replicawebsite.com Open in urlscan Pro
66.235.200.146 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://replicawebsite.com/
Submission: On August 11 via api (August 11th 2023, 1:21:32 am UTC) from JP — Scanned from JP

Summary HTTP 75 Redirects Links 23 Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 12 domains to perform 75 HTTP transactions. The main IP is 66.235.200.146, located in United States and belongs to CLOUDFLARENET, US. The main domain is replicawebsite.com.

This is the only time replicawebsite.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Wells Fargo (Banking)

Domain & IP information

	IP Address	AS Autonomous System
34	66.235.200.146 66.235.200.146	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	23.44.51.178 23.44.51.178	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
15	104.71.165.80 104.71.165.80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	3.114.199.131 3.114.199.131	16509 (AMAZON-02) (AMAZON-02)
1	31.13.82.36 31.13.82.36	32934 (FACEBOOK) (FACEBOOK)
1	3.115.101.35 3.115.101.35	16509 (AMAZON-02) (AMAZON-02)
2	23.44.51.226 23.44.51.226	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	23.44.51.160 23.44.51.160	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	142.251.42.174 142.251.42.174	15169 (GOOGLE) (GOOGLE)
75	10

34 66.235.200.146 (United States)

ASN13335 (CLOUDFLARENET, US)
PTR: host77.ipowerweb.com

replicawebsite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 23.44.51.178 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-51-178.deploy.static.akamaitechnologies.com

c1.wfinterface.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 104.71.165.80 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-71-165-80.deploy.static.akamaitechnologies.com

www17.wellsfargomedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.114.199.131 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-114-199-131.ap-northeast-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.13.82.36 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-nrt1.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.115.101.35 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-115-101-35.ap-northeast-1.compute.amazonaws.com

wellsfargobankna.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.44.51.226 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-51-226.deploy.static.akamaitechnologies.com

static.wellsfargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.44.51.160 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-51-160.deploy.static.akamaitechnologies.com

rubicon.wellsfargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.42.174 (Marriottsville, United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s46-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	replicawebsite.com replicawebsite.com	626 KB
15	wellsfargomedia.com www17.wellsfargomedia.com — Cisco Umbrella Rank: 23232	151 KB
9	wfinterface.com c1.wfinterface.com — Cisco Umbrella Rank: 19239	407 KB
4	wellsfargo.com static.wellsfargo.com — Cisco Umbrella Rank: 11322 rubicon.wellsfargo.com — Cisco Umbrella Rank: 11363	35 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 54	537 B
3	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 212 wellsfargobankna.demdex.net — Cisco Umbrella Rank: 13609	4 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	185 B
0	eum-appdynamics.com Failed pdx-col.eum-appdynamics.com Failed
0	google.com Failed www.google.com Failed
0	doubleclick.net Failed 2549153.fls.doubleclick.net Failed stats.g.doubleclick.net Failed
0	cdnstat.net Failed cdnstat.net Failed
0	rlcdn.com Failed api.rlcdn.com Failed
75	12

	Domain	Requested by
34	replicawebsite.com	replicawebsite.com
15	www17.wellsfargomedia.com
9	c1.wfinterface.com	replicawebsite.com c1.wfinterface.com
3	www.google-analytics.com	replicawebsite.com
2	rubicon.wellsfargo.com	replicawebsite.com
2	static.wellsfargo.com	replicawebsite.com static.wellsfargo.com
2	dpm.demdex.net	replicawebsite.com
1	wellsfargobankna.demdex.net	replicawebsite.com
1	www.facebook.com
0	pdx-col.eum-appdynamics.com Failed	replicawebsite.com
0	stats.g.doubleclick.net Failed	replicawebsite.com
0	www.google.com Failed
0	2549153.fls.doubleclick.net Failed	c1.wfinterface.com
0	cdnstat.net Failed	replicawebsite.com
0	api.rlcdn.com Failed	replicawebsite.com
75	15

This site contains links to these domains. Also see Links.

Domain
connect.secure.wellsfargo.com
appointments.wellsfargo.com
confirmcard.wellsfargo.com
web.secure.wellsfargo.com
www.wellsfargo.com
icomplete.wellsfargo.com
oam.wellsfargo.com
learnmore.wf.com
creditcards.wellsfargo.com
stories.wf.com
apps.apple.com
play.google.com
www.facebook.com
www.linkedin.com
www.instagram.com
www.pinterest.com
www.youtube.com
www.twitter.com
www.sipc.org

Subject Issuer	Validity	Valid
c1.wfinterface.com DigiCert EV RSA CA G2	`2022-10-17` - `2023-10-17`	a year	crt.sh
www17.wellsfargomedia.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-13`	a year	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
static.wellsfargo.com DigiCert EV RSA CA G2	`2022-10-12` - `2023-10-12`	a year	crt.sh
rubicon.wellsfargo.com Wells Fargo Public Trust Certification Authority 01 G2	`2023-03-03` - `2024-04-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh

This page contains 2 frames:

Primary Page: http://replicawebsite.com/
Frame ID: 6E9B5870EA7AFAB154BE15DEC88DEF0C
Requests: 74 HTTP requests in this frame

Frame: http://2549153.fls.doubleclick.net/activityi;src=2549153;type=allv40;cat=all_a00;ord=9707743325465;gtm=2od8g0;u1=11202306291422131689925285;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=http%3A%2F%2Freplicawebsite.com%2F
Frame ID: B647DF78F2F7224DF6B4C7F77296D896
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Wells Fargo Bank | Financial Services & Online Banking

Detected technologies

AppDynamics (Analytics) Expand

Overall confidence: 100%
Detected patterns

adrum

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Page Statistics

75
Requests

41 %
HTTPS

0 %
IPv6

12
Domains

15
Subdomains

10
IPs

2
Countries

1223 kB
Transfer

2519 kB
Size

11
Cookies

23 Outgoing links

These are links going to different origins than the main page.

URL: https://connect.secure.wellsfargo.com/auth/login/present?origin=cob&LOB=CONS
Title: Sign On

Search URL Search Domain Scan URL

URL: https://appointments.wellsfargo.com/maa/appointment/topic/
Title: Make an appointment

Search URL Search Domain Scan URL

URL: https://confirmcard.wellsfargo.com/
Title: Confirm credit card

Search URL Search Domain Scan URL

URL: https://web.secure.wellsfargo.com/credit-cards/yourinfo/?lang=en&linkloc=fn
Title: Prequalified credit card offers

Search URL Search Domain Scan URL

URL: https://www.wellsfargo.com/wf/product/apply?prodCode=CC&language=en&applicationtype=creditcarddirectmail&sub_channel=WEB&vendor_code=WF&linkloc=fn
Title: Respond to mail offer

Search URL Search Domain Scan URL

URL: https://icomplete.wellsfargo.com/oas/status/personal-loans-rate-checker/getting-started/
Title: See my loan options

Search URL Search Domain Scan URL

URL: https://oam.wellsfargo.com/oamo/identity/enrollment
Title: Enroll in Wells Fargo OnlineÂ®Â Use online banking to manage your auto loan

Search URL Search Domain Scan URL

URL: https://learnmore.wf.com/EV/
Title: Learn about electric vehicles

Search URL Search Domain Scan URL

URL: https://appointments.wellsfargo.com/maa/appointment/
Title: Make an appointment

Search URL Search Domain Scan URL

URL: https://oam.wellsfargo.com/oamo/identity/authentication?execution=e1s1/
Title: Enroll

Search URL Search Domain Scan URL

URL: https://oam.wellsfargo.com/oamo/identity/help/passwordhelp/
Title: Forgot username or password?

Search URL Search Domain Scan URL

URL: https://creditcards.wellsfargo.com/?sub_channel=WEB&vendor_code=IA&lang=en&product_code=CC&SubProduct_Code=MC&placement_id=C_CCD_WWW_MC_NA_ACQ_HPP_STATIC_EN_HTT_DT_BANNER_TK1&offerid=C_ccd_findcreditcardrspvdefault_smlprimary%20&slotid=WF_CON_HP_SML_PRIMARY&linkloc=HP&OfferType=TK1
Title: Find a credit card Learn more

Search URL Search Domain Scan URL

URL: https://stories.wf.com/feature?category=communities
Title: Wells Fargo Stories

Search URL Search Domain Scan URL

URL: https://connect.secure.wellsfargo.com/auth/login/present?origin=mobilebrowser
Title: Continue to Sign On

Search URL Search Domain Scan URL

URL: https://apps.apple.com/app/apple-store/id311548709?pt=126556&ct=digitalPromo-personal&mt=8
Title: Continue

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.wf.wellsfargomobile&referrer=utm_source%3Dwellsfargo%26utm_campaign%3DdigitalPromo%2Dpersonal
Title: Continue

Search URL Search Domain Scan URL

URL: https://www.facebook.com/wellsfargo/
Title: Continue

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/wellsfargo/
Title: Continue

Search URL Search Domain Scan URL

URL: https://www.instagram.com/wellsfargo/
Title: Continue

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/wellsfargo/
Title: Continue

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/wellsfargo/
Title: Continue

Search URL Search Domain Scan URL

URL: https://www.twitter.com/wellsfargo/
Title: Continue

Search URL Search Domain Scan URL

URL: https://www.sipc.org/
Title: Continue

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

http://www.facebook.com/tr?id=1578146899100389&ev=ALL_ALL_PAGE_WFHomepage&cd[currency]=USD&cd[value]=0.00&cd[Product]=&cd[Subproduct]=&cd[PageID]=&cd[customer_status]=n&cd[customer_type]=&dpo=LDU&dpoco=0&dpost=0 HTTP 307
https://www.facebook.com/tr?id=1578146899100389&ev=ALL_ALL_PAGE_WFHomepage&cd[currency]=USD&cd[value]=0.00&cd[Product]=&cd[Subproduct]=&cd[PageID]=&cd[customer_status]=n&cd[customer_type]=&dpo=LDU&dpoco=0&dpost=0

Request Chain 43

http://c1.wfinterface.com/tracking/ga/gtag.js?t=UA-107148943-1 HTTP 307
https://c1.wfinterface.com/tracking/ga/gtag.js?t=UA-107148943-1

