urlscan.io logo urlscan.io
SecurityTrails logo

www.wintrust.com Open in urlscan Pro
34.236.77.227  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://click.wintrustbanks.com/?qs=7a68aa9dd1c4925eece621446860aad27cd7362cd17f6244ed67275aa06390f4455c328a5f53c6422145e5083931...
Effective URL: https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
Submission: On February 06 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 8 countries across 19 domains to perform 76 HTTP transactions. The main IP is 34.236.77.227, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.wintrust.com.
TLS certificate: Issued by Entrust Certification Authority - L1M on December 16th 2019. Valid for: a year.
This is the only time www.wintrust.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 68.232.203.70 22606 (EXACT-7)
39 34.236.77.227 14618 (AMAZON-AES)
1 1 95.100.142.38 16625 (AKAMAI-AS)
1 52.55.116.26 14618 (AMAZON-AES)
1 93.184.220.41 15133 (EDGECAST)
1 2a00:1450:400... 15169 (GOOGLE)
2 23.210.248.45 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
2 52.16.220.22 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 65.52.62.25 8075 (MICROSOFT...)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 46.137.188.65 16509 (AMAZON-02)
1 216.58.207.66 15169 (GOOGLE)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.49.234.3 16509 (AMAZON-02)
2 15.188.31.119 16509 (AMAZON-02)
1 1 66.117.28.86 15224 (OMNITURE)
1 66.117.29.4 15224 (OMNITURE)
4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f12... 32934 (FACEBOOK)
76 22
1    68.232.203.70 (United States)

ASN22606 (EXACT-7, US)
PTR: click.s6.exacttarget.com
click.wintrustbanks.com
39    34.236.77.227 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-77-227.compute-1.amazonaws.com
www.wintrust.com
1    95.100.142.38 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-142-38.deploy.static.akamaitechnologies.com
cloud.typography.com
1    52.55.116.26 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-116-26.compute-1.amazonaws.com
webassets.wintrust.com
1    93.184.220.41 (London, United Kingdom)

ASN15133 (EDGECAST, US)
cloud.webtype.com
1    2a00:1450:4001:825::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
2    23.210.248.45 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-45.deploy.static.akamaitechnologies.com
assets.adobedtm.com
1    2a00:1450:4001:81b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s.ytimg.com
2    52.16.220.22 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-220-22.eu-west-1.compute.amazonaws.com
dpm.demdex.net
3    2a00:1450:4001:824::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    65.52.62.25 (Chicago, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
pls.webtype.com
2    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    46.137.188.65 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-46-137-188-65.eu-west-1.compute.amazonaws.com
www.splash-screen.net
1    216.58.207.66 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s25-in-f2.1e100.net
www.googleadservices.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    52.49.234.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-234-3.eu-west-1.compute.amazonaws.com
wintrust.demdex.net
2    15.188.31.119 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-31-119.eu-west-3.compute.amazonaws.com
wintrustfinancialcorporation.sc.omtrdc.net
1    66.117.28.86 (United States)

ASN15224 (OMNITURE, US)
cm.everesttech.net
1    66.117.29.4 (United States)

ASN15224 (OMNITURE, US)
wintrustfinancialcor.tt.omtrdc.net
4    2a00:1450:4001:816::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
4    2a00:1450:4001:816::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:81a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
Domain Requested by
39 www.wintrust.com www.wintrust.com
4 www.google.de www.wintrust.com
4 www.google.com www.wintrust.com
4 googleads.g.doubleclick.net www.wintrust.com
3 www.googletagmanager.com assets.adobedtm.com
2 www.facebook.com www.wintrust.com
2 wintrustfinancialcorporation.sc.omtrdc.net www.wintrust.com
2 connect.facebook.net www.wintrust.com
connect.facebook.net
2 www.splash-screen.net www.wintrust.com
2 www.google-analytics.com 1 redirects www.wintrust.com
2 dpm.demdex.net www.wintrust.com
2 assets.adobedtm.com www.wintrust.com
1 wintrustfinancialcor.tt.omtrdc.net www.wintrust.com
1 cm.everesttech.net 1 redirects
1 wintrust.demdex.net www.wintrust.com
1 stats.g.doubleclick.net www.wintrust.com
1 www.googleadservices.com www.googletagmanager.com
1 pls.webtype.com www.wintrust.com
1 s.ytimg.com www.youtube.com
1 www.youtube.com www.wintrust.com
1 cloud.webtype.com www.wintrust.com
1 webassets.wintrust.com www.wintrust.com
1 cloud.typography.com 1 redirects
1 click.wintrustbanks.com 1 redirects
76 24

This site contains links to these domains. Also see Links.

Domain
ir.wintrust.com
www.wintrustmortgage.com
www.linkedin.com
www.facebook.com
twitter.com
Subject Issuer Validity Valid
www.wintrust.com
Entrust Certification Authority - L1M		 2019-12-16 -
2020-11-02		 a year crt.sh
s1.wac.edgecastcdn.net
DigiCert SHA2 Secure Server CA		 2018-11-05 -
2020-11-20		 2 years crt.sh
*.google.com
GTS CA 1O1		 2020-01-21 -
2020-04-14		 3 months crt.sh
assets.adobedtm.com
DigiCert SHA2 High Assurance Server CA		 2019-10-22 -
2021-10-01		 2 years crt.sh
*.demdex.net
DigiCert SHA2 High Assurance Server CA		 2018-01-09 -
2021-02-12		 3 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-01-21 -
2020-04-14		 3 months crt.sh
*.webtype.com
Sectigo RSA Domain Validation Secure Server CA		 2019-06-30 -
2021-07-12		 2 years crt.sh
www.splash-screen.net
GeoTrust TLS RSA CA G1		 2019-02-06 -
2021-05-07		 2 years crt.sh
www.googleadservices.com
GTS CA 1O1		 2020-01-21 -
2020-04-14		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-01-16 -
2020-04-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-01-21 -
2020-04-14		 3 months crt.sh
*.sc.omtrdc.net
DigiCert SHA2 High Assurance Server CA		 2019-04-23 -
2020-04-14		 a year crt.sh
*.tt.omtrdc.net
DigiCert SHA2 High Assurance Server CA		 2017-10-19 -
2020-11-25		 3 years crt.sh
www.google.com
GTS CA 1O1		 2020-01-21 -
2020-04-14		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-01-21 -
2020-04-14		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
Frame ID: 94C72C005F4A57B5DE8ED22D44C7A222
Requests: 83 HTTP requests in this frame

Frame: https://wintrust.demdex.net/dest5.html?d_nsid=0
Frame ID: F863BBA1A619FD5C7B6D51896EA7BFA3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://click.wintrustbanks.com/?qs=7a68aa9dd1c4925eece621446860aad27cd7362cd17f6244ed67275aa06390f4455c328a... HTTP 302
    https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/etc\/designs\//i
  • script /\/etc\/clientlibs\//i
  • script /\/etc.clientlibs\//i
Overall confidence: 100%
Detected patterns
  • script /\/etc\/designs\//i
  • script /\/etc\/clientlibs\//i
  • script /\/etc.clientlibs\//i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

76
Requests

100 %
HTTPS

42 %
IPv6

19
Domains

24
Subdomains

22
IPs

8
Countries

1782 kB
Transfer

3546 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://click.wintrustbanks.com/?qs=7a68aa9dd1c4925eece621446860aad27cd7362cd17f6244ed67275aa06390f4455c328a5f53c6422145e50839310be9 HTTP 302
    https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://cloud.typography.com/6115714/7561812/css/fonts.css HTTP 302
  • https://webassets.wintrust.com/fonts/753951/9CB5850D19440A2FB.css
Request Chain 61
  • https://www.google-analytics.com/r/collect?v=1&_v=j80&a=2014195573&t=pageview&_s=1&dl=https%3A%2F%2Fwww.wintrust.com%2Fsecurity.html%3Fcid%3Demail%3Awtfc%3AJanuaryFraud%3ASecurityReminder%3A202001&ul=en-us&de=UTF-8&dt=Security%20%7C%20Wintrust&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IGBACEABB~&jid=2145666688&gjid=1351725486&cid=210170145.1581025354&tid=UA-3967335-74&_gid=1337973235.1581025354&_r=1&z=410936058 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-3967335-74&cid=210170145.1581025354&jid=2145666688&_gid=1337973235.1581025354&gjid=1351725486&_v=j80&z=410936058
Request Chain 65
  • https://cm.everesttech.net/cm/dd?d_uuid=53727075397345147633173422104816277188 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=XjyISgAAAdLJKRTJ

