genrepost.com Open in urlscan Pro
2606:4700:30::6818:7a81 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/260488361/0.html?_f6955582f5...
Submission Tags: 6101448
Submission: On June 30 via api (June 30th 2019, 1:48:01 pm UTC) from US

Summary HTTP 48 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 8 IPs in 4 countries across 5 domains to perform 48 HTTP transactions. The main IP is 2606:4700:30::6818:7a81, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is genrepost.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on February 13th 2019. Valid for: a year.

This is the only time genrepost.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Wells Fargo (Banking)

Domain & IP information

	IP Address	AS Autonomous System
3 7	2606:4700:30:... 2606:4700:30::6818:7a81	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
8	159.45.66.156 159.45.66.156	4196 (WELLSFARG...) (WELLSFARGO-4196 - Wells Fargo & Company)
2	159.45.2.178 159.45.2.178	10837 (WELLSFARG...) (WELLSFARGO-10837 - Wells Fargo & Company)
26	104.109.70.200 104.109.70.200	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	104.109.78.230 104.109.78.230	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	54.154.86.186 54.154.86.186	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:815::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	63.32.205.18 63.32.205.18	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
48	8

7 2606:4700:30::6818:7a81 (United States) 3 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

genrepost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.genrepost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 159.45.66.156 (United States)

ASN4196 (WELLSFARGO-4196 - Wells Fargo & Company, US)

connect.secure.wellsfargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 159.45.2.178 (Concord, United States)

ASN10837 (WELLSFARGO-10837 - Wells Fargo & Company, US)

static.wellsfargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 104.109.70.200 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-70-200.deploy.static.akamaitechnologies.com

www01.wellsfargomedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www04.wellsfargomedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.109.78.230 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-78-230.deploy.static.akamaitechnologies.com

www20.wellsfargomedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.154.86.186 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-154-86-186.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.32.205.18 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-63-32-205-18.eu-west-1.compute.amazonaws.com

wellsfargobankna.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	wellsfargomedia.com www01.wellsfargomedia.com www04.wellsfargomedia.com www20.wellsfargomedia.com	287 KB
10	wellsfargo.com connect.secure.wellsfargo.com static.wellsfargo.com	167 KB
7	genrepost.com 3 redirects genrepost.com www.genrepost.com	13 KB
3	demdex.net dpm.demdex.net wellsfargobankna.demdex.net	3 KB
1	google-analytics.com www.google-analytics.com
48	5

	Domain	Requested by
23	www01.wellsfargomedia.com	genrepost.com
8	connect.secure.wellsfargo.com	genrepost.com connect.secure.wellsfargo.com
4	www20.wellsfargomedia.com	genrepost.com
4	genrepost.com	3 redirects
3	www.genrepost.com	genrepost.com
3	www04.wellsfargomedia.com	genrepost.com
2	dpm.demdex.net	connect.secure.wellsfargo.com
2	static.wellsfargo.com	genrepost.com
1	wellsfargobankna.demdex.net	connect.secure.wellsfargo.com
1	www.google-analytics.com	connect.secure.wellsfargo.com
48	10

This site contains links to these domains. Also see Links.

Domain
oam.wellsfargo.com
icomplete.wellsfargo.com
www.wellsfargoadvisors.com
connect.secure.wellsfargo.com
privatebank.wf.com
www.abbotdowning.com
welcome.wf.com
www.facebook.com
www.linkedin.com
instagram.com
www.pinterest.com
www.youtube.com
twitter.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-02-13` - `2020-02-13`	a year	crt.sh
connect.secure.wellsfargo.com DigiCert Global CA G2	`2019-02-07` - `2021-02-07`	2 years	crt.sh
static.wellsfargo.com DigiCert Global CA G2	`2019-02-07` - `2021-02-07`	2 years	crt.sh
www01.wellsfargomedia.com GeoTrust RSA CA 2018	`2019-02-19` - `2020-05-20`	a year	crt.sh
www20.wellsfargomedia.com GeoTrust RSA CA 2018	`2019-02-19` - `2020-05-20`	a year	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-06-11` - `2019-09-03`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/260488361/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785=
Frame ID: B55C26BEF8293332655DC042C89D1212
Requests: 48 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

48
Requests

100 %
HTTPS

25 %
IPv6

5
Domains

10
Subdomains

8
IPs

4
Countries

469 kB
Transfer

781 kB
Size

1
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://oam.wellsfargo.com/oamo/identity/enrollment
Title: Enroll

Search URL Search Domain Scan URL

URL: https://icomplete.wellsfargo.com/oas/status/auth
Title: Finish Application/Check Status

Search URL Search Domain Scan URL

URL: https://www.wellsfargoadvisors.com/services/intuitive-investor.htm?cid=WFA1800032810&excid=WFA1800032810
Title: Digital Investing Plus Advice

Search URL Search Domain Scan URL

URL: https://www.wellsfargoadvisors.com/intuitive-investor/sign-on.htm?cid=WF1800032820&excid=WF1800032820
Title: Open an Intuitive Investor® Account

Search URL Search Domain Scan URL

URL: https://connect.secure.wellsfargo.com/auth/login/present?origin=irt
Title: Employer Plan 401(k) Sign On

Search URL Search Domain Scan URL

URL: https://privatebank.wf.com/conversations/
Title: Conversations Magazine

Search URL Search Domain Scan URL

URL: https://www.abbotdowning.com/contact_us/headquarters/
Title: Contact Abbot Downing

Search URL Search Domain Scan URL

URL: https://connect.secure.wellsfargo.com/auth/login/rewards
Title: Sign On to Go Far Rewards

Search URL Search Domain Scan URL

URL: https://welcome.wf.com/foodbank/
Title: Learn More

Search URL Search Domain Scan URL

URL: https://www.facebook.com/wellsfargo
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/wellsfargo
Title:

Search URL Search Domain Scan URL

URL: https://instagram.com/wellsfargo/
Title:

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/wellsfargo/
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/wellsfargo
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/wellsfargo
Title:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://genrepost.com/js/vendor/jquery-3.1.1.min.js HTTP 301
https://www.genrepost.com/js/vendor/jquery-3.1.1.min.js

Request Chain 33

https://genrepost.com/js/global/homepage_per.js HTTP 301
https://www.genrepost.com/js/global/homepage_per.js

Request Chain 42

https://genrepost.com/js/global/homepage_per.js HTTP 301
https://www.genrepost.com/js/global/homepage_per.js

