urlscan.io logo urlscan.io
SecurityTrails logo

bgitopazdowntown.ddireal.vn Open in urlscan Pro
116.118.50.194  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwentythree/styles/wells/signon.php
Submission Tags: tweet @atomspam #phishing #wellsfargo #financial #banking #infosec #cybersecurity #atomspam Search All
Submission: On January 08 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 5 countries across 11 domains to perform 86 HTTP transactions. The main IP is 116.118.50.194, located in Ho Chi Minh City, Viet Nam and belongs to SPT-AS-VN Sai gon Postel Corporation, VN. The main domain is bgitopazdowntown.ddireal.vn.
This is the only time bgitopazdowntown.ddireal.vn was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Wells Fargo (Banking)

Domain & IP information

IP Address AS Autonomous System
2 116.118.50.194 7602 (SPT-AS-VN...)
47 2.16.187.146 20940 (AKAMAI-ASN1)
22 2.16.187.59 20940 (AKAMAI-ASN1)
1 104.109.77.170 16625 (AKAMAI-AS)
3 104.109.70.8 16625 (AKAMAI-AS)
1 13.225.78.95 16509 (AMAZON-02)
2 2 172.217.18.102 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2.16.187.67 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 151.101.129.230 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 35.241.45.82 15169 (GOOGLE)
86 15
2    116.118.50.194 (Ho Chi Minh City, Viet Nam)

ASN7602 (SPT-AS-VN Sai gon Postel Corporation, VN)
bgitopazdowntown.ddireal.vn
47    2.16.187.146 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-187-146.deploy.static.akamaitechnologies.com
connect.secure.wellsfargo.com
22    2.16.187.59 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-187-59.deploy.static.akamaitechnologies.com
static.wellsfargo.com
1    104.109.77.170 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-77-170.deploy.static.akamaitechnologies.com
www10.wellsfargomedia.com
3    104.109.70.8 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-70-8.deploy.static.akamaitechnologies.com
www15.wellsfargomedia.com
1    13.225.78.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-95.fra2.r.cloudfront.net
awusw-wfr.advanced-web-analytics.com
2    172.217.18.102 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f102.1e100.net
ad.doubleclick.net
1    2a00:1450:400d:802::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.fi
1    2a00:1450:400d:804::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2.16.187.67 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-187-67.deploy.static.akamaitechnologies.com
rubicon.wellsfargo.com
1    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    151.101.129.230 (United States)

ASN54113 (FASTLY, US)
resources.digital-cloud-prem.medallia.com
1    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.fi
2    35.241.45.82 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 82.45.241.35.bc.googleusercontent.com
udc-neb.kampyle.com
Apex Domain
Subdomains		 Transfer
70 wellsfargo.com
connect.secure.wellsfargo.com — Cisco Umbrella Rank: 17490
static.wellsfargo.com — Cisco Umbrella Rank: 17634
rubicon.wellsfargo.com — Cisco Umbrella Rank: 17456
1 MB
4 wellsfargomedia.com
www10.wellsfargomedia.com — Cisco Umbrella Rank: 23449
www15.wellsfargomedia.com — Cisco Umbrella Rank: 44318
684 KB
3 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 214
stats.g.doubleclick.net — Cisco Umbrella Rank: 179
1 KB
2 kampyle.com
udc-neb.kampyle.com — Cisco Umbrella Rank: 3121
524 B
2 google.fi
adservice.google.fi — Cisco Umbrella Rank: 45744
www.google.fi — Cisco Umbrella Rank: 16587
1 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 142
www.google.com — Cisco Umbrella Rank: 16
1 KB
2 ddireal.vn
bgitopazdowntown.ddireal.vn
29 KB
1 medallia.com
resources.digital-cloud-prem.medallia.com — Cisco Umbrella Rank: 17652
2 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 103
414 B
1 advanced-web-analytics.com
awusw-wfr.advanced-web-analytics.com — Cisco Umbrella Rank: 47763
519 B
0 rlcdn.com Failed
api.rlcdn.com Failed
86 11
Domain Requested by
47 connect.secure.wellsfargo.com bgitopazdowntown.ddireal.vn
connect.secure.wellsfargo.com
22 static.wellsfargo.com bgitopazdowntown.ddireal.vn
static.wellsfargo.com
3 www15.wellsfargomedia.com connect.secure.wellsfargo.com
2 udc-neb.kampyle.com static.wellsfargo.com
2 ad.doubleclick.net 2 redirects
2 bgitopazdowntown.ddireal.vn bgitopazdowntown.ddireal.vn
1 www.google.fi
1 www.google.com
1 resources.digital-cloud-prem.medallia.com static.wellsfargo.com
1 stats.g.doubleclick.net static.wellsfargo.com
1 rubicon.wellsfargo.com static.wellsfargo.com
1 www.google-analytics.com static.wellsfargo.com
1 adservice.google.fi bgitopazdowntown.ddireal.vn
1 adservice.google.com 1 redirects
1 awusw-wfr.advanced-web-analytics.com connect.secure.wellsfargo.com
1 www10.wellsfargomedia.com bgitopazdowntown.ddireal.vn
0 api.rlcdn.com Failed static.wellsfargo.com
86 17

This site contains no links.

Subject Issuer Validity Valid
connect.secure.wellsfargo.com
DigiCert EV RSA CA G2		 2022-10-11 -
2023-10-11		 a year crt.sh
static.wellsfargo.com
DigiCert EV RSA CA G2		 2022-10-12 -
2023-10-12		 a year crt.sh
www10.wellsfargomedia.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-05 -
2023-04-05		 a year crt.sh
www15.wellsfargomedia.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-14 -
2023-11-16		 a year crt.sh
*.advanced-web-analytics.com
GeoTrust TLS RSA CA G1		 2022-05-09 -
2023-05-11		 a year crt.sh
*.google.fi
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
rubicon.wellsfargo.com
Wells Fargo Public Trust Certification Authority 01 G2		 2022-04-06 -
2023-04-06		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
resources.digital-cloud-prem.medallia.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.kampyle.com
SSL.com RSA SSL subCA		 2022-02-28 -
2023-03-31		 a year crt.sh

This page contains 6 frames:

Primary Page: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwentythree/styles/wells/signon.php
Frame ID: 07387B3591CE9421C256D1522DF58D7D
Requests: 69 HTTP requests in this frame

Frame: https://awusw-wfr.advanced-web-analytics.com/AIDO/mech.html?e=http%3A%2F%2Fbgitopazdowntown.ddireal.vn&es=eyJpIjoiUmhhWU9Kc3IyMGlUZ29KZVM1UDNpZz09IiwiZSI6ImMrZHg0cUVJSTZERHJGM3AwMEF3SDNhRldHeTlqK3o0eUtvcDk4XC9NT1lOdTNhTlpZMDdNSWJwSEw5RDRKUGlyUDBkb2hiVEVTc2VKWjZId0JcL3ZWc1VDanpCTWFTY2pVRHZFS1wvM3hrTzBrQVBlbVMrdGtsN2F2YVZzR1RJdW1WT05sT2M5b3lcL0dYYlNLMnNPRFR3cVE9PSJ9.b9ed1b4d90e64968.ZjEyNWE4Mjg0ZTRiNTM4NjE1ZWYxYzE3NTdiMWM0ODgxY2UwMmRiZmZmZTFhZDQ4YmViYzQxZmE0ZmZlNDk2Mw%3D%3D&eu=http%3A%2F%2Fbgitopazdowntown.ddireal.vn%2Fwp-content%2Fthemes%2Ftwentytwentythree%2Fstyles%2Fwells%2Fsignon.php&icid=167319470425145444
Frame ID: 8F7D561BD2CD1E4C41E8FB6FEB974DD5
Requests: 1 HTTP requests in this frame

Frame: https://connect.secure.wellsfargo.com/AIDO/gateway.html?sui=9840dad27a8d41200516666d9346b785a3b11b0bedaf402ad7b1d77774c2b2f3
Frame ID: A78AD94CCD83232E5AC337678751E5C9
Requests: 5 HTTP requests in this frame

Frame: https://adservice.google.fi/ddm/fls/p/src=2549153;dc_pre=CNvOlYCwuPwCFQaGywEdwH4Flg;type=allv40;cat=all_a012;u1=11202206270424411143497415;u4=LOGIN;u5=n;u8=loginapp;u11=PROD;u19=GA1.2.848135748.1656329096;u23=DESKTOP;ord=1208668656271.3545;~oref=http://bgitopazdowntown.ddireal.vn/
Frame ID: 2483E85B3CDEDFD8AB0F408A8F7A0577
Requests: 1 HTTP requests in this frame

Frame: https://connect.secure.wellsfargo.com/AIDO/convoy.html/discovercard.com/dfs/accounthome/summary/www.schwab.com/secure.accurint.com/unfcu2.org//login1/wachovia.com/MyAccounts.aspx/investing.schwab.com/secure/schwab///https://snsbank.nl/mijnsns/secure/login/httpsabph.pl/pi/do/Authorization/alfabank.ru/swedbank/pf.bgz.pl/httponline.eurobank.pl/?cid=5&si=3&e=http%3A%2F%2Fbgitopazdowntown.ddireal.vn&t=xframe&eu=http%3A%2F%2Fbgitopazdowntown.ddireal.vn%2Fwp-content%2Fthemes%2Ftwentytwentythree%2Fstyles%2Fwells%2Fsignon.php&icid=167319471713331508
Frame ID: EB6860B7F76B57AB4C4B73CADE94841F
Requests: 5 HTTP requests in this frame

Frame: https://connect.secure.wellsfargo.com/AIDO/elegant.html?si=3&e=http%3A%2F%2Fbgitopazdowntown.ddireal.vn&t=xframe&eu=http%3A%2F%2Fbgitopazdowntown.ddireal.vn%2Fwp-content%2Fthemes%2Ftwentytwentythree%2Fstyles%2Fwells%2Fsignon.php&icid=167319471714156227
Frame ID: 3E2DAD711161D5CAEA528D814EBE2FB4
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign On to View Your Personal Accounts | Wells Fargo

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • rx(?:\.\w+)?(?:\.compat|\.global)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns

Page Statistics

86
Requests

95 %
HTTPS

38 %
IPv6

11
Domains

17
Subdomains

15
IPs

5
Countries

2097 kB
Transfer

4586 kB
Size

13
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49
  • https://ad.doubleclick.net/ddm/activity/src=2549153;type=allv40;cat=all_a012;u1=11202206270424411143497415;u4=LOGIN;u5=n;u8=loginapp;u11=PROD;u19=GA1.2.848135748.1656329096;u23=DESKTOP;ord=1208668656271.3545 HTTP 302
  • https://ad.doubleclick.net/ddm/activity/src=2549153;dc_pre=CNvOlYCwuPwCFQaGywEdwH4Flg;type=allv40;cat=all_a012;u1=11202206270424411143497415;u4=LOGIN;u5=n;u8=loginapp;u11=PROD;u19=GA1.2.848135748.1656329096;u23=DESKTOP;ord=1208668656271.3545 HTTP 302
  • https://adservice.google.com/ddm/fls/p/src=2549153;dc_pre=CNvOlYCwuPwCFQaGywEdwH4Flg;type=allv40;cat=all_a012;u1=11202206270424411143497415;u4=LOGIN;u5=n;u8=loginapp;u11=PROD;u19=GA1.2.848135748.1656329096;u23=DESKTOP;ord=1208668656271.3545;~oref=http://bgitopazdowntown.ddireal.vn/ HTTP 302
  • https://adservice.google.fi/ddm/fls/p/src=2549153;dc_pre=CNvOlYCwuPwCFQaGywEdwH4Flg;type=allv40;cat=all_a012;u1=11202206270424411143497415;u4=LOGIN;u5=n;u8=loginapp;u11=PROD;u19=GA1.2.848135748.1656329096;u23=DESKTOP;ord=1208668656271.3545;~oref=http://bgitopazdowntown.ddireal.vn/
Request Chain 60
  • http://static.wellsfargo.com/tracking/ga/gtag.js?t=UA-107148943-1 HTTP 307
  • https://static.wellsfargo.com/tracking/ga/gtag.js?t=UA-107148943-1