76 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set security.html
www.wintrust.com/
Redirect Chain
  • http://click.wintrustbanks.com/?qs=7a68aa9dd1c4925eece621446860aad27cd7362cd17f6244ed67275aa06390f4455c328a5f53c6422145e50839310be9
  • https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
63 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.77.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-77-227.compute-1.amazonaws.com
Software
Apache /
Resource Hash
130536bc2170d50a337572c335b88f55cadcdbeaff6a822328aab6cb01df1fee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
www.wintrust.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Cache-control
no-cache="set-cookie"
Content-Encoding
gzip
Content-Type
text/html;charset=utf-8
Date
Thu, 06 Feb 2020 21:42:32 GMT
Server
Apache
Set-Cookie
AWSELB=F73B252F10C1C519349C7A58F5B441468811A8B5F12A9427DA145690B400BB0087969061C3F246D3093C392A2A3C430D379426354662E16D6A650ADA2D1C2F605AB328766C;PATH=/;MAX-AGE=900 AWSELBCORS=F73B252F10C1C519349C7A58F5B441468811A8B5F12A9427DA145690B400BB0087969061C3F246D3093C392A2A3C430D379426354662E16D6A650ADA2D1C2F605AB328766C;PATH=/;MAX-AGE=900;SECURE;SAMESITE=None
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding,Referer,User-Agent
X-Content-Type-Options
nosniff
X-Dispatcher
dispatcher1useast1
X-Frame-Options
SAMEORIGIN
X-Vhost
wintrust.com
X-XSS-Protection
1; mode=block
Content-Length
10486
Connection
keep-alive

Redirect headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Location
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
Date
Thu, 06 Feb 2020 21:42:31 GMT
X-Cnection
close
Content-Length
207
clientlib-bootstrap4.min.css
www.wintrust.com/etc/designs/wintrust/ 		155 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.wintrust.com/etc/designs/wintrust/clientlib-bootstrap4.min.css
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.77.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-77-227.compute-1.amazonaws.com
Software
Apache /
Resource Hash
b1967cddd1336dd9b5964daee75c2b9dd4ed5716a30a7de90aab13164ea9de95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Dispatcher
dispatcher1useast1
Date
Thu, 06 Feb 2020 21:42:32 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Vhost
wintrust.com
Connection
keep-alive
Content-Length
23293
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 31 Jan 2020 06:14:58 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"26b4f-59d697e33bc80-gzip"
Vary
Accept-Encoding,Referer,User-Agent
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/css;charset=utf-8
Accept-Ranges
bytes
clientlib-headlibs.min.css
www.wintrust.com/etc/designs/wintrust/ 		29 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.wintrust.com/etc/designs/wintrust/clientlib-headlibs.min.css
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.77.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-77-227.compute-1.amazonaws.com
Software
Apache /
Resource Hash
9c3ee5f572bb09886c810384da1bfd6456b4883b32d720bc6dea76995ddde511
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Dispatcher
dispatcher1useast1
Date
Thu, 06 Feb 2020 21:42:32 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Vhost
wintrust.com
Connection
keep-alive
Content-Length
6641
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 31 Jan 2020 06:14:58 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"7354-59d697e33bc80-gzip"
Vary
Accept-Encoding,Referer,User-Agent
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/css;charset=utf-8
Accept-Ranges
bytes
jquery.min.js
www.wintrust.com/etc.clientlibs/clientlibs/granite/ 		98 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wintrust.com/etc.clientlibs/clientlibs/granite/jquery.min.js
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.77.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-77-227.compute-1.amazonaws.com
Software
Apache /
Resource Hash
7460a1229841163d61cdc188a6f2c079b219f5b35c95f84b93ad54557d21e918
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Dispatcher
dispatcher1useast1
Date
Thu, 06 Feb 2020 21:42:32 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Vhost
wintrust.com
Connection
keep-alive
Content-Length
35334
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 31 Jan 2020 06:14:58 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"1877c-59d697e33bc80-gzip"
Vary
Accept-Encoding,Referer,User-Agent
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript;charset=utf-8
Accept-Ranges
bytes
utils.min.js
www.wintrust.com/etc.clientlibs/clientlibs/granite/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wintrust.com/etc.clientlibs/clientlibs/granite/utils.min.js
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.77.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-77-227.compute-1.amazonaws.com
Software
Apache /
Resource Hash
06bff916cefa0e2d5595ee421e0e8652f349e85c0a14a6e6921f4368200a9629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Dispatcher
dispatcher1useast1
Date
Thu, 06 Feb 2020 21:42:32 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Vhost
wintrust.com
Connection
keep-alive
Content-Length
3359
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 31 Jan 2020 06:14:58 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"1fb6-59d697e33bc80-gzip"
Vary
Accept-Encoding,Referer,User-Agent
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript;charset=utf-8
Accept-Ranges
bytes
granite.min.js
www.wintrust.com/etc/clientlibs/wintrust/granite/jquery/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wintrust.com/etc/clientlibs/wintrust/granite/jquery/granite.min.js
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.77.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-77-227.compute-1.amazonaws.com
Software
Apache /
Resource Hash
be56048f01c636efea9b99cee49b9e8ffcceb7285d984fa5795868526fd8f295
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Dispatcher
dispatcher1useast1
Date
Thu, 06 Feb 2020 21:42:32 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Vhost
wintrust.com
Connection
keep-alive
Content-Length
1459
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 31 Jan 2020 06:14:58 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"c54-59d697e33bc80-gzip"
Vary
Accept-Encoding,Referer,User-Agent
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript;charset=utf-8
Accept-Ranges
bytes
jquery.min.js
www.wintrust.com/etc/clientlibs/wintrust/foundation/ 		89 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wintrust.com/etc/clientlibs/wintrust/foundation/jquery.min.js
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.77.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-77-227.compute-1.amazonaws.com
Software
Apache /
Resource Hash
1d15f81fc6b6ec92063e50d392ee4ac02930cce1b357327eb2ad2c6b3e5b0562
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Dispatcher
dispatcher1useast1
Date
Thu, 06 Feb 2020 21:42:32 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Vhost
wintrust.com
Connection
keep-alive
Content-Length
32226
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 31 Jan 2020 06:14:58 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"16201-59d697e33bc80-gzip"
Vary
Accept-Encoding,Referer,User-Agent
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript;charset=utf-8
Accept-Ranges
bytes
clientlib-headlibs.min.js
www.wintrust.com/etc/designs/wintrust/ 		183 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wintrust.com/etc/designs/wintrust/clientlib-headlibs.min.js
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.77.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-77-227.compute-1.amazonaws.com
Software
Apache /
Resource Hash
99ced6c1375fdca318b6b7bcf4861f834c07dc919e30b3938100121b863a7545
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Dispatcher
dispatcher1useast1
Date
Thu, 06 Feb 2020 21:42:32 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Vhost
wintrust.com
transfer-encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 31 Jan 2020 06:14:58 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"2dcca-59d697e33bc80-gzip"
Vary
Accept-Encoding,Referer,User-Agent
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript;charset=utf-8
Accept-Ranges
bytes
jquery-ui.min.css
www.wintrust.com/etc.clientlibs/clientlibs/granite/ 		32 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.wintrust.com/etc.clientlibs/clientlibs/granite/jquery-ui.min.css
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.77.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-77-227.compute-1.amazonaws.com
Software
Apache /
Resource Hash
f9f3a6dd4f72cc8864caedf51ff573216e4585095a1ab01504b3a5fc426c8f4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Dispatcher
dispatcher1useast1
Date
Thu, 06 Feb 2020 21:42:32 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Vhost
wintrust.com
Connection
keep-alive
Content-Length
7895
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 31 Jan 2020 06:14:58 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"7f49-59d697e33bc80-gzip"
Vary
Accept-Encoding,Referer,User-Agent
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/css;charset=utf-8
Accept-Ranges
bytes
clientlib-site.min.css
www.wintrust.com/etc/designs/wintrust/ 		146 KB
146 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.wintrust.com/etc/designs/wintrust/clientlib-site.min.css
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.77.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-77-227.compute-1.amazonaws.com
Software
Apache /
Resource Hash
58e71bb20ac1994483d65e17206185cdb42b0889febbe7c3d391dee494edc09a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Dispatcher
dispatcher1useast1
Date
Thu, 06 Feb 2020 21:42:32 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 31 Jan 2020 06:14:59 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"2463e-59d697e42fec0"
X-Vhost
wintrust.com
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/css;charset=utf-8
Connection
keep-alive
Accept-Ranges
bytes
Vary
Referer
Content-Length
149054
X-XSS-Protection
1; mode=block
9CB5850D19440A2FB.css
webassets.wintrust.com/fonts/753951/
Redirect Chain
  • https://cloud.typography.com/6115714/7561812/css/fonts.css
  • https://webassets.wintrust.com/fonts/753951/9CB5850D19440A2FB.css
260 KB
260 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://webassets.wintrust.com/fonts/753951/9CB5850D19440A2FB.css
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.116.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-116-26.compute-1.amazonaws.com
Software
Apache /
Resource Hash
58d268efda8cc9b875cc18e5630eeadfffa20f0451c548810ee12604308b67c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Dispatcher
dispatcher1useast1
Date
Thu, 06 Feb 2020 21:42:33 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Vhost
webassets
Connection
keep-alive
Content-Length
265792
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 29 Oct 2019 08:09:26 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"40e40-59608227bd980"
Vary
Referer
Content-Type
text/css
Cache-control
no-cache="set-cookie"
Accept-Ranges
bytes