48 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 0.html Show response
genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/260488361/ 70 KB
13 KB 1541ms
1512ms Document
text/html 2606:4700:30::6818:7a81
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/260488361/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6818:7a81 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

509f0ffec2d39bdc936272f78c20206595544fa54cc40fc0848a4f5ca7009fc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: genrepost.com
:scheme: https
:path: /wp-content/3874848479394932223/85775847579485948422/Auth_Controller/260488361/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Sun, 30 Jun 2019 13:47:26 GMT
content-type: text/html
set-cookie: __cfduid=d560844b77dd4e7def65503af2e85e6ad1561902445; expires=Mon, 29-Jun-20 13:47:25 GMT; path=/; domain=.genrepost.com; HttpOnly
last-modified: Sun, 02 Jun 2019 11:49:33 GMT
vary: Accept-Encoding
expires: Mon, 01 Jul 2019 13:47:26 GMT
cache-control: max-age=86400 public
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 4ef0978c3f80c2f9-FRA
content-encoding: br

GET
H/1.1 200 nd Show response
connect.secure.wellsfargo.com/jenny/ 43 KB
15 KB 3875ms
142ms Script
application/javascript 159.45.66.156
Wells Fargo & Com...

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.secure.wellsfargo.com/jenny/nd
Requested by: Host: genrepost.com
URL: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/260488361/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.45.66.156 , United States, ASN4196 (WELLSFARGO-4196 - Wells Fargo & Company, US),
Reverse DNS
Software: KONICHIWA/1.1 /
Resource Hash: 3a73431b2ce30bcc59c690ed1212a1597774260cd33a6933e0b3e00cb4eee9b3

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/260488361/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 30 Jun 2019 13:47:30 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: KONICHIWA/1.1
Vary: Accept-Encoding
Content-Type: application/javascript;charset=ISO-8859-1

GET
H/1.1 200
OK utag.js Show response
static.wellsfargo.com/tracking/toppages/ 149 KB
43 KB 4063ms
144ms Script
application/x-javascript 159.45.2.178
Wells Fargo & Com...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.wellsfargo.com/tracking/toppages/utag.js

Requested by

Host: genrepost.com
URL: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/260488361/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.2.178 Concord, United States, ASN10837 (WELLSFARGO-10837 - Wells Fargo & Company, US),

Reverse DNS

Software

KONICHIWA/2.0 /

Resource Hash

377002514be0ec6ce7340ccfbd11ea8456e71d26447f176af4aadbb4289ff86c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/260488361/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 30 Jun 2019 13:47:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 43204
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 25 Jun 2019 17:30:10 GMT
Server: KONICHIWA/2.0
ETag: "253d7-58c2947d14c80-gzip"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: application/x-javascript
Cache-Control: max-age=1800
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Expires: Sun, 30 Jun 2019 14:17:30 GMT

GET
H/1.1 200
OK utag.sync.js Show response
static.wellsfargo.com/tracking/toppages/ 10 KB
5 KB 3914ms
147ms Script
application/x-javascript 159.45.2.178
Wells Fargo & Com...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.wellsfargo.com/tracking/toppages/utag.sync.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.2.178 Concord, United States, ASN10837 (WELLSFARGO-10837 - Wells Fargo & Company, US),

Reverse DNS

Software

KONICHIWA/2.0 /

Resource Hash

954424ae82926de25de2b279a3c1a3a10b0f9ed2d0e45df7869ef5ffdf8efb6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/260488361/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 30 Jun 2019 13:47:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 4286
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 04 Jun 2019 21:49:52 GMT
Server: KONICHIWA/2.0
ETag: "28fb-58a8675e8e000-gzip"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: application/x-javascript
Cache-Control: max-age=1800
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Expires: Sun, 30 Jun 2019 14:17:30 GMT

GET
H/1.1 200
OK homepage_per.css
www01.wellsfargomedia.com/css/home/ 45 KB
9 KB 349ms
31ms Stylesheet
text/css 104.109.70.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www01.wellsfargomedia.com/css/home/homepage_per.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.70.200 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-70-200.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

d121dceb464515079b2354ace969cca164b7020feb1191cf751afae3677d2b92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/260488361/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 8878
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 06 Jun 2019 20:28:44 GMT
Server: KONICHIWA/2.0
X-Frame-Options: SAMEORIGIN
Date: Sun, 30 Jun 2019 13:47:27 GMT
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=1800
ETag: "b347-58aad8f6fd700-gzip"
Accept-Ranges: bytes
Expires: Sun, 30 Jun 2019 14:17:27 GMT

GET
H/1.1 200
OK homepage-logo-horz.svg
www01.wellsfargomedia.com/assets/images/css/template/homepage/ 4 KB
2 KB 382ms
31ms Image
image/svg+xml 104.109.70.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www01.wellsfargomedia.com/assets/images/css/template/homepage/homepage-logo-horz.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.70.200 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-70-200.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

f5e90d9eb8e07ccd4ebe0f25331a39d78d02af0405a32b93613f4b89fe472bbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/260488361/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 1699
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 17 Jul 2017 19:00:35 GMT
Server: KONICHIWA/2.0
Date: Sun, 30 Jun 2019 13:47:27 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: max-age=623
ETag: "eaa-554880386bac0"
Accept-Ranges: bytes
Expires: Sun, 30 Jun 2019 13:57:50 GMT

GET
H/1.1 200
OK homepage-lock.svg
www04.wellsfargomedia.com/assets/images/css/template/homepage/ 2 KB
1 KB 1107ms
29ms Image
image/svg+xml 104.109.70.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www04.wellsfargomedia.com/assets/images/css/template/homepage/homepage-lock.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.70.200 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-70-200.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

7bfab3d904c5effc47fe1577c20615a1efcf84f2a6e1b8e5ccaa501ac657fcab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/260488361/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 789
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 17 Jul 2017 19:00:35 GMT
Server: KONICHIWA/2.0
Date: Sun, 30 Jun 2019 13:47:32 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: max-age=1449
ETag: "6f8-554880386bac0"
Accept-Ranges: bytes
Expires: Sun, 30 Jun 2019 14:11:41 GMT

