smm.stu.cn.ua
urlscan Pro

195.69.76.75 Malicious Activity!

Go To Report Rescan

URL:
http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
Submission: On January 14 via automatic, source openphish (January 14th 2021, 1:27:26 am)

Summary HTTP 79 Links 152 Behaviour Indicators

Summary

This website contacted 12 IPs in 6 countries across 8 domains to perform 79 HTTP transactions. The main IP is 195.69.76.75, located in Chernihiv, Ukraine and belongs to CSTU-AS, UA. The main domain is smm.stu.cn.ua.

This is the only time smm.stu.cn.ua was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Wells Fargo (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 8	195.69.76.75 195.69.76.75	29116 (CSTU-AS) (CSTU-AS)
36	23.43.126.164 23.43.126.164	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
9	23.8.3.57 23.8.3.57	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	159.45.170.156 159.45.170.156	10837 (WELLSFARG...) (WELLSFARGO-10837)
2	159.45.66.145 159.45.66.145	4196 (WELLSFARG...) (WELLSFARGO-4196)
6	159.45.66.178 159.45.66.178	4196 (WELLSFARG...) (WELLSFARGO-4196)
3	34.251.60.147 34.251.60.147	16509 (AMAZON-02) (AMAZON-02)
2	159.45.170.139 159.45.170.139	10837 (WELLSFARG...) (WELLSFARGO-10837)
1 2	172.217.21.230 172.217.21.230	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE)
79	12

8 195.69.76.75 (Chernihiv, Ukraine) 1 redirects

ASN29116 (CSTU-AS, UA)
PTR:

smm.stu.cn.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 23.43.126.164 (Netherlands)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-43-126-164.deploy.static.akamaitechnologies.com

www01.wellsfargomedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www04.wellsfargomedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 23.8.3.57 (Netherlands)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-8-3-57.deploy.static.akamaitechnologies.com

www20.wellsfargomedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 159.45.170.156 (United States)

ASN10837 (WELLSFARGO-10837, US)
PTR:

connect.secure.wellsfargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 159.45.66.145 (Charlotte, United States)

ASN4196 (WELLSFARGO-4196, US)
PTR:

www.wellsfargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 159.45.66.178 (Charlotte, United States)

ASN4196 (WELLSFARGO-4196, US)
PTR:

static.wellsfargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.251.60.147 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-60-147.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wellsfargobankna.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 159.45.170.139 (United States)

ASN10837 (WELLSFARGO-10837, US)
PTR:

rubicon.wellsfargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.21.230 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s13-in-f6.1e100.net

2549153.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Domain Subdomains	Transfer
45	wellsfargomedia.com	765 KB
19	wellsfargo.com 2 redirects rubicon.wellsfargo.com Failed	453 KB
8	stu.cn.ua 1 redirects	159 KB
4	doubleclick.net 3 redirects	1 KB
3	google-analytics.com 1 redirects	723 B
3	demdex.net	3 KB
2	google.de	215 B
2	google.com 2 redirects	620 B
79	8

	Domain	Requested by
24	www04.wellsfargomedia.com	smm.stu.cn.ua
12	www01.wellsfargomedia.com	smm.stu.cn.ua www01.wellsfargomedia.com www.wellsfargo.com
9	connect.secure.wellsfargo.com	2 redirects smm.stu.cn.ua connect.secure.wellsfargo.com
9	www20.wellsfargomedia.com	smm.stu.cn.ua www.wellsfargo.com
8	smm.stu.cn.ua	1 redirects smm.stu.cn.ua
6	static.wellsfargo.com	smm.stu.cn.ua static.wellsfargo.com
3	www.google-analytics.com	1 redirects static.wellsfargo.com
2	www.google.de
2	www.google.com	2 redirects
2	2549153.fls.doubleclick.net	1 redirects static.wellsfargo.com
2	rubicon.wellsfargo.com	smm.stu.cn.ua
2	dpm.demdex.net	smm.stu.cn.ua
2	www.wellsfargo.com	smm.stu.cn.ua
1	googleads.g.doubleclick.net	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	wellsfargobankna.demdex.net	smm.stu.cn.ua
79	16

This site contains links to these domains. Also see Links.

Domain
oam.wellsfargo.com
www.wellsfargo.com
icomplete.wellsfargo.com
wfis.wellsfargo.com
connect.secure.wellsfargo.com
privatebank.wf.com
www.abbotdowning.com
www.facebook.com
www.linkedin.com
instagram.com
www.pinterest.com
www.youtube.com
twitter.com

Subject / Issuer	Validity	Valid
www01.wellsfargomedia.com GeoTrust RSA CA 2018	`2020-03-21` - `2021-06-20`	a year
www20.wellsfargomedia.com GeoTrust RSA CA 2018	`2020-03-21` - `2021-06-20`	a year
connect.secure.wellsfargo.com DigiCert EV RSA CA G2	`2020-07-09` - `2022-07-14`	2 years
www.wellsfargo.com DigiCert EV RSA CA G2	`2020-07-11` - `2022-07-20`	2 years
static.wellsfargo.com DigiCert EV RSA CA G2	`2020-07-11` - `2022-07-20`	2 years
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years
rubicon.wellsfargo.com Wells Fargo Public Trust Certification Authority 01 G2	`2019-06-25` - `2021-06-25`	2 years
*.doubleclick.net GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months
www.google.de GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months
*.google-analytics.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months

Screenshot
Live screenshot

Full Image

Detected technologies

Ubuntu (Operating Systems) Website

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Apache (Web Servers) Website

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Stats

0
Requests

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

152 Outgoing links

These are links going to different origins than the main page. For each link, only the first name is shown.