Redirect headers

Date
Thu, 06 Feb 2020 21:42:32 GMT
Last-Modified
Tue, 29 Oct 2019 03:45:09 GMT
Server
Apache
ETag
"a909bd4f4ab8120de797df0f04b8da81:1572320709"
Vary
Accept-Encoding
Content-Type
text/html
Location
https://webassets.wintrust.com/fonts/753951/9CB5850D19440A2FB.css
Cache-Control
must-revalidate, private
Connection
keep-alive
X-HCo-pid
14
Content-Length
154
Expires
Thu, 06 February 2020 21:42:32 GMT
976aa243-3a78-447e-9a4c-f68a0b197517.css
cloud.webtype.com/css/ 		12 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cloud.webtype.com/css/976aa243-3a78-447e-9a4c-f68a0b197517.css
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.41 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B85) /
Resource Hash
8c3a81720495d76c9352b402ad2be9bd767549d8326fb285defeaa627344d05a

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 06 Feb 2020 21:42:32 GMT
content-encoding
gzip
last-modified
Wed, 17 Jul 2019 20:24:41 GMT
server
ECS (amb/6B85)
age
413555
etag
"2485060790"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
status
200
cache-control
max-age=604800
accept-ranges
bytes
access-control-allow-origin
*
content-length
3983
expires
Thu, 13 Feb 2020 21:42:32 GMT
contexthub.kernel.js
www.wintrust.com/etc/cloudsettings/default/ 		205 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wintrust.com/etc/cloudsettings/default/contexthub.kernel.js
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.77.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-77-227.compute-1.amazonaws.com
Software
Apache /
Resource Hash
a2d231bc896c20a2663c855a312351b1ff3915104b2bf2dd4934f34d5a6eea91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Dispatcher
dispatcher1useast1
Date
Thu, 06 Feb 2020 21:42:32 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Vhost
wintrust.com
transfer-encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 31 Jan 2020 06:15:01 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"33421-59d697e618340-gzip"
Vary
Accept-Encoding,Referer,User-Agent
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript; charset=utf-8
Accept-Ranges
bytes
iframe_api
www.youtube.com/ 		859 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
f9bf217df68f8a07c9b94d187f66806af95c3ddc701c62dfd2ae4d0ea5cdc0cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 06 Feb 2020 21:42:32 GMT
x-content-type-options
nosniff
server
YouTube Frontend Proxy
content-type
application/javascript
status
200
cache-control
no-cache
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
859
x-xss-protection
0
expires
Tue, 27 Apr 1971 19:44:06 GMT
launch-EN652436bf7a494b77a52075260d85b950.min.js
assets.adobedtm.com/ 		244 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/launch-EN652436bf7a494b77a52075260d85b950.min.js
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.248.45 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-248-45.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
1244f34421f611503bdf8ebcbe4f39e16fd8c314dfd22221a02f26fc90a2a07e