GET
H/1.1 200
OK homepage-caret-selector.svg
www01.wellsfargomedia.com/assets/images/css/template/homepage/ 336 B
775 B 34ms
28ms Image
image/svg+xml 104.109.70.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www01.wellsfargomedia.com/assets/images/css/template/homepage/homepage-caret-selector.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.70.200 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-70-200.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

ed0765dbff371196a86519e6d154c69b71fa1b7bf4ef983aaf04c5df54efd942

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/260488361/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 251
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 17 Jul 2017 19:00:35 GMT
Server: KONICHIWA/2.0
Date: Sun, 30 Jun 2019 13:47:30 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: max-age=1800
ETag: "150-554880386bac0"
Accept-Ranges: bytes
Expires: Sun, 30 Jun 2019 14:17:30 GMT

GET
H/1.1 200
OK homepage-lock-signon.svg
www01.wellsfargomedia.com/assets/images/css/template/homepage/ 2 KB
1 KB 62ms
28ms Image
image/svg+xml 104.109.70.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www01.wellsfargomedia.com/assets/images/css/template/homepage/homepage-lock-signon.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.70.200 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-70-200.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

073dbd57bfaadacd622a9b8e4f1aee42b16cd432baf7ca48a60664df80f63cb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/260488361/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 816
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 17 Jul 2017 19:00:35 GMT
Server: KONICHIWA/2.0
Date: Sun, 30 Jun 2019 13:47:30 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: max-age=1800
ETag: "664-554880386bac0"
Accept-Ranges: bytes
Expires: Sun, 30 Jun 2019 14:17:30 GMT

GET
H/1.1 200
OK homepage-image-sprite.png
www01.wellsfargomedia.com/assets/images/css/template/homepage/ 15 KB
15 KB 462ms
29ms Image
image/png 104.109.70.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www01.wellsfargomedia.com/assets/images/css/template/homepage/homepage-image-sprite.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.70.200 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-70-200.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

76425f1bc7897764846ff586b81d1495a6e807cb3ffda71ff6f51a5186b77634

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/260488361/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Wed, 20 Sep 2017 06:57:15 GMT
Server: KONICHIWA/2.0
ETag: "3a35-559997c5ea8c0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=1800
Date: Sun, 30 Jun 2019 13:47:31 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14901
X-XSS-Protection: 1; mode=block
Expires: Sun, 30 Jun 2019 14:17:31 GMT

GET
H/1.1 200
OK wfic555_ph_g-148194851_1200x532.jpg
www20.wellsfargomedia.com/assets/images/contextual/banner/enterprise/1200x532/ 56 KB
55 KB 15799ms
32ms Image
image/jpeg 104.109.78.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www20.wellsfargomedia.com/assets/images/contextual/banner/enterprise/1200x532/wfic555_ph_g-148194851_1200x532.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.78.230 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-78-230.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

04b883194991ed688178f5e50f87d5def411df40802efc1f85928c7ea923279e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/260488361/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 14 Nov 2018 17:42:48 GMT
Server: KONICHIWA/2.0
ETag: "dff7-57aa37662d600"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=1800
Date: Sun, 30 Jun 2019 13:47:46 GMT
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK homepage-marquee-dot-inactive.svg
www01.wellsfargomedia.com/assets/images/css/template/homepage/ 552 B
908 B 50ms
29ms Image
image/svg+xml 104.109.70.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www01.wellsfargomedia.com/assets/images/css/template/homepage/homepage-marquee-dot-inactive.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.70.200 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-70-200.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

c11155f5dc039dc2543740015a6851926a264fbb14d3549ddf976b90701c96b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/260488361/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 384
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 17 Jul 2017 19:00:35 GMT
Server: KONICHIWA/2.0
Date: Sun, 30 Jun 2019 13:47:31 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: max-age=1800
ETag: "228-554880386bac0"
Accept-Ranges: bytes
Expires: Sun, 30 Jun 2019 14:17:31 GMT

GET
H/1.1 200
OK homepage-marquee-dot-active.svg
www01.wellsfargomedia.com/assets/images/css/template/homepage/ 556 B
908 B 333ms
29ms Image
image/svg+xml 104.109.70.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www01.wellsfargomedia.com/assets/images/css/template/homepage/homepage-marquee-dot-active.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.70.200 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-70-200.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

e07b5c1a91bcb918cae3188c71f28a146175a066c772e9a9f9200577e6f7da36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/260488361/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 384
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 17 Jul 2017 19:00:35 GMT
Server: KONICHIWA/2.0
Date: Sun, 30 Jun 2019 13:47:31 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: max-age=1800
ETag: "22c-554880386bac0"
Accept-Ranges: bytes
Expires: Sun, 30 Jun 2019 14:17:31 GMT

GET
H/1.1 200
OK wfi000_ic_b-check_50x50.png
www20.wellsfargomedia.com/assets/images/contextual/banner/checking/50x50/ 2 KB
2 KB 15724ms
29ms Image
image/png 104.109.78.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www20.wellsfargomedia.com/assets/images/contextual/banner/checking/50x50/wfi000_ic_b-check_50x50.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.78.230 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-78-230.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

3147accc5dda730dc4de8102457f255869ee77077b9c68fb3fc287ed6ab1f6b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/260488361/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 09 Aug 2018 15:38:06 GMT
Server: KONICHIWA/2.0
ETag: "7f9-5730269d13380"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=1800
Date: Sun, 30 Jun 2019 13:47:46 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1772
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK wfi000_ic_d-card-emv-new-white_50x50.png
www20.wellsfargomedia.com/assets/images/contextual/banner/credit-card/50x50/ 2 KB
2 KB 15758ms
34ms Image
image/png 104.109.78.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www20.wellsfargomedia.com/assets/images/contextual/banner/credit-card/50x50/wfi000_ic_d-card-emv-new-white_50x50.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.78.230 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-78-230.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

4dee0896ac011cbece431bffd15bf5d0f307ca3e2eb451fef836ec1d7de689e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/260488361/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 12 Jul 2018 20:19:31 GMT
Server: KONICHIWA/2.0
ETag: "6d8-570d314af5ac0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=1800
Date: Sun, 30 Jun 2019 13:47:46 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1472
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK wfi000_ic_b-graduation-hat-w_50x50.png
www20.wellsfargomedia.com/assets/images/contextual/banner/student-loans/50x50/ 2 KB
2 KB 15695ms
29ms Image
image/png 104.109.78.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www20.wellsfargomedia.com/assets/images/contextual/banner/student-loans/50x50/wfi000_ic_b-graduation-hat-w_50x50.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.78.230 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-78-230.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

c3ff2d939394bb7e0d4281751e28ec17f99af931cbea9733483794d6f77b9016

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/260488361/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Mon, 10 Jul 2017 17:57:33 GMT
Server: KONICHIWA/2.0
ETag: "767-553fa51365d40"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=1800
Date: Sun, 30 Jun 2019 13:47:46 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1604
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK icon-makeappt_50x50.png
www01.wellsfargomedia.com/assets/images/homepage/ 813 B
1 KB 162ms
29ms Image
image/png 104.109.70.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www01.wellsfargomedia.com/assets/images/homepage/icon-makeappt_50x50.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.70.200 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-70-200.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