https://oam.wellsfargo.com/oamo/identity/authentication?execution=e1s1
Title: Enroll
https://www.wellsfargo.com/help/
Title: Customer Service
https://www.wellsfargo.com/locator/
Title: ATMs/Locations
https://www.wellsfargo.com/spanish/
Title: Espa?ol
https://www.wellsfargo.com/biz/
Title: Small Business
https://www.wellsfargo.com/com/
Title: Commercial
https://www.wellsfargo.com/financial-education/
Title: Financial Education
https://www.wellsfargo.com/about/
Title: About Wells Fargo
https://www.wellsfargo.com/checking/
Title: Checking Accounts
https://www.wellsfargo.com/savings-cds/
Title: Savings Accounts and CDs
https://www.wellsfargo.com/debit-card/
Title: Debit and Prepaid Cards
https://www.wellsfargo.com/credit-cards/
Title: Credit Cards
https://www.wellsfargo.com/foreign-exchange/
Title: Foreign Exchange
https://www.wellsfargo.com/international-remittances/
Title: Global Remittance Services
https://www.wellsfargo.com/online-banking/
Title: Online Banking
https://www.wellsfargo.com/online-banking/bill-pay/
Title: Online Bill Pay
https://www.wellsfargo.com/online-banking/transfers/
Title: Transfers
https://www.wellsfargo.com/online-banking/statements/
Title: Online Statements
https://www.wellsfargo.com/mobile/
Title: Mobile Banking
https://www.wellsfargo.com/insurance-identity-theft-protection/?ref=RB0000CBEOWEFN&eitp=RB0000CBEOWEFN
Title: Identity Theft Protection
https://www.wellsfargo.com/tax-center/
Title: Tax Center
https://www.wellsfargo.com/goals-banking-made-easy/index
Title: Banking Made Easy
https://www.wellsfargo.com/goals-protect-what-counts/
Title: Protect What Counts
https://www.wellsfargo.com/goals-retirement/
Title: Planning for Retirement
https://www.wellsfargo.com/privacy-security/fraud/
Title: Fraud Information Center
https://www.wellsfargo.com/mortgage/rates/
Title: Mortgage Rates
https://www.wellsfargo.com/help/routing-number/
Title: Routing Number
https://www.wellsfargo.com/checking/overdraft-services/
Title: Overdraft Services
https://www.wellsfargo.com/financial-assistance/
Title: Get Help with Payment Challenges
https://www.wellsfargo.com/checking/compare-checking-accounts/
Title: Open a Checking Account
https://www.wellsfargo.com/help/apply/
Title: Apply for an Account or Service
https://www.wellsfargo.com/mortgage/
Title: Mortgage Loans
https://www.wellsfargo.com/equity/
Title: Home Equity Lines
https://www.wellsfargo.com/personal-credit/
Title: Personal Lines and Loans
https://www.wellsfargo.com/student/
Title: Student Loans
https://www.wellsfargo.com/auto-loans/
Title: Auto Loans
https://www.wellsfargo.com/mortgage/home-loans/
Title: Home Lending
https://www.wellsfargo.com/goals-going-to-college/
Title: Going to College
https://www.wellsfargo.com/goals-credit/
Title: Borrowing and Credit
https://www.wellsfargo.com/mortgage/rates/calculator/
Title: Home Equity Rates
https://www.wellsfargo.com/auto-loans/rates/
Title: Auto Loan Rates
https://icomplete.wellsfargo.com/oas/status/auth
Title: Finish Application/Check Status
https://www.wellsfargo.com/student/rate-benefits/
Title: Student Loan Discounts
https://www.wellsfargo.com/insurance/
Title: Insurance Overview
https://www.wellsfargo.com/insurance/auto/
Title: Auto Insurance
https://www.wellsfargo.com/insurance/vehicle/
Title: Specialty Vehicle Insurance
https://www.wellsfargo.com/insurance/home/
Title: Homeowners Insurance
https://www.wellsfargo.com/insurance/umbrella/
Title: Umbrella Liability Insurance
https://www.wellsfargo.com/biz/insurance/
Title: Small Business Insurance
https://wfis.wellsfargo.com/
Title: Commercial Insurance
https://www.wellsfargo.com/investing/wellstrade-online-brokerage/
Title: Invest Online
https://www.wellsfargo.com/investing/guidance/
Title: Invest With Guidance
https://www.wellsfargo.com/investing/mutual-funds/
Title: Invest in Mutual Funds
https://www.wellsfargo.com/investing/compare-ways-to-invest/
Title: Compare Ways to Invest
https://www.wellsfargo.com/investing/retirement/ira/
Title: IRAs
https://www.wellsfargo.com/investing/
Title: Investment Services
https://www.wellsfargo.com/investing/retirement/rollover/
Title: Rollovers (401k and IRA)
https://www.wellsfargo.com/investing/education/
Title: Investing for Education
https://www.wellsfargo.com/investment-institute/
Title: Strategy and Research
https://www.wellsfargo.com/goals-retirement-income/
Title: Income in Retirement
https://www.wellsfargo.com/goals-investing/
Title: Investing Basics
https://www.wellsfargo.com/investing/guidance/consultation/
Title: Contact a Financial Advisor
https://www.wellsfargo.com/investing/retirement/ira/select/
Title: Open an IRA
https://www.wellsfargo.com/investing/wellstrade-online-brokerage/open/
Title: Open a WellsTrade? Account
https://www.wellsfargo.com/investing/retirement/ira/traditional-or-roth-ira/
Title: Compare IRAs
https://www.wellsfargo.com/investing/retirement/tools/my-retirement-plan/
Title: My Retirement Plan
https://connect.secure.wellsfargo.com/auth/login/present?origin=irt
Title: Employer Plan 401(k) Sign On
https://www.wellsfargo.com/the-private-bank/
Title: The Private Bank
https://www.wellsfargo.com/investing/wells-fargo-advisors/
Title: Wells Fargo Advisors
https://www.wellsfargo.com/abbot-downing/
Title: Abbot Downing
https://www.wellsfargo.com/wealth-management-services/
Title: All Wealth Management Services
https://www.wellsfargo.com/the-private-bank/solutions/wealth-planning/
Title: Wealth Planning
https://www.wellsfargo.com/the-private-bank/solutions/private-banking/
Title: Private Banking
https://www.wellsfargo.com/the-private-bank/solutions/investment-management/
Title: Investment Management
https://www.wellsfargo.com/the-private-bank/solutions/specialized/
Title: Specialized Wealth Services
https://www.wellsfargo.com/the-private-bank/solutions/trust-services/
Title: Trust Services
https://www.wellsfargo.com/the-private-bank/insights/
Title: Wealth Management Insights
https://privatebank.wf.com/conversations/
Title: Conversations Magazine
https://www.wellsfargo.com/the-private-bank/connect/
Title: Contact The Private Bank
https://www.abbotdowning.com/contact_us/headquarters/
Title: Contact Abbot Downing
https://www.wellsfargo.com/go-far-rewards/
Title: Explore Rewards
https://www.wellsfargo.com/go-far-rewards/earn-rewards/
Title: Earn Rewards
https://www.wellsfargo.com/go-far-rewards/use-rewards/
Title: Use Rewards
https://www.wellsfargo.com/go-far-rewards/share-rewards/
Title: Share Rewards
https://www.wellsfargo.com/customer-relationship-program/
Title: Customer Relationship Overview
https://www.wellsfargo.com/goals-banking-made-easy/
Title: Banking Made Easy
https://connect.secure.wellsfargo.com/auth/login/rewards
Title: Sign On to Go Far Rewards
https://www.wellsfargo.com/help/faqs/go-far-rewards/
Title: Go Far Rewards FAQs
https://www.wellsfargo.com/help/faqs/sign-on/?linkLoc=signon
Title: Forgot Password/Username?
https://www.wellsfargo.com/privacy-security/fraud/?linkLoc=signon
Title: Fraud Information Center
https://www.wellsfargo.com/privacy-security/?linkLoc=signon
Title: Privacy, Cookies, and Security
https://www.wellsfargo.com/mortgage/apply/prequalification/?dm=DMIWEPURGW
Title: Get Prequalified
https://www.wellsfargo.com/stories
Title: Find Out More
https://www.wellsfargo.com/jump/checking/open-sequence/
Title: Get Started
https://www.wellsfargo.com/credit-cards/find-a-credit-card/
Title: Find your credit card
https://www.wellsfargo.com/mortgage/apply/prequalification/?dm=DMIWEPURGY
Title: Buying a house? We can help.
https://www.wellsfargo.com/online-banking/my-money-map/
Title: Free online budgeting tools
https://www.wellsfargo.com/goals-banking-made-easy/simplify-payments/?linkLoc=nba
https://www.wellsfargo.com/mobile/?linkLoc=nba
Title: Bank on the go with your mobile device >
https://www.wellsfargo.com/checking/quickstart/account-alerts/?linkLoc=nba
Title: Get account alerts >
https://www.wellsfargo.com/goals-banking-made-easy/index/?linkLoc=nba
Title: Go to Banking Made Easy
https://www.wellsfargo.com/goals-investing/investing-types/?linkLoc=nba
https://www.wellsfargo.com/investing/compare-ways-to-invest/?linkLoc=nba
https://www.wellsfargo.com/goals-investing/saving-vs-investing/?linkLoc=nba
https://www.wellsfargo.com/goals-investing/?linkLoc=nba
Title: Go to Investing Basics
https://www.wellsfargo.com/goals-going-to-college/paying-college/?linkLoc=nba
https://www.wellsfargo.com/student/?linkLoc=nba
https://www.wellsfargo.com/goals-going-to-college/first-account/?linkLoc=nba
https://www.wellsfargo.com/goals-going-to-college/?linkLoc=nba
Title: Visit Going to College
https://www.wellsfargo.com/financial-education/retirement/?linkLoc=nba
https://www.wellsfargo.com/goals-retirement-income/?linkLoc=nba
https://www.wellsfargo.com/goals-retirement-income/managing-money/?linkLoc=nba
https://www.wellsfargo.com/goals-retirement/?linkLoc=nba
Title: Go to Retirement Planning
https://www.wellsfargo.com/mortgage/buying-a-house/?linkLoc=nba
https://www.wellsfargo.com/mortgage/rates/compare-loans/?linkLoc=nba
https://www.wellsfargo.com/mortgage/mortgage-refinance/?linkLoc=nba
https://www.wellsfargo.com/mortgage/home-loans/?linkLoc=nba
Title: Go to Home Lending
https://www.wellsfargo.com/goals-credit/smarter-credit/establish-credit/?linkLoc=nba
https://www.wellsfargo.com/goals-credit/debt-to-income-calculator/?linkLoc=nba
https://www.wellsfargo.com/goals-credit/smarter-credit/manage-your-debt/consider-debt-consolidation/?linkLoc=nba
https://www.wellsfargo.com/goals-credit/?linkLoc=nba
Title: Go to Borrowing and Credit
https://www.wellsfargo.com/financial-education/insurance-protection/?linkLoc=nba
https://www.wellsfargo.com/insurance/auto/?linkLoc=nba
https://www.wellsfargo.com/insurance/home/?linkLoc=nba
https://www.wellsfargo.com/goals-protect-what-counts/?linkLoc=nba
Title: Protect What Counts
https://www.wellsfargo.com/privacy-security/fraud/report/?linkLoc=nba
https://www.wellsfargo.com/help/faqs/sign-on#iwanttochangemyusernameorpassword
https://www.wellsfargo.com/privacy-security/fraud/bank-scams/?linkLoc=nba
https://www.wellsfargo.com/privacy-security/fraud/?linkLoc=nba
Title: Learn More About Fraud Prevention
https://www.wellsfargo.com/jump/checking/minutes-checking/
Title:
https://www.wellsfargo.com/jump/credit-cards/cash-wise-200/
Title: Earn a $200 cash rewards bonus When you spend $1,000 in the first 3 months
https://www.wellsfargo.com/jump/savings/make-saving-money-simpler/
Title: Want to reach your savings goals faster? Open a savings account and start making saving a permanent habit
https://www.wellsfargo.com/about/corporate/vision-and-values/
Title: Our Vision and Values >
https://www.wellsfargo.com/about/corporate/
Title: Who We Are >
https://www.wellsfargo.com/about/corporate-responsibility/
Title: Corporate Social Responsibility >
https://www.wellsfargo.com/stories/
Title: Wells Fargo Stories >
https://www.wellsfargo.com/about/?linkLoc=footer
Title: About Wells Fargo
https://www.wellsfargo.com/about/careers/
Title: Careers
https://www.wellsfargo.com/privacy-security/
Title: PRIVACY, Cookies, Security & Legal
https://www.wellsfargo.com/privacy-security/fraud/report/
Title: Report Fraud
https://www.wellsfargo.com/sitemap
Title: Sitemap
https://www.wellsfargo.com/about/diversity/
Title: Diversity & Accessibility
https://www.wellsfargo.com/online-banking/online-access-agreement/
Title: Online Access Agreement
https://www.wellsfargo.com/privacy-security/privacy/online/#adchoices
Title: Ad Choices
https://www.facebook.com/wellsfargo
Title:
https://www.linkedin.com/company/wellsfargo
Title:
https://instagram.com/wellsfargo/
Title:
https://www.pinterest.com/wellsfargo/
Title:
https://www.youtube.com/user/wellsfargo
Title:
https://twitter.com/wellsfargo
Title:
https://www.wellsfargo.com/privacy-security/privacy/online/
Title: Digital Privacy and Cookies Policy
https://www.wellsfargo.com/exit/sipc/
Title: SIPC