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 06 Feb 2020 21:42:32 GMT
content-encoding
gzip
last-modified
Tue, 26 Nov 2019 15:30:01 GMT
server
AkamaiNetStorage
etag
"91968c29d52d5aa0723677e589708230:1574782201.723556"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
76459
expires
Thu, 06 Feb 2020 22:42:32 GMT
wintrust-big.png
www.wintrust.com/content/dam/wintrust/logos/wintrust/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wintrust.com/content/dam/wintrust/logos/wintrust/wintrust-big.png
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.77.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-77-227.compute-1.amazonaws.com
Software
Apache /
Resource Hash
fb69211305fa755b283806db50541a672810eb61564b1a0c93258d78ed64a788
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Dispatcher
dispatcher1useast1
Date
Thu, 06 Feb 2020 21:42:32 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Vhost
wintrust.com
Content-Disposition
attachment
Connection
keep-alive
Content-Length
3818
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 31 Jan 2020 06:14:58 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"eea-59d697e33bc80"
Vary
Referer
Content-Type
image/png
Accept-Ranges
bytes
login.png
www.wintrust.com/content/dam/wintrust/generic/nav-icons-buttons/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wintrust.com/content/dam/wintrust/generic/nav-icons-buttons/login.png
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.77.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-77-227.compute-1.amazonaws.com
Software
Apache /
Resource Hash
176085357e35981f23eb75cf42ebd09df5cc3d3023113fa3905930acd361161f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Dispatcher
dispatcher1useast1
Date
Thu, 06 Feb 2020 21:42:33 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Vhost
wintrust.com
Content-Disposition
attachment
Connection
keep-alive
Content-Length
7485
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 31 Jan 2020 06:14:59 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"1d3d-59d697e42fec0"
Vary
Referer
Content-Type
image/png
Accept-Ranges
bytes
location.png
www.wintrust.com/content/dam/wintrust/generic/nav-icons-buttons/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wintrust.com/content/dam/wintrust/generic/nav-icons-buttons/location.png
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.77.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-77-227.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e90295514471539bd8418f724ccfec5a9b741d4a39430384391227bc0165d56f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Dispatcher
dispatcher1useast1
Date
Thu, 06 Feb 2020 21:42:33 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Vhost
wintrust.com
Content-Disposition
attachment
Connection
keep-alive
Content-Length
7867
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 31 Jan 2020 06:14:59 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"1ebb-59d697e42fec0"
Vary
Referer
Content-Type
image/png
Accept-Ranges
bytes
search.png
www.wintrust.com/content/dam/wintrust/generic/nav-icons-buttons/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wintrust.com/content/dam/wintrust/generic/nav-icons-buttons/search.png
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.77.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-77-227.compute-1.amazonaws.com
Software
Apache /
Resource Hash
5b0ead57486a1915884c3ad2c7693be793f58703751f8be17da32715aad566d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Dispatcher
dispatcher1useast1
Date
Thu, 06 Feb 2020 21:42:33 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Vhost
wintrust.com
Content-Disposition
attachment
Connection
keep-alive
Content-Length
7669
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 31 Jan 2020 06:14:59 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"1df5-59d697e42fec0"
Vary
Referer
Content-Type
image/png
Accept-Ranges
bytes
1541622168387.jpg
www.wintrust.com/content/wintrust/en/security/_jcr_content/generic/hero_card.img.jpg/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wintrust.com/content/wintrust/en/security/_jcr_content/generic/hero_card.img.jpg/1541622168387.jpg
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.77.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-77-227.compute-1.amazonaws.com
Software
Apache /
Resource Hash
0a7225b94d6718d9ff6323d691904fbf82ea36dedd35f6b3c3098d6e06d8ed9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Dispatcher
dispatcher1useast1
Date
Thu, 06 Feb 2020 21:42:33 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 31 Jan 2020 09:53:39 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"b4e8-59d6c8c464ec0"
X-Vhost
wintrust.com
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Vary
Referer
Content-Length
46312
X-XSS-Protection
1; mode=block
phishingscam.png
www.wintrust.com/content/dam/wintrust/component-imagery/product-icons/security/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wintrust.com/content/dam/wintrust/component-imagery/product-icons/security/phishingscam.png
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.77.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-77-227.compute-1.amazonaws.com
Software
Apache /
Resource Hash
bbb922a1d3b511d269fc77f1080be83c7a31087a36b5b50a37097c07713a878d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Dispatcher
dispatcher1useast1
Date
Thu, 06 Feb 2020 21:42:33 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Vhost
wintrust.com
Content-Disposition
attachment
Connection
keep-alive
Content-Length
4924
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 31 Jan 2020 09:53:39 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"133c-59d6c8c464ec0"
Vary
Referer
Content-Type
image/png
Accept-Ranges
bytes
vishingscam.png
www.wintrust.com/content/dam/wintrust/component-imagery/product-icons/security/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wintrust.com/content/dam/wintrust/component-imagery/product-icons/security/vishingscam.png
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.77.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-77-227.compute-1.amazonaws.com
Software
Apache /
Resource Hash
11e1cd388936d99c96c93a9b3098c5a9f5eb6611e22247d5bc7012a4eadf4de5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Dispatcher
dispatcher1useast1
Date
Thu, 06 Feb 2020 21:42:33 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Vhost
wintrust.com
Content-Disposition
attachment
Connection
keep-alive
Content-Length
5470
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 31 Jan 2020 09:53:39 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"155e-59d6c8c464ec0"
Vary
Referer
Content-Type
image/png
Accept-Ranges
bytes
passwords.png
www.wintrust.com/content/dam/wintrust/component-imagery/product-icons/security/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wintrust.com/content/dam/wintrust/component-imagery/product-icons/security/passwords.png
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.77.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-77-227.compute-1.amazonaws.com
Software
Apache /
Resource Hash
87c8f9deb60a4f0ae7195facb68350fe5e560f7f9c108c5654788dc27e3d65c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Dispatcher
dispatcher1useast1
Date
Thu, 06 Feb 2020 21:42:33 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Vhost
wintrust.com
Content-Disposition
attachment
Connection
keep-alive
Content-Length
4480
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 31 Jan 2020 09:53:39 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"1180-59d6c8c464ec0"
Vary
Referer
Content-Type
image/png
Accept-Ranges
bytes
atmsafety.png
www.wintrust.com/content/dam/wintrust/component-imagery/product-icons/security/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wintrust.com/content/dam/wintrust/component-imagery/product-icons/security/atmsafety.png
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.77.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-77-227.compute-1.amazonaws.com
Software
Apache /
Resource Hash
8a6f57b63f1f6ed08b38cbca8dd15a5441babc02276d71b55743920d76f345dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Dispatcher
dispatcher1useast1
Date
Thu, 06 Feb 2020 21:42:33 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Vhost
wintrust.com
Content-Disposition
attachment
Connection
keep-alive
Content-Length
3868
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 31 Jan 2020 09:53:39 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"f1c-59d6c8c464ec0"
Vary
Referer
Content-Type
image/png
Accept-Ranges
bytes
socialmediasafety.png
www.wintrust.com/content/dam/wintrust/component-imagery/product-icons/security/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wintrust.com/content/dam/wintrust/component-imagery/product-icons/security/socialmediasafety.png
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.77.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-77-227.compute-1.amazonaws.com
Software
Apache /
Resource Hash
81e9a5eda80fb04a3c4535104f0db1ceaa21d14145f5145c7a1439f1125ecfc2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Dispatcher
dispatcher1useast1
Date
Thu, 06 Feb 2020 21:42:33 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Vhost
wintrust.com
Content-Disposition
attachment
Connection
keep-alive
Content-Length
4965
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 31 Jan 2020 09:53:39 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"1365-59d6c8c464ec0"
Vary
Referer
Content-Type
image/png
Accept-Ranges
bytes
malwareantivirus.png
www.wintrust.com/content/dam/wintrust/component-imagery/product-icons/security/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wintrust.com/content/dam/wintrust/component-imagery/product-icons/security/malwareantivirus.png
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.77.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-77-227.compute-1.amazonaws.com
Software
Apache /
Resource Hash
c96cf79a85db9a189630f0d82b444fc835c578c50797cdc2f11c49d603436c82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Dispatcher
dispatcher1useast1
Date
Thu, 06 Feb 2020 21:42:33 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Vhost
wintrust.com
Content-Disposition
attachment
Connection
keep-alive
Content-Length
5317
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 31 Jan 2020 09:53:39 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"14c5-59d6c8c464ec0"
Vary
Referer
Content-Type
image/png
Accept-Ranges
bytes
fakecheckscam.png
www.wintrust.com/content/dam/wintrust/component-imagery/product-icons/security/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wintrust.com/content/dam/wintrust/component-imagery/product-icons/security/fakecheckscam.png
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.77.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-77-227.compute-1.amazonaws.com
Software
Apache /
Resource Hash
51b15d10557fc5b59f302821b116798a1f6a343b07d96b752cb6126ffaf97def
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Dispatcher
dispatcher1useast1
Date
Thu, 06 Feb 2020 21:42:33 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Vhost
wintrust.com
Content-Disposition
attachment
Connection
keep-alive
Content-Length
4871
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 31 Jan 2020 09:53:39 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"1307-59d6c8c464ec0"
Vary
Referer
Content-Type
image/png
Accept-Ranges
bytes
safewebbrowsing.png
www.wintrust.com/content/dam/wintrust/component-imagery/product-icons/security/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wintrust.com/content/dam/wintrust/component-imagery/product-icons/security/safewebbrowsing.png
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.77.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-77-227.compute-1.amazonaws.com
Software
Apache /
Resource Hash
b2cf21e08628c8b65fc380fe4a25cc1036a912922d4827c240e36ec34fa5c651
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Dispatcher
dispatcher1useast1
Date
Thu, 06 Feb 2020 21:42:33 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Vhost
wintrust.com
Content-Disposition
attachment
Connection
keep-alive
Content-Length
6538
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 31 Jan 2020 09:53:39 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"198a-59d6c8c464ec0"
Vary
Referer
Content-Type
image/png
Accept-Ranges
bytes
1541624130915.jpg
www.wintrust.com/content/wintrust/en/security/_jcr_content/generic/generic_content_card_575550117/genericcontainerpar/image_copy_copy.img.jpg/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wintrust.com/content/wintrust/en/security/_jcr_content/generic/generic_content_card_575550117/genericcontainerpar/image_copy_copy.img.jpg/1541624130915.jpg
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.77.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-77-227.compute-1.amazonaws.com
Software
Apache /
Resource Hash
95b8d6d14f5802fa9d6601a4367f967370c3ec078e3bfa28b24636796453a5a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Dispatcher
dispatcher1useast1
Date
Thu, 06 Feb 2020 21:42:33 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 31 Jan 2020 09:53:40 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"84d9-59d6c8c559100"
X-Vhost
wintrust.com
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Vary
Referer
Content-Length
34009
X-XSS-Protection
1; mode=block
equalhousinglender.png
www.wintrust.com/content/dam/wintrust/generic/legal/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wintrust.com/content/dam/wintrust/generic/legal/equalhousinglender.png
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.77.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-77-227.compute-1.amazonaws.com
Software
Apache /
Resource Hash
493b08d6fbf04d6dfe7664de3af81a47d251046fcbf22459e2b5f1d873ca53f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Dispatcher
dispatcher1useast1
Date
Thu, 06 Feb 2020 21:42:33 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Vhost
wintrust.com
Content-Disposition
attachment
Connection
keep-alive
Content-Length
2545
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 31 Jan 2020 06:15:00 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"9f1-59d697e524100"
Vary
Referer
Content-Type
image/png
Accept-Ranges
bytes
memfdic-equalhouse.png
www.wintrust.com/content/dam/wintrust/generic/legal/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wintrust.com/content/dam/wintrust/generic/legal/memfdic-equalhouse.png
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.77.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-77-227.compute-1.amazonaws.com
Software
Apache /
Resource Hash
9d637aaf47d8e66699f35d1c099dd2333ad311e37ae13e02926e0187089c705e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Dispatcher
dispatcher1useast1
Date
Thu, 06 Feb 2020 21:42:33 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Vhost
wintrust.com
Content-Disposition
attachment
Connection
keep-alive
Content-Length
44257
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 31 Jan 2020 06:15:00 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"ace1-59d697e524100"
Vary
Referer
Content-Type
image/png
Accept-Ranges
bytes
granite.min.js
www.wintrust.com/etc.clientlibs/clientlibs/granite/jquery/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wintrust.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.77.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-77-227.compute-1.amazonaws.com
Software
Apache /
Resource Hash
4125f7fb5ef940e03901ec9b35eb9a9345427aaf6348976e7b9521b6322919f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Dispatcher
dispatcher1useast1
Date
Thu, 06 Feb 2020 21:42:32 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Vhost
wintrust.com
Connection
keep-alive
Content-Length
1626
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 31 Jan 2020 06:14:59 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"e61-59d697e42fec0-gzip"
Vary
Accept-Encoding,Referer,User-Agent
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript;charset=utf-8
Accept-Ranges
bytes
jquery.min.js
www.wintrust.com/etc.clientlibs/foundation/clientlibs/ 		16 B
520 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wintrust.com/etc.clientlibs/foundation/clientlibs/jquery.min.js
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.77.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-77-227.compute-1.amazonaws.com
Software
Apache /
Resource Hash
c084b47104c493fb377b6d35d8c08df67d773f6dcf8294c0a7360710cd8cacbd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Dispatcher
dispatcher1useast1
Date
Thu, 06 Feb 2020 21:42:32 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 31 Jan 2020 06:14:58 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"10-59d697e33bc80"
X-Vhost
wintrust.com
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript;charset=utf-8
Connection
keep-alive
Accept-Ranges
bytes
Vary
Referer,User-Agent
Content-Length
16
X-XSS-Protection
1; mode=block
clientlib-bootstrap4.min.js
www.wintrust.com/etc/designs/wintrust/ 		74 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wintrust.com/etc/designs/wintrust/clientlib-bootstrap4.min.js
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.77.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-77-227.compute-1.amazonaws.com
Software
Apache /
Resource Hash
851724a25924935fb353b935fbeb065450aef3c452943619a16e3f57e67445cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Dispatcher
dispatcher1useast1
Date
Thu, 06 Feb 2020 21:42:32 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Vhost
wintrust.com
Connection
keep-alive
Content-Length
20782
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 31 Jan 2020 06:14:59 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"128df-59d697e42fec0-gzip"
Vary
Accept-Encoding,Referer,User-Agent
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript;charset=utf-8
Accept-Ranges
bytes
jquery-ui.min.js
www.wintrust.com/etc.clientlibs/clientlibs/granite/ 		258 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wintrust.com/etc.clientlibs/clientlibs/granite/jquery-ui.min.js
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.77.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-77-227.compute-1.amazonaws.com
Software
Apache /
Resource Hash
0253c139df9a74607e0e818b16bc813f6a719a1e7104226cb63e27f4edf4ded9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Dispatcher
dispatcher1useast1
Date
Thu, 06 Feb 2020 21:42:32 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Vhost
wintrust.com
transfer-encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 31 Jan 2020 06:14:59 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"407fd-59d697e42fec0-gzip"
Vary
Accept-Encoding,Referer,User-Agent
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript;charset=utf-8
Accept-Ranges
bytes
clientlib-site.min.js
www.wintrust.com/etc/designs/wintrust/ 		273 KB
274 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wintrust.com/etc/designs/wintrust/clientlib-site.min.js
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.77.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-77-227.compute-1.amazonaws.com
Software
Apache /
Resource Hash
1621e2a4f7751cc5bccc6e0f04d5cfab6c8da9a69964b4a910cd690b6d214cce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Dispatcher
dispatcher1useast1
Date
Thu, 06 Feb 2020 21:42:33 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 31 Jan 2020 06:14:59 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"445c7-59d697e42fec0"
X-Vhost
wintrust.com
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript;charset=utf-8
Connection
keep-alive
Accept-Ranges
bytes
Vary
Referer
Content-Length
280007
X-XSS-Protection
1; mode=block
token.json
www.wintrust.com/libs/granite/csrf/ 		2 B
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.wintrust.com/libs/granite/csrf/token.json
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/etc/clientlibs/wintrust/granite/jquery/granite.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.77.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-77-227.compute-1.amazonaws.com
Software
Apache /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Dispatcher
dispatcher1useast1
Date
Thu, 06 Feb 2020 21:42:32 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Server
Apache
X-Vhost
wintrust.com
X-Frame-Options
SAMEORIGIN
Content-Type
application/json;charset=iso-8859-1
Cache-Control
no-cache
Connection
keep-alive
Vary
Referer,User-Agent
Content-Length
2
X-XSS-Protection
1; mode=block
Expires
-1
ix_6VHBpP5j03-uwTHNz.infinity.json
www.wintrust.com/home/users/Y/ 		245 B
535 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.wintrust.com/home/users/Y/ix_6VHBpP5j03-uwTHNz.infinity.json
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/etc/clientlibs/wintrust/granite/jquery/granite.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.77.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-77-227.compute-1.amazonaws.com
Software
Apache /
Resource Hash
ae5a4866ad1536ab91a56579ee4d8402c6849626d5bac3c925cb79752d708600
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Dispatcher
dispatcher1useast1
Date
Thu, 06 Feb 2020 21:42:33 GMT
Server
Apache
X-Vhost
wintrust.com
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/html; charset=iso-8859-1
Connection
keep-alive
Content-Length
245
contexthub.pagedata.json
www.wintrust.com/content/wintrust/en/security/_jcr_content/ 		3 B
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.wintrust.com/content/wintrust/en/security/_jcr_content/contexthub.pagedata.json
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/etc/clientlibs/wintrust/granite/jquery/granite.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.77.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-77-227.compute-1.amazonaws.com
Software
Apache /
Resource Hash
8eb95bcbc154530931e15fc418c8b1fe991095671409552099ea1aa596999ede
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Dispatcher
dispatcher1useast1
Date
Thu, 06 Feb 2020 21:42:33 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Fri, 31 Jan 2020 09:53:39 GMT
Server
Apache
ETag
"3-59d6c8c464ec0"
X-Vhost
wintrust.com
X-Frame-Options
SAMEORIGIN
Content-Type
application/json;charset=utf-8
Connection
keep-alive
Accept-Ranges
bytes
Vary
Referer,User-Agent
Content-Length
3
X-XSS-Protection
1; mode=block
contexthub.seg.js
www.wintrust.com/etc/segmentation/ 		232 B
522 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.wintrust.com/etc/segmentation/contexthub.seg.js
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/etc/clientlibs/wintrust/granite/jquery/granite.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.77.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-77-227.compute-1.amazonaws.com
Software
Apache /
Resource Hash
c060a133859ab4c8b92cf6bc495913251f951de49d952402a753b8459754e99c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Dispatcher
dispatcher1useast1
Date
Thu, 06 Feb 2020 21:42:33 GMT
Server
Apache
X-Vhost
wintrust.com
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/html; charset=iso-8859-1
Connection
keep-alive
Content-Length
232
www-widgetapi.js
s.ytimg.com/yts/jsbin/www-widgetapi-vflWWKLur/ 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ytimg.com/yts/jsbin/www-widgetapi-vflWWKLur/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eeb62f42f906010abc435828d4dbbea5ed5d87068c09308e89318f395417a874
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Tue, 04 Feb 2020 06:48:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
226458
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
10239
x-xss-protection
0
last-modified
Tue, 04 Feb 2020 05:02:47 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=691200
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Wed, 12 Feb 2020 06:48:15 GMT
id
dpm.demdex.net/ 		367 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=4.4.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=433165B156CED43A7F000101%40AdobeOrg&d_nsid=0&ts=1581025353857
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/etc/clientlibs/wintrust/granite/jquery/granite.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.220.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-220-22.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
0e0786140b7c5464a78c7281908e4ec7138703a1da1d7cee471c809968577467
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
Origin
https://www.wintrust.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-v059-0c987b55d.edge-irl1.demdex.com 5.65.0.20200204084552 3ms (+0ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-TID
HQMkgDvITU0=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.wintrust.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
303
Expires
Thu, 01 Jan 1970 00:00:00 GMT
EX812545bf0aa94e8c9534838d1e729175-libraryCode_source.min.js
assets.adobedtm.com/1b0d2c16ecb6/1ffff00689f9/c75d6a0b32bc/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/1b0d2c16ecb6/1ffff00689f9/c75d6a0b32bc/EX812545bf0aa94e8c9534838d1e729175-libraryCode_source.min.js
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/etc/clientlibs/wintrust/granite/jquery/granite.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.248.45 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-248-45.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5d4447b5f631eeae2634aa532a12710bafcdb56a481a3b85b7148e78a105fd5f