Request Chain 44

http://c1.wfinterface.com/tracking/ga/gtag.js?t=DC-2549153 HTTP 307
https://c1.wfinterface.com/tracking/ga/gtag.js?t=DC-2549153

Request Chain 45

http://c1.wfinterface.com/tracking/ga/gtag.js?t=AW-984436569 HTTP 307
https://c1.wfinterface.com/tracking/ga/gtag.js?t=AW-984436569

Request Chain 58

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/984436569/?random=1691716886546&cv=9&fst=1691716886546&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=540&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Freplicawebsite.com%2F&tiba=Wells%20Fargo%20Bank%20%7C%20Financial%20Services%20%26%20Online%20Banking&hn=www.google.com&async=1 HTTP 302
https://www.google.com/pagead/1p-user-list/984436569/?random=1691716886546&cv=9&fst=1691715600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=540&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8g0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Freplicawebsite.com%2F&tiba=Wells%20Fargo%20Bank%20%7C%20Financial%20Services%20%26%20Online%20Banking&async=1&is_vtc=1&random=726911034&resp=GooglemKTybQhCsO

75 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
replicawebsite.com/ 123 KB
18 KB 648ms
199ms Document
text/html 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://replicawebsite.com/
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: e0830df8e9e4434ad80c70f677266c654bf2c37ee184867f41c7dc65c5e6160f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

CF-Cache-Status: REVALIDATED
CF-RAY: 7f4ca95f7b32e031-NRT
Cache-Control: max-age=7200
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Fri, 11 Aug 2023 01:21:24 GMT
Expires: Fri, 11 Aug 2023 03:21:24 GMT
Last-Modified: Sun, 30 Jul 2023 05:10:42 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Endurance-Cache-Level: 2
X-Newfold-Cache-Level: 2
X-nginx-cache: WordPress
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==

GET
H/1.1 200
OK general_alt.js Show response
replicawebsite.com/js/ 8 KB
4 KB 171ms
171ms Script
application/javascript 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://replicawebsite.com/js/general_alt.js
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: de13e068daab704b3e5018f1deee48d0cefeff400be95f396d6f3ebe829cfbf5

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 11 Aug 2023 01:21:24 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
X-Newfold-Cache-Level: 2
Connection: keep-alive
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 3394
X-nginx-cache: WordPress
Last-Modified: Sun, 30 Jul 2023 05:10:42 GMT
Server: cloudflare
Vary: Accept-Encoding
X-Endurance-Cache-Level: 2
Content-Type: application/javascript
Cache-Control: max-age=21600
Accept-Ranges: bytes
CF-RAY: 7f4ca960bc08e031-NRT
Expires: Fri, 11 Aug 2023 07:21:24 GMT

GET
H/1.1 200
OK appdEUMConfig.js Show response
replicawebsite.com/js/ 1 KB
1 KB 189ms
188ms Script
application/javascript 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://replicawebsite.com/js/appdEUMConfig.js
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 19280d730497626217386797c9445ad51e8867f92603758a58ffba019d88c061

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 11 Aug 2023 01:21:24 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
X-Newfold-Cache-Level: 2
Connection: keep-alive
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 770
X-nginx-cache: WordPress
Last-Modified: Sun, 30 Jul 2023 05:10:42 GMT
Server: cloudflare
Vary: Accept-Encoding
X-Endurance-Cache-Level: 2
Content-Type: application/javascript
Cache-Control: max-age=21600
Accept-Ranges: bytes
CF-RAY: 7f4ca960c899e009-NRT
Expires: Fri, 11 Aug 2023 07:21:24 GMT

GET
H/1.1 200
OK homepage_iaoffer.041c8faa44edf732dd5f.js Show response
replicawebsite.com/js/ 51 KB
22 KB 72ms
71ms Script
application/javascript 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://replicawebsite.com/js/homepage_iaoffer.041c8faa44edf732dd5f.js
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 9b47a5e651a8661559cb4935e22d126ba086b21a8cda72ea8598e1c29c273629

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 11 Aug 2023 01:21:24 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 1797
Transfer-Encoding: chunked
X-Newfold-Cache-Level: 2
Connection: keep-alive
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-nginx-cache: WordPress
Last-Modified: Sun, 30 Jul 2023 05:10:44 GMT
Server: cloudflare
Vary: Accept-Encoding
X-Endurance-Cache-Level: 2
Content-Type: application/javascript
Cache-Control: max-age=21600
CF-RAY: 7f4ca960c94634cf-NRT
Expires: Fri, 11 Aug 2023 06:51:26 GMT

GET
H/1.1 200
OK ps-homepage.b96c0ba7c6b812a5f95f.css
replicawebsite.com/css/ 168 KB
43 KB 243ms
243ms Stylesheet
text/css 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://replicawebsite.com/css/ps-homepage.b96c0ba7c6b812a5f95f.css
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 1697510ee355fbc770e2b6265ce3ca7992fc62275f62b41018dc07f6e5938682

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 11 Aug 2023 01:21:24 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Transfer-Encoding: chunked
X-Newfold-Cache-Level: 2
Connection: keep-alive
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-nginx-cache: WordPress
Last-Modified: Sun, 30 Jul 2023 05:10:42 GMT
Server: cloudflare
Vary: Accept-Encoding
X-Endurance-Cache-Level: 2
Content-Type: text/css
Cache-Control: max-age=2592000
CF-RAY: 7f4ca960c8f525e4-NRT
Expires: Sun, 10 Sep 2023 01:21:24 GMT

GET
H/1.1 200
OK wf_logo_220x23.png
replicawebsite.com/images/ 2 KB
3 KB 189ms
189ms Image
image/png 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://replicawebsite.com/images/wf_logo_220x23.png
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 10c1acb80b088029eab596925f58565e025206d10ef1edded0bf055dac884bbf

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 11 Aug 2023 01:21:24 GMT
CF-Cache-Status: MISS
X-Newfold-Cache-Level: 2
Connection: keep-alive
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 2503
X-nginx-cache: WordPress
Last-Modified: Sun, 30 Jul 2023 05:10:42 GMT
Server: cloudflare
Vary: Accept-Encoding
X-Endurance-Cache-Level: 2
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 7f4ca961f8d7afd3-NRT
Expires: Sat, 10 Aug 2024 01:21:24 GMT

GET
H/1.1 200
OK choice-privileges-card-79x50.png
replicawebsite.com/images/ 6 KB
7 KB 19ms
18ms Image
image/png 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://replicawebsite.com/images/choice-privileges-card-79x50.png
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 907c59cb689313a243aca70b3b3f00b64652fe3d26f4e29c20ced42eee329f51

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 11 Aug 2023 01:21:24 GMT
CF-Cache-Status: HIT
Age: 1797
X-Newfold-Cache-Level: 2
Connection: keep-alive
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 6217
X-nginx-cache: WordPress
Last-Modified: Sun, 30 Jul 2023 05:10:42 GMT
Server: cloudflare
Vary: Accept-Encoding
X-Endurance-Cache-Level: 2
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 7f4ca9623f29f68d-NRT
Expires: Sat, 10 Aug 2024 00:51:27 GMT

GET
H/1.1 200
OK wfi_ph_b_mv_0723_3954_b_1700x700.jpg
replicawebsite.com/images/ 48 KB
48 KB 247ms
246ms Image
image/jpeg 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://replicawebsite.com/images/wfi_ph_b_mv_0723_3954_b_1700x700.jpg
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 3176ae9befd81b772a8cf7f0a471e8473e6f76fb1aa3e40321910eab1aeceeba

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 11 Aug 2023 01:21:24 GMT
CF-Cache-Status: MISS
X-Newfold-Cache-Level: 2
Connection: keep-alive
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 48858
X-nginx-cache: WordPress
Last-Modified: Sun, 30 Jul 2023 05:10:42 GMT
Server: cloudflare
Vary: Accept-Encoding
X-Endurance-Cache-Level: 2
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 7f4ca960ce0df68d-NRT
Expires: Sat, 10 Aug 2024 01:21:24 GMT

GET
H/1.1 200
OK ps-homepage.f0a4069fdc0c14e21993.js Show response
replicawebsite.com/js/ 170 KB
70 KB 222ms
221ms Script
application/javascript 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://replicawebsite.com/js/ps-homepage.f0a4069fdc0c14e21993.js
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 4924ccd5b2fe1ce2bb50e12012838054260e8d3d123116e0479690e8d1b97993

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 11 Aug 2023 01:21:24 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Transfer-Encoding: chunked
X-Newfold-Cache-Level: 2
Connection: keep-alive
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-nginx-cache: WordPress
Last-Modified: Sun, 30 Jul 2023 05:10:50 GMT
Server: cloudflare
Vary: Accept-Encoding
X-Endurance-Cache-Level: 2
Content-Type: application/javascript
Cache-Control: max-age=21600
CF-RAY: 7f4ca961e99be009-NRT
Expires: Fri, 11 Aug 2023 07:21:24 GMT

GET
H/1.1 200
OK wfui-container-bottom.js Show response
replicawebsite.com/js/ 44 KB
20 KB 195ms
195ms Script
application/javascript 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://replicawebsite.com/js/wfui-container-bottom.js
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: e1634264ecc89070e69bd8f3329545ee3ad27bb19c03295e0f008602385c1dc3

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 11 Aug 2023 01:21:24 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Transfer-Encoding: chunked
X-Newfold-Cache-Level: 2
Connection: keep-alive
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-nginx-cache: WordPress
Last-Modified: Sun, 30 Jul 2023 05:10:50 GMT
Server: cloudflare
Vary: Accept-Encoding
X-Endurance-Cache-Level: 2
Content-Type: application/javascript
Cache-Control: max-age=21600
CF-RAY: 7f4ca961ed17e031-NRT
Expires: Fri, 11 Aug 2023 07:21:24 GMT

GET
H/1.1 200
OK OyRSeiA Show response
replicawebsite.com/ 206 KB
207 KB 32ms
31ms Script
text/plain 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://replicawebsite.com/OyRSeiA
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: ce6faf4362953335a4429f61ec96e585d554c26eeb0ee538fc752cfbf863cdac