00840eadcdd06f534ef281b5a632daaf7f43a10cb720d2880c0325d38c9dfdc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/260488361/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Mon, 17 Jul 2017 19:00:41 GMT
Server: KONICHIWA/2.0
ETag: "32d-5548803e24840"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=1800
Date: Sun, 30 Jun 2019 13:47:31 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 813
X-XSS-Protection: 1; mode=block
Expires: Sun, 30 Jun 2019 14:17:31 GMT

GET
H/1.1 200
OK icon-rate_percent_50x50.png
www01.wellsfargomedia.com/assets/images/homepage/ 1 KB
2 KB 192ms
29ms Image
image/png 104.109.70.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www01.wellsfargomedia.com/assets/images/homepage/icon-rate_percent_50x50.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.70.200 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-70-200.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

469ed23c33689844eb52a8bc4758887a69152296a08d656dd19c0b0f5e1bacfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/260488361/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Mon, 17 Jul 2017 19:00:41 GMT
Server: KONICHIWA/2.0
ETag: "4fa-5548803e24840"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=1800
Date: Sun, 30 Jun 2019 13:47:31 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1274
X-XSS-Protection: 1; mode=block
Expires: Sun, 30 Jun 2019 14:17:31 GMT

GET
H/1.1 200
OK viewing_FICAscore_193x119.jpg
www01.wellsfargomedia.com/assets/images/icons/ 4 KB
5 KB 391ms
28ms Image
image/jpeg 104.109.70.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www01.wellsfargomedia.com/assets/images/icons/viewing_FICAscore_193x119.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.70.200 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-70-200.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

73db55d6c01a1b17a3341ed78c61906a7ee1e42af58eec4de964b49986eea8bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/260488361/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Fri, 22 Jun 2018 20:01:18 GMT
Server: KONICHIWA/2.0
ETag: "1095-56f407eb5ff80"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=1800
Date: Sun, 30 Jun 2019 13:47:31 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4245
X-XSS-Protection: 1; mode=block
Expires: Sun, 30 Jun 2019 14:17:31 GMT

GET
H/1.1 200
OK payingwithphone-beach_193x119.jpg
www01.wellsfargomedia.com/assets/images/icons/ 4 KB
5 KB 100ms
29ms Image
image/jpeg 104.109.70.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www01.wellsfargomedia.com/assets/images/icons/payingwithphone-beach_193x119.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.70.200 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-70-200.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

cba86aa1470f9f48da99be33240cd013988442c106e4dd3dbbe68196c3be6a82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/260488361/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Fri, 22 Jun 2018 20:01:18 GMT
Server: KONICHIWA/2.0
ETag: "1028-56f407eb5ff80"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=1800
Date: Sun, 30 Jun 2019 13:47:31 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4136
X-XSS-Protection: 1; mode=block
Expires: Sun, 30 Jun 2019 14:17:31 GMT

GET
H/1.1 200
OK NBA-Retirement-193x119.png
www01.wellsfargomedia.com/assets/images/icons/193x119/ 8 KB
8 KB 269ms
43ms Image
image/png 104.109.70.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www01.wellsfargomedia.com/assets/images/icons/193x119/NBA-Retirement-193x119.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.70.200 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-70-200.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

597f0ea5650dc18a6f73ace2d358889007504800173ea5668b069d1672ad5bd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/260488361/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Fri, 09 Nov 2018 21:01:30 GMT
Server: KONICHIWA/2.0
ETag: "1e62-57a41a7c93e80"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=1800
Date: Sun, 30 Jun 2019 13:47:31 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7778
X-XSS-Protection: 1; mode=block
Expires: Sun, 30 Jun 2019 14:17:31 GMT

GET
H/1.1 200
OK NBA-InvestingBasics-193x119.png
www01.wellsfargomedia.com/assets/images/icons/193x119/ 8 KB
9 KB 179ms
29ms Image
image/png 104.109.70.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www01.wellsfargomedia.com/assets/images/icons/193x119/NBA-InvestingBasics-193x119.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.70.200 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-70-200.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

79850b5d21cf57325d3820aa92c519a2ab7a4fef7bf45551d3a939262c4033af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/260488361/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Fri, 09 Nov 2018 21:01:30 GMT
Server: KONICHIWA/2.0
ETag: "2188-57a41a7c93e80"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=1800
Date: Sun, 30 Jun 2019 13:47:31 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8584
X-XSS-Protection: 1; mode=block
Expires: Sun, 30 Jun 2019 14:17:31 GMT

GET
H/1.1 200
OK viewing_FICAscore_on_tablet_970x485.jpg
www01.wellsfargomedia.com/assets/images/photography/lifestyle/970x485/ 26 KB
26 KB 222ms
28ms Image
image/jpeg 104.109.70.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www01.wellsfargomedia.com/assets/images/photography/lifestyle/970x485/viewing_FICAscore_on_tablet_970x485.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.70.200 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-70-200.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

fa747c252d4295d8472d748e35b03f97a63a4959c6685848e648b1f0b80f6e70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/260488361/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Fri, 22 Jun 2018 20:01:18 GMT
Server: KONICHIWA/2.0
ETag: "66a0-56f407eb5ff80"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=1800
Date: Sun, 30 Jun 2019 13:47:31 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 26272
X-XSS-Protection: 1; mode=block
Expires: Sun, 30 Jun 2019 14:17:31 GMT

GET
H/1.1 200
OK homepage-image-sprite-2.png
www01.wellsfargomedia.com/assets/images/css/template/homepage/ 23 KB
23 KB 303ms
31ms Image
image/png 104.109.70.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www01.wellsfargomedia.com/assets/images/css/template/homepage/homepage-image-sprite-2.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.70.200 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-70-200.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