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 06 Feb 2020 21:42:33 GMT
content-encoding
gzip
last-modified
Tue, 26 Nov 2019 15:30:02 GMT
server
AkamaiNetStorage
etag
"dc7cfa692e5f77e0d0a2bbe889fdc744:1574782202.754286"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
29835
expires
Thu, 06 Feb 2020 22:42:33 GMT
js
www.googletagmanager.com/gtag/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-994954024
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN652436bf7a494b77a52075260d85b950.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dbdb4978f0c6fe9321fad57279e4de016b7da940e188db8755067d004f0eb06d
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 06 Feb 2020 21:42:33 GMT
content-encoding
br
status
200
strict-transport-security
max-age=604800; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
28363
x-xss-protection
0
last-modified
Thu, 06 Feb 2020 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 06 Feb 2020 21:42:33 GMT
v.gif
pls.webtype.com/ 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pls.webtype.com/v.gif?ct=14607,14605,14600,14601,14603,14604,14608,160414,14598,14599,14602,14606,14605,14603,14607,14604,14606,14598,14600,14599,14601,14608,14602,160414,14608,160414,14607,14600,14601,14598,14599,14602,14605,14606,14603,14604,160414&r=3092&p=2426&h=LJwO74LKsDq6pY3oqo5AKQ%3d%3d
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
65.52.62.25 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

Referer
https://cloud.webtype.com/css/976aa243-3a78-447e-9a4c-f68a0b197517.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 Feb 2020 21:42:34 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
no-cache
Content-Length
807
Expires
-1
truncated
/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7cc80ce6e0302bc3000868ddcbbc36cd3df6a12a380857b390dc1cc52ecd829a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Origin
https://www.wintrust.com

Response headers

Content-Type
application/x-font-woff2
truncated
/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
255a86b23ad4508f95754a0c77b59cf6c006be6a0db5d919d48e4db713b16d78

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Origin
https://www.wintrust.com

Response headers

Content-Type
application/x-font-woff2
agenda-bold.otf
www.wintrust.com/etc/clientlibs/wintrust/fonts/ 		81 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.wintrust.com/etc/clientlibs/wintrust/fonts/agenda-bold.otf
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.77.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-77-227.compute-1.amazonaws.com
Software
Apache /
Resource Hash
3c9d814cfa88849999ad678a4163b64d6d9155b7033e0f5ceae2085042d7c6df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.wintrust.com/etc/designs/wintrust/clientlib-site.min.css
Origin
https://www.wintrust.com

Response headers

X-Dispatcher
dispatcher1useast1
Date
Thu, 06 Feb 2020 21:42:33 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Vhost
wintrust.com
Connection
keep-alive
Content-Length
36274
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 31 Jan 2020 06:15:01 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"142f8-59d697e618340-gzip"
Vary
Accept-Encoding,Referer,User-Agent
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/x-font-otf
Accept-Ranges
bytes
truncated
/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
105dcebcb57135f252f9b3e5eacfdc1b0d6c24e38c7ef4ae0660409ac96551a6

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Origin
https://www.wintrust.com

Response headers

Content-Type
application/x-font-woff2
truncated
/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3a5f8c7a647eca33ff53a23908b8d95fb689d80af734046b758c534fa1b93a8e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Origin
https://www.wintrust.com

Response headers

Content-Type
application/x-font-woff2
fontawesome-webfont.woff2
www.wintrust.com/etc/designs/wintrust/clientlib-fontawesome4/fonts/ 		69 KB
70 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.wintrust.com/etc/designs/wintrust/clientlib-fontawesome4/fonts/fontawesome-webfont.woff2?v=4.6.1
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.77.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-77-227.compute-1.amazonaws.com
Software
Apache /
Resource Hash
d3ebb498192527b985939ae62cc4e5eb5c108efc1896184126b45d866868e73d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.wintrust.com/etc/designs/wintrust/clientlib-headlibs.min.css
Origin
https://www.wintrust.com

