2 edge.adobedc.net/ee/irl1/v1/interact?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=f90c3df9-b305-43d0-890c-5e1c2502d42d
IP
Hash 3de28f0d2f07fc18a24c6c9c64451057
24de6be3d8386246b3db8cd5641c32081ce6d096
28cbe8e57df530b53c1c396abe56b811277dc4b84fd5d7a1820576be996fb309
POST /ee/irl1/v1/interact?configId=14f82f5f-3a7a-4f91-ad08-c3ab704b13b4&requestId=f90c3df9-b305-43d0-890c-5e1c2502d42d HTTP/1.1
Host: edge.adobedc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://zitic.duckdns.org/
Content-Type: text/plain; charset=UTF-8
Origin: http://zitic.duckdns.org
Content-Length: 3896
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-request-id: f90c3df9-b305-43d0-890c-5e1c2502d42d
x-rate-limit-remaining: 599
vary: Origin
access-control-allow-origin: http://zitic.duckdns.org
access-control-allow-credentials: true
access-control-expose-headers: Retry-After, X-Adobe-Edge, X-Request-ID
date: Wed, 05 Oct 2022 12:42:05 GMT
x-konductor: 22.9.54:a77b84d1
x-adobe-edge: IRL1;6
server: jag
content-encoding: deflate
content-type: application/json;charset=utf-8
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
udc-neb.kampyle.com/v1/qceuv8449dzg58ptt1bhda9g8ue19c7s/track
200 OK 59 B URL HTTP/1.1 udc-neb.kampyle.com/v1/qceuv8449dzg58ptt1bhda9g8ue19c7s/track
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 0ab969c512ad71613832d03710eadde2
f64271cfa7e4b386fed80e18a958a90ffd1e3893
cbc1399b82e42018fbc8b8b9277200665d6367c9134ead9308ea5e568b00e459
POST /v1/qceuv8449dzg58ptt1bhda9g8ue19c7s/track HTTP/1.1
Host: udc-neb.kampyle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-type: application/x-www-form-urlencoded
Content-Length: 1994
Origin: http://zitic.duckdns.org
Connection: keep-alive
Referer: http://zitic.duckdns.org/
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:42:07 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://zitic.duckdns.org
Access-Control-Allow-Methods: GET, POST, PUT, DELETE
Access-Control-Allow-Headers: X-Requested-With, Origin, Content-Type, Accept
Access-Control-Max-Age: 1800
X-ME: prod-instance-gatewayservice-blue-8k48
X-Application-Context: application:9090
Content-Type: text/plain;charset=ISO-8859-1
Content-Length: 59
Server: Jetty(9.2.11.v20150529)
Via: 1.1 google
udc-neb.kampyle.com/v1/qceuv8449dzg58ptt1bhda9g8ue19c7s/track
200 OK 59 B URL HTTP/1.1 udc-neb.kampyle.com/v1/qceuv8449dzg58ptt1bhda9g8ue19c7s/track
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 0ab969c512ad71613832d03710eadde2
f64271cfa7e4b386fed80e18a958a90ffd1e3893
cbc1399b82e42018fbc8b8b9277200665d6367c9134ead9308ea5e568b00e459
POST /v1/qceuv8449dzg58ptt1bhda9g8ue19c7s/track HTTP/1.1
Host: udc-neb.kampyle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-type: application/x-www-form-urlencoded
Content-Length: 2045
Origin: http://zitic.duckdns.org
Connection: keep-alive
Referer: http://zitic.duckdns.org/
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:42:07 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://zitic.duckdns.org