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 11 Aug 2023 01:21:24 GMT
CF-Cache-Status: HIT
Age: 1797
X-Newfold-Cache-Level: 2
Connection: keep-alive
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 211125
X-nginx-cache: WordPress
Last-Modified: Sun, 30 Jul 2023 05:10:42 GMT
Server: cloudflare
Vary: Accept-Encoding
X-Endurance-Cache-Level: 2
Cache-Control: max-age=21600
Accept-Ranges: bytes
CF-RAY: 7f4ca961e9ef34cf-NRT
Expires: Fri, 11 Aug 2023 06:51:27 GMT

GET
H/1.1 404
Not Found general_alt.js
replicawebsite.com/auth/login/static/js/ 0
0 175ms
174ms Script
text/html 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://replicawebsite.com/auth/login/static/js/general_alt.js?1js
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/js/general_alt.js
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 11 Aug 2023 01:21:25 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Connection: keep-alive
CF-RAY: 7f4ca9623a5825e4-NRT

GET
H/1.1 200
OK responsive-sprite-v7.png
replicawebsite.com/images/ 47 KB
48 KB 22ms
22ms Image
image/png 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://replicawebsite.com/images/responsive-sprite-v7.png
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/css/ps-homepage.b96c0ba7c6b812a5f95f.css
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 9730d81c67de0dae104be9a17b43a179e68557cc4a10a81c95fd451630d04b39

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: http://replicawebsite.com/css/ps-homepage.b96c0ba7c6b812a5f95f.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 11 Aug 2023 01:21:24 GMT
CF-Cache-Status: HIT
Age: 1797
X-Newfold-Cache-Level: 2
Connection: keep-alive
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 48569
X-nginx-cache: WordPress
Last-Modified: Sun, 30 Jul 2023 05:10:42 GMT
Server: cloudflare
Vary: Accept-Encoding
X-Endurance-Cache-Level: 2
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 7f4ca9624a0b34cf-NRT
Expires: Sat, 10 Aug 2024 00:51:27 GMT

GET
H/1.1 200
OK wellsfargosans-rg.woff2
replicawebsite.com/fonts/ 22 KB
22 KB 205ms
194ms Font
font/woff2 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://replicawebsite.com/fonts/wellsfargosans-rg.woff2
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/css/ps-homepage.b96c0ba7c6b812a5f95f.css
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 631f3b6267a831a8d67c45e480b5d5a2601f10ff8708bcf3a45a41b377a129cc

Request headers

Referer: http://replicawebsite.com/css/ps-homepage.b96c0ba7c6b812a5f95f.css
Origin: http://replicawebsite.com
accept-language: jp-jp,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 11 Aug 2023 01:21:25 GMT
CF-Cache-Status: MISS
X-Newfold-Cache-Level: 2
Connection: keep-alive
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 22424
X-nginx-cache: WordPress
Last-Modified: Sun, 30 Jul 2023 05:10:42 GMT
Server: cloudflare
Vary: Accept-Encoding
X-Endurance-Cache-Level: 2
Content-Type: font/woff2
Cache-Control: max-age=21600
Accept-Ranges: bytes
CF-RAY: 7f4ca9625f3ff68d-NRT
Expires: Fri, 11 Aug 2023 07:21:24 GMT

GET
H/1.1 200
OK position-1-bg-gradient.png
replicawebsite.com/images/ 3 KB
4 KB 318ms
169ms Image
image/png 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://replicawebsite.com/images/position-1-bg-gradient.png
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/css/ps-homepage.b96c0ba7c6b812a5f95f.css
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 2ea269e3ab15fffe884f7bd14b4d031b5ad61caf406a7c68af5761421d33f43a

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: http://replicawebsite.com/css/ps-homepage.b96c0ba7c6b812a5f95f.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 11 Aug 2023 01:21:25 GMT
CF-Cache-Status: MISS
X-Newfold-Cache-Level: 2
Connection: keep-alive
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 3238
X-nginx-cache: WordPress
Last-Modified: Sun, 30 Jul 2023 05:10:42 GMT
Server: cloudflare
Vary: Accept-Encoding
X-Endurance-Cache-Level: 2
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 7f4ca9635b5d25e4-NRT
Expires: Sat, 10 Aug 2024 01:21:25 GMT

GET
H/1.1 200
OK position-2-bg-gradient.png
replicawebsite.com/images/ 16 KB
17 KB 221ms
30ms Image
image/png 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://replicawebsite.com/images/position-2-bg-gradient.png
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/css/ps-homepage.b96c0ba7c6b812a5f95f.css
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 94ff650bbcdbc77db561e7aca8ed87f70c13a9e9e98272b2328d0f5a6e0ed92b

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: http://replicawebsite.com/css/ps-homepage.b96c0ba7c6b812a5f95f.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 11 Aug 2023 01:21:25 GMT
CF-Cache-Status: HIT
Age: 1798
X-Newfold-Cache-Level: 2
Connection: keep-alive
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 16614
X-nginx-cache: WordPress
Last-Modified: Sun, 30 Jul 2023 05:10:42 GMT
Server: cloudflare
Vary: Accept-Encoding
X-Endurance-Cache-Level: 2
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 7f4ca963980bf68d-NRT
Expires: Sat, 10 Aug 2024 00:51:27 GMT

GET
H/1.1 200
OK position-3-bg-gradient.png
replicawebsite.com/images/ 3 KB
4 KB 298ms
175ms Image
image/png 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://replicawebsite.com/images/position-3-bg-gradient.png
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/css/ps-homepage.b96c0ba7c6b812a5f95f.css
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 6479ba8947559226909296b93e16fee284e8118b0038fff924097c38615684f2

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: http://replicawebsite.com/css/ps-homepage.b96c0ba7c6b812a5f95f.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 11 Aug 2023 01:21:25 GMT
CF-Cache-Status: MISS
X-Newfold-Cache-Level: 2
Connection: keep-alive
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 3127
X-nginx-cache: WordPress
Last-Modified: Sun, 30 Jul 2023 05:10:42 GMT
Server: cloudflare
Vary: Accept-Encoding
X-Endurance-Cache-Level: 2
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 7f4ca9632e42e031-NRT
Expires: Sat, 10 Aug 2024 01:21:25 GMT

GET
H/1.1 200
OK wellsfargosans-sbd.woff2
replicawebsite.com/fonts/ 22 KB
23 KB 46ms
23ms Font
font/woff2 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://replicawebsite.com/fonts/wellsfargosans-sbd.woff2
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/css/ps-homepage.b96c0ba7c6b812a5f95f.css
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: ab9d8c97b35ed86b6224aca911aa304a0d7dbcbd28e00a4c6585b96e28ed30ba

Request headers

Referer: http://replicawebsite.com/css/ps-homepage.b96c0ba7c6b812a5f95f.css
Origin: http://replicawebsite.com
accept-language: jp-jp,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 11 Aug 2023 01:21:24 GMT
CF-Cache-Status: HIT
Age: 1797
X-Newfold-Cache-Level: 2
Connection: keep-alive
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 22600
X-nginx-cache: WordPress
Last-Modified: Sun, 30 Jul 2023 05:10:42 GMT
Server: cloudflare
Vary: Accept-Encoding
X-Endurance-Cache-Level: 2
Content-Type: font/woff2
Cache-Control: max-age=21600
Accept-Ranges: bytes
CF-RAY: 7f4ca9627a2134cf-NRT
Expires: Fri, 11 Aug 2023 06:51:27 GMT

GET
H/1.1 200
OK wellsfargosans-bd.woff2
replicawebsite.com/fonts/ 22 KB
22 KB 241ms
190ms Font
font/woff2 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://replicawebsite.com/fonts/wellsfargosans-bd.woff2
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/css/ps-homepage.b96c0ba7c6b812a5f95f.css
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 6bc7e16d4b6822a6867d7dd9f9d29f5fd77cd803750b0fe38a92309d9eb00704

Request headers

Referer: http://replicawebsite.com/css/ps-homepage.b96c0ba7c6b812a5f95f.css
Origin: http://replicawebsite.com
accept-language: jp-jp,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 11 Aug 2023 01:21:25 GMT
CF-Cache-Status: MISS
X-Newfold-Cache-Level: 2
Connection: keep-alive
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 22172
X-nginx-cache: WordPress
Last-Modified: Sun, 30 Jul 2023 05:10:42 GMT
Server: cloudflare
Vary: Accept-Encoding
X-Endurance-Cache-Level: 2
Content-Type: font/woff2
Cache-Control: max-age=21600
Accept-Ranges: bytes
CF-RAY: 7f4ca962aa3b34cf-NRT
Expires: Fri, 11 Aug 2023 07:21:24 GMT

GET
H/1.1 200
OK wellsfargosans-lt.woff2
replicawebsite.com/fonts/ 21 KB
22 KB 321ms
196ms Font
font/woff2 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://replicawebsite.com/fonts/wellsfargosans-lt.woff2
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/css/ps-homepage.b96c0ba7c6b812a5f95f.css
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 63673faef8532b2789dee1ac7534f87b1a6a249590acc7da8644beda141794fc

Request headers

Referer: http://replicawebsite.com/css/ps-homepage.b96c0ba7c6b812a5f95f.css
Origin: http://replicawebsite.com
accept-language: jp-jp,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 11 Aug 2023 01:21:25 GMT
CF-Cache-Status: MISS
X-Newfold-Cache-Level: 2
Connection: keep-alive
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 21636
X-nginx-cache: WordPress
Last-Modified: Sun, 30 Jul 2023 05:10:42 GMT
Server: cloudflare
Vary: Accept-Encoding
X-Endurance-Cache-Level: 2
Content-Type: font/woff2
Cache-Control: max-age=21600
Accept-Ranges: bytes
CF-RAY: 7f4ca96319d0afd3-NRT
Expires: Fri, 11 Aug 2023 07:21:25 GMT

GET
H/1.1 200
OK utag.js Show response
c1.wfinterface.com/tracking/hp/ 203 KB
55 KB 246ms
206ms Script
application/javascript 23.44.51.178
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.wfinterface.com/tracking/hp/utag.js

Requested by

Host: replicawebsite.com
URL: http://replicawebsite.com/js/wfui-container-bottom.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.51.178 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-51-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