Response headers

X-Dispatcher
dispatcher1useast1
Date
Thu, 06 Feb 2020 21:42:33 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 08 Feb 2018 20:35:13 GMT
Server
Apache
X-Vhost
wintrust.com
X-Frame-Options
SAMEORIGIN
Content-Type
application/octet-stream
Connection
keep-alive
transfer-encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding,Referer,User-Agent
X-XSS-Protection
1; mode=block
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7edf06d6436ec9420c26e56bd02ef5f5c93a9fb189ed16b1db402e57a0ea796
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 24 Jan 2020 01:10:36 GMT
server
Golfe2
age
4141
date
Thu, 06 Feb 2020 20:33:32 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17926
expires
Thu, 06 Feb 2020 22:33:32 GMT
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9320d74f19f5317a3262d37a067f427387362762fe2b6c3043230c549d04c6a6

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Origin
https://www.wintrust.com

Response headers

Content-Type
application/x-font-woff2
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dd62b706cff6eaf8c6bfaa4bdaf4958f20cee1758ed35e894217f8d65ad2ff12

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Origin
https://www.wintrust.com

Response headers

Content-Type
application/x-font-woff2
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
629137b2bb51ec3ef645586f184ecf4ded64476070b4cc0ad6385a8b4e097ff2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Origin
https://www.wintrust.com

Response headers

Content-Type
application/x-font-woff2
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1416dcfe4d3ad22fb901df4b72b88561f12408c83406670b810b9ae4f89cda83

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Origin
https://www.wintrust.com

Response headers

Content-Type
application/x-font-woff2
token.json
www.wintrust.com/libs/granite/csrf/ 		2 B
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.wintrust.com/libs/granite/csrf/token.json
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/etc/clientlibs/wintrust/granite/jquery/granite.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.77.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-77-227.compute-1.amazonaws.com
Software
Apache /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Dispatcher
dispatcher1useast1
Date
Thu, 06 Feb 2020 21:42:33 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Server
Apache
X-Vhost
wintrust.com
X-Frame-Options
SAMEORIGIN
Content-Type
application/json;charset=iso-8859-1
Cache-Control
no-cache
Connection
keep-alive
Vary
Referer,User-Agent
Content-Length
2
X-XSS-Protection
1; mode=block
Expires
-1
splash.js
www.splash-screen.net/undefined/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.splash-screen.net/undefined/splash.js
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/etc/designs/wintrust/clientlib-site.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.137.188.65 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-137-188-65.eu-west-1.compute.amazonaws.com
Software
haile /
Resource Hash

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Thu, 06 Feb 2020 21:42:34 GMT
Server
haile
Connection
keep-alive
Content-Length
6
Content-Type
text/html
splash.js
www.splash-screen.net/35274/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.splash-screen.net/35274/splash.js
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/etc/designs/wintrust/clientlib-site.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.137.188.65 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-137-188-65.eu-west-1.compute.amazonaws.com
Software
haile /
Resource Hash
35f086401c4e6b886c0e048cca6587341545c31dadd55fb3102d689f3eda70ce

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 Feb 2020 21:42:34 GMT
Content-Encoding
gzip
Last-Modified
Tue, 04 Feb 2020 17:31:56 GMT
Server
haile
ETag
W/"5e39aa8c-3f3e"
PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control
no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Type
application/x-javascript
Content-Length
5767
Expires
Thu, 01 Jan 1970 00:00:01 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-994954024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
ec7024e764e94caa58c7a18f4624dc84c9ee15537ff5418fd44e2f037f8abc30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 06 Feb 2020 21:42:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9931
x-xss-protection
0
server
cafe
etag
8273558640064030436
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 06 Feb 2020 21:42:34 GMT
fbevents.js
connect.facebook.net/en_US/ 		126 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
30466
x-xss-protection
0
pragma
public
x-fb-debug
LW4A2dmZyPhYKdR1G2NbzLbCjhkxt30AGwV8YE4JLKh0y0aBRomVi/AWoKdJscZK5SIPp43X5ORfWVJEEtKY+A==
x-fb-trip-id
1850256238
date
Thu, 06 Feb 2020 21:42:33 GMT, Thu, 06 Feb 2020 21:42:33 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-1041820229
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN652436bf7a494b77a52075260d85b950.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
87fd41b237299c09bf543dcdaf75aa6de80e7e1061facb24c2a65bb2d137e342
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 06 Feb 2020 21:42:34 GMT
content-encoding
br
status
200
strict-transport-security
max-age=604800; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
28363
x-xss-protection
0
last-modified
Thu, 06 Feb 2020 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 06 Feb 2020 21:42:34 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j80&a=2014195573&t=pageview&_s=1&dl=https%3A%2F%2Fwww.wintrust.com%2Fsecurity.html%3Fcid%3Demail%3Awtfc%3AJanuaryFraud%3ASecurityReminder%3A202001&...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-3967335-74&cid=210170145.1581025354&jid=2145666688&_gid=1337973235.1581025354&gjid=1351725486&_v=j80&z=410936058
35 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-3967335-74&cid=210170145.1581025354&jid=2145666688&_gid=1337973235.1581025354&gjid=1351725486&_v=j80&z=410936058
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
date
Thu, 06 Feb 2020 21:42:34 GMT
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 06 Feb 2020 21:42:33 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-3967335-74&cid=210170145.1581025354&jid=2145666688&_gid=1337973235.1581025354&gjid=1351725486&_v=j80&z=410936058
content-type
text/html; charset=UTF-8
status
302
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
418
expires
Fri, 01 Jan 1990 00:00:00 GMT
1963102097245134
connect.facebook.net/signals/config/ 		447 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1963102097245134?v=2.9.15&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
31bd8bb4fd2f64852d85cb713f8801d1b2d9d341f0961b9085b6ecb3bfc6f7d6
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
URWnUCh89z6MAATWb9p8gKLRjQmsK8g1sSu+kqDz5ipg+g0ExmuZO50Djvsg0Gn/u3fPqAUqUPV8I5yLcdGLCw==
x-fb-trip-id
1850256238
date
Thu, 06 Feb 2020 21:42:34 GMT, Thu, 06 Feb 2020 21:42:34 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
Cookie set dest5.html
wintrust.demdex.net/ Frame F863 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://wintrust.demdex.net/dest5.html?d_nsid=0
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/etc/clientlibs/wintrust/granite/jquery/granite.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.234.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-234-3.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Host
wintrust.demdex.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
Accept-Encoding
gzip, deflate, br
Cookie
demdex=53727075397345147633173422104816277188
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=21600
Content-Encoding
gzip
Content-Type
text/html
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified
Tue, 04 Feb 2020 13:21:34 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Set-Cookie
demdex=53727075397345147633173422104816277188;Path=/;Domain=.demdex.net;Expires=Tue, 04-Aug-2020 21:42:34 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding, User-Agent
X-TID
JgiBoLE4S+o=
Content-Length
2785
Connection
keep-alive
id
wintrustfinancialcorporation.sc.omtrdc.net/ 		3 B
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wintrustfinancialcorporation.sc.omtrdc.net/id?d_visid_ver=4.4.1&d_fieldgroup=A&mcorgid=433165B156CED43A7F000101%40AdobeOrg&mid=53324722000563198803208054607012082951&ts=1581025354021
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/etc/clientlibs/wintrust/granite/jquery/granite.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.188.31.119 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-31-119.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
Origin
https://www.wintrust.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

status
200
date
Thu, 06 Feb 2020 21:42:33 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-5d944dff5f-mzt8c
vary
Origin
x-c
master-1135.I1e15b2.M0-337
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.wintrust.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-type
application/x-javascript
content-length
3
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=XjyISgAAAdLJKRTJ
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=53727075397345147633173422104816277188
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=XjyISgAAAdLJKRTJ
42 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=XjyISgAAAdLJKRTJ
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.220.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-220-22.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v059-0377c74d0.edge-irl1.demdex.com 5.65.0.20200204084552 0ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-TID
a2EL98PkRs4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Thu, 06 Feb 2020 21:42:33 GMT
Server
AMO-cookiemap/1.1
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=XjyISgAAAdLJKRTJ
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=15,max=100
Content-Length
0
delivery
wintrustfinancialcor.tt.omtrdc.net/rest/v1/ 		293 B
434 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wintrustfinancialcor.tt.omtrdc.net/rest/v1/delivery?client=wintrustfinancialcor&sessionId=449c67cd7ab54ef79bd0630ad0a04f1a&version=2.2.0
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/etc/clientlibs/wintrust/granite/jquery/granite.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.117.29.4 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software
/
Resource Hash
c190ed84cc7a3c5cc15ac0806de54458396e6e287a45058121fd704112c98db5