79 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
/wp-includes/secure/WellsFargo/WellsFargo/wells
Redirect Chain

http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells
http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/

205 KB
35 KB

50ms
49ms

Document
text/html

195.69.76.75
CSTU-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
Protocol: HTTP/1.1
Server: 195.69.76.75 Chernihiv, Ukraine, ASN29116 (CSTU-AS, UA),
Reverse DNS
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 6f812e87c80bb6311ea2c7f962589d44b0964bfcaa74dcb758bc914091b16dde

Request headers

Host: smm.stu.cn.ua
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:27:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 13 Jan 2021 16:11:31 GMT
ETag: "335e0-5b8ca646b99a7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 35603
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Thu, 14 Jan 2021 01:27:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Location: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
Content-Length: 355
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK homepage_per.css
www01.wellsfargomedia.com/css/home 45 KB
9 KB 134ms
46ms Stylesheet
text/css 23.43.126.164
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www01.wellsfargomedia.com/css/home/homepage_per.css

Requested by

Host: smm.stu.cn.ua
URL: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.43.126.164 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-43-126-164.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

d121dceb464515079b2354ace969cca164b7020feb1191cf751afae3677d2b92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 8878
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 26 Aug 2020 19:15:22 GMT
Server: KONICHIWA/2.0
Date: Thu, 14 Jan 2021 01:27:26 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=6436817
ETag: "b347-5adcca41f4680-gzip"
Accept-Ranges: bytes
Expires: Mon, 29 Mar 2021 13:27:43 GMT

GET
H/1.1 200
OK homepage-logo-horz.svg
www01.wellsfargomedia.com/assets/images/css/template/homepage 4 KB
2 KB 139ms
46ms Image
image/svg+xml 23.43.126.164
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www01.wellsfargomedia.com/assets/images/css/template/homepage/homepage-logo-horz.svg

Requested by

Host: smm.stu.cn.ua
URL: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.43.126.164 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-43-126-164.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

f5e90d9eb8e07ccd4ebe0f25331a39d78d02af0405a32b93613f4b89fe472bbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 1699
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 17 Jul 2017 19:00:35 GMT
Server: KONICHIWA/2.0
X-Frame-Options: SAMEORIGIN
Date: Thu, 14 Jan 2021 01:27:26 GMT
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=13279565
ETag: "eaa-554880386bac0"
Accept-Ranges: bytes
Expires: Wed, 16 Jun 2021 18:13:31 GMT

GET
H/1.1 200
OK homepage-lock.svg
www04.wellsfargomedia.com/assets/images/css/template/homepage 2 KB
1 KB 145ms
46ms Image
image/svg+xml 23.43.126.164
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www04.wellsfargomedia.com/assets/images/css/template/homepage/homepage-lock.svg

Requested by

Host: smm.stu.cn.ua
URL: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.43.126.164 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-43-126-164.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

7bfab3d904c5effc47fe1577c20615a1efcf84f2a6e1b8e5ccaa501ac657fcab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 789
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 17 Jul 2017 19:00:35 GMT
Server: KONICHIWA/2.0
X-Frame-Options: SAMEORIGIN
Date: Thu, 14 Jan 2021 01:27:26 GMT
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=2041589
ETag: "6f8-554880386bac0"
Accept-Ranges: bytes
Expires: Sat, 06 Feb 2021 16:33:55 GMT

GET
H/1.1 404
Not Found homepage-magnifying-glass.svg Show response
www01.wellsfargomedia.com/assets/images/css/template/homepage 0
0 757ms
660ms Image
text/html 23.43.126.164
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www01.wellsfargomedia.com/assets/images/css/template/homepage/homepage-magnifying-glass.svg
Requested by: Host: smm.stu.cn.ua
URL: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.43.126.164 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-43-126-164.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1 200
OK homepage-caret-selector.svg
www04.wellsfargomedia.com/assets/images/css/template/homepage 336 B
779 B 154ms
50ms Image
image/svg+xml 23.43.126.164
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www04.wellsfargomedia.com/assets/images/css/template/homepage/homepage-caret-selector.svg