25444adddb06abe6e0a022ff27f9a3ae4f4ade7cd2afa74fc912d462ab07ecd3

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-inline'; object-src 'self'; font-src https: data: 'unsafe-inline'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://.wellsfargo.com: https://.wellsfargo.com https://www.wellsfargo.com https://.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; font-src https: data: 'unsafe-inline'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Fri, 11 Aug 2023 01:21:25 GMT
Last-Modified: Thu, 13 Jul 2023 20:02:10 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
ETag: W/"64b05842-32c18"
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST
Content-Type: application/javascript; charset=utf-8
Allow: GET, POST
Connection: keep-alive
Content-Length: 55332
X-XSS-Protection: 1; mode=block

GET
H2 200 Active-Cash-Card-79x50.png
www17.wellsfargomedia.com/assets/images/rwd/ 840 B
1 KB 83ms
50ms Image
image/webp 104.71.165.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www17.wellsfargomedia.com/assets/images/rwd/Active-Cash-Card-79x50.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.165.80 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-71-165-80.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

f9c237c7739705ea404e9682f13e557a1d984f2493f6f619bdfce44c9a71445d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:21:25 GMT
last-modified: Thu, 20 Apr 2023 01:31:18 GMT
server: Akamai Image Manager
x-serial: 1153
x-check-cacheable: YES
etag: "636fb74d-1d25"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: private, no-transform, max-age=2024990
content-length: 840
expires: Sun, 03 Sep 2023 11:51:15 GMT

GET
H2 200 wf_autograph_card_79x50.jpg
www17.wellsfargomedia.com/assets/images/rwd/ 962 B
1 KB 81ms
47ms Image
image/avif 104.71.165.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www17.wellsfargomedia.com/assets/images/rwd/wf_autograph_card_79x50.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.165.80 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-71-165-80.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

8c456a47b3f97fa54853761f544146ab5b5277a11603a18f080947d76e31d54a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:21:25 GMT
last-modified: Thu, 20 Apr 2023 01:32:43 GMT
server: Akamai Image Manager
x-serial: 2010
x-check-cacheable: YES
etag: "636fb74d-81c"
x-frame-options: SAMEORIGIN
content-type: image/avif
cache-control: private, no-transform, max-age=1840932
content-length: 962
expires: Fri, 01 Sep 2023 08:43:37 GMT

GET
H2 200 Reflect-Card-79x50.png
www17.wellsfargomedia.com/assets/images/rwd/ 712 B
942 B 81ms
48ms Image
image/webp 104.71.165.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www17.wellsfargomedia.com/assets/images/rwd/Reflect-Card-79x50.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.165.80 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-71-165-80.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

e06b14ec84ac8651fc009b444e0560a78c1919f45df8106a9c14cd708d5b804e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:21:25 GMT
last-modified: Thu, 20 Apr 2023 01:30:55 GMT
server: Akamai Image Manager
x-serial: 1166
x-check-cacheable: YES
etag: "636fb74d-1c20"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: private, no-transform, max-age=1995184
content-length: 712
expires: Sun, 03 Sep 2023 03:34:29 GMT

GET
H2 200 bilt_card_79x50.png
www17.wellsfargomedia.com/assets/images/rwd/ 1 KB
1 KB 85ms
52ms Image
image/avif 104.71.165.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www17.wellsfargomedia.com/assets/images/rwd/bilt_card_79x50.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.165.80 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-71-165-80.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

cfcc50571ad947e067c5a0853534d3016eaaef2fd98ffdb9b0d4d3c1bdda0273

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:21:25 GMT
last-modified: Thu, 20 Apr 2023 01:31:08 GMT
server: Akamai Image Manager
x-serial: 961
x-check-cacheable: YES
etag: "636fc445-1be6"
x-frame-options: SAMEORIGIN
content-type: image/avif
cache-control: private, no-transform, max-age=2028073
content-length: 1083
expires: Sun, 03 Sep 2023 12:42:38 GMT

GET
H2 200 wfi000_ic_b-wf_icon_house_gradient_64x64.png
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/ 1014 B
1 KB 82ms
49ms Image
image/webp 104.71.165.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b-wf_icon_house_gradient_64x64.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.165.80 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-71-165-80.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

2dd29214a6e0591c819798d61c263fd3e1bebee31a2dc2245d5cf5f02a50b3ea

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:21:25 GMT
last-modified: Thu, 20 Apr 2023 01:30:39 GMT
server: Akamai Image Manager
x-serial: 131
x-check-cacheable: YES
etag: "63cb7c4c-f60"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: private, no-transform, max-age=2050965
content-length: 1014
expires: Sun, 03 Sep 2023 19:04:10 GMT

GET
H2 200 wfi000_ic_b-wf_icon_check_mark_gradient_64x64.png
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/ 1 KB
2 KB 81ms
49ms Image
image/webp 104.71.165.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b-wf_icon_check_mark_gradient_64x64.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.165.80 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-71-165-80.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

4e6f8867d7a5ff6517b0e056099dc1ae31db03322653a27462d5a2b05a332971

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:21:25 GMT
last-modified: Thu, 20 Apr 2023 01:30:22 GMT
server: Akamai Image Manager
etag: "63cb7c4c-12d2"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: private, no-transform, max-age=1797530
content-length: 1344
expires: Thu, 31 Aug 2023 20:40:15 GMT

GET
H2 200 wfi000_ic_b-wf_icon_ui_card_gradient_64x64.png
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/ 562 B
763 B 82ms
50ms Image
image/webp 104.71.165.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b-wf_icon_ui_card_gradient_64x64.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.165.80 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-71-165-80.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

de658330c0f53de61d10240f572508c31ee9db580f34b856430724f2e499104c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:21:25 GMT
last-modified: Thu, 20 Apr 2023 01:30:29 GMT
server: Akamai Image Manager
etag: "63cb7c4d-769"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: private, no-transform, max-age=1952253
content-length: 562
expires: Sat, 02 Sep 2023 15:38:58 GMT

GET
H2 200 first_time_experience-account_summary.png
www17.wellsfargomedia.com/assets/images/rwd/ 2 KB
2 KB 78ms
47ms Image
image/avif 104.71.165.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www17.wellsfargomedia.com/assets/images/rwd/first_time_experience-account_summary.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.165.80 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-71-165-80.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

f990b81e77666bac79e3f1f9399b7763ca7eb64b1d70acea21cbe954413cc0c3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:21:25 GMT
last-modified: Thu, 20 Apr 2023 01:30:31 GMT
server: Akamai Image Manager
etag: "618287e9-14da"
x-frame-options: SAMEORIGIN
content-type: image/avif
cache-control: private, no-transform, max-age=1982867
content-length: 1662
expires: Sun, 03 Sep 2023 00:09:12 GMT

GET
H2 200 wfi_ph_g_1199830824_1600x700.jpg
www17.wellsfargomedia.com/assets/images/contextual/responsive/lpromo/ 32 KB
32 KB 82ms
51ms Image
image/avif 104.71.165.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www17.wellsfargomedia.com/assets/images/contextual/responsive/lpromo/wfi_ph_g_1199830824_1600x700.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.165.80 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-71-165-80.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

828ad10b1cd19124350d846916da0031a93d1b2f02a74695b97fd82503627318

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:21:25 GMT
last-modified: Thu, 20 Apr 2023 01:30:23 GMT
server: Akamai Image Manager
etag: "63cb7c4b-172e2"
x-frame-options: SAMEORIGIN
content-type: image/avif
cache-control: private, no-transform, max-age=2160605
content-length: 32345
expires: Tue, 05 Sep 2023 01:31:30 GMT

GET
H2 200 wfi000_ph_g_1345111232_616x353.jpg
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/ 13 KB
13 KB 45ms
37ms Image
image/avif 104.71.165.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_1345111232_616x353.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.165.80 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-71-165-80.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

dd412907ae375cbc6e9882290356cf22bc0c669ae33f831039e3b22168117810

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:21:25 GMT
last-modified: Thu, 20 Apr 2023 01:30:29 GMT
server: Akamai Image Manager
etag: "63cb7c53-e73f"
x-frame-options: SAMEORIGIN
content-type: image/avif
cache-control: private, no-transform, max-age=2086798
content-length: 13330
expires: Mon, 04 Sep 2023 05:01:23 GMT

GET
H2 200 wfi000_ph_g_900217040_616x353.jpg
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/ 23 KB
23 KB 44ms
36ms Image
image/avif 104.71.165.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_900217040_616x353.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.165.80 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-71-165-80.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

86e522c61649a3fd7b76ea8d8304d88fa1b86d029a349c64a2e4ee3683d019c4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:21:25 GMT
last-modified: Thu, 20 Apr 2023 01:30:31 GMT
server: Akamai Image Manager
etag: "63cb7c49-e902"
x-frame-options: SAMEORIGIN
content-type: image/avif
cache-control: private, no-transform, max-age=2044160
content-length: 23508
expires: Sun, 03 Sep 2023 17:10:45 GMT

GET
H2 200 wfi000_ph_g_557715963_616x353.jpg
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/ 16 KB
16 KB 35ms
27ms Image
image/avif 104.71.165.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_557715963_616x353.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.165.80 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-71-165-80.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

f5a1bee943c64e915cc0223d3cc7e402b70794950377eb8ef040c835fad7e156

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:21:25 GMT
last-modified: Thu, 20 Apr 2023 01:31:11 GMT
server: Akamai Image Manager
x-serial: 60
x-check-cacheable: YES
etag: "63cb7c4a-ce5a"
x-frame-options: SAMEORIGIN
content-type: image/avif
cache-control: private, no-transform, max-age=2160423
content-length: 15941
expires: Tue, 05 Sep 2023 01:28:28 GMT

GET
H2 200 Native_App_Phone_Personal_v8.png
www17.wellsfargomedia.com/assets/images/rwd/ 7 KB
7 KB 34ms
26ms Image
image/avif 104.71.165.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www17.wellsfargomedia.com/assets/images/rwd/Native_App_Phone_Personal_v8.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.165.80 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-71-165-80.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