54072fa704ec827d5af8273696528cffce00b1f820c415d7e593d53a91321f81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/260488361/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Fri, 22 Jun 2018 20:01:18 GMT
Server: KONICHIWA/2.0
ETag: "5aa5-56f407eb5ff80"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=1800
Date: Sun, 30 Jun 2019 13:47:31 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23205
X-XSS-Protection: 1; mode=block
Expires: Sun, 30 Jun 2019 14:17:31 GMT

GET
H/1.1 200
OK payingwithphone-beach_970x485.jpg
www01.wellsfargomedia.com/assets/images/photography/lifestyle/970x485/ 24 KB
25 KB 176ms
30ms Image
image/jpeg 104.109.70.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www01.wellsfargomedia.com/assets/images/photography/lifestyle/970x485/payingwithphone-beach_970x485.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.70.200 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-70-200.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

5cf16def9c8844111a812c4767a1f10722a8331574708f4af49f5c6370641dda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/260488361/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Fri, 22 Jun 2018 20:01:18 GMT
Server: KONICHIWA/2.0
ETag: "60ef-56f407eb5ff80"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=1800
Date: Sun, 30 Jun 2019 13:47:31 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24815
X-XSS-Protection: 1; mode=block
Expires: Sun, 30 Jun 2019 14:17:31 GMT

GET
H/1.1 200
OK NBA-Retirement-970x485.jpg
www01.wellsfargomedia.com/assets/images/photography/lifestyle/970x485/ 34 KB
34 KB 181ms
33ms Image
image/jpeg 104.109.70.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www01.wellsfargomedia.com/assets/images/photography/lifestyle/970x485/NBA-Retirement-970x485.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.70.200 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-70-200.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

82cf54af7aeb3e363a086f8ce5b7735bb9f43bb64609a1d32397d2b96819bf27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/260488361/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Fri, 09 Nov 2018 21:01:30 GMT
Server: KONICHIWA/2.0
ETag: "8701-57a41a7c93e80"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=1800
Date: Sun, 30 Jun 2019 13:47:31 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34561
X-XSS-Protection: 1; mode=block
Expires: Sun, 30 Jun 2019 14:17:31 GMT

GET
H/1.1 200
OK NBA-InvestingBasics-970x485.jpg
www01.wellsfargomedia.com/assets/images/photography/lifestyle/970x485/ 32 KB
32 KB 186ms
31ms Image
image/jpeg 104.109.70.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www01.wellsfargomedia.com/assets/images/photography/lifestyle/970x485/NBA-InvestingBasics-970x485.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.70.200 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-70-200.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

982003c4cecd7caa0d1b5b8ceb4ee3d9a49263cb37fe56ccf4d5113868fe6741

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/260488361/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Fri, 09 Nov 2018 21:01:30 GMT
Server: KONICHIWA/2.0
ETag: "7fe5-57a41a7c93e80"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=1800
Date: Sun, 30 Jun 2019 13:47:31 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 32741
X-XSS-Protection: 1; mode=block
Expires: Sun, 30 Jun 2019 14:17:31 GMT

GET
H/1.1 200
OK homepage-footer-stagecoach.png
www01.wellsfargomedia.com/assets/images/global/ 4 KB
5 KB 172ms
41ms Image
image/png 104.109.70.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www01.wellsfargomedia.com/assets/images/global/homepage-footer-stagecoach.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.70.200 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-70-200.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

5ba349d4d93dc2748ecdd74459d33d57328b0df69bf29c94117897bff43f6889

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/260488361/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Mon, 17 Jul 2017 19:00:41 GMT
Server: KONICHIWA/2.0
ETag: "113b-5548803e24840"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=1800
Date: Sun, 30 Jun 2019 13:47:31 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4411
X-XSS-Protection: 1; mode=block
Expires: Sun, 30 Jun 2019 14:17:31 GMT

GET
H/1.1 200
OK homepage-image-sprite.png
www04.wellsfargomedia.com/assets/images/css/template/homepage/ 15 KB
15 KB 1094ms
29ms Image
image/png 104.109.70.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www04.wellsfargomedia.com/assets/images/css/template/homepage/homepage-image-sprite.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.70.200 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-70-200.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

76425f1bc7897764846ff586b81d1495a6e807cb3ffda71ff6f51a5186b77634

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/260488361/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Wed, 20 Sep 2017 06:57:15 GMT
Server: KONICHIWA/2.0
ETag: "3a35-559997c5ea8c0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=1800
Date: Sun, 30 Jun 2019 13:47:32 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14901
X-XSS-Protection: 1; mode=block
Expires: Sun, 30 Jun 2019 14:17:32 GMT

GET
H/1.1 200
OK icon-equal-housing.png
www04.wellsfargomedia.com/assets/images/global/ 282 B
753 B 1125ms
29ms Image
image/png 104.109.70.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www04.wellsfargomedia.com/assets/images/global/icon-equal-housing.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.70.200 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-70-200.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

31ebc1799692cf80984ded81abc89d9e1540bc1e258770f5a24ad4386a48d3bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/260488361/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Mon, 17 Jul 2017 19:00:41 GMT
Server: KONICHIWA/2.0
ETag: "11a-5548803e24840"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=85
Date: Sun, 30 Jun 2019 13:47:32 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 282
X-XSS-Protection: 1; mode=block
Expires: Sun, 30 Jun 2019 13:48:57 GMT

GET
H/1.1 200
OK login-userprefs.min.js Show response
connect.secure.wellsfargo.com/auth/static/prefs/ 159 KB
88 KB 3634ms
144ms Script
application/x-javascript 159.45.66.156
Wells Fargo & Com...

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.66.156 , United States, ASN4196 (WELLSFARGO-4196 - Wells Fargo & Company, US),

Reverse DNS

Software

KONICHIWA/1.1 /

Resource Hash

6286d946e17a6b4d9cbf95bd21c16baaebb49f51e907466cdb63b7633f85ffb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/260488361/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 30 Jun 2019 13:47:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 26 Jun 2019 02:28:07 GMT
Server: KONICHIWA/1.1
X-Frame-Options: SAMEORIGIN
ETag: W/"1c6f-58c30cbb390ed"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/x-javascript; charset=UTF-8
Cache-Control: max-age=1800
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-XSS-Protection: 1; mode=block
Expires: Sun, 30 Jun 2019 14:17:30 GMT

GET
H/1.1 200
OK conutils-6.2.2.js Show response
connect.secure.wellsfargo.com/auth/static/scripts/ 10 KB
4 KB 352ms
136ms Script
application/x-javascript 159.45.66.156
Wells Fargo & Com...