Requested by

Host: smm.stu.cn.ua
URL: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.43.126.164 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-43-126-164.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

ed0765dbff371196a86519e6d154c69b71fa1b7bf4ef983aaf04c5df54efd942

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 251
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 17 Jul 2017 19:00:35 GMT
Server: KONICHIWA/2.0
X-Frame-Options: SAMEORIGIN
Date: Thu, 14 Jan 2021 01:27:26 GMT
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=14009384
ETag: "150-554880386bac0"
Accept-Ranges: bytes
Expires: Fri, 25 Jun 2021 04:57:10 GMT

GET
H/1.1 200
OK homepage-lock-signon.svg
www01.wellsfargomedia.com/assets/images/css/template/homepage 2 KB
1 KB 155ms
51ms Image
image/svg+xml 23.43.126.164
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www01.wellsfargomedia.com/assets/images/css/template/homepage/homepage-lock-signon.svg

Requested by

Host: smm.stu.cn.ua
URL: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.43.126.164 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-43-126-164.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

073dbd57bfaadacd622a9b8e4f1aee42b16cd432baf7ca48a60664df80f63cb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 816
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 17 Jul 2017 19:00:35 GMT
Server: KONICHIWA/2.0
X-Frame-Options: SAMEORIGIN
Date: Thu, 14 Jan 2021 01:27:26 GMT
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=9288690
ETag: "664-554880386bac0"
Accept-Ranges: bytes
Expires: Sat, 01 May 2021 13:38:56 GMT

GET
H/1.1 200
OK wfia484_ph_b-1009_00386_1200x532.jpg
www20.wellsfargomedia.com/assets/images/contextual/banner/mortgage/1200x532 62 KB
62 KB 143ms
51ms Image
image/jpeg 23.8.3.57
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www20.wellsfargomedia.com/assets/images/contextual/banner/mortgage/1200x532/wfia484_ph_b-1009_00386_1200x532.jpg

Requested by

Host: smm.stu.cn.ua
URL: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.8.3.57 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-8-3-57.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

f4458f1df1e2b95f16486fdcffadc9d954bb566fe49f3492a8df628a672f89b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
Last-Modified: Fri, 14 Jul 2017 15:20:15 GMT
Server: KONICHIWA/2.0
X-Frame-Options: SAMEORIGIN
ETag: "f883-55448960769c0"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=9287163
Date: Thu, 14 Jan 2021 01:27:26 GMT
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Expires: Sat, 01 May 2021 13:13:29 GMT

GET
H/1.1 200
OK wfi111_ic_nba_default2_50x50.png
www20.wellsfargomedia.com/assets/images/contextual/banner/credit-card/50x50 2 KB
2 KB 157ms
51ms Image
image/png 23.8.3.57
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www20.wellsfargomedia.com/assets/images/contextual/banner/credit-card/50x50/wfi111_ic_nba_default2_50x50.png

Requested by

Host: smm.stu.cn.ua
URL: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.8.3.57 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-8-3-57.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

c135cfe37ea0a9732b2d9a1f06e751b9a733690e5af07d007f0e018df6a305e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
Last-Modified: Mon, 10 Jul 2017 19:27:30 GMT
Server: KONICHIWA/2.0
X-Frame-Options: SAMEORIGIN
ETag: "6d7-553fb92e60c80"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=9288728
Date: Thu, 14 Jan 2021 01:27:26 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1484
X-XSS-Protection: 1; mode=block
Expires: Sat, 01 May 2021 13:39:34 GMT

GET
H/1.1 200
OK wfi000_ic_b-building-house2-w_50x50.png
www20.wellsfargomedia.com/assets/images/contextual/banner/checking 2 KB
2 KB 75ms
50ms Image
image/png 23.8.3.57
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www20.wellsfargomedia.com/assets/images/contextual/banner/checking/wfi000_ic_b-building-house2-w_50x50.png

Requested by

Host: smm.stu.cn.ua
URL: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.8.3.57 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-8-3-57.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

b3d48b6920e6eea66ae9c7636c9b7f158834b2427a4688640ba06fa798506807

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
Last-Modified: Mon, 10 Jul 2017 17:52:01 GMT
Server: KONICHIWA/2.0
X-Frame-Options: SAMEORIGIN
ETag: "6c9-553fa3d6c7240"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=9288723
Date: Thu, 14 Jan 2021 01:27:26 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1458
X-XSS-Protection: 1; mode=block
Expires: Sat, 01 May 2021 13:39:29 GMT

GET
H/1.1 200
OK wfi111_ic_nba_default3_50x50.png
www04.wellsfargomedia.com/assets/images/homepage 2 KB
2 KB 47ms
46ms Image
image/png 23.43.126.164
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www04.wellsfargomedia.com/assets/images/homepage/wfi111_ic_nba_default3_50x50.png

Requested by

Host: smm.stu.cn.ua
URL: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.43.126.164 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-43-126-164.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

61ac8ffd5933c59707d7ac39764272f6e5fcfd21bc1eabedc0dd4061e68790fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Mon, 17 Jul 2017 19:00:38 GMT
Server: KONICHIWA/2.0
ETag: "7d6-5548803b48180"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=9288732
Date: Thu, 14 Jan 2021 01:27:26 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2006
X-XSS-Protection: 1; mode=block
Expires: Sat, 01 May 2021 13:39:38 GMT

GET
H/1.1 200
OK icon-makeappt_50x50.png
www04.wellsfargomedia.com/assets/images/homepage 813 B
1 KB 53ms
50ms Image
image/png 23.43.126.164
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www04.wellsfargomedia.com/assets/images/homepage/icon-makeappt_50x50.png

Requested by

Host: smm.stu.cn.ua
URL: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.43.126.164 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-43-126-164.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

00840eadcdd06f534ef281b5a632daaf7f43a10cb720d2880c0325d38c9dfdc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Mon, 17 Jul 2017 19:00:41 GMT
Server: KONICHIWA/2.0
ETag: "32d-5548803e24840"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=14004083
Date: Thu, 14 Jan 2021 01:27:26 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 813
X-XSS-Protection: 1; mode=block
Expires: Fri, 25 Jun 2021 03:28:49 GMT

GET
H/1.1 200
OK icon-rate_percent_50x50.png
www04.wellsfargomedia.com/assets/images/homepage 1 KB
2 KB 81ms
46ms Image
image/png 23.43.126.164
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www04.wellsfargomedia.com/assets/images/homepage/icon-rate_percent_50x50.png

Requested by

Host: smm.stu.cn.ua
URL: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.43.126.164 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-43-126-164.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

469ed23c33689844eb52a8bc4758887a69152296a08d656dd19c0b0f5e1bacfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Mon, 17 Jul 2017 19:00:41 GMT
Server: KONICHIWA/2.0
ETag: "4fa-5548803e24840"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=9288675
Date: Thu, 14 Jan 2021 01:27:26 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1274
X-XSS-Protection: 1; mode=block
Expires: Sat, 01 May 2021 13:38:41 GMT

GET
H/1.1 200
OK homepage-NBA-borrowing-off-193x119.jpg
www04.wellsfargomedia.com/assets/images/icons 4 KB
5 KB 106ms
51ms Image
image/jpeg 23.43.126.164
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www04.wellsfargomedia.com/assets/images/icons/homepage-NBA-borrowing-off-193x119.jpg

Requested by

Host: smm.stu.cn.ua
URL: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.43.126.164 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-43-126-164.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

e8355f925bf21bc5514b75b11c58ae3cd8494335063dc860d85881cfcf2ee6eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Mon, 17 Jul 2017 19:00:41 GMT
Server: KONICHIWA/2.0
ETag: "11c9-5548803e24840"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=9288696
Date: Thu, 14 Jan 2021 01:27:26 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4553
X-XSS-Protection: 1; mode=block
Expires: Sat, 01 May 2021 13:39:02 GMT