86 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request signon.php
bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwentythree/styles/wells/ 		105 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwentythree/styles/wells/signon.php
Protocol
HTTP/1.1
Server
116.118.50.194 Ho Chi Minh City, Viet Nam, ASN7602 (SPT-AS-VN Sai gon Postel Corporation, VN),
Reverse DNS
Software
LiteSpeed /
Resource Hash
26fbfe958bfab19d28484b3b379e912c26deb4373a95ab634138817b1cc8fd4e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
connection
Keep-Alive
content-encoding
gzip
content-length
26919
content-type
text/html; charset=UTF-8
date
Sun, 08 Jan 2023 16:18:23 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
LiteSpeed
vary
Accept-Encoding
/
connect.secure.wellsfargo.com/ATADUN/2.2/w/w-642409/init/js/ 		541 B
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/ATADUN/2.2/w/w-642409/init/js/?q=NDX%3A%25pR%20Z*d%20UcHG4Pt6k%3F%22KmP%3Ck%3B0G%3A.y7xpE%3DG%3CAp39dLl%25N%3EKJ%60%5D%27sX5rJ!u%25%3Fr%5E8p.%5ErA4m!3mC5%3E1%3D-h%2C9LL%23lK%3E%7D2eH%3Ca4L1ozMnA%23jQ%5Ec%7B%3A%25%40u%20pC%3E%22%22hlFg%40TuXBp55t%5D)z%23XnOmGPSF7L%2BF%3DnClfQsD6%7D%25)Pu%5Cd-r%27OD0f79j%22c%3CS%5E%7BG(_9vX%25qE7A%7B%3Db%3BX9t5%3Bn9N%2FbLlHQ%3B%60uN)EgyY_t0V%3A%3C%7D%5EKE%5Er4%3A%27g%3Bg%5C%407imewVcr%25teRf_hebAfazc9N%20(Zn49Kbx%60%607%2BcfRwO-zVD%5DD9Q%22%7CzFw%5E%5C9Rdkl0fCT%7D8%2B%7DTMeZ.zW%5CzR%2Bb%3D%27aG9!1-%3Bn3L%5D%5EGn5i%3C%5Bk%5B%20SI%5Bp%5C%22iCzH7J%3EKY!%24J1i%2C%2Fg%24a(F%3CiS%2B%2F%7CMcu%40auRzp.%27P6%40z%24RvL%22%2BWuNGn%3CH1j_Ux4%404%3Cs%20-qB86j6uO3Mw9q9Q2s2lEDh%5B05%3E%20.dBfSHg!%2CfOU%5EV%7DG5y%3Ak1b*3.RB7WS%26JAL%7D%5DcIpX%7D6a%7BCB%2FR%23
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwentythree/styles/wells/signon.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1ad21094063a455b71796978a99838b08cf5b4dbe69f261d0cf88542bb80ced4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 08 Jan 2023 16:18:23 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
X-Content-Type-Options
nosniff, nosniff
Vary
Origin,Referer
Access-Control-Allow-Methods
GET, POST
Content-Type
application/javascript
Access-Control-Allow-Origin
http://bgitopazdowntown.ddireal.vn
x-frame-options
SAMEORIGIN
Connection
keep-alive
Content-Length
541
x-xss-protection
1; mode=block
ga_conversion_async.js
static.wellsfargo.com/tracking/ga/ 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.wellsfargo.com/tracking/ga/ga_conversion_async.js
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwentythree/styles/wells/signon.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-59.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6c771bd1c269646a76015f2f6410a40c031e5adea88f665bfe9ae15a972ab6ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 08 Jan 2023 16:18:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Thu, 09 Sep 2021 17:30:40 GMT
ETag
W/"613a44c0-8c31"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1800
Connection
keep-alive
Content-Length
13593
X-XSS-Protection
1; mode=block
gtag.js
static.wellsfargo.com/tracking/ga/ 		115 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.wellsfargo.com/tracking/ga/gtag.js?t=UA-107148943-1
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwentythree/styles/wells/signon.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-59.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 08 Jan 2023 16:18:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Tue, 06 Dec 2022 21:04:34 GMT
ETag
W/"638fae62-1ca3a"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1800
Connection
keep-alive
Content-Length
45055
X-XSS-Protection
1; mode=block
gtag.js
static.wellsfargo.com/tracking/ga/ 		115 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.wellsfargo.com/tracking/ga/gtag.js?t=DC-2549153
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwentythree/styles/wells/signon.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-59.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 08 Jan 2023 16:18:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Tue, 06 Dec 2022 21:04:34 GMT
ETag
W/"638fae62-1ca3a"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1800
Connection
keep-alive
Content-Length
45055
X-XSS-Protection
1; mode=block
gtag.js
static.wellsfargo.com/tracking/ga/ 		115 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.wellsfargo.com/tracking/ga/gtag.js?t=AW-984436569
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwentythree/styles/wells/signon.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-59.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 08 Jan 2023 16:18:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Tue, 06 Dec 2022 21:04:34 GMT
ETag
W/"638fae62-1ca3a"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1800
Connection
keep-alive
Content-Length
45055
X-XSS-Protection
1; mode=block
nd
connect.secure.wellsfargo.com/jenny/ 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/jenny/nd
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwentythree/styles/wells/signon.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
45dd6b9f699188c2baeed8b459454276a74861b7fe3f1a8911a9e07de0d25964
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 08 Jan 2023 16:18:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Vary
accept-encoding
X-Frame-Options
DENY
Content-Type
application/javascript;charset=ISO-8859-1
Connection
keep-alive
Content-Length
17001
X-XSS-Protection
1; mode=block
gtag.js
static.wellsfargo.com/tracking/ga/ 		115 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.wellsfargo.com/tracking/ga/gtag.js?id=AW-984436569
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwentythree/styles/wells/signon.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-59.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 08 Jan 2023 16:18:35 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Tue, 06 Dec 2022 21:04:34 GMT
ETag
W/"638fae62-1ca3a"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1800
Connection
keep-alive
Content-Length
45055
X-XSS-Protection
1; mode=block
ytc.js
static.wellsfargo.com/tracking/ytc/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.wellsfargo.com/tracking/ytc/ytc.js
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwentythree/styles/wells/signon.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-59.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
052776ce5bb96d76cced9b9d9d5cc8ab2110e33eaba59f6cd3259642a83ff4d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 08 Jan 2023 16:18:35 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Thu, 15 Jul 2021 21:00:28 GMT
ETag
W/"60f0a1ec-3ad3"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1800
Connection
keep-alive
Content-Length
5614
X-XSS-Protection
1; mode=block
general_alt.js
connect.secure.wellsfargo.com/auth/login/static/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/auth/login/static/js/general_alt.js?async&seed=AIB30aSBAQAAaON8e0THKEG-EABBQKIADdpWWv5DyTHstHopwQkaHgNyXtDA&X-G2Q3kxs3--z=q
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwentythree/styles/wells/signon.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Jan 2023 16:18:24 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Type
text/plain; charset=UTF-8
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Expires
Sun, 08 Jan 2023 16:18:24 GMT
wfui.5d3fa5b6daab852c2a31.chunk.css
connect.secure.wellsfargo.com/auth/static/ui/loginaltsignon/public/stylesheets/ 		99 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/auth/static/ui/loginaltsignon/public/stylesheets/wfui.5d3fa5b6daab852c2a31.chunk.css
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwentythree/styles/wells/signon.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fea85638d902b7d705d72aa9776531c035371a16774f0e52be50c0638c6eb110
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Sun, 08 Jan 2023 16:18:23 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Connection
keep-alive
Content-Length
16482
X-XSS-Protection
1; mode=block
Last-Modified
Wed, 08 Jun 2022 01:32:21 GMT
ETag
"629ffc25-4062"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Allow
GET, POST, OPTIONS
Access-Control-Allow-Methods
POST
Cache-Control
max-age=10368000
main.b3b5f355e18c2c42a801.chunk.css
connect.secure.wellsfargo.com/auth/static/ui/loginaltsignon/public/stylesheets/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/auth/static/ui/loginaltsignon/public/stylesheets/main.b3b5f355e18c2c42a801.chunk.css
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwentythree/styles/wells/signon.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5e68ea9ca9cce32f91979f88142e963f0ff950cc1f1b6c3246eaaaf2f3091c58
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Sun, 08 Jan 2023 16:18:23 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Connection
keep-alive
Content-Length
2005
X-XSS-Protection
1; mode=block
Last-Modified
Wed, 08 Jun 2022 01:32:21 GMT
ETag
"629ffc25-7d5"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Allow
GET, POST, OPTIONS
Access-Control-Allow-Methods
POST
Cache-Control
max-age=10368000
glu.js
connect.secure.wellsfargo.com/AIDO/ 		68 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/AIDO/glu.js
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwentythree/styles/wells/signon.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
94b26998d1e744a85511cb2a6ef65c3a57e111b5358bc2da1276175ae4fbe026
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Date
Sun, 08 Jan 2023 16:18:24 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Connection
keep-alive
Content-Length
36999
X-XSS-Protection
1; mode=block
Pragma
no-cache
max-age
0
Vary
Origin, Accept-Encoding
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
application/x-javascript
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Expires
-1
utag.3.js
static.wellsfargo.com/tracking/secure-auth/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.wellsfargo.com/tracking/secure-auth/utag.3.js?utv=ut4.48.202112091836
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwentythree/styles/wells/signon.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-59.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3636799d3181248d5db968a7851b9aa972ea77f64b3cba9ce6b0a8933106c0c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 08 Jan 2023 16:18:35 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Thu, 03 Dec 2020 23:04:06 GMT
ETag
W/"5fc96ee6-15f9"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1800
Connection
keep-alive
Content-Length
2186
X-XSS-Protection
1; mode=block
utag.4.js
static.wellsfargo.com/tracking/secure-auth/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.wellsfargo.com/tracking/secure-auth/utag.4.js?utv=ut4.48.202108231941
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwentythree/styles/wells/signon.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-59.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d05c6eece255484babbedeb74b3a5b19daaa9763049e08362b82cfdf1fc8bfbe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 08 Jan 2023 16:18:35 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Thu, 23 Sep 2021 21:00:33 GMT
ETag
W/"614ceaf1-16e0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1800
Connection
keep-alive
Content-Length
1663
X-XSS-Protection
1; mode=block
utag.5.js
static.wellsfargo.com/tracking/secure-auth/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.wellsfargo.com/tracking/secure-auth/utag.5.js?utv=ut4.48.202202030106
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwentythree/styles/wells/signon.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-59.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
60d47dd37dff7fa5a9353b251f9d54bbbfc2d9564003d347a85075d046ecee7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 08 Jan 2023 16:18:35 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Thu, 22 Sep 2022 20:06:42 GMT
ETag
W/"632cc052-1c52"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1800
Connection
keep-alive
Content-Length
2392
X-XSS-Protection
1; mode=block
utag.7.js
static.wellsfargo.com/tracking/secure-auth/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.wellsfargo.com/tracking/secure-auth/utag.7.js?utv=ut4.48.202010230514
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwentythree/styles/wells/signon.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-59.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9c4cf53fef9222fc5d6659fa4b776fe20d64c46886c3d96547aaae16134afb2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 08 Jan 2023 16:18:35 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Wed, 28 Oct 2020 21:48:43 GMT
ETag
W/"5f99e73b-28df"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1800
Connection
keep-alive
Content-Length
3220
X-XSS-Protection
1; mode=block
utag.10.js
static.wellsfargo.com/tracking/secure-auth/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.wellsfargo.com/tracking/secure-auth/utag.10.js?utv=ut4.48.202102191956
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwentythree/styles/wells/signon.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-59.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9184b3835b9cda7302210700cdc5050c5c207682d69c3fbe9e78356cffb65391
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 08 Jan 2023 16:18:36 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Thu, 04 Mar 2021 00:30:32 GMT
ETag
W/"60402a28-50bb"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1800
Connection
keep-alive
Content-Length
5672
X-XSS-Protection
1; mode=block
utag.9.js
static.wellsfargo.com/tracking/secure-auth/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.wellsfargo.com/tracking/secure-auth/utag.9.js?utv=ut4.48.202108231941
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwentythree/styles/wells/signon.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-59.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
34d6af1ed862f62ede259dedabcadba6446c1e9182cd70b19c66cb3acedae93d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 08 Jan 2023 16:18:35 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Thu, 23 Sep 2021 21:00:33 GMT
ETag
W/"614ceaf1-2bba"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1800
Connection
keep-alive
Content-Length
3522
X-XSS-Protection
1; mode=block
utag.15.js
static.wellsfargo.com/tracking/secure-auth/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.wellsfargo.com/tracking/secure-auth/utag.15.js?utv=ut4.48.202109220050
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwentythree/styles/wells/signon.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-59.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
384f41d37d3a9be1a72e761589096fcce4119150ea81ead29ba758514d321e94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 08 Jan 2023 16:18:35 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Thu, 23 Sep 2021 21:00:33 GMT
ETag
W/"614ceaf1-ebc"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1800
Connection
keep-alive
Content-Length
1682
X-XSS-Protection
1; mode=block
mint.js
connect.secure.wellsfargo.com/AIDO/ 		86 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.7640382844861511
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwentythree/styles/wells/signon.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f28b5a442279dab61e1fc2d87705cf62bb60a62e711001b99e77f0ca21427501
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma
no-cache
Date
Sun, 08 Jan 2023 16:18:24 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
max-age
0
Vary
Accept-Encoding
Content-Type
application/x-javascript
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
55642
X-XSS-Protection
1; mode=block
Expires
-1
pic.js
connect.secure.wellsfargo.com/PIDO/ 		77 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/PIDO/pic.js?r=0.8426445611056853
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwentythree/styles/wells/signon.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
98d3c87d7f917aeaf8d12503ca7a02d6e9243c579d57525a174e1f258f6e51f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma
no-cache
Date
Sun, 08 Jan 2023 16:18:24 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
max-age
0
Vary
Accept-Encoding
Content-Type
application/x-javascript
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43039
X-XSS-Protection
1; mode=block
Expires
-1
trx.js
connect.secure.wellsfargo.com/AIDO/ 		106 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/AIDO/trx.js
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwentythree/styles/wells/signon.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f7d0739460b2a289b43ea9fe7e84843978034ea9d417c8c5a147533872e3b64c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma
no-cache
Date
Sun, 08 Jan 2023 16:18:23 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
max-age
0
Vary
Accept-Encoding
Content-Type
application/x-javascript
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
53989
X-XSS-Protection
1; mode=block
Expires
-1
try.js
connect.secure.wellsfargo.com/AIDO/ 		73 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/AIDO/try.js
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwentythree/styles/wells/signon.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
55966bc5760182e9df739011e7cd2379f2c457f165b1e006eff3d04e10f1294f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma
no-cache
Date
Sun, 08 Jan 2023 16:18:23 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
max-age
0
Vary
Accept-Encoding
Content-Type
application/x-javascript
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
39282
X-XSS-Protection
1; mode=block
Expires
-1
ay6u
connect.secure.wellsfargo.com/AIDO/ 		142 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/AIDO/ay6u?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIxNSUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJyZWYlMjIlM0ElMjJodHRwcyUzQSUyRiUyRmNvbm5lY3Quc2VjdXJlLndlbGxzZmFyZ28uY29tJTJGYXV0aCUyRmxvZ2luJTJGcHJlc2VudCUzRm9yaWdpbiUzRGNvYiUyNkxPQiUzRENPTlMlMjIlN0QlN0QlMkMlN0IlMjJpZCUyMiUzQSUyMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMnMlMjIlM0ElMjJhYWY5NTg4OS0yMDZiLTQ1N2UtOWQzNC0xMGE0NDYwY2U3YTUlMjIlN0QlN0QlNUQ%3D&cid=15%2C28&si=3&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=tasfxhz_xfidlmov&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwentythree/styles/wells/signon.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
db27897282a9c24bf21eeb7cebabf3cc9feec5d7d7676498f7809e632a1a6502
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma
no-cache
Date
Sun, 08 Jan 2023 16:18:24 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
max-age
0
Vary
Accept-Encoding
Content-Type
text/javascript
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
142
X-XSS-Protection
1; mode=block
Expires
-1
vyHb
connect.secure.wellsfargo.com/AIDO/ 		141 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIxNSUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJyZWYlMjIlM0ElMjJodHRwcyUzQSUyRiUyRmNvbm5lY3Quc2VjdXJlLndlbGxzZmFyZ28uY29tJTJGYXV0aCUyRmxvZ2luJTJGcHJlc2VudCUzRm9yaWdpbiUzRGNvYiUyNkxPQiUzRENPTlMlMjIlN0QlN0QlMkMlN0IlMjJpZCUyMiUzQSUyMjglMjIlMkMlMjJkYXRhJTIyJTNBJTdCJTIyY2lkJTIyJTNBJTIyOCUyMiUyQyUyMnUlMjIlM0ElMjJodHRwcyUzQSUyRiUyRmNvbm5lY3Quc2VjdXJlLndlbGxzZmFyZ28uY29tJTJGYXV0aCUyRmxvZ2luJTJGcHJlc2VudCUzRm9yaWdpbiUzRGNvYiUyNkxPQiUzRENPTlMlMjIlMkMlMjJyJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25uZWN0LnNlY3VyZS53ZWxsc2ZhcmdvLmNvbSUyRmF1dGglMkZsb2dpbiUyRnByZXNlbnQlM0ZvcmlnaW4lM0Rjb2IlMjZMT0IlM0RDT05TJTIyJTJDJTIycGlkJTIyJTNBNDQ3OTI0NzcwJTJDJTIyZmMlMjIlM0ExJTJDJTIyY251bSUyMiUzQTElMkMlMjJ0cyUyMiUzQTE2NTYzMjkyMDYwNjAlMkMlMjJ0JTIyJTNBJTdCJTIydCUyMiUzQSUyMmxvZ2luJTIyJTdEJTJDJTIycmFuZCUyMiUzQTQ3Nzg4JTdEJTdEJTVE&cid=15%2C8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=lawigr_kbuauxo_m&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwentythree/styles/wells/signon.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a830d0edb2a0425d62b04c2f2833ad08a47735bc655cab5b29b27d3b522639fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma
no-cache
Date
Sun, 08 Jan 2023 16:18:24 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
max-age
0
Vary
Accept-Encoding
Content-Type
text/javascript
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
141
X-XSS-Protection
1; mode=block
Expires
-1
vyHb
connect.secure.wellsfargo.com/AIDO/ 		132 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIyMCUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJkdCUyMiUzQSUyMmdkaWQlMjIlMkMlMjJnJTIyJTNBJTIybDR3bm1iY2Q3a2hla3h2ZGR1ayUyMiUyQyUyMmNpZCUyMiUzQSUyMjIwJTIyJTdEJTdEJTVE&cid=20&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=dklzlamqibulxmua&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwentythree/styles/wells/signon.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
61a097bc2513efb34dee32ba60be8df34a5e2d3f9f833065c47fe18b89907662
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma
no-cache
Date
Sun, 08 Jan 2023 16:18:24 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
max-age
0
Vary
Accept-Encoding
Content-Type
text/javascript
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
132
X-XSS-Protection
1; mode=block
Expires
-1
vyHb
connect.secure.wellsfargo.com/AIDO/ 		131 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25uZWN0LnNlY3VyZS53ZWxsc2ZhcmdvLmNvbSUyRmF1dGglMkZsb2dpbiUyRnByZXNlbnQlM0ZvcmlnaW4lM0Rjb2IlMjZMT0IlM0RDT05TJTIyJTJDJTIyciUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGY29ubmVjdC5zZWN1cmUud2VsbHNmYXJnby5jb20lMkZhdXRoJTJGbG9naW4lMkZwcmVzZW50JTNGb3JpZ2luJTNEY29iJTI2TE9CJTNEQ09OUyUyMiUyQyUyMnBpZCUyMiUzQTQ0NzkyNDc3MCUyQyUyMmZjJTIyJTNBMCUyQyUyMmNudW0lMjIlM0EyJTJDJTIydHMlMjIlM0ExNjU2MzI5MjI2NTczJTJDJTIydCUyMiUzQSU3QiUyMnQlMjIlM0ElMjJsb2dpbiUyMiU3RCUyQyUyMnJhbmQlMjIlM0E5MTE1MDclN0QlN0QlNUQ%3D&cid=8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=esdkbhzwxugbfrfa&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwentythree/styles/wells/signon.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
db341d5481f4f4821d615925d8832d4670c0be64ec82a973bbbb692b8ae1b97f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma
no-cache
Date
Sun, 08 Jan 2023 16:18:25 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
max-age
0
Vary
Accept-Encoding
Content-Type
text/javascript
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
131
X-XSS-Protection
1; mode=block
Expires
-1
vyHb
connect.secure.wellsfargo.com/AIDO/ 		131 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25uZWN0LnNlY3VyZS53ZWxsc2ZhcmdvLmNvbSUyRmF1dGglMkZsb2dpbiUyRnByZXNlbnQlM0ZvcmlnaW4lM0Rjb2IlMjZMT0IlM0RDT05TJTIyJTJDJTIyciUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGY29ubmVjdC5zZWN1cmUud2VsbHNmYXJnby5jb20lMkZhdXRoJTJGbG9naW4lMkZwcmVzZW50JTNGb3JpZ2luJTNEY29iJTI2TE9CJTNEQ09OUyUyMiUyQyUyMnBpZCUyMiUzQTQ0NzkyNDc3MCUyQyUyMmZjJTIyJTNBMCUyQyUyMmNudW0lMjIlM0EzJTJDJTIydHMlMjIlM0ExNjU2MzI5MzA2NTIyJTJDJTIydCUyMiUzQSU3QiUyMnQlMjIlM0ElMjJsb2dpbiUyMiU3RCUyQyUyMnJhbmQlMjIlM0E0NDg2NTclN0QlN0QlNUQ%3D&cid=8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=zpuevxekebkkqzyz&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwentythree/styles/wells/signon.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
05413f45f5993fb5a248861440bb0ef62b51aabeb798c6bc82a33f3e8659b866
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma
no-cache
Date
Sun, 08 Jan 2023 16:18:25 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
max-age
0
Vary
Accept-Encoding
Content-Type
text/javascript
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
131
X-XSS-Protection
1; mode=block
Expires
-1
vyHb
connect.secure.wellsfargo.com/AIDO/ 		131 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25uZWN0LnNlY3VyZS53ZWxsc2ZhcmdvLmNvbSUyRmF1dGglMkZsb2dpbiUyRnByZXNlbnQlM0ZvcmlnaW4lM0Rjb2IlMjZMT0IlM0RDT05TJTIyJTJDJTIyciUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGY29ubmVjdC5zZWN1cmUud2VsbHNmYXJnby5jb20lMkZhdXRoJTJGbG9naW4lMkZwcmVzZW50JTNGb3JpZ2luJTNEY29iJTI2TE9CJTNEQ09OUyUyMiUyQyUyMnBpZCUyMiUzQTQ0NzkyNDc3MCUyQyUyMmZjJTIyJTNBMSUyQyUyMmNudW0lMjIlM0E0JTJDJTIydHMlMjIlM0ExNjU2MzI5Mzc3ODc4JTJDJTIydCUyMiUzQSU3QiUyMnQlMjIlM0ElMjJsb2dpbiUyMiU3RCUyQyUyMnJhbmQlMjIlM0EzNTM4MjUlN0QlN0QlNUQ%3D&cid=8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=stdgds_icz__zvhk&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwentythree/styles/wells/signon.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
20b90132f5e2d51fe8edeaff395c1f75127775d81cf65b33a863eb2ed95edf51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma
no-cache
Date
Sun, 08 Jan 2023 16:18:25 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
max-age
0
Vary
Accept-Encoding
Content-Type
text/javascript
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
131
X-XSS-Protection
1; mode=block
Expires
-1
vyHb
connect.secure.wellsfargo.com/AIDO/ 		131 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25uZWN0LnNlY3VyZS53ZWxsc2ZhcmdvLmNvbSUyRmF1dGglMkZsb2dpbiUyRnByZXNlbnQlM0ZvcmlnaW4lM0Rjb2IlMjZMT0IlM0RDT05TJTIyJTJDJTIyciUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGY29ubmVjdC5zZWN1cmUud2VsbHNmYXJnby5jb20lMkZhdXRoJTJGbG9naW4lMkZwcmVzZW50JTNGb3JpZ2luJTNEY29iJTI2TE9CJTNEQ09OUyUyMiUyQyUyMnBpZCUyMiUzQTQ0NzkyNDc3MCUyQyUyMmZjJTIyJTNBMCUyQyUyMmNudW0lMjIlM0E1JTJDJTIydHMlMjIlM0ExNjU2MzI5MzgwNjcwJTJDJTIydCUyMiUzQSU3QiUyMnQlMjIlM0ElMjJsb2dpbiUyMiU3RCUyQyUyMnJhbmQlMjIlM0E5NTUzODklN0QlN0QlNUQ%3D&cid=8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=hsxdfhsfonvcksrz&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwentythree/styles/wells/signon.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7da443f39799d3ff07e43890054b7888b5f3c2d91b68b9e23a4cc4fa5e037701
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma
no-cache
Date
Sun, 08 Jan 2023 16:18:25 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
max-age
0
Vary
Accept-Encoding
Content-Type
text/javascript
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
131
X-XSS-Protection
1; mode=block
Expires
-1
vyHb
connect.secure.wellsfargo.com/AIDO/ 		131 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25uZWN0LnNlY3VyZS53ZWxsc2ZhcmdvLmNvbSUyRmF1dGglMkZsb2dpbiUyRnByZXNlbnQlM0ZvcmlnaW4lM0Rjb2IlMjZMT0IlM0RDT05TJTIyJTJDJTIyciUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGY29ubmVjdC5zZWN1cmUud2VsbHNmYXJnby5jb20lMkZhdXRoJTJGbG9naW4lMkZwcmVzZW50JTNGb3JpZ2luJTNEY29iJTI2TE9CJTNEQ09OUyUyMiUyQyUyMnBpZCUyMiUzQTQ0NzkyNDc3MCUyQyUyMmZjJTIyJTNBMSUyQyUyMmNudW0lMjIlM0E2JTJDJTIydHMlMjIlM0ExNjU2MzI5NDI0NDA5JTJDJTIydCUyMiUzQSU3QiUyMnQlMjIlM0ElMjJsb2dpbiUyMiU3RCUyQyUyMnJhbmQlMjIlM0ExNzE5NzUlN0QlN0QlNUQ%3D&cid=8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=hronhtcntiapovlh&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwentythree/styles/wells/signon.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bd320a1a5b4aa6e2026cb92ddd25306bbb52efcb74837ad3e9958fec2643a5c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma
no-cache
Date
Sun, 08 Jan 2023 16:18:25 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
max-age
0
Vary
Accept-Encoding
Content-Type
text/javascript
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
131
X-XSS-Protection
1; mode=block
Expires
-1
vyHb
connect.secure.wellsfargo.com/AIDO/ 		131 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25uZWN0LnNlY3VyZS53ZWxsc2ZhcmdvLmNvbSUyRmF1dGglMkZsb2dpbiUyRnByZXNlbnQlM0ZvcmlnaW4lM0Rjb2IlMjZMT0IlM0RDT05TJTIyJTJDJTIyciUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGY29ubmVjdC5zZWN1cmUud2VsbHNmYXJnby5jb20lMkZhdXRoJTJGbG9naW4lMkZwcmVzZW50JTNGb3JpZ2luJTNEY29iJTI2TE9CJTNEQ09OUyUyMiUyQyUyMnBpZCUyMiUzQTQ0NzkyNDc3MCUyQyUyMmZjJTIyJTNBMCUyQyUyMmNudW0lMjIlM0E3JTJDJTIydHMlMjIlM0ExNjU2MzI5NDI3OTQ0JTJDJTIydCUyMiUzQSU3QiUyMnQlMjIlM0ElMjJsb2dpbiUyMiU3RCUyQyUyMnJhbmQlMjIlM0E0OTExNDclN0QlN0QlNUQ%3D&cid=8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=tmhuhxuddiamtoys&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwentythree/styles/wells/signon.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
43091c732a9e1f1b0e59c674512e6b66265eec2beff0e764396f1e08e1941eec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma
no-cache
Date
Sun, 08 Jan 2023 16:18:25 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
max-age
0
Vary
Accept-Encoding
Content-Type
text/javascript
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
131
X-XSS-Protection
1; mode=block
Expires
-1
vyHb
connect.secure.wellsfargo.com/AIDO/ 		131 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25uZWN0LnNlY3VyZS53ZWxsc2ZhcmdvLmNvbSUyRmF1dGglMkZsb2dpbiUyRnByZXNlbnQlM0ZvcmlnaW4lM0Rjb2IlMjZMT0IlM0RDT05TJTIyJTJDJTIyciUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGY29ubmVjdC5zZWN1cmUud2VsbHNmYXJnby5jb20lMkZhdXRoJTJGbG9naW4lMkZwcmVzZW50JTNGb3JpZ2luJTNEY29iJTI2TE9CJTNEQ09OUyUyMiUyQyUyMnBpZCUyMiUzQTQ0NzkyNDc3MCUyQyUyMmZjJTIyJTNBMCUyQyUyMmNudW0lMjIlM0E4JTJDJTIydHMlMjIlM0ExNjU2MzI5NTA3NTAxJTJDJTIydCUyMiUzQSU3QiUyMnQlMjIlM0ElMjJsb2dpbiUyMiU3RCUyQyUyMnJhbmQlMjIlM0E5MzYxNCU3RCU3RCU1RA%3D%3D&cid=8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=lqrrtixbvptwrupv&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwentythree/styles/wells/signon.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
91e4378e57724619356caa4ca5a9af2c2c668b503f7b2113b1a8eaee7254db2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma
no-cache
Date
Sun, 08 Jan 2023 16:18:25 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
max-age
0
Vary
Accept-Encoding
Content-Type
text/javascript
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
131
X-XSS-Protection
1; mode=block
Expires
-1
vyHb
connect.secure.wellsfargo.com/AIDO/ 		131 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25uZWN0LnNlY3VyZS53ZWxsc2ZhcmdvLmNvbSUyRmF1dGglMkZsb2dpbiUyRnByZXNlbnQlM0ZvcmlnaW4lM0Rjb2IlMjZMT0IlM0RDT05TJTIyJTJDJTIyciUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGY29ubmVjdC5zZWN1cmUud2VsbHNmYXJnby5jb20lMkZhdXRoJTJGbG9naW4lMkZwcmVzZW50JTNGb3JpZ2luJTNEY29iJTI2TE9CJTNEQ09OUyUyMiUyQyUyMnBpZCUyMiUzQTQ0NzkyNDc3MCUyQyUyMmZjJTIyJTNBMSUyQyUyMmNudW0lMjIlM0E5JTJDJTIydHMlMjIlM0ExNjU2MzI5NjUyNDM0JTJDJTIydCUyMiUzQSU3QiUyMnQlMjIlM0ElMjJsb2dpbiUyMiU3RCUyQyUyMnJhbmQlMjIlM0E4OTg1OTclN0QlN0QlNUQ%3D&cid=8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=pgvvbn_cpqputmas&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwentythree/styles/wells/signon.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ef4215a4282e51c566934c7b8f4a910da16a539c29292d69e536ff06ddbddde9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma
no-cache
Date
Sun, 08 Jan 2023 16:18:25 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
max-age
0
Vary
Accept-Encoding
Content-Type
text/javascript
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
131
X-XSS-Protection
1; mode=block
Expires
-1
vyHb
connect.secure.wellsfargo.com/AIDO/ 		131 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25uZWN0LnNlY3VyZS53ZWxsc2ZhcmdvLmNvbSUyRmF1dGglMkZsb2dpbiUyRnByZXNlbnQlM0ZvcmlnaW4lM0Rjb2IlMjZMT0IlM0RDT05TJTIyJTJDJTIyciUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGY29ubmVjdC5zZWN1cmUud2VsbHNmYXJnby5jb20lMkZhdXRoJTJGbG9naW4lMkZwcmVzZW50JTNGb3JpZ2luJTNEY29iJTI2TE9CJTNEQ09OUyUyMiUyQyUyMnBpZCUyMiUzQTQ0NzkyNDc3MCUyQyUyMmZjJTIyJTNBMCUyQyUyMmNudW0lMjIlM0ExMCUyQyUyMnRzJTIyJTNBMTY1NjMyOTY1NTg3NyUyQyUyMnQlMjIlM0ElN0IlMjJ0JTIyJTNBJTIybG9naW4lMjIlN0QlMkMlMjJyYW5kJTIyJTNBMzM2Mjk2JTdEJTdEJTVE&cid=8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=fpkngzkdahnngdzl&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwentythree/styles/wells/signon.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
18abcbfd674a00d68a13975ada85e901f4ee842ad94c06eef35ef13e071e19c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma
no-cache
Date
Sun, 08 Jan 2023 16:18:25 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
max-age
0
Vary
Accept-Encoding
Content-Type
text/javascript
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
131
X-XSS-Protection
1; mode=block
Expires
-1
vyHb
connect.secure.wellsfargo.com/AIDO/ 		131 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25uZWN0LnNlY3VyZS53ZWxsc2ZhcmdvLmNvbSUyRmF1dGglMkZsb2dpbiUyRnByZXNlbnQlM0ZvcmlnaW4lM0Rjb2IlMjZMT0IlM0RDT05TJTIyJTJDJTIyciUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGY29ubmVjdC5zZWN1cmUud2VsbHNmYXJnby5jb20lMkZhdXRoJTJGbG9naW4lMkZwcmVzZW50JTNGb3JpZ2luJTNEY29iJTI2TE9CJTNEQ09OUyUyMiUyQyUyMnBpZCUyMiUzQTQ0NzkyNDc3MCUyQyUyMmZjJTIyJTNBMSUyQyUyMmNudW0lMjIlM0ExMSUyQyUyMnRzJTIyJTNBMTY1NjMyOTY4MDM0MSUyQyUyMnQlMjIlM0ElN0IlMjJ0JTIyJTNBJTIybG9naW4lMjIlN0QlMkMlMjJyYW5kJTIyJTNBNjkwNzQyJTdEJTdEJTVE&cid=8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=mkelibaqu_rvuwbv&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwentythree/styles/wells/signon.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f90598e6dd9e9b38ce71662badd8516ee1f6633e8b472e10824e60f441594b17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma
no-cache
Date
Sun, 08 Jan 2023 16:18:25 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
max-age
0
Vary
Accept-Encoding
Content-Type
text/javascript
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
131
X-XSS-Protection
1; mode=block
Expires
-1
vyHb
connect.secure.wellsfargo.com/AIDO/ 		131 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25uZWN0LnNlY3VyZS53ZWxsc2ZhcmdvLmNvbSUyRmF1dGglMkZsb2dpbiUyRnByZXNlbnQlM0ZvcmlnaW4lM0Rjb2IlMjZMT0IlM0RDT05TJTIyJTJDJTIyciUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGY29ubmVjdC5zZWN1cmUud2VsbHNmYXJnby5jb20lMkZhdXRoJTJGbG9naW4lMkZwcmVzZW50JTNGb3JpZ2luJTNEY29iJTI2TE9CJTNEQ09OUyUyMiUyQyUyMnBpZCUyMiUzQTQ0NzkyNDc3MCUyQyUyMmZjJTIyJTNBMCUyQyUyMmNudW0lMjIlM0ExMiUyQyUyMnRzJTIyJTNBMTY1NjMyOTY4NzIyMiUyQyUyMnQlMjIlM0ElN0IlMjJ0JTIyJTNBJTIybG9naW4lMjIlN0QlMkMlMjJyYW5kJTIyJTNBNjc0MDk1JTdEJTdEJTVE&cid=8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=prbrcxwatzwqdxwq&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwentythree/styles/wells/signon.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fe5a6f8b61d3b055e92d347163a4715675351eaa6393364341e823d66406b861
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma
no-cache
Date
Sun, 08 Jan 2023 16:18:25 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
max-age
0
Vary
Accept-Encoding
Content-Type
text/javascript
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
131
X-XSS-Protection
1; mode=block
Expires
-1
vyHb
connect.secure.wellsfargo.com/AIDO/ 		131 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25uZWN0LnNlY3VyZS53ZWxsc2ZhcmdvLmNvbSUyRmF1dGglMkZsb2dpbiUyRnByZXNlbnQlM0ZvcmlnaW4lM0Rjb2IlMjZMT0IlM0RDT05TJTIyJTJDJTIyciUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGY29ubmVjdC5zZWN1cmUud2VsbHNmYXJnby5jb20lMkZhdXRoJTJGbG9naW4lMkZwcmVzZW50JTNGb3JpZ2luJTNEY29iJTI2TE9CJTNEQ09OUyUyMiUyQyUyMnBpZCUyMiUzQTQ0NzkyNDc3MCUyQyUyMmZjJTIyJTNBMSUyQyUyMmNudW0lMjIlM0ExMyUyQyUyMnRzJTIyJTNBMTY1NjMyOTY5NTc4OCUyQyUyMnQlMjIlM0ElN0IlMjJ0JTIyJTNBJTIybG9naW4lMjIlN0QlMkMlMjJyYW5kJTIyJTNBMjExMDk5JTdEJTdEJTVE&cid=8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=zlhbpoezzaimha_l&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwentythree/styles/wells/signon.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
28c7a1b0b0cfc11cbada099c30a82676e1ccad9b3120b17efdd3d426b4a9ce94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma
no-cache
Date
Sun, 08 Jan 2023 16:18:25 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
max-age
0
Vary
Accept-Encoding
Content-Type
text/javascript
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
131
X-XSS-Protection
1; mode=block
Expires
-1
COB-BOB-IRT-enroll_balloons.jpg
www10.wellsfargomedia.com/auth/static/images/ 		611 KB
613 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www10.wellsfargomedia.com/auth/static/images/COB-BOB-IRT-enroll_balloons.jpg
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwentythree/styles/wells/signon.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.77.170 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-77-170.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b8325d272c72a041414d9fb349e9d4bca5e7fc8ad66f47a719e491960afa5683
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
content-security-policy
default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
x-content-type-options
nosniff
date
Sun, 08 Jan 2023 16:18:24 GMT
last-modified
Tue, 20 Sep 2022 01:52:50 GMT
etag
"63291cf2-98b19"
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST
content-type
image/jpeg
allow
GET, POST, OPTIONS
cache-control
max-age=10368000
accept-ranges
bytes
content-length
625433
x-xss-protection
1; mode=block
expires
Mon, 08 May 2023 16:18:24 GMT
sub.png
bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwentythree/styles/wells/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwentythree/styles/wells/sub.png
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwentythree/styles/wells/signon.php
Protocol
HTTP/1.1
Server
116.118.50.194 Ho Chi Minh City, Viet Nam, ASN7602 (SPT-AS-VN Sai gon Postel Corporation, VN),
Reverse DNS
Software
LiteSpeed /
Resource Hash
85f39a9e87ea01745f1ac1475b364af858780a16798712130d27ef5741ad4431