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/auth/static/scripts/conutils-6.2.2.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.66.156 , United States, ASN4196 (WELLSFARGO-4196 - Wells Fargo & Company, US),

Reverse DNS

Software

KONICHIWA/1.1 /

Resource Hash

3313ac9f2c148df9dc8581ae4d7bb9023c3ef933d1152db47de29e32ec5f67b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/260488361/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 30 Jun 2019 13:47:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 3886
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 10 Apr 2019 02:57:58 GMT
Server: KONICHIWA/1.1
ETag: "26c4-586243cb39b09-gzip"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: application/x-javascript
Cache-Control: max-age=10368000
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=16
Expires: Mon, 28 Oct 2019 13:47:31 GMT

GET
H/1.1 200
OK atadun.js Show response
connect.secure.wellsfargo.com/auth/static/prefs/ 1023 B
1 KB 484ms
132ms Script
application/x-javascript 159.45.66.156
Wells Fargo & Com...

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/auth/static/prefs/atadun.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.66.156 , United States, ASN4196 (WELLSFARGO-4196 - Wells Fargo & Company, US),

Reverse DNS

Software

KONICHIWA/1.1 /

Resource Hash

eb0773bab4190baeb667b0079a148b4495acab39ad0b1beeba95d5750afe5eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/260488361/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 30 Jun 2019 13:47:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 541
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 26 Jun 2019 02:28:46 GMT
Server: KONICHIWA/1.1
ETag: "3ff-58c30ce01797f-gzip"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: application/x-javascript
Cache-Control: max-age=1800
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=42
Expires: Sun, 30 Jun 2019 14:17:31 GMT

GET
H2

404

jquery-3.1.1.min.js
www.genrepost.com/js/vendor/
Redirect Chain

https://genrepost.com/js/vendor/jquery-3.1.1.min.js
https://www.genrepost.com/js/vendor/jquery-3.1.1.min.js

0
0

4163ms
4162ms

Script
text/html

2606:4700:30::6818:7a81
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.genrepost.com/js/vendor/jquery-3.1.1.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6818:7a81 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/260488361/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 30 Jun 2019 13:47:38 GMT
content-encoding: br
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
status: 404
cache-control: no-cache, must-revalidate, max-age=0
strict-transport-security: max-age=15768000
cf-ray: 4ef097c22d2fc2f9-FRA
link: <https://www.genrepost.com/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

Redirect headers

date: Sun, 30 Jun 2019 13:47:34 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-redirect-by: WordPress
status: 301
strict-transport-security: max-age=15768000
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
location: https://www.genrepost.com/js/vendor/jquery-3.1.1.min.js
cache-control: no-cache, must-revalidate, max-age=0
cf-ray: 4ef097ae6e81c2f9-FRA
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2

404

homepage_per.js
www.genrepost.com/js/global/
Redirect Chain

https://genrepost.com/js/global/homepage_per.js
https://www.genrepost.com/js/global/homepage_per.js

0
0

4006ms
3995ms

Script
text/html

2606:4700:30::6818:7a81
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.genrepost.com/js/global/homepage_per.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6818:7a81 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/260488361/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 30 Jun 2019 13:47:38 GMT
content-encoding: br
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
status: 404
cache-control: no-cache, must-revalidate, max-age=0
strict-transport-security: max-age=15768000
cf-ray: 4ef097c1bb9ac2f9-FRA
link: <https://www.genrepost.com/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

Redirect headers

date: Sun, 30 Jun 2019 13:47:34 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-redirect-by: WordPress
status: 301
strict-transport-security: max-age=15768000
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
location: https://www.genrepost.com/js/global/homepage_per.js
cache-control: no-cache, must-revalidate, max-age=0
cf-ray: 4ef097ae6e85c2f9-FRA
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 200
OK homepage-magnifying-glass.png
www01.wellsfargomedia.com/assets/images/css/template/homepage/ 302 B
775 B 362ms
29ms Image
image/png 104.109.70.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www01.wellsfargomedia.com/assets/images/css/template/homepage/homepage-magnifying-glass.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.70.200 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-70-200.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

fbdbdec73948179778c9fa39a0108957d10c49c9bdeb9f830448bffd4a268582

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www01.wellsfargomedia.com/css/home/homepage_per.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Wed, 20 Sep 2017 06:57:15 GMT
Server: KONICHIWA/2.0
ETag: "12e-559997c5ea8c0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=1085
Date: Sun, 30 Jun 2019 13:47:31 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 302
X-XSS-Protection: 1; mode=block
Expires: Sun, 30 Jun 2019 14:05:36 GMT

GET
H/1.1 200
OK icon-tip_flag.png
www01.wellsfargomedia.com/assets/images/css/template/homepage/ 430 B
903 B 175ms
31ms Image
image/png 104.109.70.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www01.wellsfargomedia.com/assets/images/css/template/homepage/icon-tip_flag.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.70.200 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-70-200.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

1c21f46a040e99db7bad5a6a328421c35a27a92aaff1289ba691a95d904ed6f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www01.wellsfargomedia.com/css/home/homepage_per.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Mon, 17 Jul 2017 19:00:41 GMT
Server: KONICHIWA/2.0
ETag: "1ae-5548803e24840"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=1800
Date: Sun, 30 Jun 2019 13:47:31 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 430
X-XSS-Protection: 1; mode=block
Expires: Sun, 30 Jun 2019 14:17:31 GMT

GET
H/1.1 200
OK chevron-right-blue.png
www01.wellsfargomedia.com/assets/images/css/template/ 1020 B
1 KB 206ms
29ms Image
image/png 104.109.70.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www01.wellsfargomedia.com/assets/images/css/template/chevron-right-blue.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.70.200 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-70-200.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

3554aa96a4221cb3bf2062ba10fdb9a83e81fe8e8d08b3ae5a92edf6a1b7b2f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www01.wellsfargomedia.com/css/home/homepage_per.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Fri, 24 May 2013 20:02:46 GMT
Server: KONICHIWA/2.0
ETag: "3fc-4dd7c48542580"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=1800
Date: Sun, 30 Jun 2019 13:47:31 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1020
X-XSS-Protection: 1; mode=block
Expires: Sun, 30 Jun 2019 14:17:31 GMT

GET
H/1.1 200
OK homepage-signon-checkbox-inactive.svg
www01.wellsfargomedia.com/assets/images/css/template/homepage/ 516 B
896 B 131ms
28ms Image
image/svg+xml 104.109.70.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www01.wellsfargomedia.com/assets/images/css/template/homepage/homepage-signon-checkbox-inactive.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.70.200 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-70-200.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

7e9697a48939ce70ad22c87cc964f9701ce8f47eb3747ddbf8a1f9f3297fc5c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www01.wellsfargomedia.com/css/home/homepage_per.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 372
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 17 Jul 2017 19:00:35 GMT
Server: KONICHIWA/2.0
Date: Sun, 30 Jun 2019 13:47:31 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: max-age=1800
ETag: "204-554880386bac0"
Accept-Ranges: bytes
Expires: Sun, 30 Jun 2019 14:17:31 GMT

GET
H/1.1 200
OK conutils-6.9.0.js Show response
connect.secure.wellsfargo.com/auth/static/scripts/ 23 KB
9 KB 136ms
135ms Script
application/x-javascript 159.45.66.156
Wells Fargo & Com...