5c18c7230c1e013e39d16af91a84fdedd4a6cb5874e26729f0883978c4ba229e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:21:25 GMT
last-modified: Thu, 20 Apr 2023 01:39:11 GMT
server: Akamai Image Manager
etag: "6328cc17-9829"
x-frame-options: SAMEORIGIN
content-type: image/avif
cache-control: private, no-transform, max-age=1962824
content-length: 7363
expires: Sat, 02 Sep 2023 18:35:09 GMT

GET
H2 200 volunteers_cars_616x353.jpg
www17.wellsfargomedia.com/assets/images/rwd/ 19 KB
19 KB 53ms
45ms Image
image/avif 104.71.165.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www17.wellsfargomedia.com/assets/images/rwd/volunteers_cars_616x353.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.165.80 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-71-165-80.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

936c825f599809216670e9444d31e555e587b6f9943a89681cfef3621c5b0843

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:21:25 GMT
last-modified: Thu, 20 Apr 2023 01:30:41 GMT
server: Akamai Image Manager
etag: "618017dd-cd21"
x-frame-options: SAMEORIGIN
content-type: image/avif
cache-control: private, no-transform, max-age=1962823
content-length: 19628
expires: Sat, 02 Sep 2023 18:35:08 GMT

GET
H2 200 women-in-greenhouse_616x353.png
www17.wellsfargomedia.com/assets/images/rwd/ 30 KB
30 KB 45ms
37ms Image
image/avif 104.71.165.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www17.wellsfargomedia.com/assets/images/rwd/women-in-greenhouse_616x353.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.165.80 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-71-165-80.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

417df9b440b214aa81b429a205291afb424c1ae8a3c9143dd22e17befaada5e2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:21:25 GMT
last-modified: Thu, 20 Apr 2023 01:30:32 GMT
server: Akamai Image Manager
x-serial: 1698
x-check-cacheable: YES
etag: "6410d4f7-b51b"
x-frame-options: SAMEORIGIN
content-type: image/avif
cache-control: private, no-transform, max-age=1990256
content-length: 30860
expires: Sun, 03 Sep 2023 02:12:21 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 611 B
1 KB 59ms
23ms XHR
application/json 3.114.199.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=1BAA15F354F731E60A4C98A4%40AdobeOrg&d_nsid=1&d_coop_unsafe=1&ts=1691716885751

Requested by

Host: replicawebsite.com
URL: http://replicawebsite.com/js/general_alt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.114.199.131 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-114-199-131.ap-northeast-1.compute.amazonaws.com

Software

Resource Hash

819a3bd99ca080eed6b47dd596421f616818321a2a8fea705e614b4ed58e61c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://replicawebsite.com/
accept-language: jp-jp,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-tyo3-1-v047-09db7370d.edge-tyo3.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: 7uHEJp7zSFc=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: http://replicawebsite.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 450
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK detector-dom.min.js Show response
c1.wfinterface.com/tracking/gb/ 449 KB
136 KB 346ms
345ms Script
application/javascript 23.44.51.178
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.wfinterface.com/tracking/gb/detector-dom.min.js

Requested by

Host: c1.wfinterface.com
URL: https://c1.wfinterface.com/tracking/hp/utag.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.51.178 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-51-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

c5efd80b0945674f1ffbb895395fb45f44b6030a3d2c6380b03202e667c51923

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://.wellsfargo.com: https://.wellsfargo.com https://www.wellsfargo.com https://.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Fri, 11 Aug 2023 01:21:26 GMT
Last-Modified: Tue, 28 Mar 2023 20:08:12 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
ETag: W/"6423492c-7049c"
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST
Content-Type: application/javascript; charset=utf-8
Allow: GET, POST
Cache-Control: max-age=1800
Connection: keep-alive
Content-Length: 138549
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK gtag.js Show response
c1.wfinterface.com/tracking/ga/ 115 KB
45 KB 61ms
36ms Script
application/javascript 23.44.51.178
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.wfinterface.com/tracking/ga/gtag.js?id=UA-107148943-1

Requested by

Host: c1.wfinterface.com
URL: https://c1.wfinterface.com/tracking/hp/utag.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.51.178 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-51-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://.wellsfargo.com: https://.wellsfargo.com https://www.wellsfargo.com https://.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Fri, 11 Aug 2023 01:21:25 GMT
Last-Modified: Tue, 06 Dec 2022 21:04:42 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
ETag: W/"638fae6a-1ca3a"
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST
Content-Type: application/javascript; charset=utf-8
Allow: GET, POST
Cache-Control: max-age=1800
Connection: keep-alive
Content-Length: 45055
X-XSS-Protection: 1; mode=block

GET
H2

200

tr
www.facebook.com/
Redirect Chain

http://www.facebook.com/tr?id=1578146899100389&ev=ALL_ALL_PAGE_WFHomepage&cd[currency]=USD&cd[value]=0.00&cd[Product]=&cd[Subproduct]=&cd[PageID]=&cd[customer_status]=n&cd[customer_type]=&dpo=LDU&d...
https://www.facebook.com/tr?id=1578146899100389&ev=ALL_ALL_PAGE_WFHomepage&cd[currency]=USD&cd[value]=0.00&cd[Product]=&cd[Subproduct]=&cd[PageID]=&cd[customer_status]=n&cd[customer_type]=&dpo=LDU&...

0
185 B

358ms
31ms

Image
text/plain

31.13.82.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=1578146899100389&ev=ALL_ALL_PAGE_WFHomepage&cd[currency]=USD&cd[value]=0.00&cd[Product]=&cd[Subproduct]=&cd[PageID]=&cd[customer_status]=n&cd[customer_type]=&dpo=LDU&dpoco=0&dpost=0

Protocol

Server

31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-nrt1.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 11 Aug 2023 01:21:26 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

Redirect headers

Location: https://www.facebook.com/tr?id=1578146899100389&ev=ALL_ALL_PAGE_WFHomepage&cd[currency]=USD&cd[value]=0.00&cd[Product]=&cd[Subproduct]=&cd[PageID]=&cd[customer_status]=n&cd[customer_type]=&dpo=LDU&dpoco=0&dpost=0
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET idl
api.rlcdn.com/api/identity/ 0
0

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 611 B
1 KB 28ms
27ms XHR
application/json 3.114.199.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=1BAA15F354F731E60A4C98A4%40AdobeOrg&d_nsid=1&d_mid=08602088582634007872995103829532142782&d_coop_unsafe=1&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&d_cid_ic=wfacookieidsync%0111202306291422131689925285%011&ts=1691716885833

Requested by

Host: replicawebsite.com
URL: http://replicawebsite.com/js/general_alt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.114.199.131 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-114-199-131.ap-northeast-1.compute.amazonaws.com

Software

Resource Hash

1d4888701c8357cc955a2cd1077cfbb9c6449958ae794d76e97d2ef0b93c4752

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://replicawebsite.com/
accept-language: jp-jp,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-tyo3-1-v047-01be8eca6.edge-tyo3.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: II0kymTTTh0=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: http://replicawebsite.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 448
Expires: Thu, 01 Jan 1970 00:00:00 UTC

POST
H/1.1 200
OK event Show response
wellsfargobankna.demdex.net/ 816 B
1 KB 88ms
30ms XHR
application/json 3.115.101.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://wellsfargobankna.demdex.net/event?d_dil_ver=9.5&_ts=1691716885754

Requested by

Host: replicawebsite.com
URL: http://replicawebsite.com/js/general_alt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.115.101.35 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-115-101-35.ap-northeast-1.compute.amazonaws.com

Software

Resource Hash

0ec5fff6d4f28aa03bbc343478f5b8ef2c576f983044e29841f650cba8e25234

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://replicawebsite.com/
accept-language: jp-jp,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-tyo3-2-v047-0c1df69d9.edge-tyo3.demdex.com 14 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: 7BkgYYGNR4s=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: http://replicawebsite.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 447
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK adrum-ext.js Show response
static.wellsfargo.com/assets/js/wfui/appdynamics/ 44 KB
15 KB 70ms
34ms Script
application/javascript 23.44.51.226
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js

Requested by

Host: replicawebsite.com
URL: http://replicawebsite.com/js/appdEUMConfig.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.51.226 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-51-226.deploy.static.akamaitechnologies.com

Software

Resource Hash

385196f0fce7cea80c2c99d971780ecb73df9dea6e5b2d95d19df3aa849c7b1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 11 Aug 2023 01:21:25 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Last-Modified: Tue, 09 Mar 2021 18:36:55 GMT
ETag: W/"6047c047-b11c"
Allow: GET, POST, OPTIONS
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Length: 14304

GET
H/1.1

200
OK

gtag.js Show response
c1.wfinterface.com/tracking/ga/
Redirect Chain

http://c1.wfinterface.com/tracking/ga/gtag.js?t=UA-107148943-1
https://c1.wfinterface.com/tracking/ga/gtag.js?t=UA-107148943-1

115 KB
45 KB

450ms
450ms

Script
application/javascript

23.44.51.178
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.wfinterface.com/tracking/ga/gtag.js?t=UA-107148943-1

Protocol

HTTP/1.1

Server

23.44.51.178 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-51-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://.wellsfargo.com: https://.wellsfargo.com https://www.wellsfargo.com https://.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Fri, 11 Aug 2023 01:21:26 GMT
Last-Modified: Tue, 06 Dec 2022 21:04:42 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
ETag: W/"638fae6a-1ca3a"
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST
Content-Type: application/javascript; charset=utf-8
Allow: GET, POST
Cache-Control: max-age=1800
Connection: keep-alive
Content-Length: 45055
X-XSS-Protection: 1; mode=block

Redirect headers

Location: https://c1.wfinterface.com/tracking/ga/gtag.js?t=UA-107148943-1
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1

200
OK

gtag.js Show response
c1.wfinterface.com/tracking/ga/
Redirect Chain

http://c1.wfinterface.com/tracking/ga/gtag.js?t=DC-2549153
https://c1.wfinterface.com/tracking/ga/gtag.js?t=DC-2549153

115 KB
45 KB

27ms
23ms

Script
application/javascript

23.44.51.178
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.wfinterface.com/tracking/ga/gtag.js?t=DC-2549153