Access-Control-Allow-Methods: GET, POST, PUT, DELETE
Access-Control-Allow-Headers: X-Requested-With, Origin, Content-Type, Accept
Access-Control-Max-Age: 1800
X-ME: prod-instance-gatewayservice-blue-lgxj
X-Application-Context: application:9090
Content-Type: text/plain;charset=ISO-8859-1
Content-Length: 59
Server: Jetty(9.2.11.v20150529)
Via: 1.1 google
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInBhZ2VfdGl0bGUiOiAiRnVsbCBTZXJ2aWNlIEJyb2tlcmFnZSBJUkEgLSBXZWxscyBGYXJnbyIsInBhZ2VfdXJsIjogImh0dHA6Ly96aXRpYy5kdWNrZG5zLm9yZy92L3d3dy53ZWxsc2ZhcmdvLmNvbS9pbnZlc3RpbmcvcmV0aXJlbWVudC9pcmEvc2VsZWN0L2Z1bGwtc2VydmljZS9pbmRleC5odG1sIiwidHJhY2tlcl90eXBlIjogImphdmFzY3JpcHQiLCJ0cmFja2VyX3ZlcnNpb24iOiAiMi4yLjIwIiwiZXZlbnRfbmFtZSI6ICJuZWJ1bGFfcGFnZV92aWV3IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE2NjQ5NzM3MjcxNTYiLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAwLCJ1c2VyX2lkIjogIjE4M2E4MmFlNTViNGI5LTBjOTcwMTQyNTdhNDBlOC0zMDZkNDY0YS0xNDAwMDAtMTgzYTgyYWU1NWM1MmQiLCJlbnZpcm9tZW50IjogImRpZ2l0YWwtY2xvdWQtdXMtcHJlbSIsImFjY291bnRJZCI6IDU3OTA1LCJ1cmwiOiAiaHR0cDovL3ppdGljLmR1Y2tkbnMub3JnL3Yvd3d3LndlbGxzZmFyZ28uY29tL2ludmVzdGluZy9yZXRpcmVtZW50L2lyYS9zZWxlY3QvZnVsbC1zZXJ2aWNlL2luZGV4Lmh0bWwiLCJ3ZWJzaXRlSWQiOiA1NzkwNywiZm9ybUlkIjogbnVsbCwiZm9ybVRyaWdnZXJUeXBlIjogbnVsbCwia2FtcHlsZV9kYXRhIjogeyJMQVNUX0lOVklUQVRJT05fVklFVyI6ICIiLCJERUNMSU5FRF9EQVRFIjogIiIsImthbXB5bGVJbnZpdGVQcmVzZW50ZWQiOiAiIiwia2FtcHlsZV91c2VyaWQiOiAiNzUxMS00ZjZiLTg4MDItNGNkMy0wOWUwLWIwNzEtZjllOC0xY2FlIiwia2FtcHlsZVVzZXJTZXNzaW9uIjogIjE2NjQ5NzM3MjcxNTUiLCJrYW1weWxlVXNlclBlcmNlbnRpbGUiOiAiIiwiU1VCTUlUVEVEX0RBVEUiOiAiIn0sImNvb2tpZV9zaXplIjogNTE2LCJrYW1weWxlX3ZlcnNpb24iOiAiMi40MS4wIiwib25zaXRlX3ZlcnNpb24iOiAiMi40MS4wIiwiaGlzdG9yeV9sZW5ndGgiOiAxLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNjY0OTczNzI3MTU2LCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZSwicGFja2FnZVZlcnNpb24iOiAiMi40MS4xXzIwMjIwNDEyMTg1NDMwIn0KXX0=
200 OK 0 B URL HTTP/1.1 udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInBhZ2VfdGl0bGUiOiAiRnVsbCBTZXJ2aWNlIEJyb2tlcmFnZSBJUkEgLSBXZWxscyBGYXJnbyIsInBhZ2VfdXJsIjogImh0dHA6Ly96aXRpYy5kdWNrZG5zLm9yZy92L3d3dy53ZWxsc2ZhcmdvLmNvbS9pbnZlc3RpbmcvcmV0aXJlbWVudC9pcmEvc2VsZWN0L2Z1bGwtc2VydmljZS9pbmRleC5odG1sIiwidHJhY2tlcl90eXBlIjogImphdmFzY3JpcHQiLCJ0cmFja2VyX3ZlcnNpb24iOiAiMi4yLjIwIiwiZXZlbnRfbmFtZSI6ICJuZWJ1bGFfcGFnZV92aWV3IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE2NjQ5NzM3MjcxNTYiLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAwLCJ1c2VyX2lkIjogIjE4M2E4MmFlNTViNGI5LTBjOTcwMTQyNTdhNDBlOC0zMDZkNDY0YS0xNDAwMDAtMTgzYTgyYWU1NWM1MmQiLCJlbnZpcm9tZW50IjogImRpZ2l0YWwtY2xvdWQtdXMtcHJlbSIsImFjY291bnRJZCI6IDU3OTA1LCJ1cmwiOiAiaHR0cDovL3ppdGljLmR1Y2tkbnMub3JnL3Yvd3d3LndlbGxzZmFyZ28uY29tL2ludmVzdGluZy9yZXRpcmVtZW50L2lyYS9zZWxlY3QvZnVsbC1zZXJ2aWNlL2luZGV4Lmh0bWwiLCJ3ZWJzaXRlSWQiOiA1NzkwNywiZm9ybUlkIjogbnVsbCwiZm9ybVRyaWdnZXJUeXBlIjogbnVsbCwia2FtcHlsZV9kYXRhIjogeyJMQVNUX0lOVklUQVRJT05fVklFVyI6ICIiLCJERUNMSU5FRF9EQVRFIjogIiIsImthbXB5bGVJbnZpdGVQcmVzZW50ZWQiOiAiIiwia2FtcHlsZV91c2VyaWQiOiAiNzUxMS00ZjZiLTg4MDItNGNkMy0wOWUwLWIwNzEtZjllOC0xY2FlIiwia2FtcHlsZVVzZXJTZXNzaW9uIjogIjE2NjQ5NzM3MjcxNTUiLCJrYW1weWxlVXNlclBlcmNlbnRpbGUiOiAiIiwiU1VCTUlUVEVEX0RBVEUiOiAiIn0sImNvb2tpZV9zaXplIjogNTE2LCJrYW1weWxlX3ZlcnNpb24iOiAiMi40MS4wIiwib25zaXRlX3ZlcnNpb24iOiAiMi40MS4wIiwiaGlzdG9yeV9sZW5ndGgiOiAxLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNjY0OTczNzI3MTU2LCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZSwicGFja2FnZVZlcnNpb24iOiAiMi40MS4xXzIwMjIwNDEyMTg1NDMwIn0KXX0=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInBhZ2VfdGl0bGUiOiAiRnVsbCBTZXJ2aWNlIEJyb2tlcmFnZSBJUkEgLSBXZWxscyBGYXJnbyIsInBhZ2VfdXJsIjogImh0dHA6Ly96aXRpYy5kdWNrZG5zLm9yZy92L3d3dy53ZWxsc2ZhcmdvLmNvbS9pbnZlc3RpbmcvcmV0aXJlbWVudC9pcmEvc2VsZWN0L2Z1bGwtc2VydmljZS9pbmRleC5odG1sIiwidHJhY2tlcl90eXBlIjogImphdmFzY3JpcHQiLCJ0cmFja2VyX3ZlcnNpb24iOiAiMi4yLjIwIiwiZXZlbnRfbmFtZSI6ICJuZWJ1bGFfcGFnZV92aWV3IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE2NjQ5NzM3MjcxNTYiLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAwLCJ1c2VyX2lkIjogIjE4M2E4MmFlNTViNGI5LTBjOTcwMTQyNTdhNDBlOC0zMDZkNDY0YS0xNDAwMDAtMTgzYTgyYWU1NWM1MmQiLCJlbnZpcm9tZW50IjogImRpZ2l0YWwtY2xvdWQtdXMtcHJlbSIsImFjY291bnRJZCI6IDU3OTA1LCJ1cmwiOiAiaHR0cDovL3ppdGljLmR1Y2tkbnMub3JnL3Yvd3d3LndlbGxzZmFyZ28uY29tL2ludmVzdGluZy9yZXRpcmVtZW50L2lyYS9zZWxlY3QvZnVsbC1zZXJ2aWNlL2luZGV4Lmh0bWwiLCJ3ZWJzaXRlSWQiOiA1NzkwNywiZm9ybUlkIjogbnVsbCwiZm9ybVRyaWdnZXJUeXBlIjogbnVsbCwia2FtcHlsZV9kYXRhIjogeyJMQVNUX0lOVklUQVRJT05fVklFVyI6ICIiLCJERUNMSU5FRF9EQVRFIjogIiIsImthbXB5bGVJbnZpdGVQcmVzZW50ZWQiOiAiIiwia2FtcHlsZV91c2VyaWQiOiAiNzUxMS00ZjZiLTg4MDItNGNkMy0wOWUwLWIwNzEtZjllOC0xY2FlIiwia2FtcHlsZVVzZXJTZXNzaW9uIjogIjE2NjQ5NzM3MjcxNTUiLCJrYW1weWxlVXNlclBlcmNlbnRpbGUiOiAiIiwiU1VCTUlUVEVEX0RBVEUiOiAiIn0sImNvb2tpZV9zaXplIjogNTE2LCJrYW1weWxlX3ZlcnNpb24iOiAiMi40MS4wIiwib25zaXRlX3ZlcnNpb24iOiAiMi40MS4wIiwiaGlzdG9yeV9sZW5ndGgiOiAxLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNjY0OTczNzI3MTU2LCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZSwicGFja2FnZVZlcnNpb24iOiAiMi40MS4xXzIwMjIwNDEyMTg1NDMwIn0KXX0= HTTP/1.1
Host: udc-neb.kampyle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://zitic.duckdns.org/
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:42:07 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PUT, DELETE
Access-Control-Allow-Headers: X-Requested-With, Origin, Content-Type, Accept
Access-Control-Max-Age: 1800
X-ME: prod-instance-gatewayservice-blue-2k5w
X-Application-Context: application:9090
Content-Type: image/gif; charset=UTF-8
Content-Length: 0
Server: Jetty(9.2.11.v20150529)
Via: 1.1 google
ocsp.digicert.com/
200 OK 471 B IP
Hash b03d831910f48fa08e0a981e7fea45a2
10706f4f98e2bda57f6bd3444ba64784b5d8dc4c
99f5f244520c2cf83440ead06ab2999649091133cd8917baa67e47fe1e9d206c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3369
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 12:42:07 GMT
Last-Modified: Wed, 05 Oct 2022 11:45:58 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50