GET
H/1.1 200
OK homepage-NBA-banking-off-193x119.jpg
www04.wellsfargomedia.com/assets/images/icons 3 KB
4 KB 102ms
46ms Image
image/jpeg 23.43.126.164
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www04.wellsfargomedia.com/assets/images/icons/homepage-NBA-banking-off-193x119.jpg

Requested by

Host: smm.stu.cn.ua
URL: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.43.126.164 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-43-126-164.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

e8c2b0f078cc36a4724a580051ea973f17e544692b35cb830ea4c3a3d16a6639

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Mon, 17 Jul 2017 19:00:41 GMT
Server: KONICHIWA/2.0
ETag: "ddb-5548803e24840"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=9288615
Date: Thu, 14 Jan 2021 01:27:26 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3547
X-XSS-Protection: 1; mode=block
Expires: Sat, 01 May 2021 13:37:41 GMT

GET
H/1.1 200
OK homepage-NBA-retirement-off-193x119.jpg
www04.wellsfargomedia.com/assets/images/icons 4 KB
5 KB 94ms
42ms Image
image/jpeg 23.43.126.164
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www04.wellsfargomedia.com/assets/images/icons/homepage-NBA-retirement-off-193x119.jpg

Requested by

Host: smm.stu.cn.ua
URL: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.43.126.164 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-43-126-164.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

242b2f7f0198015ac3d6a526d7d47cf5b8570e58ebdb038e3ce1bae6095efeb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Mon, 17 Jul 2017 19:00:41 GMT
Server: KONICHIWA/2.0
ETag: "10b3-5548803e24840"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=14004164
Date: Thu, 14 Jan 2021 01:27:26 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4275
X-XSS-Protection: 1; mode=block
Expires: Fri, 25 Jun 2021 03:30:10 GMT

GET
H/1.1 200
OK woman-overhead-desk-computer-970x485.jpg
www04.wellsfargomedia.com/assets/images/photography/lifestyle 49 KB
49 KB 101ms
68ms Image
image/jpeg 23.43.126.164
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www04.wellsfargomedia.com/assets/images/photography/lifestyle/woman-overhead-desk-computer-970x485.jpg

Requested by

Host: smm.stu.cn.ua
URL: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.43.126.164 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-43-126-164.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

86f05c2be2274b0491b22ae233366106380515d2cddfa2659128e89f7c59e79c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Mon, 17 Jul 2017 19:00:38 GMT
Server: KONICHIWA/2.0
ETag: "c3b8-5548803b48180"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=9288648
Date: Thu, 14 Jan 2021 01:27:26 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 50104
X-XSS-Protection: 1; mode=block
Expires: Sat, 01 May 2021 13:38:14 GMT

GET
H/1.1 200
OK homepage-image-sprite.png
www04.wellsfargomedia.com/assets/images/css/template/homepage 15 KB
15 KB 109ms
57ms Image
image/png 23.43.126.164
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www04.wellsfargomedia.com/assets/images/css/template/homepage/homepage-image-sprite.png

Requested by

Host: smm.stu.cn.ua
URL: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.43.126.164 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-43-126-164.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

76425f1bc7897764846ff586b81d1495a6e807cb3ffda71ff6f51a5186b77634

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Wed, 20 Sep 2017 06:57:15 GMT
Server: KONICHIWA/2.0
ETag: "3a35-559997c5ea8c0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=9276168
Date: Thu, 14 Jan 2021 01:27:26 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14901
X-XSS-Protection: 1; mode=block
Expires: Sat, 01 May 2021 10:10:14 GMT

GET
H/1.1 200
OK homepage-footer-stagecoach.png
www01.wellsfargomedia.com/assets/images/global 4 KB
5 KB 50ms
50ms Image
image/png 23.43.126.164
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www01.wellsfargomedia.com/assets/images/global/homepage-footer-stagecoach.png

Requested by

Host: smm.stu.cn.ua
URL: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.43.126.164 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-43-126-164.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

5ba349d4d93dc2748ecdd74459d33d57328b0df69bf29c94117897bff43f6889

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Mon, 17 Jul 2017 19:00:41 GMT
Server: KONICHIWA/2.0
ETag: "113b-5548803e24840"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=9288644
Date: Thu, 14 Jan 2021 01:27:26 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4411
X-XSS-Protection: 1; mode=block
Expires: Sat, 01 May 2021 13:38:10 GMT

GET
H/1.1 200
OK homepage-image-sprite.png
www01.wellsfargomedia.com/assets/images/css/template/homepage 15 KB
15 KB 52ms
52ms Image
image/png 23.43.126.164
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www01.wellsfargomedia.com/assets/images/css/template/homepage/homepage-image-sprite.png

Requested by

Host: smm.stu.cn.ua
URL: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.43.126.164 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-43-126-164.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

76425f1bc7897764846ff586b81d1495a6e807cb3ffda71ff6f51a5186b77634

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Wed, 20 Sep 2017 06:57:15 GMT
Server: KONICHIWA/2.0
ETag: "3a35-559997c5ea8c0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=9276168
Date: Thu, 14 Jan 2021 01:27:26 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14901
X-XSS-Protection: 1; mode=block
Expires: Sat, 01 May 2021 10:10:14 GMT

GET
H/1.1 200
OK icon-equal-housing.png
www04.wellsfargomedia.com/assets/images/global 282 B
758 B 58ms
42ms Image
image/png 23.43.126.164
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www04.wellsfargomedia.com/assets/images/global/icon-equal-housing.png

Requested by

Host: smm.stu.cn.ua
URL: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.43.126.164 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-43-126-164.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

31ebc1799692cf80984ded81abc89d9e1540bc1e258770f5a24ad4386a48d3bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Mon, 17 Jul 2017 19:00:41 GMT
Server: KONICHIWA/2.0
ETag: "11a-5548803e24840"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=9288659
Date: Thu, 14 Jan 2021 01:27:26 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 282
X-XSS-Protection: 1; mode=block
Expires: Sat, 01 May 2021 13:38:25 GMT

GET
H/1.1 200
OK login-userprefs.min.js Show response
connect.secure.wellsfargo.com/auth/static/prefs 190 KB
106 KB 910ms
219ms Script
application/javascript 159.45.170.156
WELLSFARGO-10837

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js

Requested by

Host: smm.stu.cn.ua
URL: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.170.156 , United States, ASN10837 (WELLSFARGO-10837, US),

Reverse DNS

Software

KONICHIWA/1.1 /

Resource Hash

049e3b81bf87833dd59d26e4440c9bbd56ad331bbd43c1c1ba40fb390ec5effb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:27:27 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Tue, 24 Nov 2020 06:48:54 GMT
Server: KONICHIWA/1.1
X-Frame-Options: SAMEORIGIN
ETag: W/"1c8a-5b4d4b446fde6"
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: application/javascript; charset=UTF-8
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Transfer-Encoding: chunked
Connection: keep-alive
Content-Security-Policy-Report-Only: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK jquery-3.1.1.min.js Show response
www.wellsfargo.com/js/vendor 89 KB
31 KB 782ms
167ms Script
application/javascript 159.45.66.145
WELLSFARGO-4196

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wellsfargo.com/js/vendor/jquery-3.1.1.min.js

Requested by

Host: smm.stu.cn.ua
URL: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.66.145 Charlotte, United States, ASN4196 (WELLSFARGO-4196, US),

Reverse DNS

Software

KONICHIWA/2.0 /

Resource Hash

a6a468e03227b058bc0d0dc86bbc04eb074e37cc42857e21071e7ae01e3ee9ed

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.wellsfargo.com
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:27:27 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 31073
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 19 Nov 2020 19:49:14 GMT
Server: KONICHIWA/2.0
ETag: "16303-5b47b05c00280-gzip"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=1800
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=28

GET
H/1.1 200
OK homepage_per.js Show response
www.wellsfargo.com/js/global 77 KB
21 KB 788ms
165ms Script
application/javascript 159.45.66.145
WELLSFARGO-4196