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
Origin
https://www.wintrust.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 06 Feb 2020 21:42:34 GMT
content-encoding
gzip
status
200
vary
Origin,Accept-Encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.wintrust.com
access-control-allow-credentials
true
x-request-id
ad03e630-c7e6-4516-b51b-b99df44e83cc
js
www.googletagmanager.com/gtag/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-981534944
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN652436bf7a494b77a52075260d85b950.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8a0fc3e3abd2a2329c8ad05b899647c75c7f8b81a6b5cd733eb783b1211bc286
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 06 Feb 2020 21:42:34 GMT
content-encoding
br
status
200
strict-transport-security
max-age=604800; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
28363
x-xss-protection
0
last-modified
Thu, 06 Feb 2020 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 06 Feb 2020 21:42:34 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/994954024/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/994954024/?random=1581025354059&cv=9&fst=1581025354059&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa1t0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.wintrust.com%2Fsecurity.html%3Fcid%3Demail%3Awtfc%3AJanuaryFraud%3ASecurityReminder%3A202001&tiba=Security%20%7C%20Wintrust&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/etc/clientlibs/wintrust/granite/jquery/granite.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e2f8314a045e14b33516088c8f59d4d977422c7faa46f1ee9cf5894f7d92522
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Feb 2020 21:42:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1064
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1041820229/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1041820229/?random=1581025354061&cv=9&fst=1581025354061&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa1t0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.wintrust.com%2Fsecurity.html%3Fcid%3Demail%3Awtfc%3AJanuaryFraud%3ASecurityReminder%3A202001&tiba=Security%20%7C%20Wintrust&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/etc/clientlibs/wintrust/granite/jquery/granite.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7619fd47a287b75058298f07ca5c3516f2c3e24bf3026baa1c2be54c27b4339b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Feb 2020 21:42:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1066
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/981534944/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/981534944/?random=1581025354079&cv=9&fst=1581025354079&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa1t0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.wintrust.com%2Fsecurity.html%3Fcid%3Demail%3Awtfc%3AJanuaryFraud%3ASecurityReminder%3A202001&tiba=Security%20%7C%20Wintrust&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/etc/clientlibs/wintrust/granite/jquery/granite.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a85ea6b2dd08e12037d5e438f2d175d41831c3fa4941f152a3286006d5dbf31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Feb 2020 21:42:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1066
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1041820229/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1041820229/?random=1581025354085&cv=9&fst=1581025354085&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa1t0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.wintrust.com%2Fsecurity.html%3Fcid%3Demail%3Awtfc%3AJanuaryFraud%3ASecurityReminder%3A202001&tiba=Security%20%7C%20Wintrust&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/etc/clientlibs/wintrust/granite/jquery/granite.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c166b898a8f0fbf9007e9323381843c53d5e299926e9439c4ad105571b4d5933
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Feb 2020 21:42:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1066
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/1041820229/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1041820229/?random=1581025354061&cv=9&fst=1581022800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa1t0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.wintrust.com%2Fsecurity.html%3Fcid%3Demail%3Awtfc%3AJanuaryFraud%3ASecurityReminder%3A202001&tiba=Security%20%7C%20Wintrust&async=1&fmt=3&is_vtc=1&random=2079251113&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Feb 2020 21:42:34 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1041820229/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1041820229/?random=1581025354061&cv=9&fst=1581022800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa1t0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.wintrust.com%2Fsecurity.html%3Fcid%3Demail%3Awtfc%3AJanuaryFraud%3ASecurityReminder%3A202001&tiba=Security%20%7C%20Wintrust&async=1&fmt=3&is_vtc=1&random=2079251113&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Feb 2020 21:42:34 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/994954024/ 		42 B
525 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/994954024/?random=1581025354059&cv=9&fst=1581022800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa1t0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.wintrust.com%2Fsecurity.html%3Fcid%3Demail%3Awtfc%3AJanuaryFraud%3ASecurityReminder%3A202001&tiba=Security%20%7C%20Wintrust&async=1&fmt=3&is_vtc=1&random=1161519966&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Feb 2020 21:42:34 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/994954024/ 		42 B
525 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/994954024/?random=1581025354059&cv=9&fst=1581022800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa1t0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.wintrust.com%2Fsecurity.html%3Fcid%3Demail%3Awtfc%3AJanuaryFraud%3ASecurityReminder%3A202001&tiba=Security%20%7C%20Wintrust&async=1&fmt=3&is_vtc=1&random=1161519966&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Feb 2020 21:42:34 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/981534944/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/981534944/?random=1581025354079&cv=9&fst=1581022800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa1t0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.wintrust.com%2Fsecurity.html%3Fcid%3Demail%3Awtfc%3AJanuaryFraud%3ASecurityReminder%3A202001&tiba=Security%20%7C%20Wintrust&async=1&fmt=3&is_vtc=1&random=3175088279&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Feb 2020 21:42:34 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/981534944/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/981534944/?random=1581025354079&cv=9&fst=1581022800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa1t0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.wintrust.com%2Fsecurity.html%3Fcid%3Demail%3Awtfc%3AJanuaryFraud%3ASecurityReminder%3A202001&tiba=Security%20%7C%20Wintrust&async=1&fmt=3&is_vtc=1&random=3175088279&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Feb 2020 21:42:34 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/1041820229/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1041820229/?random=1581025354085&cv=9&fst=1581022800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa1t0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.wintrust.com%2Fsecurity.html%3Fcid%3Demail%3Awtfc%3AJanuaryFraud%3ASecurityReminder%3A202001&tiba=Security%20%7C%20Wintrust&async=1&fmt=3&is_vtc=1&random=729089148&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Feb 2020 21:42:34 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1041820229/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1041820229/?random=1581025354085&cv=9&fst=1581022800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa1t0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.wintrust.com%2Fsecurity.html%3Fcid%3Demail%3Awtfc%3AJanuaryFraud%3ASecurityReminder%3A202001&tiba=Security%20%7C%20Wintrust&async=1&fmt=3&is_vtc=1&random=729089148&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Feb 2020 21:42:34 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1963102097245134&ev=PageView&dl=https%3A%2F%2Fwww.wintrust.com%2Fsecurity.html%3Fcid%3Demail%3Awtfc%3AJanuaryFraud%3ASecurityReminder%3A202001&rl=&if=false&ts=1581025354180&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1581025354180.1589415403&it=1581025354006&coo=false&rqm=GET
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 06 Feb 2020 21:42:34 GMT, Thu, 06 Feb 2020 21:42:34 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Thu, 06 Feb 2020 21:42:34 GMT
s15764245266958
wintrustfinancialcorporation.sc.omtrdc.net/b/ss/wfcwintrustcorporate,wfcglobal/1/JS-2.10.0-L9UP/ 		43 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wintrustfinancialcorporation.sc.omtrdc.net/b/ss/wfcwintrustcorporate,wfcglobal/1/JS-2.10.0-L9UP/s15764245266958?AQB=1&ndh=1&pf=1&t=6%2F1%2F2020%2022%3A42%3A34%204%20-60&sdid=36D0AEDC54E697C1-4E289AC529D3B359&mid=53324722000563198803208054607012082951&aamlh=6&ce=UTF-8&pageName=us-corp-home%3Asecurity&g=https%3A%2F%2Fwww.wintrust.com%2Fsecurity.html%3Fcid%3Demail%3Awtfc%3AJanuaryFraud%3ASecurityReminder%3A202001&cc=USD&ch=main&v0=email%3Awtfc%3AJanuaryFraud%3ASecurityReminder%3A202001&events=event41&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=D%3Dv1&v1=Corporate%3AUS&h1=home%7Csecurity&c2=security&v2=us-corp-home%3Asecurity&v4=security&v28=22%3A42%20PM&v51=email%3Awtfc%3AJanuaryFraud%3ASecurityReminder%3A202001&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=433165B156CED43A7F000101%40AdobeOrg&AQE=1
Requested by
Host: www.wintrust.com
URL: https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.188.31.119 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-31-119.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 06 Feb 2020 21:42:34 GMT
x-content-type-options
nosniff
x-c
master-1135.I1e15b2.M0-337
p3p
CP="This is not a P3P policy"
status
200
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Fri, 07 Feb 2020 21:42:34 GMT
server
jag
xserver
anedge-5d944dff5f-tvbkm
etag
3395226094873706496-4615212546301393833
vary
*
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Wed, 05 Feb 2020 21:42:34 GMT
/
www.facebook.com/tr/ 		44 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1963102097245134&ev=Microdata&dl=https%3A%2F%2Fwww.wintrust.com%2Fsecurity.html%3Fcid%3Demail%3Awtfc%3AJanuaryFraud%3ASecurityReminder%3A202001&rl=&if=false&ts=1581025354683&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Security%20%7C%20Wintrust%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Security%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1581025354682.1934118833&it=1581025354006&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 06 Feb 2020 21:42:34 GMT, Thu, 06 Feb 2020 21:42:34 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Thu, 06 Feb 2020 21:42:34 GMT

Verdicts & Comments Add Verdict or Comment

90 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery object| matched object| browser object| Granite object| _g function| $CQ object| Handlebars function| Vue object| ContextHub function| unloadEverything object| ContextHubKernelConfig function| ContextHubJQ object| YT object| YTConfig function| onYTReady object| video_obj number| video_length string| video_name object| players function| onYouTubeIframeAPIReady function| onPlayerReady boolean| done function| onPlayerStateChange function| onYouTubePlayerReady function| onytplayerStateChange object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate function| Popper object| bootstrap function| dynamicLocator function| resizeHeroText object| WintrustFED function| colName function| resizeCarouselText boolean| trusteerEnabled number| generic_var string| GoogleAnalyticsObject function| ga number| topNavStart number| topNavEnd function| showSplashByName function| splashClosed object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter string| x function| AppMeasurement_Module_AudienceManagement function| AppMeasurement_Module_Integrate function| AppMeasurement_Module_Media function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq object| playerInfoList object| tag object| firstScriptTag object| s string| s_account function| DIL number| s_objectID number| s_giq object| google_tag_manager object| dataLayer function| gtag function| fbq function| _fbq object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| $f function| Froogaloop function| splashScreen_35274 string| y object| s_i_wfcwintrustcorporate_wfcglobal