Protocol

HTTP/1.1

Server

23.44.51.178 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-51-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://.wellsfargo.com: https://.wellsfargo.com https://www.wellsfargo.com https://.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Fri, 11 Aug 2023 01:21:26 GMT
Last-Modified: Tue, 06 Dec 2022 21:04:42 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
ETag: W/"638fae6a-1ca3a"
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST
Content-Type: application/javascript; charset=utf-8
Allow: GET, POST
Cache-Control: max-age=1800
Connection: keep-alive
Content-Length: 45055
X-XSS-Protection: 1; mode=block

Redirect headers

Location: https://c1.wfinterface.com/tracking/ga/gtag.js?t=DC-2549153
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1

200
OK

gtag.js Show response
c1.wfinterface.com/tracking/ga/
Redirect Chain

http://c1.wfinterface.com/tracking/ga/gtag.js?t=AW-984436569
https://c1.wfinterface.com/tracking/ga/gtag.js?t=AW-984436569

115 KB
45 KB

48ms
26ms

Script
application/javascript

23.44.51.178
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.wfinterface.com/tracking/ga/gtag.js?t=AW-984436569

Protocol

HTTP/1.1

Server

23.44.51.178 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-51-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://.wellsfargo.com: https://.wellsfargo.com https://www.wellsfargo.com https://.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Fri, 11 Aug 2023 01:21:26 GMT
Last-Modified: Tue, 06 Dec 2022 21:04:42 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
ETag: W/"638fae6a-1ca3a"
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST
Content-Type: application/javascript; charset=utf-8
Allow: GET, POST
Cache-Control: max-age=1800
Connection: keep-alive
Content-Length: 45055
X-XSS-Protection: 1; mode=block

Redirect headers

Location: https://c1.wfinterface.com/tracking/ga/gtag.js?t=AW-984436569
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

POST
H/1.1 404
Not Found jsLog Show response
replicawebsite.com/as/ 85 KB
17 KB 337ms
336ms XHR
text/html 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://replicawebsite.com/as/jsLog
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/js/general_alt.js
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 2abdd2bee1c5e7f30262dcef649d006392f33dbb7524aab9228158de9a9c3281

Request headers

Referer: http://replicawebsite.com/
accept-language: jp-jp,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Date: Fri, 11 Aug 2023 01:21:26 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Transfer-Encoding: chunked
X-Newfold-Cache-Level: 2
Connection: keep-alive
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-nginx-cache: WordPress
Server: cloudflare
Vary: Accept-Encoding
X-Endurance-Cache-Level: 2
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
CF-RAY: 7f4ca9694887e009-NRT
Link: <https://wsb.duj.mybluehost.me/wp-json/>; rel="https://api.w.org/"
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 200
OK adrum-ext.b4436be974de477658d4a93afb752165.js Show response
static.wellsfargo.com/assets/js/wfui/appdynamics/ 47 KB
16 KB 33ms
32ms Script
application/javascript 23.44.51.226
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js

Requested by

Host: static.wellsfargo.com
URL: https://static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.51.226 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-51-226.deploy.static.akamaitechnologies.com

Software

Resource Hash

7f0d10bc282c3d7b0eb4d7527303490f8d3b86a1c65e293c2d9f0793006441e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 11 Aug 2023 01:21:26 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Last-Modified: Wed, 03 Mar 2021 23:46:24 GMT
ETag: W/"60401fd0-bbed"
Allow: GET, POST, OPTIONS
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST
Content-Type: application/javascript; charset=utf-8
X-Cnection: close
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Length: 15970

GET
H/1.1 200
OK cls_report Show response
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/ 4 KB
2 KB 212ms
185ms XHR
application/json 23.44.51.160
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=e8e80c6f-e83d-4459-b067-ad6e21f4c126%3A0&_cls_v=85f3afc9-8fa1-429a-bafb-ecf8fa00703d&pv=2&f_cls_s=true

Requested by

Host: replicawebsite.com
URL: http://replicawebsite.com/js/general_alt.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.51.160 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-51-160.deploy.static.akamaitechnologies.com

Software

Resource Hash

95674c4a36adb046efb0b36a2fa2b39a28dc0d7712e7406416ad962c27d1e33e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 11 Aug 2023 01:21:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Vary: origin, Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Access-Control-Allow-Origin: http://replicawebsite.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1040
X-XSS-Protection: 1; mode=block

GET script.js
cdnstat.net/get/ 0
0

GET
H/1.1 200
OK ga.js Show response
c1.wfinterface.com/tracking/ga/ 48 KB
20 KB 36ms
36ms Script
application/javascript 23.44.51.178
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.wfinterface.com/tracking/ga/ga.js

Requested by

Host: c1.wfinterface.com
URL: http://c1.wfinterface.com/tracking/ga/gtag.js?t=UA-107148943-1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.51.178 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-51-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

0b2af045acafbdf14516bf55f310568036ace959946d16edb1acebcd58029d22

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://.wellsfargo.com: https://.wellsfargo.com https://www.wellsfargo.com https://.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Fri, 11 Aug 2023 01:21:26 GMT
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
ETag: W/"613a44c0-c025"
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST
Content-Type: application/javascript; charset=utf-8
Allow: GET, POST
Cache-Control: max-age=1800
Connection: keep-alive
Content-Length: 19477
X-XSS-Protection: 1; mode=block

GET activityi;src=2549153;type=allv40;cat=all_a00;ord=9707743325465;gtm=2od8g0;u1=11202306291422131689925285;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=http%3A%2F%2Freplicawebsite.com%2F
2549153.fls.doubleclick.net/ Frame B647 0
0

GET
H/1.1 200
OK ga_conversion_async.js Show response
c1.wfinterface.com/tracking/ga/ 35 KB
14 KB 93ms
93ms Script
application/javascript 23.44.51.178
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.wfinterface.com/tracking/ga/ga_conversion_async.js

Requested by

Host: c1.wfinterface.com
URL: http://c1.wfinterface.com/tracking/ga/gtag.js?t=AW-984436569

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.51.178 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-51-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

6c771bd1c269646a76015f2f6410a40c031e5adea88f665bfe9ae15a972ab6ab

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://.wellsfargo.com: https://.wellsfargo.com https://www.wellsfargo.com https://.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Fri, 11 Aug 2023 01:21:26 GMT
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
ETag: W/"613a44c0-8c31"
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST
Content-Type: application/javascript; charset=utf-8
Allow: GET, POST
Cache-Control: max-age=1800
Connection: keep-alive
Content-Length: 13593
X-XSS-Protection: 1; mode=block

POST
H/1.1 200
OK cls_report Show response
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/ 4 KB
2 KB 200ms
199ms XHR
application/json 23.44.51.160
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=e8e80c6f-e83d-4459-b067-ad6e21f4c126:0&_cls_v=85f3afc9-8fa1-429a-bafb-ecf8fa00703d&pid=61cf887c-193f-4214-9cea-e76ccdf4e8a8&sn=1&cfg&pv=2&aid=

Requested by

Host: replicawebsite.com
URL: http://replicawebsite.com/js/general_alt.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.51.160 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-51-160.deploy.static.akamaitechnologies.com

Software

Resource Hash

95674c4a36adb046efb0b36a2fa2b39a28dc0d7712e7406416ad962c27d1e33e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://replicawebsite.com/
accept-language: jp-jp,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Fri, 11 Aug 2023 01:21:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Vary: origin, Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Access-Control-Allow-Origin: http://replicawebsite.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1040
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK ec.js Show response
c1.wfinterface.com/tracking/ga/ 3 KB
2 KB 22ms
22ms Script
application/javascript 23.44.51.178
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.wfinterface.com/tracking/ga/ec.js

Requested by

Host: c1.wfinterface.com
URL: https://c1.wfinterface.com/tracking/ga/ga.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.51.178 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-51-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

618688d9849fef712931832c71e01be145d1791d6da917a702ab86a74ce66089

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://.wellsfargo.com: https://.wellsfargo.com https://www.wellsfargo.com https://.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Fri, 11 Aug 2023 01:21:26 GMT
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
ETag: W/"613a44c0-aed"
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST
Content-Type: application/javascript; charset=utf-8
Allow: GET, POST
Cache-Control: max-age=1800
Connection: keep-alive
Content-Length: 1313
X-XSS-Protection: 1; mode=block

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
146 B 417ms
47ms XHR
text/plain 142.251.42.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&aip=1&a=217670780&t=pageview&_s=1&dl=http%3A%2F%2Freplicawebsite.com%2F&ul=en-us&de=windows-1252&dt=Wells%20Fargo%20Bank%20%7C%20Financial%20Services%20%26%20Online%20Banking&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4GBACUALBAAAAC~&jid=1113964248&gjid=1330669827&cid=407483147.1691716887&tid=UA-107148943-1&_gid=721193599.1691716887&_r=1&cd1=WWW&cd4=n&cd7=DESKTOP&cd8=PRODUCTION&cd9=11202306291422131689925285&cd12=BROWSER&cd22=hp&cd23=4.49.0&gtm=2ou8g0&cd35=407483147.1691716887&z=166118348

Requested by

Host: replicawebsite.com
URL: http://replicawebsite.com/js/general_alt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.174 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://replicawebsite.com/
accept-language: jp-jp,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 01:21:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://replicawebsite.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 372ms
13ms Image
image/gif 142.251.42.174
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j92&aip=1&a=217670780&t=timing&_s=2&dl=http%3A%2F%2Freplicawebsite.com%2F&ul=en-us&de=windows-1252&dt=Wells%20Fargo%20Bank%20%7C%20Financial%20Services%20%26%20Online%20Banking&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1781&pdt=1&dns=448&rrt=0&srt=199&tcp=1&dit=1546&clt=1546&_gst=2501&_gbt=2583&_cst=1777&_cbt=2496&_u=4GBACUALBAAAAC~&jid=&gjid=&cid=407483147.1691716887&tid=UA-107148943-1&_gid=721193599.1691716887&gtm=2ou8g0&z=771542810