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wellsfargo.com/js/global/homepage_per.js

Requested by

Host: smm.stu.cn.ua
URL: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.66.145 Charlotte, United States, ASN4196 (WELLSFARGO-4196, US),

Reverse DNS

Software

KONICHIWA/2.0 /

Resource Hash

ec9aca8e35c7174ddbfa3a3939ad9a140197ff18829d2d84f0165abdc39279e0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.wellsfargo.com
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:27:27 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 21302
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 19 Nov 2020 19:49:12 GMT
Server: KONICHIWA/2.0
ETag: "13216-5b47b05a17e00-gzip"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=1800
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=21

GET
H/1.1 200
OK homepage-signon-checkbox-inactive.svg
www01.wellsfargomedia.com/assets/images/css/template/homepage 516 B
899 B 46ms
45ms Image
image/svg+xml 23.43.126.164
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www01.wellsfargomedia.com/assets/images/css/template/homepage/homepage-signon-checkbox-inactive.svg

Requested by

Host: www01.wellsfargomedia.com
URL: https://www01.wellsfargomedia.com/css/home/homepage_per.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.43.126.164 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-43-126-164.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

7e9697a48939ce70ad22c87cc964f9701ce8f47eb3747ddbf8a1f9f3297fc5c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www01.wellsfargomedia.com/css/home/homepage_per.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 372
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 17 Jul 2017 19:00:35 GMT
Server: KONICHIWA/2.0
X-Frame-Options: SAMEORIGIN
Date: Thu, 14 Jan 2021 01:27:26 GMT
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=9288697
ETag: "204-554880386bac0"
Accept-Ranges: bytes
Expires: Sat, 01 May 2021 13:39:03 GMT

GET
H/1.1 200
OK conutils-6.9.0.js Show response
connect.secure.wellsfargo.com/auth/static/scripts 23 KB
9 KB 202ms
201ms Script
application/javascript 159.45.170.156
WELLSFARGO-10837

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/auth/static/scripts/conutils-6.9.0.js

Requested by

Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.170.156 , United States, ASN10837 (WELLSFARGO-10837, US),

Reverse DNS

Software

KONICHIWA/1.1 /

Resource Hash

7cd2b1ab0ed81ddc453b8da5357fcf7b3cbec29cd139059706a7b0bda253af48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:27:28 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy-Report-Only: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Connection: Keep-Alive
Content-Length: 8774
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 24 Nov 2020 06:48:54 GMT
Server: KONICHIWA/1.1
X-Frame-Options: SAMEORIGIN
ETag: "5bd1-5b4d4b448885a-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=10368000
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=95

GET
H/1.1 200
OK atadun.js Show response
connect.secure.wellsfargo.com/auth/static/prefs 1023 B
1 KB 419ms
203ms Script
application/javascript 159.45.170.156
WELLSFARGO-10837

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/auth/static/prefs/atadun.js

Requested by

Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.170.156 , United States, ASN10837 (WELLSFARGO-10837, US),

Reverse DNS

Software

KONICHIWA/1.1 /

Resource Hash

eb0773bab4190baeb667b0079a148b4495acab39ad0b1beeba95d5750afe5eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:27:28 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy-Report-Only: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Connection: Keep-Alive
Content-Length: 541
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 24 Nov 2020 06:48:55 GMT
Server: KONICHIWA/1.1
X-Frame-Options: SAMEORIGIN
ETag: "3ff-5b4d4b45519ac-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=1800
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=42

GET
H/1.1 200
OK glu.js Show response
connect.secure.wellsfargo.com/AIDO 58 KB
26 KB 645ms
226ms Script
application/x-javascript 159.45.170.156
WELLSFARGO-10837

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/AIDO/glu.js

Requested by

Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.170.156 , United States, ASN10837 (WELLSFARGO-10837, US),

Reverse DNS

Software

KONICHIWA/1.1 /

Resource Hash

294c7d5e6762c9c445c4b37acb1abada26d9eb284dbeb85cacac50e9d103fa06

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Xss-Protection	1; mode=block

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Jan 2021 01:27:28 GMT
Content-Encoding: gzip
Server: KONICHIWA/1.1
max-age: 0
Strict-Transport-Security: max-age=86400
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/x-javascript
X-XSS-Protection: 1; mode=block
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))

GET
H/1.1 200
OK utag.js Show response
static.wellsfargo.com/tracking/toppages 202 KB
53 KB 830ms
179ms Script
application/javascript 159.45.66.178
WELLSFARGO-4196

General

Check archive.org

Show headers Download Go to

Full URL

https://static.wellsfargo.com/tracking/toppages/utag.js

Requested by

Host: smm.stu.cn.ua
URL: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.66.178 Charlotte, United States, ASN4196 (WELLSFARGO-4196, US),

Reverse DNS

Software

KONICHIWA/2.0 /

Resource Hash

be2af759d44cb8e41caefd8b2584210f8b146d08e715b45e9f09ec87d31030f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:27:28 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 54177
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 08 Dec 2020 22:04:09 GMT
Server: KONICHIWA/2.0
X-Frame-Options: SAMEORIGIN
ETag: "3297e-5b5fb1f3e8b2c-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=1800
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=93

GET
H/1.1

200
OK

mint.js?dt=login&r=0.8564013372716623 Show response
connect.secure.wellsfargo.com/AIDO
Redirect Chain

http://connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.8564013372716623
https://connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.8564013372716623

67 KB
23 KB

736ms
219ms

Script
application/x-javascript

159.45.170.156
WELLSFARGO-10837

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.8564013372716623

Requested by

Host: smm.stu.cn.ua
URL: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.170.156 , United States, ASN10837 (WELLSFARGO-10837, US),

Reverse DNS

Software

KONICHIWA/1.1 /

Resource Hash

5380b7e1678b800f1d5a182375aa2bf26da2c23d7fea9f046a3fa901e6a2db76

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Xss-Protection	1; mode=block

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Jan 2021 01:27:28 GMT
Content-Encoding: gzip
Server: KONICHIWA/1.1
max-age: 0
Strict-Transport-Security: max-age=86400
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/x-javascript
X-XSS-Protection: 1; mode=block
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))

Redirect headers

Location: https://connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.8564013372716623
Non-Authoritative-Reason: HSTS

GET
H/1.1

200
OK

pic.js?r=0.3939982091806331 Show response
connect.secure.wellsfargo.com/PIDO
Redirect Chain

http://connect.secure.wellsfargo.com/PIDO/pic.js?r=0.3939982091806331
https://connect.secure.wellsfargo.com/PIDO/pic.js?r=0.3939982091806331

57 KB
25 KB

751ms
222ms

Script
application/x-javascript

159.45.170.156
WELLSFARGO-10837

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/PIDO/pic.js?r=0.3939982091806331

Requested by

Host: smm.stu.cn.ua
URL: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.170.156 , United States, ASN10837 (WELLSFARGO-10837, US),

Reverse DNS

Software

KONICHIWA/1.1 /

Resource Hash

2dc8ddb98665ed6e5b3479bf64ce531c66df2dbdbe8c86d7edac4797e5cdcf4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Xss-Protection	1; mode=block

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Jan 2021 01:27:28 GMT
Content-Encoding: gzip
Server: KONICHIWA/1.1
max-age: 0
Strict-Transport-Security: max-age=86400
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/x-javascript
X-XSS-Protection: 1; mode=block
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))

Redirect headers

Location: https://connect.secure.wellsfargo.com/PIDO/pic.js?r=0.3939982091806331
Non-Authoritative-Reason: HSTS