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwentythree/styles/wells/signon.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 16:18:24 GMT
last-modified
Fri, 04 Nov 2022 12:12:30 GMT
server
LiteSpeed
etag
"69a-636501ae-1616b4;;;"
content-type
image/png
cache-control
public, max-age=604800
connection
Keep-Alive
accept-ranges
bytes
content-length
1690
expires
Sun, 15 Jan 2023 16:18:24 GMT
wfui.11759b41ee721f527bba.chunk.js
connect.secure.wellsfargo.com/auth/static/ui/loginaltsignon/public/js/ 		804 KB
202 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/auth/static/ui/loginaltsignon/public/js/wfui.11759b41ee721f527bba.chunk.js
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwentythree/styles/wells/signon.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a6e52e46f30c7dc4e41a706d9008c258593f367fd4dd7df1bfcca090444aba01
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Sun, 08 Jan 2023 16:18:24 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Connection
keep-alive
Content-Length
206303
X-XSS-Protection
1; mode=block
Last-Modified
Wed, 08 Jun 2022 01:32:58 GMT
ETag
"629ffc4a-325df"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Allow
GET, POST, OPTIONS
Access-Control-Allow-Methods
POST
Cache-Control
max-age=10368000
main.2c70436e78e79e8ed3b8.chunk.js
connect.secure.wellsfargo.com/auth/static/ui/loginaltsignon/public/js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/auth/static/ui/loginaltsignon/public/js/main.2c70436e78e79e8ed3b8.chunk.js
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwentythree/styles/wells/signon.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
00fb0d4cdf817e417a1debd18edda41c97d9dbb75bb9778ff001c1b727795154
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Sun, 08 Jan 2023 16:18:24 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Connection
keep-alive
Content-Length
6493
X-XSS-Protection
1; mode=block
Last-Modified
Wed, 08 Jun 2022 01:32:24 GMT
ETag
"629ffc28-195d"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Allow
GET, POST, OPTIONS
Access-Control-Allow-Methods
POST
Cache-Control
max-age=10368000
utag.js
static.wellsfargo.com/tracking/secure-auth/ 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.wellsfargo.com/tracking/secure-auth/utag.js
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwentythree/styles/wells/signon.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-59.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
22994ee80e1af2d4ac41ae7fcaac23fdb475764f17420ba995aaf1babca17b18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 08 Jan 2023 16:18:35 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Tue, 06 Dec 2022 21:04:35 GMT
ETag
W/"638fae63-8289"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1800
Connection
keep-alive
Content-Length
9979
X-XSS-Protection
1; mode=block
ttms.gif
static.wellsfargo.com/tracking/reporting/ 		43 B
675 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wellsfargo.com/tracking/reporting/ttms.gif?capability=LiveRamp&appId=loginapp&wfaCookie=11202206270424411143497415&error=timeout&pageId=LOGIN&pageType=BROWSER&deviceType=DESKTOP&c_t=
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwentythree/styles/wells/signon.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-59.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 08 Jan 2023 16:18:33 GMT
_host
wellsfargo.com
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Thu, 16 Jan 2020 21:55:22 GMT
ETag
"5e20dbca-2b"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
POST
Content-Type
image/gif
Allow
GET, POST, OPTIONS
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
X-XSS-Protection
1; mode=block
wellsfargosans-rg.woff2
www15.wellsfargomedia.com/wfui/css/fonts/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www15.wellsfargomedia.com/wfui/css/fonts/wellsfargosans-rg.woff2
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/static/ui/loginaltsignon/public/stylesheets/wfui.5d3fa5b6daab852c2a31.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.70.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-70-8.deploy.static.akamaitechnologies.com
Software
KONICHIWA/2.0 /
Resource Hash
631f3b6267a831a8d67c45e480b5d5a2601f10ff8708bcf3a45a41b377a129cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://connect.secure.wellsfargo.com/
Origin
http://bgitopazdowntown.ddireal.vn
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