200 OK 0 B URL HTTP/2 pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50
IP
GET /eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50 HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 05 Oct 2022 12:42:07 GMT
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
expires: 0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2
pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum
200 OK 0 B URL HTTP/2 pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum
IP
POST /eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 12868
Origin: http://zitic.duckdns.org
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 05 Oct 2022 12:42:08 GMT
content-type: text/html
expires: 0
set-cookie: ADRUM_BTa=R:25|g:2e4f64a2-22a7-400e-903f-795f24cd276f;Path=/;Expires=Wed, 05-Oct-2022 12:42:38 GMT;Max-Age=30
ADRUM_BTa=R:25|g:2e4f64a2-22a7-400e-903f-795f24cd276f|n:appdynamics_eee1d4f8-67a2-498e-a725-47e29803822e;Path=/;Expires=Wed, 05-Oct-2022 12:42:38 GMT;Max-Age=30
SameSite=None;Path=/;Expires=Wed, 05-Oct-2022 12:42:38 GMT;Max-Age=30;Secure
ADRUM_BT1=R:25|i:559461;Path=/;Expires=Wed, 05-Oct-2022 12:42:38 GMT;Max-Age=30
ADRUM_BT1=R:25|i:559461|e:4;Path=/;Expires=Wed, 05-Oct-2022 12:42:38 GMT;Max-Age=30
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2
cdn.schemaapp.com/javascript/schemaFunctions.min.js
200 OK 0 B URL HTTP/2 cdn.schemaapp.com/javascript/schemaFunctions.min.js
IP
GET /javascript/schemaFunctions.min.js HTTP/1.1
Host: cdn.schemaapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
x-amz-replication-status: COMPLETED
last-modified: Thu, 03 Jun 2021 19:02:30 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: ebtKiJ.k06e6HWGVnUjCEswYzQTrKhD5
server: AmazonS3
content-encoding: gzip
date: Sun, 02 Oct 2022 22:00:18 GMT
cache-control: max-age=699840
etag: W/"fa714262345ea0338a058d93199f56ed"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 7cb11ed28173c541fc01b012ea9b85aa.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P3
x-amz-cf-id: rn1hzvW7wjB9Na09hikiJj8uHN2U0T0AvGk9Lx21fYW0rCFNWff1Fw==
age: 225708
X-Firefox-Spdy: h2
cdn.schemaapp.com/javascript/highlight.js
200 OK 0 B URL HTTP/2 cdn.schemaapp.com/javascript/highlight.js
IP
GET /javascript/highlight.js HTTP/1.1
Host: cdn.schemaapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://zitic.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
x-amz-replication-status: COMPLETED
last-modified: Tue, 13 Sep 2022 13:00:40 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: yuc1pGbDhqDdI_gLgLi7faeJw6LKcbDu
server: AmazonS3
content-encoding: gzip
date: Sat, 01 Oct 2022 08:49:51 GMT
cache-control: max-age=699840
etag: W/"a75cfd2d41ac714329a4fc6895bb082d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 7cb11ed28173c541fc01b012ea9b85aa.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P3
x-amz-cf-id: Q5mKdkMchCaG8c9mgCavsMgX-la-AanBlbCsGGlG5Qsm2PgRv0dNDA==
age: 359535
X-Firefox-Spdy: h2
54.224.73.73
104.110.5.8
15.236.176.210
151.101.85.230
93.184.220.29
0.0.0.0