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/auth/static/scripts/conutils-6.9.0.js

Requested by

Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.66.156 , United States, ASN4196 (WELLSFARGO-4196 - Wells Fargo & Company, US),

Reverse DNS

Software

KONICHIWA/1.1 /

Resource Hash

7cd2b1ab0ed81ddc453b8da5357fcf7b3cbec29cd139059706a7b0bda253af48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/260488361/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 30 Jun 2019 13:47:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 8774
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 26 Jun 2019 02:28:46 GMT
Server: KONICHIWA/1.1
ETag: "5bd1-58c30ce0a8f8d-gzip"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: application/x-javascript
Cache-Control: max-age=10368000
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=4
Expires: Mon, 28 Oct 2019 13:47:31 GMT

GET
H/1.1 200
OK glu.js Show response
connect.secure.wellsfargo.com/AIDO/ 0
750 B 214ms
214ms Script
application/x-javascript 159.45.66.156
Wells Fargo & Com...

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.secure.wellsfargo.com/AIDO/glu.js?r=0.8328879678518377
Requested by: Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.45.66.156 , United States, ASN4196 (WELLSFARGO-4196 - Wells Fargo & Company, US),
Reverse DNS
Software: KONICHIWA/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/260488361/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Jun 2019 13:47:31 GMT
Content-Encoding: gzip
Server: KONICHIWA/1.1
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, OPTIONS
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Access-Control-Allow-Origin: *
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/x-javascript
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))

GET
H/1.1 204
No Content mint.js Show response
connect.secure.wellsfargo.com/AIDO/ 0
93 B 215ms
215ms Script
text/plain 159.45.66.156
Wells Fargo & Com...

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.05741593349880425
Requested by: Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.45.66.156 , United States, ASN4196 (WELLSFARGO-4196 - Wells Fargo & Company, US),
Reverse DNS
Software: KONICHIWA/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/260488361/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Connection: Keep-Alive
Content-Length: 0
Server: KONICHIWA/1.1

GET
H/1.1 200
OK pic.js Show response
connect.secure.wellsfargo.com/PIDO/ 0
750 B 239ms
209ms Script
application/x-javascript 159.45.66.156
Wells Fargo & Com...

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.secure.wellsfargo.com/PIDO/pic.js?r=0.29926617028503855
Requested by: Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.45.66.156 , United States, ASN4196 (WELLSFARGO-4196 - Wells Fargo & Company, US),
Reverse DNS
Software: KONICHIWA/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/260488361/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Jun 2019 13:47:31 GMT
Content-Encoding: gzip
Server: KONICHIWA/1.1
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, OPTIONS
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Access-Control-Allow-Origin: *
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/x-javascript
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))

GET
H2

404

homepage_per.js
www.genrepost.com/js/global/
Redirect Chain

https://genrepost.com/js/global/homepage_per.js
https://www.genrepost.com/js/global/homepage_per.js

0
0

3834ms
3833ms

Script
text/html

2606:4700:30::6818:7a81
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.genrepost.com/js/global/homepage_per.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6818:7a81 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/260488361/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 30 Jun 2019 13:47:45 GMT
content-encoding: br
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
status: 404
cache-control: no-cache, must-revalidate, max-age=0
strict-transport-security: max-age=15768000
cf-ray: 4ef097f25f2cc2f9-FRA
link: <https://www.genrepost.com/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

Redirect headers

date: Sun, 30 Jun 2019 13:47:41 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-redirect-by: WordPress
status: 301
strict-transport-security: max-age=15768000
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
location: https://www.genrepost.com/js/global/homepage_per.js
cache-control: no-cache, must-revalidate, max-age=0
cf-ray: 4ef097dc28ccc2f9-FRA
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 225 B
974 B 7607ms
54ms XHR
application/json 54.154.86.186
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://dpm.demdex.net/id?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=1BAA15F354F731E60A4C98A4%40AdobeOrg&d_nsid=1&d_coop_unsafe=1&ts=1561902466874
Requested by: Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.86.186 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-154-86-186.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 56160a74df06bcb7fb0e1af7925fd64950e733971b5746ab1915181c4f168085

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/260488361/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785=
Origin: https://genrepost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v036-0f5aa155b.edge-irl1.demdex.com 5.55.1.20190621110006 4ms
Pragma: no-cache
X-TID: s2K9IlAOQZ4=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://genrepost.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 225
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 collect
www.google-analytics.com/ 35 B
0 90ms
13ms Fetch
image/gif 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/260488361/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785=
Origin: https://genrepost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 30 Jun 2019 13:47:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: https://genrepost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 225 B
974 B 54ms
54ms XHR
application/json 54.154.86.186
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://dpm.demdex.net/id?d_visid_ver=2.5.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=1BAA15F354F731E60A4C98A4%40AdobeOrg&d_nsid=1&d_mid=32847112957226661341110792148955110359&d_coop_unsafe=1&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&d_cid_ic=wfacookieidsync%011120181125025606868845244%011&ts=1561902474492
Requested by: Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.86.186 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-154-86-186.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 7f7781083ed91a599699f7af6cd6fd91bb041a668ce732567420b2454278558d

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/260488361/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785=
Origin: https://genrepost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v036-02be35fbc.edge-irl1.demdex.com 5.55.1.20190621110006 6ms
Pragma: no-cache
X-TID: IivsvhotSFw=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://genrepost.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 225
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK event Show response
wellsfargobankna.demdex.net/ 363 B
1 KB 212ms
58ms XHR
application/json 63.32.205.18
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://wellsfargobankna.demdex.net/event?_ts=1561902466878
Requested by: Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.205.18 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-63-32-205-18.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 3fe33c1cfa70e6a403fd868dd89e20cc948d452a2b8a4e7b1387197802436260