unused62
8096267
strict-transport-security
max-age=31536000; includeSubdomains;
date
Sun, 08 Jan 2023 16:18:24 GMT
x-content-type-options
nosniff
last-modified
Tue, 26 Feb 2019 19:38:34 GMT
server
KONICHIWA/2.0
etag
"5798-582d133e56280"
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
22424
x-xss-protection
1; mode=block
expires
Mon, 08 Jan 2024 16:18:24 GMT
wellsfargosans-sbd.woff2
www15.wellsfargomedia.com/wfui/css/fonts/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www15.wellsfargomedia.com/wfui/css/fonts/wellsfargosans-sbd.woff2
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/static/ui/loginaltsignon/public/stylesheets/wfui.5d3fa5b6daab852c2a31.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.70.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-70-8.deploy.static.akamaitechnologies.com
Software
KONICHIWA/2.0 /
Resource Hash
ab9d8c97b35ed86b6224aca911aa304a0d7dbcbd28e00a4c6585b96e28ed30ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://connect.secure.wellsfargo.com/
Origin
http://bgitopazdowntown.ddireal.vn
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

unused62
8096267
strict-transport-security
max-age=31536000; includeSubdomains;
date
Sun, 08 Jan 2023 16:18:24 GMT
x-content-type-options
nosniff
last-modified
Tue, 26 Feb 2019 19:38:34 GMT
server
KONICHIWA/2.0
etag
"5848-582d133e56280"
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
22600
x-xss-protection
1; mode=block
expires
Mon, 08 Jan 2024 16:18:24 GMT
wellsfargoserif-rg.woff2
www15.wellsfargomedia.com/wfui/css/fonts/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www15.wellsfargomedia.com/wfui/css/fonts/wellsfargoserif-rg.woff2
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/static/ui/loginaltsignon/public/stylesheets/wfui.5d3fa5b6daab852c2a31.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.70.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-70-8.deploy.static.akamaitechnologies.com
Software
KONICHIWA/2.0 /
Resource Hash
aeb7b3bfc4281d35b02dfde05ac7a6c0d3daa7f3123b35a9cbd4b5a8e3f3c310
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://connect.secure.wellsfargo.com/
Origin
http://bgitopazdowntown.ddireal.vn
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

unused62
8096267
strict-transport-security
max-age=31536000; includeSubdomains;
date
Sun, 08 Jan 2023 16:18:24 GMT
x-content-type-options
nosniff
last-modified
Mon, 11 Mar 2019 20:52:01 GMT
server
KONICHIWA/2.0
etag
"6854-583d7be82be40"
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
26708
x-xss-protection
1; mode=block
expires
Mon, 08 Jan 2024 16:18:24 GMT
mech.html
awusw-wfr.advanced-web-analytics.com/AIDO/ Frame 8F7D 		0
519 B 		Document
General
Check archive.org
Download Go to
Full URL
https://awusw-wfr.advanced-web-analytics.com/AIDO/mech.html?e=http%3A%2F%2Fbgitopazdowntown.ddireal.vn&es=eyJpIjoiUmhhWU9Kc3IyMGlUZ29KZVM1UDNpZz09IiwiZSI6ImMrZHg0cUVJSTZERHJGM3AwMEF3SDNhRldHeTlqK3o0eUtvcDk4XC9NT1lOdTNhTlpZMDdNSWJwSEw5RDRKUGlyUDBkb2hiVEVTc2VKWjZId0JcL3ZWc1VDanpCTWFTY2pVRHZFS1wvM3hrTzBrQVBlbVMrdGtsN2F2YVZzR1RJdW1WT05sT2M5b3lcL0dYYlNLMnNPRFR3cVE9PSJ9.b9ed1b4d90e64968.ZjEyNWE4Mjg0ZTRiNTM4NjE1ZWYxYzE3NTdiMWM0ODgxY2UwMmRiZmZmZTFhZDQ4YmViYzQxZmE0ZmZlNDk2Mw%3D%3D&eu=http%3A%2F%2Fbgitopazdowntown.ddireal.vn%2Fwp-content%2Fthemes%2Ftwentytwentythree%2Fstyles%2Fwells%2Fsignon.php&icid=167319470425145444
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/AIDO/trx.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-95.fra2.r.cloudfront.net
Software
haile /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://bgitopazdowntown.ddireal.vn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
date
Sun, 08 Jan 2023 16:18:24 GMT
expires
0
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
pics-label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
pragma
no-cache
server
haile
via
1.1 0d94766f433ae64cf30c40acb74fc43e.cloudfront.net (CloudFront)
x-amz-cf-id
g1sVV-8QZRrOKQl-vlKs4FfzezO08aM39X3BW6Lo-YTWx8KPs0RKEQ==
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
gateway.html
connect.secure.wellsfargo.com/AIDO/ Frame A78A 		22 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/AIDO/gateway.html?sui=9840dad27a8d41200516666d9346b785a3b11b0bedaf402ad7b1d77774c2b2f3
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/AIDO/trx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d526ffdf9aeb23bd96502752bc3651e92a569ecdf1f30f1f4398130a73e15936
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
http://bgitopazdowntown.ddireal.vn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