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.174 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Aug 2023 02:48:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 81192
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
300 B 365ms
11ms Image
image/gif 142.251.42.174
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j92&aip=1&a=217670780&t=event&ni=1&_s=3&dl=http%3A%2F%2Freplicawebsite.com%2F&ul=en-us&de=windows-1252&dt=Wells%20Fargo%20Bank%20%7C%20Financial%20Services%20%26%20Online%20Banking&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Internal%20Promotions&ea=impressions&el=http%3A%2F%2Freplicawebsite.com%2F&_u=6GBACUALBAAAAC~&jid=&gjid=&cid=407483147.1691716887&tid=UA-107148943-1&_gid=721193599.1691716887&cd1=WWW&cd4=n&cd7=DESKTOP&cd8=PRODUCTION&cd9=11202306291422131689925285&cd12=BROWSER&cd22=hp&cd23=4.49.0&gtm=2ou8g0&cd35=407483147.1691716887&promo1id=cmsDefault&promo1nm=cmsDefault&promo1cr=en&promo1ps=WF_CON_HP_PRIMARY_BNR&promo2id=cmsDefault&promo2nm=cmsDefault&promo2cr=en&promo2ps=WF_CON_HP_SML_PRIMARY&promo3id=cmsDefault&promo3nm=cmsDefault&promo3cr=en&promo3ps=WF_CON_HP_SML_PRIMARY&promo4id=cmsDefault&promo4nm=cmsDefault&promo4cr=en&promo4ps=WF_CON_HP_SML_PRIMARY&promo5id=cmsDefault&promo5nm=cmsDefault&promo5cr=en&promo5ps=WF_CON_HP_LRG_PROMO&promo6id=cmsDefault&promo6nm=cmsDefault&promo6cr=en&promo6ps=WF_CON_HP_SML_PROMO&promo7id=cmsDefault&promo7nm=cmsDefault&promo7cr=en&promo7ps=WF_CON_HP_SML_PROMO&promo8id=cmsDefault&promo8nm=cmsDefault&promo8cr=en&promo8ps=WF_CON_HP_SML_PROMO&z=602342561

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.174 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Aug 2023 02:48:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 81192
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET

/
www.google.com/pagead/1p-user-list/984436569/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/984436569/?random=1691716886546&cv=9&fst=1691716886546&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=12...
https://www.google.com/pagead/1p-user-list/984436569/?random=1691716886546&cv=9&fst=1691715600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=540&u_java...

0
0

GET
H/1.1 404
Not Found s.gif Show response
replicawebsite.com/assets/images/global/ 315 B
529 B 174ms
173ms Fetch
text/html 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://replicawebsite.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=http%3A%2F%2Freplicawebsite.com%2F&cb=1691716886915&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOP
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/js/general_alt.js
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 11 Aug 2023 01:21:27 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Connection: keep-alive
CF-RAY: 7f4ca96f4f17e009-NRT

GET
H/1.1 404
Not Found s.gif Show response
replicawebsite.com/assets/images/global/ 315 B
529 B 188ms
188ms Fetch
text/html 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://replicawebsite.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=http%3A%2F%2Freplicawebsite.com%2F&cb=1691716886930&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A84-224274-16%7Etcm%3A91-223647-32
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/js/general_alt.js
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 11 Aug 2023 01:21:27 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Connection: keep-alive
CF-RAY: 7f4ca96f5eb325e4-NRT

GET
H/1.1 404
Not Found s.gif Show response
replicawebsite.com/assets/images/global/ 315 B
529 B 188ms
187ms Fetch
text/html 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://replicawebsite.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=http%3A%2F%2Freplicawebsite.com%2F&cb=1691716886932&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A84-226512-16%7Etcm%3A91-226306-32
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/js/general_alt.js
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 11 Aug 2023 01:21:27 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Connection: keep-alive
CF-RAY: 7f4ca96f5d50afd3-NRT

GET
H/1.1 404
Not Found s.gif Show response
replicawebsite.com/assets/images/global/ 315 B
529 B 187ms
187ms Fetch
text/html 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://replicawebsite.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=http%3A%2F%2Freplicawebsite.com%2F&cb=1691716886934&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-224415%7Etcm%3A83-2046-8
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/js/general_alt.js
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 11 Aug 2023 01:21:27 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Connection: keep-alive
CF-RAY: 7f4ca96f59e0e031-NRT

GET
H/1.1 404
Not Found s.gif Show response
replicawebsite.com/assets/images/global/ 315 B
529 B 189ms
189ms Fetch
text/html 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://replicawebsite.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=http%3A%2F%2Freplicawebsite.com%2F&cb=1691716886935&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A242-223859-16%7Etcm%3A91-223657-32
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/js/general_alt.js
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 11 Aug 2023 01:21:27 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Connection: keep-alive
CF-RAY: 7f4ca96f5b3a34cf-NRT

GET
H/1.1 404
Not Found s.gif Show response
replicawebsite.com/assets/images/global/ 315 B
529 B 189ms
188ms Fetch
text/html 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://replicawebsite.com/assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1691716886936&pageID=undefined&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarqueeOffer
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/js/general_alt.js
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 11 Aug 2023 01:21:27 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Connection: keep-alive
CF-RAY: 7f4ca96f58bbf68d-NRT

GET
H/1.1 404
Not Found s.gif Show response
replicawebsite.com/assets/images/global/ 315 B
529 B 345ms
189ms Fetch
text/html 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://replicawebsite.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=http%3A%2F%2Freplicawebsite.com%2F&cb=1691716886938&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A242-228778-16%7Etcm%3A91-228643-32
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/js/general_alt.js
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 11 Aug 2023 01:21:27 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Connection: keep-alive
CF-RAY: 7f4ca9705826e009-NRT

GET
H/1.1 404
Not Found s.gif Show response
replicawebsite.com/assets/images/global/ 315 B
529 B 377ms
192ms Fetch
text/html 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://replicawebsite.com/assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1691716886938&pageID=undefined&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=1
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/js/general_alt.js
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 11 Aug 2023 01:21:27 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Connection: keep-alive
CF-RAY: 7f4ca9708fb925e4-NRT

GET
H/1.1 404
Not Found s.gif Show response
replicawebsite.com/assets/images/global/ 315 B
529 B 377ms
192ms Fetch
text/html 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://replicawebsite.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=http%3A%2F%2Freplicawebsite.com%2F&cb=1691716886940&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A242-228784-16%7Etcm%3A91-228643-32
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/js/general_alt.js
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 11 Aug 2023 01:21:27 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Connection: keep-alive
CF-RAY: 7f4ca9708e53afd3-NRT

GET
H/1.1 404
Not Found s.gif Show response
replicawebsite.com/assets/images/global/ 315 B
529 B 371ms
185ms Fetch
text/html 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://replicawebsite.com/assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1691716886940&pageID=undefined&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=2
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/js/general_alt.js
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 11 Aug 2023 01:21:27 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Connection: keep-alive
CF-RAY: 7f4ca9708b55e031-NRT

GET
H/1.1 404
Not Found s.gif Show response
replicawebsite.com/assets/images/global/ 315 B
529 B 373ms
187ms Fetch
text/html 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://replicawebsite.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=http%3A%2F%2Freplicawebsite.com%2F&cb=1691716886942&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A242-228805-16%7Etcm%3A91-228643-32
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/js/general_alt.js
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 11 Aug 2023 01:21:27 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Connection: keep-alive
CF-RAY: 7f4ca9708bc734cf-NRT

GET
H/1.1 404
Not Found s.gif Show response
replicawebsite.com/assets/images/global/ 315 B
529 B 506ms
321ms Fetch
text/html 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://replicawebsite.com/assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1691716886942&pageID=undefined&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=3
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/js/general_alt.js
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 11 Aug 2023 01:21:27 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Connection: keep-alive
CF-RAY: 7f4ca9708991f68d-NRT

GET
H/1.1 404
Not Found s.gif Show response
replicawebsite.com/assets/images/global/ 315 B
529 B 526ms
185ms Fetch
text/html 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://replicawebsite.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=http%3A%2F%2Freplicawebsite.com%2F&cb=1691716886943&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A182-228910-16%7Etcm%3A91-223671-32
Requested by: Host: replicawebsite.com
URL: http://replicawebsite.com/js/general_alt.js
Protocol: HTTP/1.1
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: http://replicawebsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 11 Aug 2023 01:21:27 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Connection: keep-alive
CF-RAY: 7f4ca97189e6e009-NRT

POST collect
stats.g.doubleclick.net/j/ 0
0

POST adrum
pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/idl?pid=1317

Domain: cdnstat.net
URL: https://cdnstat.net/get/script.js?referrer=http://replicawebsite.com/

Domain: 2549153.fls.doubleclick.net
URL: http://2549153.fls.doubleclick.net/activityi;src=2549153;type=allv40;cat=all_a00;ord=9707743325465;gtm=2od8g0;u1=11202306291422131689925285;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=http%3A%2F%2Freplicawebsite.com%2F?