POST
H/1.1 404
Not Found tas Show response 20 KB
21 KB 581ms
581ms XHR
text/html 195.69.76.75
CSTU-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://smm.stu.cn.ua/tas
Requested by: Host: smm.stu.cn.ua
URL: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
Protocol: HTTP/1.1
Server: 195.69.76.75 Chernihiv, Ukraine, ASN29116 (CSTU-AS, UA),
Reverse DNS
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 2af36a26875e87f84df76d6f175c15cd98cb8d41b26afb5e9f32402f2ce00b77

Request headers

Accept: */*
Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 14 Jan 2021 01:27:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Link: <http://smm.stu.cn.ua/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=98
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 200
OK homepage-marquee-dot-active.svg
www01.wellsfargomedia.com/assets/images/css/template/homepage 556 B
911 B 46ms
46ms Image
image/svg+xml 23.43.126.164
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www01.wellsfargomedia.com/assets/images/css/template/homepage/homepage-marquee-dot-active.svg

Requested by

Host: www01.wellsfargomedia.com
URL: https://www01.wellsfargomedia.com/css/home/homepage_per.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.43.126.164 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-43-126-164.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

e07b5c1a91bcb918cae3188c71f28a146175a066c772e9a9f9200577e6f7da36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www01.wellsfargomedia.com/css/home/homepage_per.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 384
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 17 Jul 2017 19:00:35 GMT
Server: KONICHIWA/2.0
X-Frame-Options: SAMEORIGIN
Date: Thu, 14 Jan 2021 01:27:28 GMT
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=9288709
ETag: "22c-554880386bac0"
Accept-Ranges: bytes
Expires: Sat, 01 May 2021 13:39:17 GMT

GET
H/1.1 200
OK homepage-marquee-dot-inactive.svg
www01.wellsfargomedia.com/assets/images/css/template/homepage 552 B
911 B 48ms
48ms Image
image/svg+xml 23.43.126.164
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www01.wellsfargomedia.com/assets/images/css/template/homepage/homepage-marquee-dot-inactive.svg

Requested by

Host: www01.wellsfargomedia.com
URL: https://www01.wellsfargomedia.com/css/home/homepage_per.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.43.126.164 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-43-126-164.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

c11155f5dc039dc2543740015a6851926a264fbb14d3549ddf976b90701c96b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www01.wellsfargomedia.com/css/home/homepage_per.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 384
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 17 Jul 2017 19:00:35 GMT
Server: KONICHIWA/2.0
X-Frame-Options: SAMEORIGIN
Date: Thu, 14 Jan 2021 01:27:28 GMT
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=9288717
ETag: "228-554880386bac0"
Accept-Ranges: bytes
Expires: Sat, 01 May 2021 13:39:25 GMT

GET
H/1.1 200
OK woman-phone-looking-cityscape-970x485.jpg
www04.wellsfargomedia.com/assets/images/photography/lifestyle 34 KB
34 KB 52ms
51ms Image
image/jpeg 23.43.126.164
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www04.wellsfargomedia.com/assets/images/photography/lifestyle/woman-phone-looking-cityscape-970x485.jpg

Requested by

Host: smm.stu.cn.ua
URL: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.43.126.164 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-43-126-164.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

8570dc8ff531b82f0a7f93eb7205691868bd97cc05e5dd3c9be2f48fa8f59be3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Mon, 17 Jul 2017 19:00:38 GMT
Server: KONICHIWA/2.0
ETag: "867f-5548803b48180"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=9288588
Date: Thu, 14 Jan 2021 01:27:28 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34431
X-XSS-Protection: 1; mode=block
Expires: Sat, 01 May 2021 13:37:16 GMT

GET
H/1.1 200
OK homepage-NBA-college-off-193x119.jpg
www04.wellsfargomedia.com/assets/images/icons 5 KB
5 KB 51ms
50ms Image
image/jpeg 23.43.126.164
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www04.wellsfargomedia.com/assets/images/icons/homepage-NBA-college-off-193x119.jpg

Requested by

Host: smm.stu.cn.ua
URL: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.43.126.164 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-43-126-164.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

6243776ef925303631612e2323dc0c5b7ef57a9a251cd7ff5d6ab8b5c357a763

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Mon, 17 Jul 2017 19:00:41 GMT
Server: KONICHIWA/2.0
ETag: "123b-5548803e24840"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=9288689
Date: Thu, 14 Jan 2021 01:27:28 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4667
X-XSS-Protection: 1; mode=block
Expires: Sat, 01 May 2021 13:38:57 GMT

GET
H/1.1 200
OK homepage-NBA-investing-off-193x119.jpg
www04.wellsfargomedia.com/assets/images/icons 5 KB
6 KB 45ms
44ms Image
image/jpeg 23.43.126.164
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www04.wellsfargomedia.com/assets/images/icons/homepage-NBA-investing-off-193x119.jpg

Requested by

Host: smm.stu.cn.ua
URL: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.43.126.164 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-43-126-164.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

e982233031f317a509043346a0bbe291a9787bfaeaca3a6cd4b1fadf1a7b5a89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Mon, 17 Jul 2017 19:00:41 GMT
Server: KONICHIWA/2.0
ETag: "1517-5548803e24840"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=14004181
Date: Thu, 14 Jan 2021 01:27:28 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5399
X-XSS-Protection: 1; mode=block
Expires: Fri, 25 Jun 2021 03:30:29 GMT

GET
DATA 200
OK data:truncated
data:truncated 420 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 852bbf67c9988f8ed7e43118f914e581efb96fa4eb6d06eaf626672df92ce5fe

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 404
Not Found s.gif?log=1&pid=222-147047-64&pageUrl=http%3A%2F%2Fsmm.stu.cn.ua%2Fwp-includes%2Fsecure%2FWellsFargo%2FWellsFargo%2Fwells%2F&cb=1610587649186&event=PageLoad&eventDescription=DisplayMarqueeCarouselI... Show response
/assets/images/global 20 KB
21 KB 594ms
594ms XHR
text/html 195.69.76.75
CSTU-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://smm.stu.cn.ua/assets/images/global/s.gif?log=1&pid=222-147047-64&pageUrl=http%3A%2F%2Fsmm.stu.cn.ua%2Fwp-includes%2Fsecure%2FWellsFargo%2FWellsFargo%2Fwells%2F&cb=1610587649186&event=PageLoad&eventDescription=DisplayMarqueeCarouselItem&clist=402-149395-16~91-146911-32
Requested by: Host: smm.stu.cn.ua
URL: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
Protocol: HTTP/1.1
Server: 195.69.76.75 Chernihiv, Ukraine, ASN29116 (CSTU-AS, UA),
Reverse DNS
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 2af36a26875e87f84df76d6f175c15cd98cb8d41b26afb5e9f32402f2ce00b77

Request headers

Accept: */*
Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Jan 2021 01:27:29 GMT
Server: Apache/2.4.41 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Link: <http://smm.stu.cn.ua/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=97
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 404
Not Found s.gif?log=1&pid=222-147047-64&pageUrl=http%3A%2F%2Fsmm.stu.cn.ua%2Fwp-includes%2Fsecure%2FWellsFargo%2FWellsFargo%2Fwells%2F&cb=1610587649188&event=PageLoad&eventDescription=DisplayRibbonCarouselIt... Show response
/assets/images/global 20 KB
21 KB 613ms
588ms XHR
text/html 195.69.76.75
CSTU-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://smm.stu.cn.ua/assets/images/global/s.gif?log=1&pid=222-147047-64&pageUrl=http%3A%2F%2Fsmm.stu.cn.ua%2Fwp-includes%2Fsecure%2FWellsFargo%2FWellsFargo%2Fwells%2F&cb=1610587649188&event=PageLoad&eventDescription=DisplayRibbonCarouselItem&clist=84-147025-16~91-146912-32
Requested by: Host: smm.stu.cn.ua
URL: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
Protocol: HTTP/1.1
Server: 195.69.76.75 Chernihiv, Ukraine, ASN29116 (CSTU-AS, UA),
Reverse DNS
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 2af36a26875e87f84df76d6f175c15cd98cb8d41b26afb5e9f32402f2ce00b77