Cache-Control
private, max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Length
8558
Content-Type
text/html
Date
Sun, 08 Jan 2023 16:18:24 GMT
Expires
Sun, 08 Jan 2023 17:18:24 GMT
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Vary
Accept-Encoding
X-Akamai-Transformed
9 10805 0 pmb=mTOE,1
X-XSS-Protection
1; mode=block
max-age
0
/
adservice.google.fi/ddm/fls/p/src=2549153;dc_pre=CNvOlYCwuPwCFQaGywEdwH4Flg;type=allv40;cat=all_a012;u1=11202206270424411143497415;u4=LOGIN;u5=n;u8=loginapp;u11=PROD;u19=GA1.2.848135748.1656329096;... Frame 2483
Redirect Chain
  • https://ad.doubleclick.net/ddm/activity/src=2549153;type=allv40;cat=all_a012;u1=11202206270424411143497415;u4=LOGIN;u5=n;u8=loginapp;u11=PROD;u19=GA1.2.848135748.1656329096;u23=DESKTOP;ord=12086686...
  • https://ad.doubleclick.net/ddm/activity/src=2549153;dc_pre=CNvOlYCwuPwCFQaGywEdwH4Flg;type=allv40;cat=all_a012;u1=11202206270424411143497415;u4=LOGIN;u5=n;u8=loginapp;u11=PROD;u19=GA1.2.848135748.1...
  • https://adservice.google.com/ddm/fls/p/src=2549153;dc_pre=CNvOlYCwuPwCFQaGywEdwH4Flg;type=allv40;cat=all_a012;u1=11202206270424411143497415;u4=LOGIN;u5=n;u8=loginapp;u11=PROD;u19=GA1.2.848135748.16...
  • https://adservice.google.fi/ddm/fls/p/src=2549153;dc_pre=CNvOlYCwuPwCFQaGywEdwH4Flg;type=allv40;cat=all_a012;u1=11202206270424411143497415;u4=LOGIN;u5=n;u8=loginapp;u11=PROD;u19=GA1.2.848135748.165...
42 B
737 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.fi/ddm/fls/p/src=2549153;dc_pre=CNvOlYCwuPwCFQaGywEdwH4Flg;type=allv40;cat=all_a012;u1=11202206270424411143497415;u4=LOGIN;u5=n;u8=loginapp;u11=PROD;u19=GA1.2.848135748.1656329096;u23=DESKTOP;ord=1208668656271.3545;~oref=http://bgitopazdowntown.ddireal.vn/
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwentythree/styles/wells/signon.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://bgitopazdowntown.ddireal.vn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
42
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Sun, 08 Jan 2023 16:18:25 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 08 Jan 2023 16:18:25 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://adservice.google.fi/ddm/fls/p/src=2549153;dc_pre=CNvOlYCwuPwCFQaGywEdwH4Flg;type=allv40;cat=all_a012;u1=11202206270424411143497415;u4=LOGIN;u5=n;u8=loginapp;u11=PROD;u19=GA1.2.848135748.1656329096;u23=DESKTOP;ord=1208668656271.3545;~oref=http://bgitopazdowntown.ddireal.vn/
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
4VcSdAWi8
connect.secure.wellsfargo.com/8Vg6091M80d1x-NYNKor/V79NmkXDku3G/OxtkPw/VC/ Frame A78A 		185 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/8Vg6091M80d1x-NYNKor/V79NmkXDku3G/OxtkPw/VC/4VcSdAWi8
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/AIDO/gateway.html?sui=9840dad27a8d41200516666d9346b785a3b11b0bedaf402ad7b1d77774c2b2f3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6837bf5bc3984ad0b64106bde6feb3d94e54fa575b1bfd8a3ff2578930051f0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://connect.secure.wellsfargo.com/AIDO/gateway.html?sui=9840dad27a8d41200516666d9346b785a3b11b0bedaf402ad7b1d77774c2b2f3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 08 Jan 2023 16:18:24 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Mon, 05 Dec 2022 18:21:45 GMT
ETag
"06dc1d2e27aadc3070b26e3746809e338394b53b900a1f7015b2ad4d03c78593"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=21600
Connection
keep-alive
Content-Length
72943
4VcSdAWi8
connect.secure.wellsfargo.com/8Vg6091M80d1x-NYNKor/V79NmkXDku3G/OxtkPw/VC/ Frame A78A 		18 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/8Vg6091M80d1x-NYNKor/V79NmkXDku3G/OxtkPw/VC/4VcSdAWi8
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/8Vg6091M80d1x-NYNKor/V79NmkXDku3G/OxtkPw/VC/4VcSdAWi8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Referer
https://connect.secure.wellsfargo.com/AIDO/gateway.html?sui=9840dad27a8d41200516666d9346b785a3b11b0bedaf402ad7b1d77774c2b2f3
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sun, 08 Jan 2023 16:18:25 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://connect.secure.wellsfargo.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
18
4VcSdAWi8
connect.secure.wellsfargo.com/8Vg6091M80d1x-NYNKor/V79NmkXDku3G/OxtkPw/VC/ Frame A78A 		18 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/8Vg6091M80d1x-NYNKor/V79NmkXDku3G/OxtkPw/VC/4VcSdAWi8
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/8Vg6091M80d1x-NYNKor/V79NmkXDku3G/OxtkPw/VC/4VcSdAWi8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Referer
https://connect.secure.wellsfargo.com/AIDO/gateway.html?sui=9840dad27a8d41200516666d9346b785a3b11b0bedaf402ad7b1d77774c2b2f3
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sun, 08 Jan 2023 16:18:25 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://connect.secure.wellsfargo.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
18
4VcSdAWi8
connect.secure.wellsfargo.com/8Vg6091M80d1x-NYNKor/V79NmkXDku3G/OxtkPw/VC/ Frame A78A 		18 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/8Vg6091M80d1x-NYNKor/V79NmkXDku3G/OxtkPw/VC/4VcSdAWi8
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/8Vg6091M80d1x-NYNKor/V79NmkXDku3G/OxtkPw/VC/4VcSdAWi8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Referer
https://connect.secure.wellsfargo.com/AIDO/gateway.html?sui=9840dad27a8d41200516666d9346b785a3b11b0bedaf402ad7b1d77774c2b2f3
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sun, 08 Jan 2023 16:18:26 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://connect.secure.wellsfargo.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
18
vyHb
connect.secure.wellsfargo.com/AIDO/ 		90 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/AIDO/vyHb?d=ZW5jZEBJV3ZIajdMSllHdHhnbHRKU1NmeFcyb25GRTFwV2ZpOTdPU24veXRVZUp3TUs1N1p2V29Yc1NRRHJyUFA0azF5R2F2RzZHMUlTUVpKZWtOajk1a0R2QlhzZURBSjBOUTQyYVREcDZLbjdWbmNXQjFZR1haTWptY1VjSzRJLzd2YkdNUXRKeGkzWHd2SUJ4elZlczNDbEw1cUNHRzNMU3Q5UVRRN0JyQWtKaytuYUQyMXRUMUlEdGtoRVpzd1ZIYUxIRnNYTTJURE5nYkFRK3orZ2JzRDIrWUl3c2JxRTlvWkRnVjJVTFJCamFleWp1NXRqSUNRL0hrdGdpUmFuT2l4alI4QzdpZ0hRL3NveUhnPXxhMjg1OTUxOGI2MDc2NmM4Zjc2NTQ0NTA4NTMyNWUzMDQ4YWNiOGY0ZTlhODYxYzFkMGM4MWRhMGVmZWZhMzI3MTZjYWI0N2IyN2QzNGY5OGZlOTcwYzcwOGYwZTFmY2NhNWYyMjlhMGI2ZWU0MjhmNTlmMTllYzI0ZTBiNDk3NDg5ODRlYWIwZjczYjFhY2M5M2FlNDVlM2E0Y2IzMWRlY2UzY2FjOTg5OWVmNzhhZDQ5NzFmMDgxMjJkZmYyMjk3NmI4ZWM4NWY3YjY3ZmQ3Y2I1MjVmMGY5YmUyMGVhYzA4NDZkNDUxNzBhMTgzZGQ3YjU1ZjZkNDZiMWU4NzJhMTFlZmQ3MzE1ZTUwOWM3NzAwZTg0NzIwZTExYzM4MjBjNzVjZjM1ZmNhYWYyNDlhYjY3M2RiNmE1ZWMyOTllNDQ2MWUwOWUyZDhlZjc0ODFmMGVmNTQzY2NiZGYxNTZmOTA0ZTMxMjgzMmUwODcxYTIyZDk0YjU5MWI2NDE3N2VmYzcwYWYzMzY0NWI2M2UyYTE0OGI1ZmVjM2E3NTNkN2VhZjMyMzY5YzZiYThmZTFiMjJjZDhiMDY1N2IwYTQxNDc1NGFmYTk5YjYzODkwZTA5YmQ3NzNmYWE4ZTJjNDEyODA1OTZlMDk3NDU0NWNkMTg1YTUwNGFkMTg4Yzk5NHwwMGVlMGI2MmVjYWFjODlm&cid=15%2C20&si=4&e=http%3A%2F%2Fbgitopazdowntown.ddireal.vn&t=jsonp&c=gvarycirlilbiicv&eu=http%3A%2F%2Fbgitopazdowntown.ddireal.vn%2Fwp-content%2Fthemes%2Ftwentytwentythree%2Fstyles%2Fwells%2Fsignon.php
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/AIDO/trx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a9574dfcdf963719171f490be9096aac463f118e36dce19af2c7ddd581d36888
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma
no-cache
Date
Sun, 08 Jan 2023 16:18:26 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
max-age
0
Vary
Accept-Encoding
Content-Type
text/javascript
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
90
X-XSS-Protection
1; mode=block
Expires
-1
idl
api.rlcdn.com/api/identity/ 		0
0
utag.21.js
static.wellsfargo.com/tracking/secure-auth/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.wellsfargo.com/tracking/secure-auth/utag.21.js?utv=ut4.48.202210132016
Requested by
Host: static.wellsfargo.com
URL: https://static.wellsfargo.com/tracking/secure-auth/utag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-59.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f6d94388f08f73ea73adbfa84c4ec5bff48ba7130e76c71479fcbf832c302d7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 08 Jan 2023 16:18:36 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Mon, 07 Nov 2022 21:02:08 GMT
ETag
W/"63697250-1123"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1800
Connection
keep-alive
Content-Length
1841
X-XSS-Protection
1; mode=block
detector-dom.min.js
static.wellsfargo.com/tracking/gb/ 		430 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.wellsfargo.com/tracking/gb/detector-dom.min.js
Requested by
Host: static.wellsfargo.com
URL: https://static.wellsfargo.com/tracking/secure-auth/utag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-59.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
313c07f6e4facc5730db27563c4aeaad1a86126333d448e47c7b29adb1f806fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 08 Jan 2023 16:18:36 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Thu, 22 Sep 2022 20:03:51 GMT
ETag
W/"632cbfa7-6b8d3"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1800
Connection
keep-alive
Content-Length
131829
X-XSS-Protection
1; mode=block
medallia-digital-embed.js
static.wellsfargo.com/tracking/medallia/wdcusprem/57907/onsite/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.wellsfargo.com/tracking/medallia/wdcusprem/57907/onsite/medallia-digital-embed.js
Requested by
Host: static.wellsfargo.com
URL: https://static.wellsfargo.com/tracking/secure-auth/utag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-59.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
988ce210a0f58c104e2c122eb42338ddd85ff2e33b9b0ffe3af2d7df9e2b00ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 08 Jan 2023 16:18:36 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Wed, 12 Oct 2022 20:08:15 GMT
ETag
W/"63471eaf-798"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1800
Connection
keep-alive
Content-Length
819
X-XSS-Protection
1; mode=block
gtag.js
static.wellsfargo.com/tracking/ga/ 		115 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.wellsfargo.com/tracking/ga/gtag.js?id=UA-107148943-1
Requested by
Host: static.wellsfargo.com
URL: https://static.wellsfargo.com/tracking/secure-auth/utag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-59.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 08 Jan 2023 16:18:36 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Tue, 06 Dec 2022 21:04:34 GMT
ETag
W/"638fae62-1ca3a"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1800
Connection
keep-alive
Content-Length
45055
X-XSS-Protection
1; mode=block
gtag.js
static.wellsfargo.com/tracking/ga/
Redirect Chain
  • http://static.wellsfargo.com/tracking/ga/gtag.js?t=UA-107148943-1
  • https://static.wellsfargo.com/tracking/ga/gtag.js?t=UA-107148943-1
115 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.wellsfargo.com/tracking/ga/gtag.js?t=UA-107148943-1
Requested by
Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwentythree/styles/wells/signon.php
Protocol
HTTP/1.1
Server
2.16.187.59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-59.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 08 Jan 2023 16:18:36 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Tue, 06 Dec 2022 21:04:34 GMT
ETag
W/"638fae62-1ca3a"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1800
Connection
keep-alive
Content-Length
45055
X-XSS-Protection
1; mode=block