Domain: www.google.com
URL: https://www.google.com/pagead/1p-user-list/984436569/?random=1691716886546&cv=9&fst=1691715600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=540&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8g0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Freplicawebsite.com%2F&tiba=Wells%20Fargo%20Bank%20%7C%20Financial%20Services%20%26%20Online%20Banking&async=1&is_vtc=1&random=726911034&resp=GooglemKTybQhCsO

Domain: stats.g.doubleclick.net
URL: https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-107148943-1&cid=407483147.1691716887&jid=1113964248&gjid=1330669827&_gid=721193599.1691716887&_u=4GBACUAKBAAAAC~&z=1865369027

Domain: pdx-col.eum-appdynamics.com
URL: https://pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Wells Fargo (Banking)

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38	1969-12-31 23:59:59	Name: _cls_cfgver Value: c31911bd
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38	1969-12-31 23:59:59	Name: _cls_v Value: 85f3afc9-8fa1-429a-bafb-ecf8fa00703d
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38	1969-12-31 23:59:59	Name: _cls_s Value: e8e80c6f-e83d-4459-b067-ad6e21f4c126:0
replicawebsite.com/	1970-01-20 13:55:56	Name: PHPREFS Value: full
.demdex.net/	1970-01-20 18:14:28	Name: demdex Value: 08638759024940347522998754104239363757
.replicawebsite.com/	1969-12-31 23:59:59	Name: AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg Value: 1
.replicawebsite.com/	1970-01-20 23:31:16	Name: AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg Value: -1124106680%7CMCMID%7C08602088582634007872995103829532142782%7CMCAAMLH-1692321685%7C11%7CMCAAMB-1692321685%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C766260727%7CMCOPTOUT-1691724085s%7CNONE%7CvVersion%7C5.2.0
replicawebsite.com/	1970-01-20 14:38:28	Name: _ga Value: GA1.1.407483147.1691716887
replicawebsite.com/	1970-01-20 13:56:43	Name: _gid Value: GA1.1.721193599.1691716887
replicawebsite.com/	1970-01-20 13:55:16	Name: _gat_gtag_UA_107148943_1 Value: 1
.doubleclick.net/	1970-01-20 13:55:17	Name: test_cookie Value: CheckForPermission

21 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://replicawebsite.com/auth/login/static/js/general_alt.js?1js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
javascript	error	URL: http://replicawebsite.com/ Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/idl?pid=1317' from origin 'http://replicawebsite.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/idl?pid=1317 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: http://replicawebsite.com/as/jsLog Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://cdnstat.net/get/script.js?referrer=http://replicawebsite.com/ Message: Failed to load resource: net::ERR_CONNECTION_CLOSED
network	error	URL: http://replicawebsite.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=http%3A%2F%2Freplicawebsite.com%2F&cb=1691716886915&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOP Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://replicawebsite.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=http%3A%2F%2Freplicawebsite.com%2F&cb=1691716886930&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A84-224274-16%7Etcm%3A91-223647-32 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://replicawebsite.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=http%3A%2F%2Freplicawebsite.com%2F&cb=1691716886932&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A84-226512-16%7Etcm%3A91-226306-32 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://replicawebsite.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=http%3A%2F%2Freplicawebsite.com%2F&cb=1691716886934&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-224415%7Etcm%3A83-2046-8 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://replicawebsite.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=http%3A%2F%2Freplicawebsite.com%2F&cb=1691716886935&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A242-223859-16%7Etcm%3A91-223657-32 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://replicawebsite.com/assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1691716886936&pageID=undefined&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarqueeOffer Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum Message: Failed to load resource: net::ERR_CONNECTION_CLOSED
network	error	URL: http://replicawebsite.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=http%3A%2F%2Freplicawebsite.com%2F&cb=1691716886938&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A242-228778-16%7Etcm%3A91-228643-32 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://replicawebsite.com/assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1691716886940&pageID=undefined&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://replicawebsite.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=http%3A%2F%2Freplicawebsite.com%2F&cb=1691716886942&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A242-228805-16%7Etcm%3A91-228643-32 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://replicawebsite.com/assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1691716886938&pageID=undefined&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=1 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://replicawebsite.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=http%3A%2F%2Freplicawebsite.com%2F&cb=1691716886940&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A242-228784-16%7Etcm%3A91-228643-32 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://replicawebsite.com/assets/images/global/s.gif?log=1&event=IADefaultOffer&cb=1691716886942&pageID=undefined&program=EventReporting&offterType=cmsDefault&eventDescription=DisplayCMSDefaultMarketingSmallPromoOffer&promoSlot=3 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://replicawebsite.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=http%3A%2F%2Freplicawebsite.com%2F&cb=1691716886943&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A182-228910-16%7Etcm%3A91-223671-32 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-107148943-1&cid=407483147.1691716887&jid=1113964248&gjid=1330669827&_gid=721193599.1691716887&_u=4GBACUAKBAAAAC~&z=1865369027 Message: Failed to load resource: net::ERR_CONNECTION_CLOSED
network	error	URL: https://www.google.com/pagead/1p-user-list/984436569/?random=1691716886546&cv=9&fst=1691715600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=540&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8g0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Freplicawebsite.com%2F&tiba=Wells%20Fargo%20Bank%20%7C%20Financial%20Services%20%26%20Online%20Banking&async=1&is_vtc=1&random=726911034&resp=GooglemKTybQhCsO Message: Failed to load resource: net::ERR_CONNECTION_CLOSED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2549153.fls.doubleclick.net
api.rlcdn.com
c1.wfinterface.com
cdnstat.net
dpm.demdex.net
pdx-col.eum-appdynamics.com
replicawebsite.com
rubicon.wellsfargo.com
static.wellsfargo.com
stats.g.doubleclick.net
wellsfargobankna.demdex.net
www.facebook.com
www.google-analytics.com
www.google.com
www17.wellsfargomedia.com
2549153.fls.doubleclick.net
api.rlcdn.com
cdnstat.net
pdx-col.eum-appdynamics.com
stats.g.doubleclick.net
www.google.com
104.71.165.80
142.251.42.174
23.44.51.160
23.44.51.178
23.44.51.226
3.114.199.131
3.115.101.35
31.13.82.36
66.235.200.146
0b2af045acafbdf14516bf55f310568036ace959946d16edb1acebcd58029d22
0ec5fff6d4f28aa03bbc343478f5b8ef2c576f983044e29841f650cba8e25234
10c1acb80b088029eab596925f58565e025206d10ef1edded0bf055dac884bbf
1697510ee355fbc770e2b6265ce3ca7992fc62275f62b41018dc07f6e5938682
19280d730497626217386797c9445ad51e8867f92603758a58ffba019d88c061
1d4888701c8357cc955a2cd1077cfbb9c6449958ae794d76e97d2ef0b93c4752
25444adddb06abe6e0a022ff27f9a3ae4f4ade7cd2afa74fc912d462ab07ecd3
2abdd2bee1c5e7f30262dcef649d006392f33dbb7524aab9228158de9a9c3281
2dd29214a6e0591c819798d61c263fd3e1bebee31a2dc2245d5cf5f02a50b3ea
2ea269e3ab15fffe884f7bd14b4d031b5ad61caf406a7c68af5761421d33f43a
3176ae9befd81b772a8cf7f0a471e8473e6f76fb1aa3e40321910eab1aeceeba
385196f0fce7cea80c2c99d971780ecb73df9dea6e5b2d95d19df3aa849c7b1f
417df9b440b214aa81b429a205291afb424c1ae8a3c9143dd22e17befaada5e2
4924ccd5b2fe1ce2bb50e12012838054260e8d3d123116e0479690e8d1b97993
4e6f8867d7a5ff6517b0e056099dc1ae31db03322653a27462d5a2b05a332971
5c18c7230c1e013e39d16af91a84fdedd4a6cb5874e26729f0883978c4ba229e
618688d9849fef712931832c71e01be145d1791d6da917a702ab86a74ce66089
631f3b6267a831a8d67c45e480b5d5a2601f10ff8708bcf3a45a41b377a129cc
63673faef8532b2789dee1ac7534f87b1a6a249590acc7da8644beda141794fc
6479ba8947559226909296b93e16fee284e8118b0038fff924097c38615684f2
6bc7e16d4b6822a6867d7dd9f9d29f5fd77cd803750b0fe38a92309d9eb00704
6c771bd1c269646a76015f2f6410a40c031e5adea88f665bfe9ae15a972ab6ab
7f0d10bc282c3d7b0eb4d7527303490f8d3b86a1c65e293c2d9f0793006441e6
819a3bd99ca080eed6b47dd596421f616818321a2a8fea705e614b4ed58e61c2
828ad10b1cd19124350d846916da0031a93d1b2f02a74695b97fd82503627318
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86e522c61649a3fd7b76ea8d8304d88fa1b86d029a349c64a2e4ee3683d019c4
8c456a47b3f97fa54853761f544146ab5b5277a11603a18f080947d76e31d54a
907c59cb689313a243aca70b3b3f00b64652fe3d26f4e29c20ced42eee329f51
936c825f599809216670e9444d31e555e587b6f9943a89681cfef3621c5b0843
94ff650bbcdbc77db561e7aca8ed87f70c13a9e9e98272b2328d0f5a6e0ed92b
95674c4a36adb046efb0b36a2fa2b39a28dc0d7712e7406416ad962c27d1e33e
9730d81c67de0dae104be9a17b43a179e68557cc4a10a81c95fd451630d04b39
9b47a5e651a8661559cb4935e22d126ba086b21a8cda72ea8598e1c29c273629
ab9d8c97b35ed86b6224aca911aa304a0d7dbcbd28e00a4c6585b96e28ed30ba
c5efd80b0945674f1ffbb895395fb45f44b6030a3d2c6380b03202e667c51923
ce6faf4362953335a4429f61ec96e585d554c26eeb0ee538fc752cfbf863cdac
cfcc50571ad947e067c5a0853534d3016eaaef2fd98ffdb9b0d4d3c1bdda0273
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
dd412907ae375cbc6e9882290356cf22bc0c669ae33f831039e3b22168117810
de13e068daab704b3e5018f1deee48d0cefeff400be95f396d6f3ebe829cfbf5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de658330c0f53de61d10240f572508c31ee9db580f34b856430724f2e499104c
e06b14ec84ac8651fc009b444e0560a78c1919f45df8106a9c14cd708d5b804e
e0830df8e9e4434ad80c70f677266c654bf2c37ee184867f41c7dc65c5e6160f
e1634264ecc89070e69bd8f3329545ee3ad27bb19c03295e0f008602385c1dc3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f5a1bee943c64e915cc0223d3cc7e402b70794950377eb8ef040c835fad7e156
f990b81e77666bac79e3f1f9399b7763ca7eb64b1d70acea21cbe954413cc0c3
f9c237c7739705ea404e9682f13e557a1d984f2493f6f619bdfce44c9a71445d

replicawebsite.com Open in urlscan Pro 66.235.200.146 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

75 Requests

41 %HTTPS

0 %IPv6

12 Domains

15 Subdomains

10 IPs

2 Countries

1223 kBTransfer

2519 kBSize

11 Cookies

23 Outgoing links

Redirected requests

75 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

replicawebsite.com Open in urlscan Pro
66.235.200.146 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

75
Requests

41 %
HTTPS

0 %
IPv6

12
Domains

15
Subdomains

10
IPs

2
Countries

1223 kB
Transfer

2519 kB
Size

11
Cookies

75 HTTP transactions
0 data transactions