Request headers

Referer: https://genrepost.com/wp-content/3874848479394932223/85775847579485948422/Auth_Controller/260488361/0.html?_f6955582f56fa101a8302a9bacf155f1076365018f:https:/O_A/saml/saml2/idp/SSOService_php?spentityid=http://centurylink_net/saml/module_php/saml/sp/metadata_php/Client/Library/Saml/saml-sp&cookieTime=1506110952&RelayState=http://centurylink_net/login/?bounceto=http://centurylink_net/zmail/?autologin=true&ts=1506093785=
Origin: https://genrepost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v036-00e1068e6.edge-irl1.demdex.com 5.55.1.20190621110006 11ms
Pragma: no-cache
X-TID: 7L21OWZ0QlQ=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://genrepost.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 363
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Wells Fargo (Banking)

129 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			genrepost.com/	1970-01-19 19:24:20	Name: AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg Value: T

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.secure.wellsfargo.com
dpm.demdex.net
genrepost.com
static.wellsfargo.com
wellsfargobankna.demdex.net
www.genrepost.com
www.google-analytics.com
www01.wellsfargomedia.com
www04.wellsfargomedia.com
www20.wellsfargomedia.com
104.109.70.200
104.109.78.230
159.45.2.178
159.45.66.156
2606:4700:30::6818:7a81
2a00:1450:4001:815::200e
54.154.86.186
63.32.205.18
00840eadcdd06f534ef281b5a632daaf7f43a10cb720d2880c0325d38c9dfdc8
04b883194991ed688178f5e50f87d5def411df40802efc1f85928c7ea923279e
073dbd57bfaadacd622a9b8e4f1aee42b16cd432baf7ca48a60664df80f63cb1
1c21f46a040e99db7bad5a6a328421c35a27a92aaff1289ba691a95d904ed6f5
3147accc5dda730dc4de8102457f255869ee77077b9c68fb3fc287ed6ab1f6b1
31ebc1799692cf80984ded81abc89d9e1540bc1e258770f5a24ad4386a48d3bc
3313ac9f2c148df9dc8581ae4d7bb9023c3ef933d1152db47de29e32ec5f67b0
3554aa96a4221cb3bf2062ba10fdb9a83e81fe8e8d08b3ae5a92edf6a1b7b2f7
377002514be0ec6ce7340ccfbd11ea8456e71d26447f176af4aadbb4289ff86c
3a73431b2ce30bcc59c690ed1212a1597774260cd33a6933e0b3e00cb4eee9b3
3fe33c1cfa70e6a403fd868dd89e20cc948d452a2b8a4e7b1387197802436260
469ed23c33689844eb52a8bc4758887a69152296a08d656dd19c0b0f5e1bacfa
4dee0896ac011cbece431bffd15bf5d0f307ca3e2eb451fef836ec1d7de689e7
509f0ffec2d39bdc936272f78c20206595544fa54cc40fc0848a4f5ca7009fc2
54072fa704ec827d5af8273696528cffce00b1f820c415d7e593d53a91321f81
56160a74df06bcb7fb0e1af7925fd64950e733971b5746ab1915181c4f168085
597f0ea5650dc18a6f73ace2d358889007504800173ea5668b069d1672ad5bd2
5ba349d4d93dc2748ecdd74459d33d57328b0df69bf29c94117897bff43f6889
5cf16def9c8844111a812c4767a1f10722a8331574708f4af49f5c6370641dda
6286d946e17a6b4d9cbf95bd21c16baaebb49f51e907466cdb63b7633f85ffb2
73db55d6c01a1b17a3341ed78c61906a7ee1e42af58eec4de964b49986eea8bf
76425f1bc7897764846ff586b81d1495a6e807cb3ffda71ff6f51a5186b77634
79850b5d21cf57325d3820aa92c519a2ab7a4fef7bf45551d3a939262c4033af
7bfab3d904c5effc47fe1577c20615a1efcf84f2a6e1b8e5ccaa501ac657fcab
7cd2b1ab0ed81ddc453b8da5357fcf7b3cbec29cd139059706a7b0bda253af48
7e9697a48939ce70ad22c87cc964f9701ce8f47eb3747ddbf8a1f9f3297fc5c3
7f7781083ed91a599699f7af6cd6fd91bb041a668ce732567420b2454278558d
82cf54af7aeb3e363a086f8ce5b7735bb9f43bb64609a1d32397d2b96819bf27
954424ae82926de25de2b279a3c1a3a10b0f9ed2d0e45df7869ef5ffdf8efb6a
982003c4cecd7caa0d1b5b8ceb4ee3d9a49263cb37fe56ccf4d5113868fe6741
c11155f5dc039dc2543740015a6851926a264fbb14d3549ddf976b90701c96b6
c3ff2d939394bb7e0d4281751e28ec17f99af931cbea9733483794d6f77b9016
cba86aa1470f9f48da99be33240cd013988442c106e4dd3dbbe68196c3be6a82
d121dceb464515079b2354ace969cca164b7020feb1191cf751afae3677d2b92
e07b5c1a91bcb918cae3188c71f28a146175a066c772e9a9f9200577e6f7da36
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb0773bab4190baeb667b0079a148b4495acab39ad0b1beeba95d5750afe5eb9
ed0765dbff371196a86519e6d154c69b71fa1b7bf4ef983aaf04c5df54efd942
f5e90d9eb8e07ccd4ebe0f25331a39d78d02af0405a32b93613f4b89fe472bbd
fa747c252d4295d8472d748e35b03f97a63a4959c6685848e648b1f0b80f6e70
fbdbdec73948179778c9fa39a0108957d10c49c9bdeb9f830448bffd4a268582

genrepost.com Open in urlscan Pro 2606:4700:30::6818:7a81 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

48 Requests

100 %HTTPS

25 %IPv6

5 Domains

10 Subdomains

8 IPs

4 Countries

469 kBTransfer

781 kBSize

1 Cookies

15 Outgoing links

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

genrepost.com Open in urlscan Pro
2606:4700:30::6818:7a81 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

100 %
HTTPS

25 %
IPv6

5
Domains

10
Subdomains

8
IPs

4
Countries

469 kB
Transfer

781 kB
Size

1
Cookies

48 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!