Redirect headers

Location
https://static.wellsfargo.com/tracking/ga/gtag.js?t=UA-107148943-1
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
ga.js
static.wellsfargo.com/tracking/ga/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.wellsfargo.com/tracking/ga/ga.js
Requested by
Host: static.wellsfargo.com
URL: http://static.wellsfargo.com/tracking/ga/gtag.js?t=UA-107148943-1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-59.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0b2af045acafbdf14516bf55f310568036ace959946d16edb1acebcd58029d22
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 08 Jan 2023 16:18:37 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Thu, 09 Sep 2021 17:30:40 GMT
ETag
W/"613a44c0-c025"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1800
Connection
keep-alive
Content-Length
19477
X-XSS-Protection
1; mode=block
collect
www.google-analytics.com/j/ 		2 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j92&aip=1&a=563578370&t=pageview&_s=1&dl=http%3A%2F%2Fbgitopazdowntown.ddireal.vn%2Fwp-content%2Fthemes%2Ftwentytwentythree%2Fstyles%2Fwells%2Fsignon.php&ul=en-us&de=UTF-8&dt=Sign%20On%20to%20View%20Your%20Personal%20Accounts%20%7C%20Wells%20Fargo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4GBACUABBAAAAC~&jid=1975304301&gjid=693019898&cid=1314335456.1673194717&tid=UA-107148943-1&_gid=1865746363.1673194717&_r=1&cd1=loginapp&cd4=n&cd7=DESKTOP&cd8=PROD&cd9=11202206270424411143497415&cd11=LOGIN&cd12=BROWSER&cd22=secure-auth&cd23=4.48.0&cd36=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36&cd39=Sun%20Jan%2008%202023%2016%3A18%3A36%20GMT%2B0000%20(GMT)&cd40=http%3A%2F%2Fbgitopazdowntown.ddireal.vn%2Fwp-content%2Fthemes%2Ftwentytwentythree%2Fstyles%2Fwells%2Fsignon.php&cd42=http%3A%2F%2Fbgitopazdowntown.ddireal.vn%2Fwp-content%2Fthemes%2Ftwentytwentythree%2Fstyles%2Fwells%2Fsignon.php&cd43=http%3A%2F%2Fbgitopazdowntown.ddireal.vn%2Fwp-content%2Fthemes%2Ftwentytwentythree%2Fstyles%2Fwells%2Fsignon.php&gtm=2ou8g0&cd35=1314335456.1673194717&z=1315571703
Requested by
Host: static.wellsfargo.com
URL: https://static.wellsfargo.com/tracking/gb/detector-dom.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://bgitopazdowntown.ddireal.vn/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 08 Jan 2023 16:18:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://bgitopazdowntown.ddireal.vn
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
cls_report
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/ 		50 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=0d3080e4-a861-446b-aa15-69c746472a2c%3A0&_cls_v=bbbbcb60-1a89-4a3d-971a-d7c321675686&pv=2&f_cls_s=true
Requested by
Host: static.wellsfargo.com
URL: https://static.wellsfargo.com/tracking/gb/detector-dom.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.67 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-67.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6152690f73c50f8134f9d3475199111ebb6f3d599ee6602dc32a576b6707f052
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 08 Jan 2023 16:18:37 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Vary
origin, Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://bgitopazdowntown.ddireal.vn
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
76
X-XSS-Protection
1; mode=block
generic1661785830759.js
static.wellsfargo.com/tracking/medallia/wdcusprem/57907/onsite/ 		339 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.wellsfargo.com/tracking/medallia/wdcusprem/57907/onsite/generic1661785830759.js
Requested by
Host: static.wellsfargo.com
URL: https://static.wellsfargo.com/tracking/medallia/wdcusprem/57907/onsite/medallia-digital-embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-59.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c567736fbf5b10d4933ff5632a372890f0cd43804f0e17ec9d5c8b1c9b8a14ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 08 Jan 2023 16:18:37 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Wed, 12 Oct 2022 20:08:15 GMT
ETag
W/"63471eaf-54d3a"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1800
Connection
keep-alive
Content-Length
78340
X-XSS-Protection
1; mode=block
vyHb
connect.secure.wellsfargo.com/AIDO/ 		80 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/AIDO/vyHb?d=ZW5jZEB5WjVWODR5SitEbi9Gbk9oYWJBOUlJTllERlM2bnQ2Ny9la2FPdncxMFhlYTE2ZjFhaDB2bFhXR1ZlbEttTlVsQ1c4YlZpYTZWTXhCSGhFSlhzMHRxRFVFNk1TMU5oeHJNVHUvaWhZTU85VmVoWkN1OXVSZm9EV0ZWaEk1VWpUdlIrRjg4MkU3UFVhMFd1cmpBcldQRFlmUXF4NDJ4MkRDamdlQ2ptVUkyd2tLOW1tWkJ5bnNWR3pmY2NobkF0VFlZbkovdWNmT3hkYmg0eG95Mjk1U3wzYmEzYTcwNTMxNzg1N2RmMmM0ODJhOGU2MWVjYTllNThhZTg5MjhhZGI2YjhiZTE5MTUwYmUxZDQ4ZWE5ZjJhZWI0OGY5N2NhZGY4OWI1ZDI0YmYxNDllZjJlODMxMDRmODZlYjJmMTQ5NTkwNzg2ZGVkMzEyYjA5ZTliYjgwNjMzMTgwYmI0ZWQwMjU3NzM3YmRiNDBiMTk3YWQ5MmI1OGVmODA2NTc3ZGFhMmY4Y2E5ZGNmOWYzMzUzMGI4MmJjMDE2MjlhYzBlZDQ3MzQ1ZTk3NGRkZDY3ODFjZTA3YWQ3MjNjZmVlY2UzNTM5MWZhZTY1ODNmMzM2YmIxYmUyMWVmOTFkZTVmMTFlOGI5YzI0MTEyN2E4ZWI5ZmE3MDJlNGQ5ZmY1N2MzNTA5ZmM4NTA1ZDY4M2VhZWM4MTQ3ZjI3MTY5ZjQ4NDczNmYyZjk1NmNiN2E4ZjUxNDI5OGMwNDAwOTUwZTNmMjc3NTU1ZGFmOGMxY2NjYmJiYzMxMGI5NGM1MGNiNmQ1MGQ0OGEyNTA2YTVhNzA1ODExNTc4ZGM3NDIzMzU5NTQxMzEyMTNhMjJlNzA4MzhlODQ0ZTFmMzA1ZGVhMjVmODNkYjc0YmE3OGE2NWNkOTA5ODc0MDc5ZGY3MWY2ODBhZDg2MTUzY2UxM2MwYTRkN2Y1MTRlOHwwMGVlMGI2MmVjYWFjODlm&cid=33&si=4&e=http%3A%2F%2Fbgitopazdowntown.ddireal.vn&t=jsonp&c=_waeyyplxgcmezha&eu=http%3A%2F%2Fbgitopazdowntown.ddireal.vn%2Fwp-content%2Fthemes%2Ftwentytwentythree%2Fstyles%2Fwells%2Fsignon.php
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/AIDO/trx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
86b592e5098f337eb5bf0c16ab8c8353fa81719d70dcc814b5dace02ecd0da36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma
no-cache
Date
Sun, 08 Jan 2023 16:18:37 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
max-age
0
Vary
Accept-Encoding
Content-Type
text/javascript
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
80
X-XSS-Protection
1; mode=block
Expires
-1
vyHb
connect.secure.wellsfargo.com/AIDO/ 		79 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/AIDO/vyHb?d=ZW5jZEBJTnFCL3VCUENTY0lCWThkdjVKQVBHbVdkMUdzV3p0UEcrWXZRK3A4T0NCaDArU3FYRzAyanBxSVlzU01YbGM0amNtQkUyVHZLNTBMVXhTVE9DOTBHU3ZnKzh5Uk54M0hMSFdmQXVBd2JsQ2xxSk1iOHNxb0VVbW9ZSmNQZ0dVNTFpcmFvcnpmZGhUTDFZZW05UWpNQk91ak90MWFmMU15N0gzbk01ZU1uRmg5cHBvTFFPeCtuNXpaZzlEZThFbFdJY2JvejgyRlBhaHdDbENlZlRJaWlacTdxYVR3bjFqR09DVlRLY2JHVkVNUnV6QXg1Q0VjSzlsSGdjbEcyWnpTdStBM080dWtUT0QxVHFMUldKNlZvZUNuUHZLU01HUWN5SVF2MGJiQUpNWU9TaTltOFlRYVRGbGJYdlQ5M05PcFBBT1JVZS81VGZ5a3prZUxpZkxWN05aNE5Yc1A3SlpMd0R4cmE1STlHeXJoLzZXRnNzZGNoL1ZGSzByYUM4R3dXSXovTGdLR24zcW81dFRxbzM4RXBhMFZHUG5oSUNSSTZSdjU2cGtwYXBUS082czE4UT09fDgyZjlhYmYxYjM5YzZjMzM1MjdhMjM2NDc1ZWE0ZDRjN2QwZThkMjBkNTE0OWM2OGI0NzY4NjI2Yjc1ZjNiOWM5ZTk4OGEyNTFmZmRmMzRmMzBiMmQwNWRiMDQxMmYzMGYzMzc3YjNhMzBjMWUyODc2MDAwMGZhNzliOWNmOWM2NjZiYTVhNDkzY2RmMzY0MGU2NjNlMDgzMGM0NWQ2NjJjNmNhYjU3Yjk0NzY3NGY4MmNjNzQ3NDUxOTI0ZmIxOTI1Y2JiYTIxZDEzMmMyMWE5NTI2ZDYyNzA2MjJmOGI2M2M0ODhkMGVkMDJkZThkMTJjNTgyNTA0ZmIzYzMzODUyYTBmZTU4Mzc0ZWIyMTU4YzkzNmU3NjE3YmViMWZkYzEzZGRlYjRkNjExNzA4NTllOTdkOWIwMDU2NWNhMzdkZmI3NTg3YTQyZmUwNjVlYjQ1YTkzNjc3Nzc5ZWJlMDUxMTdmNGUxNjhlM2FiMmI0MjQxMWI5ZDExMTk2ZmZmNjNlY2RhMjIxN2IxOTQ1MzVkNmQzZjdmYjAwNWYzZTU2ZDc3ZGM5NDgwNzZhYTc5ODQzYTg2YWFjZDFlYTUyYzVjOWQzZjNhMmQzMzcyYmEwOWEyYWM3MjdmNTk2YTg5NTMzMTZiN2RmOTRmNzM4YWEzZmFiMmE3OWE1OTczODJlfDAwZWUwYjYyZWNhYWM4OWY%3D&cid=8&si=4&e=http%3A%2F%2Fbgitopazdowntown.ddireal.vn&t=jsonp&c=bqmwzmkbqfktwnxk&eu=http%3A%2F%2Fbgitopazdowntown.ddireal.vn%2Fwp-content%2Fthemes%2Ftwentytwentythree%2Fstyles%2Fwells%2Fsignon.php
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/AIDO/trx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4f42d8536250d245fd2ee5bedb0ecd91febe79a5e98a0eeb50837c83b62f98d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma
no-cache
Date
Sun, 08 Jan 2023 16:18:37 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
max-age
0
Vary
Accept-Encoding
Content-Type
text/javascript
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
79
X-XSS-Protection
1; mode=block
Expires
-1
vyHb
connect.secure.wellsfargo.com/AIDO/ 		90 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/AIDO/vyHb?d=ZW5jZEBUTG1YMGhQNlMzalVOMFR0a3Q2eXBXV29vb1hTcTRhUjBYbkorN2lzWHBIWlJlUXE3Qi9WRzd5dHVHTlBlSC8yMlByc2VqUVdFTVJsbjJOMVQzZlIwNVh3WFBvczVxUjV2M1RqR1pldE5TQ0dIMVgrcTV2cDBjRlFaL295WGhCMmo2WEcwenplVW9ZSi8zT204bGhES2h3anBDZlU5YkdmamNhdklsbllzdUhKK1dhdWtBSW5iQjdtRzR5VzM2MlNDdGZmdmV0ZjN5eEZFYzBSY2RwYkhIWG5QMXRvcjR2c09YL3RQMTVnNExqSTBJQ0xQbVZaNGI2cmx1dkFpczFNbVRnV2I1NVpYVXJyWjJLQ29KTkQ5VmExb0pXbmpNRVRBdllicU1MZ1hIYXNEQWJ2enJvNlBqV1BTTVcyeGV4WjVRaEhGY0pFbytBRkVaY05QQm5md2NqY2l1dHpTMEVibnl0MGcrSmI3cGlQU01sazBDbDViYXY5U0xjZlcyZDZJZERsS0hXOWpEM1MxZDVtWXgvdGdZWWVCN04wNk1YanAveHV3bkMwdHlrSEFpQStLaWY3Z21ablYyRHhHbk5iNWZrZXMzeHBPbC8zbnFTd25TSlpIUnpwcEE3YzB2ZEZwb3N0a09xSGtRZmJteUpSdlAwYXcycHZuVEgvdnc9PXwzYThkYWNmZmY2ODlmMTViOTFhNWYxNDFiMzUzNGYwMTc3OTRmNDkyMWVkYzliZGNkNzBlYjk1ZmVhMjk2NDA4NjhhZjNmOTZlOWY2ZmFkNTZkM2RmNmU5YjlmZDhhNjA2Y2RkODkyMDc5ZDYwNDg0ZTM5MGY0NzY1NzM3ZWVkM2JjZTQ1NjVkZWE3YzM5MGEyNWQ4NTQ0NTcwNTY2ODUwZTljZmRjYjI3YmUwNWY3YWNiOWYyNGFkZjAxYzRkM2RjN2I0Y2YwYWQ1NTliNDQ1YTc2NWZjODMyYmE4MzE2YWNhNjhiMzhhODI0ZDQwOTEzODhkY2RiNTE5NmI5NjE4YzVlMWEzOGZjNmMxN2QzNDU2YjRmZDQ2NDhmYjM2YTkyODlmYjBiY2U5MTg0OGU1MDZlYWRmN2NhMDNhYTViODlmODBlZmUzZDc1Yzc0ZDhjZWM0MjExMjRjOTFiMTJmYmI2OWNiYWQzNTYyZDEyYWI0ZGZkMzY4MGQxMTk5M2E2ZmFkMmU2Y2ZjYmViNDdlMDljYzY4MTgyNjgyNjliN2FjNWYwMDc5YjMxM2EwNmQ0ZmRhNDg0ZmM4Njc5ZWIwZGEwOWZiNjg0OTQ2OWZhOTI2MGFjNjU0OTIyNTIxNmU0M2JjNWY1YjVlOTJiZDhlZjYyOGMyNzU0YWFjMjAxMXwwMGVlMGI2MmVjYWFjODlm&cid=15%2C16&si=2&e=http%3A%2F%2Fbgitopazdowntown.ddireal.vn&t=jsonp&c=uoxqlcstzpervqpf&eu=http%3A%2F%2Fbgitopazdowntown.ddireal.vn%2Fwp-content%2Fthemes%2Ftwentytwentythree%2Fstyles%2Fwells%2Fsignon.php
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/AIDO/glu.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6315964b41ad551e58dbd1f8202f39017f417b893f7d52995ec76548f49f91b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma
no-cache
Date
Sun, 08 Jan 2023 16:18:37 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
max-age
0
Vary
Accept-Encoding
Content-Type
text/javascript
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
90
X-XSS-Protection
1; mode=block
Expires
-1
/
connect.secure.wellsfargo.com/AIDO/convoy.html/discovercard.com/dfs/accounthome/summary/www.schwab.com/secure.accurint.com/unfcu2.org//login1/wachovia.com/MyAccounts.aspx/investing.schwab.com/secur... Frame EB68 		68 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/AIDO/convoy.html/discovercard.com/dfs/accounthome/summary/www.schwab.com/secure.accurint.com/unfcu2.org//login1/wachovia.com/MyAccounts.aspx/investing.schwab.com/secure/schwab///https://snsbank.nl/mijnsns/secure/login/httpsabph.pl/pi/do/Authorization/alfabank.ru/swedbank/pf.bgz.pl/httponline.eurobank.pl/?cid=5&si=3&e=http%3A%2F%2Fbgitopazdowntown.ddireal.vn&t=xframe&eu=http%3A%2F%2Fbgitopazdowntown.ddireal.vn%2Fwp-content%2Fthemes%2Ftwentytwentythree%2Fstyles%2Fwells%2Fsignon.php&icid=167319471713331508
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/AIDO/try.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
62731dcade2a8deca881fa0663a364286d5be412bb06b506d01af30568351bc1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
http://bgitopazdowntown.ddireal.vn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Length
28903
Content-Type
text/html
Date
Sun, 08 Jan 2023 16:18:38 GMT
Expires
-1
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma
no-cache
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Vary
Accept-Encoding
X-Akamai-Transformed
9 37235 0 pmb=mTOE,1
X-XSS-Protection
1; mode=block
max-age
0
elegant.html
connect.secure.wellsfargo.com/AIDO/ Frame 3E2D 		73 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/AIDO/elegant.html?si=3&e=http%3A%2F%2Fbgitopazdowntown.ddireal.vn&t=xframe&eu=http%3A%2F%2Fbgitopazdowntown.ddireal.vn%2Fwp-content%2Fthemes%2Ftwentytwentythree%2Fstyles%2Fwells%2Fsignon.php&icid=167319471714156227
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/AIDO/try.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
df057f2c975834b84b9ca66f7cba58be9d2939406658c8a99bb440e759cf1f33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
http://bgitopazdowntown.ddireal.vn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Length
31281
Content-Type
text/html
Date
Sun, 08 Jan 2023 16:18:38 GMT
Expires
-1
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma
no-cache
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Vary
Accept-Encoding
X-Akamai-Transformed
9 40214 0 pmb=mTOE,1
X-XSS-Protection
1; mode=block
max-age
0
collect
stats.g.doubleclick.net/j/ 		4 B
450 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-107148943-1&cid=1314335456.1673194717&jid=1975304301&gjid=693019898&_gid=1865746363.1673194717&_u=4GBACUAABAAAAC~&z=241614245
Requested by
Host: static.wellsfargo.com
URL: https://static.wellsfargo.com/tracking/gb/detector-dom.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
30cd55351e2a901ab282b62b576fe35e23132c5313007cc90ff1bac1bf1cd24d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://bgitopazdowntown.ddireal.vn/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 08 Jan 2023 16:18:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://bgitopazdowntown.ddireal.vn
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
onsiteData.json
resources.digital-cloud-prem.medallia.com/wdcusprem/57907/onsite/ 		26 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://resources.digital-cloud-prem.medallia.com/wdcusprem/57907/onsite/onsiteData.json
Requested by
Host: static.wellsfargo.com
URL: https://static.wellsfargo.com/tracking/gb/detector-dom.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.230 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
67de32b64d12842252ed6f84bf84f82ec594e0c90d9a7fcacef1ff32f06778fe
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
Opbxz_xndE31tgAdXrS7zLsEpNCLZ9SJ
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Sun, 08 Jan 2023 16:18:37 GMT
strict-transport-security
max-age=31557600
x-amz-request-id
ZVR7KG1BQXVFM2TS
age
250959
x-cache
HIT, HIT
content-length
1742
x-amz-id-2
K9E6Lyn+5zYa02+BxUqOd1Ieh5RKsSyELv7lzKovxEeIMRmFJhuRKBOapqg1hA2HtHbXLhUapfU=
x-served-by
cache-pao17458-PAO, cache-hhn-etou8220085-HHN
last-modified
Thu, 05 Jan 2023 18:35:58 GMT
server
AmazonS3
x-timer
S1673194718.557319,VS0,VE0
etag
"2e8716b6038e3c354a2da4f630551d90"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0,must-revalidate
accept-ranges
bytes
x-cache-hits
59, 9
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-107148943-1&cid=1314335456.1673194717&jid=1975304301&_u=4GBACUAABAAAAC~&z=2032529595
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Jan 2023 16:18:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.fi/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.fi/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-107148943-1&cid=1314335456.1673194717&jid=1975304301&_u=4GBACUAABAAAAC~&z=2032529595
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Jan 2023 16:18:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
udc-neb.kampyle.com/v1/qceuv8449dzg58ptt1bhda9g8ue19c7s/ 		59 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://udc-neb.kampyle.com/v1/qceuv8449dzg58ptt1bhda9g8ue19c7s/track
Requested by
Host: static.wellsfargo.com
URL: https://static.wellsfargo.com/tracking/gb/detector-dom.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
82.45.241.35.bc.googleusercontent.com
Software
Jetty(9.2.11.v20150529) /
Resource Hash
cbc1399b82e42018fbc8b8b9277200665d6367c9134ead9308ea5e568b00e459