0 Cookies

3 Console Messages

Source Level URL
Text
console-api info URL: https://www.wintrust.com/etc/designs/wintrust/clientlib-headlibs.min.js(Line 370)
Message:
Download the Vue Devtools extension for a better development experience: https://github.com/vuejs/vue-devtools
console-api log URL: https://www.wintrust.com/security.html?cid=email:wtfc:JanuaryFraud:SecurityReminder:202001(Line 143)
Message:
*** iFrame embed onYouTubeIframeAPIReady
console-api log URL: https://assets.adobedtm.com/1b0d2c16ecb6/1ffff00689f9/c75d6a0b32bc/EX812545bf0aa94e8c9534838d1e729175-libraryCode_source.min.js(Line 2)
Message:
Error, missing Report Suite ID in AppMeasurement initialization

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
click.wintrustbanks.com
cloud.typography.com
cloud.webtype.com
cm.everesttech.net
connect.facebook.net
dpm.demdex.net
googleads.g.doubleclick.net
pls.webtype.com
s.ytimg.com
stats.g.doubleclick.net
webassets.wintrust.com
wintrust.demdex.net
wintrustfinancialcor.tt.omtrdc.net
wintrustfinancialcorporation.sc.omtrdc.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.splash-screen.net
www.wintrust.com
www.youtube.com
15.188.31.119
216.58.207.66
23.210.248.45
2a00:1450:4001:806::200e
2a00:1450:4001:816::2002
2a00:1450:4001:816::2004
2a00:1450:4001:81a::2003
2a00:1450:4001:81b::200e
2a00:1450:4001:824::2008
2a00:1450:4001:825::200e
2a00:1450:400c:c00::9c
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.236.77.227
46.137.188.65
52.16.220.22
52.49.234.3
52.55.116.26
65.52.62.25
66.117.28.86
66.117.29.4
68.232.203.70
93.184.220.41
95.100.142.38
0253c139df9a74607e0e818b16bc813f6a719a1e7104226cb63e27f4edf4ded9
06bff916cefa0e2d5595ee421e0e8652f349e85c0a14a6e6921f4368200a9629
0a7225b94d6718d9ff6323d691904fbf82ea36dedd35f6b3c3098d6e06d8ed9a
0e0786140b7c5464a78c7281908e4ec7138703a1da1d7cee471c809968577467
105dcebcb57135f252f9b3e5eacfdc1b0d6c24e38c7ef4ae0660409ac96551a6
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11e1cd388936d99c96c93a9b3098c5a9f5eb6611e22247d5bc7012a4eadf4de5
1244f34421f611503bdf8ebcbe4f39e16fd8c314dfd22221a02f26fc90a2a07e
130536bc2170d50a337572c335b88f55cadcdbeaff6a822328aab6cb01df1fee
1416dcfe4d3ad22fb901df4b72b88561f12408c83406670b810b9ae4f89cda83
1621e2a4f7751cc5bccc6e0f04d5cfab6c8da9a69964b4a910cd690b6d214cce
176085357e35981f23eb75cf42ebd09df5cc3d3023113fa3905930acd361161f
1d15f81fc6b6ec92063e50d392ee4ac02930cce1b357327eb2ad2c6b3e5b0562
255a86b23ad4508f95754a0c77b59cf6c006be6a0db5d919d48e4db713b16d78
31bd8bb4fd2f64852d85cb713f8801d1b2d9d341f0961b9085b6ecb3bfc6f7d6
35f086401c4e6b886c0e048cca6587341545c31dadd55fb3102d689f3eda70ce
3a5f8c7a647eca33ff53a23908b8d95fb689d80af734046b758c534fa1b93a8e
3c9d814cfa88849999ad678a4163b64d6d9155b7033e0f5ceae2085042d7c6df
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d
4125f7fb5ef940e03901ec9b35eb9a9345427aaf6348976e7b9521b6322919f8
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
493b08d6fbf04d6dfe7664de3af81a47d251046fcbf22459e2b5f1d873ca53f8
51b15d10557fc5b59f302821b116798a1f6a343b07d96b752cb6126ffaf97def
58d268efda8cc9b875cc18e5630eeadfffa20f0451c548810ee12604308b67c3
58e71bb20ac1994483d65e17206185cdb42b0889febbe7c3d391dee494edc09a
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5b0ead57486a1915884c3ad2c7693be793f58703751f8be17da32715aad566d4
5d4447b5f631eeae2634aa532a12710bafcdb56a481a3b85b7148e78a105fd5f
5e2f8314a045e14b33516088c8f59d4d977422c7faa46f1ee9cf5894f7d92522
629137b2bb51ec3ef645586f184ecf4ded64476070b4cc0ad6385a8b4e097ff2
7460a1229841163d61cdc188a6f2c079b219f5b35c95f84b93ad54557d21e918
7619fd47a287b75058298f07ca5c3516f2c3e24bf3026baa1c2be54c27b4339b
7a85ea6b2dd08e12037d5e438f2d175d41831c3fa4941f152a3286006d5dbf31
7cc80ce6e0302bc3000868ddcbbc36cd3df6a12a380857b390dc1cc52ecd829a
81e9a5eda80fb04a3c4535104f0db1ceaa21d14145f5145c7a1439f1125ecfc2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
851724a25924935fb353b935fbeb065450aef3c452943619a16e3f57e67445cc
87c8f9deb60a4f0ae7195facb68350fe5e560f7f9c108c5654788dc27e3d65c8
87fd41b237299c09bf543dcdaf75aa6de80e7e1061facb24c2a65bb2d137e342
8a0fc3e3abd2a2329c8ad05b899647c75c7f8b81a6b5cd733eb783b1211bc286
8a6f57b63f1f6ed08b38cbca8dd15a5441babc02276d71b55743920d76f345dd
8c3a81720495d76c9352b402ad2be9bd767549d8326fb285defeaa627344d05a
8eb95bcbc154530931e15fc418c8b1fe991095671409552099ea1aa596999ede
9320d74f19f5317a3262d37a067f427387362762fe2b6c3043230c549d04c6a6
95b8d6d14f5802fa9d6601a4367f967370c3ec078e3bfa28b24636796453a5a9
99ced6c1375fdca318b6b7bcf4861f834c07dc919e30b3938100121b863a7545
9c3ee5f572bb09886c810384da1bfd6456b4883b32d720bc6dea76995ddde511
9d637aaf47d8e66699f35d1c099dd2333ad311e37ae13e02926e0187089c705e
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2d231bc896c20a2663c855a312351b1ff3915104b2bf2dd4934f34d5a6eea91
ae5a4866ad1536ab91a56579ee4d8402c6849626d5bac3c925cb79752d708600
b1967cddd1336dd9b5964daee75c2b9dd4ed5716a30a7de90aab13164ea9de95
b2cf21e08628c8b65fc380fe4a25cc1036a912922d4827c240e36ec34fa5c651
bbb922a1d3b511d269fc77f1080be83c7a31087a36b5b50a37097c07713a878d
be56048f01c636efea9b99cee49b9e8ffcceb7285d984fa5795868526fd8f295
c060a133859ab4c8b92cf6bc495913251f951de49d952402a753b8459754e99c
c084b47104c493fb377b6d35d8c08df67d773f6dcf8294c0a7360710cd8cacbd
c166b898a8f0fbf9007e9323381843c53d5e299926e9439c4ad105571b4d5933
c190ed84cc7a3c5cc15ac0806de54458396e6e287a45058121fd704112c98db5
c96cf79a85db9a189630f0d82b444fc835c578c50797cdc2f11c49d603436c82
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d3ebb498192527b985939ae62cc4e5eb5c108efc1896184126b45d866868e73d
dbdb4978f0c6fe9321fad57279e4de016b7da940e188db8755067d004f0eb06d
dd62b706cff6eaf8c6bfaa4bdaf4958f20cee1758ed35e894217f8d65ad2ff12
e7edf06d6436ec9420c26e56bd02ef5f5c93a9fb189ed16b1db402e57a0ea796
e90295514471539bd8418f724ccfec5a9b741d4a39430384391227bc0165d56f
ec7024e764e94caa58c7a18f4624dc84c9ee15537ff5418fd44e2f037f8abc30
eeb62f42f906010abc435828d4dbbea5ed5d87068c09308e89318f395417a874
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f9bf217df68f8a07c9b94d187f66806af95c3ddc701c62dfd2ae4d0ea5cdc0cc
f9f3a6dd4f72cc8864caedf51ff573216e4585095a1ab01504b3a5fc426c8f4e
fb69211305fa755b283806db50541a672810eb61564b1a0c93258d78ed64a788