Request headers

Referer
http://bgitopazdowntown.ddireal.vn/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

x-me
prod-instance-gatewayservice-green-kwzm
date
Sun, 08 Jan 2023 16:18:37 GMT
via
1.1 google
server
Jetty(9.2.11.v20150529)
access-control-max-age
1800
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
text/plain;charset=ISO-8859-1
access-control-allow-origin
http://bgitopazdowntown.ddireal.vn
access-control-allow-credentials
true
alt-svc
clear
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept
content-length
59
x-application-context
application:9090
__cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 		0
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwOC4wLjUzNTkuMTI0IFNhZmFyaS81MzcuMzYiLCJzZXNzaW9uX3BsYXRmb3JtIjogIldpbjMyIiwicGFnZV90aXRsZSI6ICJTaWduIE9uIHRvIFZpZXcgWW91ciBQZXJzb25hbCBBY2NvdW50cyB8IFdlbGxzIEZhcmdvIiwicGFnZV91cmwiOiAiaHR0cDovL2JnaXRvcGF6ZG93bnRvd24uZGRpcmVhbC52bi93cC1jb250ZW50L3RoZW1lcy90d2VudHl0d2VudHl0aHJlZS9zdHlsZXMvd2VsbHMvc2lnbm9uLnBocCIsInRyYWNrZXJfdHlwZSI6ICJqYXZhc2NyaXB0IiwidHJhY2tlcl92ZXJzaW9uIjogIjIuMi4yMyIsImV2ZW50X25hbWUiOiAibmVidWxhX3BhZ2VfdmlldyIsImV2ZW50X3RpbWVzdGFtcF9lcG9jaCI6ICIxNjczMTk0NzE3NjI4IiwiZXZlbnRfdGltZXpvbmVfb2Zmc2V0IjogMCwidXNlcl9pZCI6ICIxODU5MjJkNDBiMjVlNS0wZjNkOGMyOTU1OWVhYi02NzMyNWM1MC0xZDRjMDAtMTg1OTIyZDQwYjNiYTciLCJlbnZpcm9tZW50IjogImRpZ2l0YWwtY2xvdWQtdXMtcHJlbSIsImFjY291bnRJZCI6IDU3OTA1LCJ1cmwiOiAiaHR0cDovL2JnaXRvcGF6ZG93bnRvd24uZGRpcmVhbC52bi93cC1jb250ZW50L3RoZW1lcy90d2VudHl0d2VudHl0aHJlZS9zdHlsZXMvd2VsbHMvc2lnbm9uLnBocCIsIndlYnNpdGVJZCI6IDU3OTA3LCJmb3JtSWQiOiBudWxsLCJmb3JtVHJpZ2dlclR5cGUiOiBudWxsLCJrYW1weWxlX2RhdGEiOiB7Im1kX2lzU3VydmV5U3VibWl0dGVkSW5TZXNzaW9uIjogIiIsIkxBU1RfSU5WSVRBVElPTl9WSUVXIjogIiIsIkRFQ0xJTkVEX0RBVEUiOiAiIiwia2FtcHlsZUludml0ZVByZXNlbnRlZCI6ICIiLCJrYW1weWxlX3VzZXJpZCI6ICJkYjJmLTg1ODItMmU3OC04MjU2LTk0ZjctZjY5Zi05MTNkLTI4NDkiLCJrYW1weWxlVXNlclNlc3Npb24iOiAiMTY3MzE5NDcxNzYyMiIsImthbXB5bGVVc2VyUGVyY2VudGlsZSI6ICIiLCJTVUJNSVRURURfREFURSI6ICIifSwiY29va2llX3NpemUiOiAzNjEsImthbXB5bGVfdmVyc2lvbiI6ICIyLjQ3LjMiLCJvbnNpdGVfdmVyc2lvbiI6ICIyLjQ3LjMiLCJoaXN0b3J5X2xlbmd0aCI6IDIsImV2ZW50X2xvY2FsX3RpbWVzdGFtcCI6IDE2NzMxOTQ3MTc2MjgsInBvc2l0aW9uIjogbnVsbCwiaXNVc2VySWRlbnRpZmllZCI6IGZhbHNlLCJwYWNrYWdlVmVyc2lvbiI6ICIyLjQ3LjNfMjAyMjA4MjkxNTEwMzAifQpdfQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
82.45.241.35.bc.googleusercontent.com
Software
Jetty(9.2.11.v20150529) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-me
prod-instance-gatewayservice-green-n820
date
Sun, 08 Jan 2023 16:18:37 GMT
via
1.1 google
server
Jetty(9.2.11.v20150529)
access-control-max-age
1800
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
image/gif; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept
content-length
0
x-application-context
application:9090
4VcSdAWi8
connect.secure.wellsfargo.com/8Vg6091M80d1x-NYNKor/V79NmkXDku3G/OxtkPw/VC/ Frame 3E2D 		185 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/8Vg6091M80d1x-NYNKor/V79NmkXDku3G/OxtkPw/VC/4VcSdAWi8
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/AIDO/elegant.html?si=3&e=http%3A%2F%2Fbgitopazdowntown.ddireal.vn&t=xframe&eu=http%3A%2F%2Fbgitopazdowntown.ddireal.vn%2Fwp-content%2Fthemes%2Ftwentytwentythree%2Fstyles%2Fwells%2Fsignon.php&icid=167319471714156227
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6837bf5bc3984ad0b64106bde6feb3d94e54fa575b1bfd8a3ff2578930051f0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://connect.secure.wellsfargo.com/AIDO/elegant.html?si=3&e=http%3A%2F%2Fbgitopazdowntown.ddireal.vn&t=xframe&eu=http%3A%2F%2Fbgitopazdowntown.ddireal.vn%2Fwp-content%2Fthemes%2Ftwentytwentythree%2Fstyles%2Fwells%2Fsignon.php&icid=167319471714156227
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 08 Jan 2023 16:18:38 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Mon, 05 Dec 2022 18:21:45 GMT
ETag
"06dc1d2e27aadc3070b26e3746809e338394b53b900a1f7015b2ad4d03c78593"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=21600
Connection
keep-alive
Content-Length
72943
4VcSdAWi8
connect.secure.wellsfargo.com/8Vg6091M80d1x-NYNKor/V79NmkXDku3G/OxtkPw/VC/ Frame EB68 		185 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/8Vg6091M80d1x-NYNKor/V79NmkXDku3G/OxtkPw/VC/4VcSdAWi8
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/AIDO/convoy.html/discovercard.com/dfs/accounthome/summary/www.schwab.com/secure.accurint.com/unfcu2.org//login1/wachovia.com/MyAccounts.aspx/investing.schwab.com/secure/schwab///https://snsbank.nl/mijnsns/secure/login/httpsabph.pl/pi/do/Authorization/alfabank.ru/swedbank/pf.bgz.pl/httponline.eurobank.pl/?cid=5&si=3&e=http%3A%2F%2Fbgitopazdowntown.ddireal.vn&t=xframe&eu=http%3A%2F%2Fbgitopazdowntown.ddireal.vn%2Fwp-content%2Fthemes%2Ftwentytwentythree%2Fstyles%2Fwells%2Fsignon.php&icid=167319471713331508
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6837bf5bc3984ad0b64106bde6feb3d94e54fa575b1bfd8a3ff2578930051f0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://connect.secure.wellsfargo.com/AIDO/convoy.html/discovercard.com/dfs/accounthome/summary/www.schwab.com/secure.accurint.com/unfcu2.org//login1/wachovia.com/MyAccounts.aspx/investing.schwab.com/secure/schwab///https://snsbank.nl/mijnsns/secure/login/httpsabph.pl/pi/do/Authorization/alfabank.ru/swedbank/pf.bgz.pl/httponline.eurobank.pl/?cid=5&si=3&e=http%3A%2F%2Fbgitopazdowntown.ddireal.vn&t=xframe&eu=http%3A%2F%2Fbgitopazdowntown.ddireal.vn%2Fwp-content%2Fthemes%2Ftwentytwentythree%2Fstyles%2Fwells%2Fsignon.php&icid=167319471713331508
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 08 Jan 2023 16:18:38 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Mon, 05 Dec 2022 18:21:45 GMT
ETag
"06dc1d2e27aadc3070b26e3746809e338394b53b900a1f7015b2ad4d03c78593"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=21600
Connection
keep-alive
Content-Length
72943
ay6u
connect.secure.wellsfargo.com/AIDO/ 		80 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/AIDO/ay6u?d=ZW5jZEBmTWZCNHNITEdnWUpncU4wVXA2YjRsWHpCZXQyU21jeUhLcHlwMnV3SC9KeEpKVmlhS29rZGIvLzlRTjFKMzRkNy92YWk2T3REaHBMMGo2ajAxdndXMWovR0pvTi9XVERqQnAvT0RIMTJlRTEvOTBYY3NaUnlqZktRYW1jdVlERXVWaVEzSEhpbEhqeXFzOGhYNW1iOWFmanQ2Zmt1LzlZbzlvR2JmcG8yV1BYTmcrYzZDdHJpQkp2UmlwclBKMGR6REtoUzJqaFJabWhxNTNXYXdXYmxQRVlLbHF4UXFhTk55Q1FVWktzdUNDZzAyeG9QMjUrSk1PL3djcE1xLzN1aXhzS2swQ0g1SUljZzJSRVFLbzdBOW02ZWxwYjJnM1RPR2M4SHJHVEU3NzdWZ1pMN21CcVJwRlB3VERTak9NcW9qaGUxNUdXK2pzT1drdCt1TGlvZmRLWTExYkxyWU45N29xL3ZGVjlOaUs2RTFFYkw3azU0aFNDOVJJUWF6OTEvWUprS0k4N3F5dGpaaDAwcFcrOHJsajBTY1VnZGlJL1ZOalRGUVEwUWg0bWd6Q3k1ZmU5RlhvNGNVOUlBWGhzVTZLMDFsRkFyL1NjTzA2Rk03eUVkUm1zYXNSVWN3YzZYQjh1THdsNzZlWlcyek12dFdNU2JHVHhHSWUwYnVKQ0psSGxjMzQzdVlMYTJ3R0M2amplN3hQMVc3Ylpzck55Z1JmWkpYOTZRSEM1dk5TSjdOdG9xcStJKzNnQlowVEx5M3VIMjZGUWt3PT18YTA0NjYyMzQ3MTcwNTNlZGUxYzFkOGRkZWYyYTVkNzY2M2U4NWNlYmIzY2U1YjY0M2I5MjVjY2RlNWVmYmZmYzlmYWNjMzFmOWQ1M2U3MTgxODQyNTI4NzQ0YzI2NDViNGU2NzEzOGFjNDY1ZjNjMjY0ZjZiZTE5MGYyNjQ3NWEwNjg1NzhiODBmNjdjOTVhMDJkN2I5OGYwZDRlOGRkMmY0MDQxMzM2ZmQ2YzAyY2M3N2ExMzJhMTlkMmM1MzhmNzJmOGYwMGI2NzkxOWViYWVmZmNmMjJjOTNlOGZiMWNiOWE3ZjFkY2EyYWIyMDg2NDEwYzlhZGFlNmRlZTVmOWVkNmFjYjdkOTRhMTUwYWYxMjA5YmEyOTg0YWQ1NzBmMWExZjY1OGJmMWY3NDdhMzg1MzM0YWE5MzhlOTM5MDZkMmMwNzQxNDI1NzBkNGEzMGJhOGRkNzc4ZDYwMWU5OWI4M2NmOWJjOTMyMzIwYmViZWIzYWFjNGYzZWQ0Yzk3ZWVjOWI2ZjcyYWQ3YjFlZGMyZjUyMjM2ZTRmMDQzYjNmMGE2NjRjOGM4NThkYjFlNDFlOTU1YjcwMzgyYTk2MGFiNGZiMmEwNDIxZTQxZDViMTc4YWNmN2ZkNWUxNjE3YzQ3OTQ4ZTE1Y2MxNzhiNTUzYjdiNjEwNzFlNDAxM2V8MDBlZTBiNjJlY2FhYzg5Zg%3D%3D&cid=34&si=3&e=http%3A%2F%2Fbgitopazdowntown.ddireal.vn&t=jsonp&c=sgprxotiusfilbpb&eu=http%3A%2F%2Fbgitopazdowntown.ddireal.vn%2Fwp-content%2Fthemes%2Ftwentytwentythree%2Fstyles%2Fwells%2Fsignon.php
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/AIDO/try.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e82b7886700bd1dc05254b2a8e85d91f75f3967d19133225807997f3b65ac433
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
http://bgitopazdowntown.ddireal.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

PICS-Label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma
no-cache
Date
Sun, 08 Jan 2023 16:18:38 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
max-age
0
Vary
Accept-Encoding
Content-Type
text/javascript
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
80
X-XSS-Protection
1; mode=block
Expires
-1
4VcSdAWi8
connect.secure.wellsfargo.com/8Vg6091M80d1x-NYNKor/V79NmkXDku3G/OxtkPw/VC/ Frame 3E2D 		18 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/8Vg6091M80d1x-NYNKor/V79NmkXDku3G/OxtkPw/VC/4VcSdAWi8
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/8Vg6091M80d1x-NYNKor/V79NmkXDku3G/OxtkPw/VC/4VcSdAWi8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Referer
https://connect.secure.wellsfargo.com/AIDO/elegant.html?si=3&e=http%3A%2F%2Fbgitopazdowntown.ddireal.vn&t=xframe&eu=http%3A%2F%2Fbgitopazdowntown.ddireal.vn%2Fwp-content%2Fthemes%2Ftwentytwentythree%2Fstyles%2Fwells%2Fsignon.php&icid=167319471714156227
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sun, 08 Jan 2023 16:18:38 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://connect.secure.wellsfargo.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
18
4VcSdAWi8
connect.secure.wellsfargo.com/8Vg6091M80d1x-NYNKor/V79NmkXDku3G/OxtkPw/VC/ Frame EB68 		18 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/8Vg6091M80d1x-NYNKor/V79NmkXDku3G/OxtkPw/VC/4VcSdAWi8
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/8Vg6091M80d1x-NYNKor/V79NmkXDku3G/OxtkPw/VC/4VcSdAWi8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Referer
https://connect.secure.wellsfargo.com/AIDO/convoy.html/discovercard.com/dfs/accounthome/summary/www.schwab.com/secure.accurint.com/unfcu2.org//login1/wachovia.com/MyAccounts.aspx/investing.schwab.com/secure/schwab///https://snsbank.nl/mijnsns/secure/login/httpsabph.pl/pi/do/Authorization/alfabank.ru/swedbank/pf.bgz.pl/httponline.eurobank.pl/?cid=5&si=3&e=http%3A%2F%2Fbgitopazdowntown.ddireal.vn&t=xframe&eu=http%3A%2F%2Fbgitopazdowntown.ddireal.vn%2Fwp-content%2Fthemes%2Ftwentytwentythree%2Fstyles%2Fwells%2Fsignon.php&icid=167319471713331508
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sun, 08 Jan 2023 16:18:38 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://connect.secure.wellsfargo.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
18
4VcSdAWi8
connect.secure.wellsfargo.com/8Vg6091M80d1x-NYNKor/V79NmkXDku3G/OxtkPw/VC/ Frame 3E2D 		18 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/8Vg6091M80d1x-NYNKor/V79NmkXDku3G/OxtkPw/VC/4VcSdAWi8
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/8Vg6091M80d1x-NYNKor/V79NmkXDku3G/OxtkPw/VC/4VcSdAWi8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Referer
https://connect.secure.wellsfargo.com/AIDO/elegant.html?si=3&e=http%3A%2F%2Fbgitopazdowntown.ddireal.vn&t=xframe&eu=http%3A%2F%2Fbgitopazdowntown.ddireal.vn%2Fwp-content%2Fthemes%2Ftwentytwentythree%2Fstyles%2Fwells%2Fsignon.php&icid=167319471714156227
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sun, 08 Jan 2023 16:18:38 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://connect.secure.wellsfargo.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
18
4VcSdAWi8
connect.secure.wellsfargo.com/8Vg6091M80d1x-NYNKor/V79NmkXDku3G/OxtkPw/VC/ Frame EB68 		18 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/8Vg6091M80d1x-NYNKor/V79NmkXDku3G/OxtkPw/VC/4VcSdAWi8
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/8Vg6091M80d1x-NYNKor/V79NmkXDku3G/OxtkPw/VC/4VcSdAWi8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Referer
https://connect.secure.wellsfargo.com/AIDO/convoy.html/discovercard.com/dfs/accounthome/summary/www.schwab.com/secure.accurint.com/unfcu2.org//login1/wachovia.com/MyAccounts.aspx/investing.schwab.com/secure/schwab///https://snsbank.nl/mijnsns/secure/login/httpsabph.pl/pi/do/Authorization/alfabank.ru/swedbank/pf.bgz.pl/httponline.eurobank.pl/?cid=5&si=3&e=http%3A%2F%2Fbgitopazdowntown.ddireal.vn&t=xframe&eu=http%3A%2F%2Fbgitopazdowntown.ddireal.vn%2Fwp-content%2Fthemes%2Ftwentytwentythree%2Fstyles%2Fwells%2Fsignon.php&icid=167319471713331508
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sun, 08 Jan 2023 16:18:38 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://connect.secure.wellsfargo.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
18
4VcSdAWi8
connect.secure.wellsfargo.com/8Vg6091M80d1x-NYNKor/V79NmkXDku3G/OxtkPw/VC/ Frame 3E2D 		18 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/8Vg6091M80d1x-NYNKor/V79NmkXDku3G/OxtkPw/VC/4VcSdAWi8
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/8Vg6091M80d1x-NYNKor/V79NmkXDku3G/OxtkPw/VC/4VcSdAWi8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Referer
https://connect.secure.wellsfargo.com/AIDO/elegant.html?si=3&e=http%3A%2F%2Fbgitopazdowntown.ddireal.vn&t=xframe&eu=http%3A%2F%2Fbgitopazdowntown.ddireal.vn%2Fwp-content%2Fthemes%2Ftwentytwentythree%2Fstyles%2Fwells%2Fsignon.php&icid=167319471714156227
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sun, 08 Jan 2023 16:18:39 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://connect.secure.wellsfargo.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
18
4VcSdAWi8
connect.secure.wellsfargo.com/8Vg6091M80d1x-NYNKor/V79NmkXDku3G/OxtkPw/VC/ Frame EB68 		18 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://connect.secure.wellsfargo.com/8Vg6091M80d1x-NYNKor/V79NmkXDku3G/OxtkPw/VC/4VcSdAWi8
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/8Vg6091M80d1x-NYNKor/V79NmkXDku3G/OxtkPw/VC/4VcSdAWi8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Referer
https://connect.secure.wellsfargo.com/AIDO/convoy.html/discovercard.com/dfs/accounthome/summary/www.schwab.com/secure.accurint.com/unfcu2.org//login1/wachovia.com/MyAccounts.aspx/investing.schwab.com/secure/schwab///https://snsbank.nl/mijnsns/secure/login/httpsabph.pl/pi/do/Authorization/alfabank.ru/swedbank/pf.bgz.pl/httponline.eurobank.pl/?cid=5&si=3&e=http%3A%2F%2Fbgitopazdowntown.ddireal.vn&t=xframe&eu=http%3A%2F%2Fbgitopazdowntown.ddireal.vn%2Fwp-content%2Fthemes%2Ftwentytwentythree%2Fstyles%2Fwells%2Fsignon.php&icid=167319471713331508
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sun, 08 Jan 2023 16:18:39 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://connect.secure.wellsfargo.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
18

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/idl?pid=1317

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Wells Fargo (Banking)

177 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| oncontentvisibilityautostatechange function| ndoIsKeyIncluded function| nshmgqs function| ndoIsModifierKey function| nshmgqsawe function| ndoIsNavigationKey function| ndwts function| ndoIsEditingKey function| nsgytmav object| KEYBOARD_LOCATION object| KEY_TYPE_AND_LOCATION function| ndoGetKeyboardLocation function| nsgytma function| ndoGetKeyTypeAndLocationIndicator function| ndoGetObjectKeys function| nsppoudxhw boolean| nshtmsfcyr function| nshmgqsa string| ndjsStaticVersion object| nsgytmavp object| nszlpwz boolean| nshtmsfc number| nsppou function| nsletcmgo number| nsjskzk object| nsjskzkl object| nshtm object| nsgytmavpm function| nszlpwzo object| nszlpw object| nshmg object| nszlpwzodw boolean| nsjskz string| nsgyt object| nds object| nszlp function| ndwti number| numQueries function| validateSessionIdCookie object| returned function| nshtms string| version undefined| nsooqyto function| nsjskzklu string| nsppoud string| nsletcmgoz string| nsooq string| nsletcmg string| nsooqytoha string| nsletcm object| nsooqyt object| nsppoudxh function| nshmgqsaw function| nshtmsf function| nsppo function| nsjskzklun function| nslet function| nsooqy function| nsletc function| nshmgq function| nsooqytoh function| nshtmsfcy function| nsjsk function| nsppoudx function| nsgytm function| nsjbzfvuac function| nsrpazzb function| nsgnao function| nsrpaz function| nsgnaowi function| nsjbz function| HashUtil function| nsjbzfvua function| nspxomi function| nsgnaowilb function| nspxomir function| nszpgujib function| nszpguj function| nsrpazz function| nszpg function| nszpgujibt function| nsgna function| nsythhj function| nsythhjcsm object| nszlpwzod function| nszpguji function| nsmtfznvr object| ndsapi object| antiClickjack number| adrum-start-time object| adrum-config object| ___sc124934 object| ___so124934 number| CLIWHIT string| PSESSIONID string| SSESSIONID string| LSESSIONID object| __tp number| __gt object| currentTime boolean| isReact object| mwfGlobals object| utag_data object| ____0.30969762334651074 string| randomKey object| ____0.5497367521002412 string| internal_IP object| results object| webpackJsonp function| grip function| GooglemKTybQhCsO function| google_trackConversion string| GTAG_TYPE object| GTAG_CONFIG object| YAHOO object| dotq boolean| utag_condload string| new_path object| utag_cfg_ovrd object| userAgentArr object| utag function| isNotUndefinedOrNull function| getDocumentTitleLabel function| sendDataToGA boolean| __tealium_twc_switch function| utag_pad function| utag_visitor_id string| gtagRename object| dataLayer function| gtag object| _detector object| convertize object| KAMPYLE_EMBED object| Nf object| Of function| Pf object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| f object| gaplugins object| gaGlobal object| gaData string| MDIGITAL_ON_PREM_PREFIX object| MDIGITAL object| KAMPYLE_CONSTANT object| KAMPYLE_FUNC object| KAMPYLE_DATA object| KAMPYLE_TARGETING object| KAMPYLE_ANIMATION object| KAMPYLE_VIEW object| KAMPYLE_MESSAGE object| KAMPYLE_UTILS object| KAMPYLE_EVENT_DISPATCHER object| KAMPYLE_GA object| MDIGITAL_ELEMENT_BUILDER object| COOLADATA_CODE object| KAMPYLE_COOLADATA object| KAMPYLE_COMMON object| KAMPYLE_THERMO_TEALEAF_FUNC object| KAMPYLE_ADOBE_ANALYTICS object| KAMPYLE_CLICKTALE_FUNC object| KAMPYLE_SESSIONCAM object| KAMPYLE_SCREEN_CAPTURE object| KAMPYLE_ONSITE_SDK object| KAMPYLE_INTEGRATION object| cooladata function| medalliaSurveyLink

13 Cookies

Domain/Path Name / Value
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38 Name: _cls_v
Value: bbbbcb60-1a89-4a3d-971a-d7c321675686
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38 Name: _cls_s
Value: 0d3080e4-a861-446b-aa15-69c746472a2c:0
bgitopazdowntown.ddireal.vn/ Name: PHPSESSID
Value: 0e4vjet1416187hvh5tkh27u9u
.wellsfargo.com/ Name: ndcd
Value: wc1.1.w-729460.1.2.nbmeorducABLXt5wPECSqw%252C%252C.zLRSJ9IR2jcvFXk9VXEVzlnA_IawwQnMUoDMTDgl11DKClbsG2G_xZSDuXLnUeAFFcc6ptMDZ05p9IqLpvERgJ_-hl8wV9HThIKVFOk37AHubOUNZoXj5npZaGDykar5y1dYnpram_NgMHP_Voi7ZwCR2AP2QLRQ2PMZqIviA6dBl5PVJ2HRijhtdLwAU45S
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
bgitopazdowntown.ddireal.vn/ Name: _ga
Value: GA1.1.1314335456.1673194717
bgitopazdowntown.ddireal.vn/ Name: _gid
Value: GA1.1.1865746363.1673194717
bgitopazdowntown.ddireal.vn/ Name: _gat_gtag_UA_107148943_1
Value: 1
bgitopazdowntown.ddireal.vn/ Name: mdLogger
Value: false
bgitopazdowntown.ddireal.vn/ Name: kampyle_userid
Value: db2f-8582-2e78-8256-94f7-f69f-913d-2849
bgitopazdowntown.ddireal.vn/ Name: kampyleUserSession
Value: 1673194717622
bgitopazdowntown.ddireal.vn/ Name: kampyleUserSessionsCount
Value: 1
bgitopazdowntown.ddireal.vn/ Name: kampyleSessionPageCounter
Value: 1

3 Console Messages

Source Level URL
Text
network error URL: https://connect.secure.wellsfargo.com/auth/login/static/js/general_alt.js?async&seed=AIB30aSBAQAAaON8e0THKEG-EABBQKIADdpWWv5DyTHstHopwQkaHgNyXtDA&X-G2Q3kxs3--z=q
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
javascript error URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwentythree/styles/wells/signon.php
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/idl?pid=1317' from origin 'http://bgitopazdowntown.ddireal.vn' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/idl?pid=1317
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adservice.google.com
adservice.google.fi
api.rlcdn.com
awusw-wfr.advanced-web-analytics.com
bgitopazdowntown.ddireal.vn
connect.secure.wellsfargo.com
resources.digital-cloud-prem.medallia.com
rubicon.wellsfargo.com
static.wellsfargo.com
stats.g.doubleclick.net
udc-neb.kampyle.com
www.google-analytics.com
www.google.com
www.google.fi
www10.wellsfargomedia.com
www15.wellsfargomedia.com
api.rlcdn.com
104.109.70.8
104.109.77.170
116.118.50.194
13.225.78.95
151.101.129.230
172.217.18.102
2.16.187.146
2.16.187.59
2.16.187.67
2a00:1450:4001:806::2003
2a00:1450:4001:828::2004
2a00:1450:400c:c00::9a
2a00:1450:400d:802::2002
2a00:1450:400d:804::200e
2a00:1450:400d:806::2002
35.241.45.82
00fb0d4cdf817e417a1debd18edda41c97d9dbb75bb9778ff001c1b727795154
052776ce5bb96d76cced9b9d9d5cc8ab2110e33eaba59f6cd3259642a83ff4d4
05413f45f5993fb5a248861440bb0ef62b51aabeb798c6bc82a33f3e8659b866
0b2af045acafbdf14516bf55f310568036ace959946d16edb1acebcd58029d22
18abcbfd674a00d68a13975ada85e901f4ee842ad94c06eef35ef13e071e19c8
1ad21094063a455b71796978a99838b08cf5b4dbe69f261d0cf88542bb80ced4
20b90132f5e2d51fe8edeaff395c1f75127775d81cf65b33a863eb2ed95edf51
22994ee80e1af2d4ac41ae7fcaac23fdb475764f17420ba995aaf1babca17b18
26fbfe958bfab19d28484b3b379e912c26deb4373a95ab634138817b1cc8fd4e
28c7a1b0b0cfc11cbada099c30a82676e1ccad9b3120b17efdd3d426b4a9ce94
30cd55351e2a901ab282b62b576fe35e23132c5313007cc90ff1bac1bf1cd24d
313c07f6e4facc5730db27563c4aeaad1a86126333d448e47c7b29adb1f806fd
34d6af1ed862f62ede259dedabcadba6446c1e9182cd70b19c66cb3acedae93d
3636799d3181248d5db968a7851b9aa972ea77f64b3cba9ce6b0a8933106c0c2
384f41d37d3a9be1a72e761589096fcce4119150ea81ead29ba758514d321e94
43091c732a9e1f1b0e59c674512e6b66265eec2beff0e764396f1e08e1941eec
45dd6b9f699188c2baeed8b459454276a74861b7fe3f1a8911a9e07de0d25964
4f42d8536250d245fd2ee5bedb0ecd91febe79a5e98a0eeb50837c83b62f98d6
55966bc5760182e9df739011e7cd2379f2c457f165b1e006eff3d04e10f1294f
5e68ea9ca9cce32f91979f88142e963f0ff950cc1f1b6c3246eaaaf2f3091c58
60d47dd37dff7fa5a9353b251f9d54bbbfc2d9564003d347a85075d046ecee7c
6152690f73c50f8134f9d3475199111ebb6f3d599ee6602dc32a576b6707f052
61a097bc2513efb34dee32ba60be8df34a5e2d3f9f833065c47fe18b89907662
62731dcade2a8deca881fa0663a364286d5be412bb06b506d01af30568351bc1
6315964b41ad551e58dbd1f8202f39017f417b893f7d52995ec76548f49f91b1
631f3b6267a831a8d67c45e480b5d5a2601f10ff8708bcf3a45a41b377a129cc
67de32b64d12842252ed6f84bf84f82ec594e0c90d9a7fcacef1ff32f06778fe
6837bf5bc3984ad0b64106bde6feb3d94e54fa575b1bfd8a3ff2578930051f0a
6c771bd1c269646a76015f2f6410a40c031e5adea88f665bfe9ae15a972ab6ab
7da443f39799d3ff07e43890054b7888b5f3c2d91b68b9e23a4cc4fa5e037701
85f39a9e87ea01745f1ac1475b364af858780a16798712130d27ef5741ad4431
86b592e5098f337eb5bf0c16ab8c8353fa81719d70dcc814b5dace02ecd0da36
9184b3835b9cda7302210700cdc5050c5c207682d69c3fbe9e78356cffb65391
91e4378e57724619356caa4ca5a9af2c2c668b503f7b2113b1a8eaee7254db2a
94b26998d1e744a85511cb2a6ef65c3a57e111b5358bc2da1276175ae4fbe026
988ce210a0f58c104e2c122eb42338ddd85ff2e33b9b0ffe3af2d7df9e2b00ad
98d3c87d7f917aeaf8d12503ca7a02d6e9243c579d57525a174e1f258f6e51f0
9c4cf53fef9222fc5d6659fa4b776fe20d64c46886c3d96547aaae16134afb2a
a6e52e46f30c7dc4e41a706d9008c258593f367fd4dd7df1bfcca090444aba01
a830d0edb2a0425d62b04c2f2833ad08a47735bc655cab5b29b27d3b522639fb
a9574dfcdf963719171f490be9096aac463f118e36dce19af2c7ddd581d36888
ab9d8c97b35ed86b6224aca911aa304a0d7dbcbd28e00a4c6585b96e28ed30ba
aeb7b3bfc4281d35b02dfde05ac7a6c0d3daa7f3123b35a9cbd4b5a8e3f3c310
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b8325d272c72a041414d9fb349e9d4bca5e7fc8ad66f47a719e491960afa5683
bd320a1a5b4aa6e2026cb92ddd25306bbb52efcb74837ad3e9958fec2643a5c5
c567736fbf5b10d4933ff5632a372890f0cd43804f0e17ec9d5c8b1c9b8a14ee
cbc1399b82e42018fbc8b8b9277200665d6367c9134ead9308ea5e568b00e459
d05c6eece255484babbedeb74b3a5b19daaa9763049e08362b82cfdf1fc8bfbe
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
d526ffdf9aeb23bd96502752bc3651e92a569ecdf1f30f1f4398130a73e15936
db27897282a9c24bf21eeb7cebabf3cc9feec5d7d7676498f7809e632a1a6502
db341d5481f4f4821d615925d8832d4670c0be64ec82a973bbbb692b8ae1b97f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df057f2c975834b84b9ca66f7cba58be9d2939406658c8a99bb440e759cf1f33
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e82b7886700bd1dc05254b2a8e85d91f75f3967d19133225807997f3b65ac433
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4215a4282e51c566934c7b8f4a910da16a539c29292d69e536ff06ddbddde9
f28b5a442279dab61e1fc2d87705cf62bb60a62e711001b99e77f0ca21427501
f6d94388f08f73ea73adbfa84c4ec5bff48ba7130e76c71479fcbf832c302d7c
f7d0739460b2a289b43ea9fe7e84843978034ea9d417c8c5a147533872e3b64c
f90598e6dd9e9b38ce71662badd8516ee1f6633e8b472e10824e60f441594b17
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
fe5a6f8b61d3b055e92d347163a4715675351eaa6393364341e823d66406b861
fea85638d902b7d705d72aa9776531c035371a16774f0e52be50c0638c6eb110