Request headers

Accept: */*
Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Jan 2021 01:27:29 GMT
Server: Apache/2.4.41 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Link: <http://smm.stu.cn.ua/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=100
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 200
Ok vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIxNiUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJ1JTIyJTNBJTIyaHR0cCUzQSUyRiUyRnNtbS5zdHUuY24udWElMkZ3cC1pbmNsdWRlcyUyRnNlY3VyZSUyRldlbGxzRmFyZ28lMkZXZWxsc0ZhcmdvJTJGd2VsbHMlMk... Show response
connect.secure.wellsfargo.com/AIDO 93 B
734 B 230ms
229ms Script
text/javascript 159.45.170.156
WELLSFARGO-10837

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIxNiUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJ1JTIyJTNBJTIyaHR0cCUzQSUyRiUyRnNtbS5zdHUuY24udWElMkZ3cC1pbmNsdWRlcyUyRnNlY3VyZSUyRldlbGxzRmFyZ28lMkZXZWxsc0ZhcmdvJTJGd2VsbHMlMkYlMjIlMkMlMjJ0JTIyJTNBJTIycnMlMjIlN0QlN0QlNUQ%3D&cid=16&si=2&e=http%3A%2F%2Fsmm.stu.cn.ua&t=jsonp&c=ozzbmiqmczv_enz_&eu=http%3A%2F%2Fsmm.stu.cn.ua%2Fwp-includes%2Fsecure%2FWellsFargo%2FWellsFargo%2Fwells%2F

Requested by

Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/AIDO/glu.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.170.156 , United States, ASN10837 (WELLSFARGO-10837, US),

Reverse DNS

Software

KONICHIWA/1.1 /

Resource Hash

f22e021d5a99d6f2237ffccb726a1f1412d7b89f356edef199124a9beb804aa0

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Xss-Protection	1; mode=block

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Jan 2021 01:27:29 GMT
Server: KONICHIWA/1.1
max-age: 0
Strict-Transport-Security: max-age=86400
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Expires: -1
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 93
X-XSS-Protection: 1; mode=block
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))

GET
H/1.1 200
OK wfic237_ph_b-f14_006_2016calendar_jul_1200x532.jpg
www20.wellsfargomedia.com/assets/images/contextual/banner/enterprise/1200x532 64 KB
62 KB 62ms
59ms Image
image/jpeg 23.8.3.57
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www20.wellsfargomedia.com/assets/images/contextual/banner/enterprise/1200x532/wfic237_ph_b-f14_006_2016calendar_jul_1200x532.jpg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.8.3.57 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-8-3-57.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

69abad940df7469304ba67c22b9662baddd92b3601bcbaafa78665bcf3f0be5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
Last-Modified: Thu, 13 Jul 2017 17:55:56 GMT
Server: KONICHIWA/2.0
X-Frame-Options: SAMEORIGIN
ETag: "101ce-55436a4f46300"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=9287125
Date: Thu, 14 Jan 2021 01:27:29 GMT
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Expires: Sat, 01 May 2021 13:12:54 GMT

GET
H/1.1 200
OK wfic239_ph_g-672544960_1200x532.jpg
www20.wellsfargomedia.com/assets/images/contextual/banner/checking/1200x532 60 KB
61 KB 49ms
46ms Image
image/jpeg 23.8.3.57
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www20.wellsfargomedia.com/assets/images/contextual/banner/checking/1200x532/wfic239_ph_g-672544960_1200x532.jpg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.8.3.57 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-8-3-57.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

d497d4e35dc603278560452aaecf71104ab503dacef1f9a0a36ee0dfb47a007e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
Last-Modified: Tue, 11 Jul 2017 19:32:04 GMT
Server: KONICHIWA/2.0
X-Frame-Options: SAMEORIGIN
ETag: "f1f9-5540fc1125500"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=13134254
Date: Thu, 14 Jan 2021 01:27:29 GMT
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Expires: Tue, 15 Jun 2021 01:51:43 GMT

GET
H/1.1 200
OK homepage-NBA-fraud-off-193x119.jpg
www04.wellsfargomedia.com/assets/images/icons 3 KB
4 KB 47ms
44ms Image
image/jpeg 23.43.126.164
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www04.wellsfargomedia.com/assets/images/icons/homepage-NBA-fraud-off-193x119.jpg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.43.126.164 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-43-126-164.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

cdffe436ab49427e8ed85e0dea34684c6d7bc4a8aec272deeceeb4fe93533664

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Mon, 17 Jul 2017 19:00:41 GMT
Server: KONICHIWA/2.0
ETag: "c92-5548803e24840"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=14091703
Date: Thu, 14 Jan 2021 01:27:29 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3218
X-XSS-Protection: 1; mode=block
Expires: Sat, 26 Jun 2021 03:49:12 GMT

GET
H/1.1 200
OK homepage-NBA-homelending-off-193x119.jpg
www04.wellsfargomedia.com/assets/images/icons 3 KB
3 KB 45ms
42ms Image
image/jpeg 23.43.126.164
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www04.wellsfargomedia.com/assets/images/icons/homepage-NBA-homelending-off-193x119.jpg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.43.126.164 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-43-126-164.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

8eeb5c0550e7fc631845c4681a92067bce01be9c69ed2a489eed9c678ea2b6f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Mon, 17 Jul 2017 19:00:41 GMT
Server: KONICHIWA/2.0
ETag: "b5d-5548803e24840"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=6592573
Date: Thu, 14 Jan 2021 01:27:29 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2909
X-XSS-Protection: 1; mode=block
Expires: Wed, 31 Mar 2021 08:43:42 GMT

GET
H/1.1 200
OK homepage-NBA-protect-off-193x119.jpg
www04.wellsfargomedia.com/assets/images/icons 5 KB
5 KB 54ms
51ms Image
image/jpeg 23.43.126.164
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www04.wellsfargomedia.com/assets/images/icons/homepage-NBA-protect-off-193x119.jpg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.43.126.164 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-43-126-164.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

1fac032b2fd7b1dbcbbf6e7ea99fad3b89dce0edc0db216bc99dfa9160580d59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Mon, 17 Jul 2017 19:00:41 GMT
Server: KONICHIWA/2.0
ETag: "12cb-5548803e24840"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=9288699
Date: Thu, 14 Jan 2021 01:27:29 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4811
X-XSS-Protection: 1; mode=block
Expires: Sat, 01 May 2021 13:39:08 GMT

GET
H/1.1 200
OK couple-computer-table-970x485.jpg
www04.wellsfargomedia.com/assets/images/photography/lifestyle 40 KB
40 KB 53ms
51ms Image
image/jpeg 23.43.126.164
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www04.wellsfargomedia.com/assets/images/photography/lifestyle/couple-computer-table-970x485.jpg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.43.126.164 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-43-126-164.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

6c403dc6063db42597bb96ff8a07c1840d71f87d030973523017dceae1ba1406

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Mon, 17 Jul 2017 19:00:38 GMT
Server: KONICHIWA/2.0
ETag: "9fe4-5548803b48180"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=8941596
Date: Thu, 14 Jan 2021 01:27:29 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 40932
X-XSS-Protection: 1; mode=block
Expires: Tue, 27 Apr 2021 13:14:05 GMT

GET
H/1.1 200
OK college-students-group-steps-970x485.jpg
www04.wellsfargomedia.com/assets/images/photography/lifestyle 57 KB
57 KB 58ms
55ms Image
image/jpeg 23.43.126.164
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www04.wellsfargomedia.com/assets/images/photography/lifestyle/college-students-group-steps-970x485.jpg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.43.126.164 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-43-126-164.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

a727a2117e102ae49310bd2353c7c4b5648aaecc29dbd259f1bb8e5b46b8f343

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Mon, 17 Jul 2017 19:00:38 GMT
Server: KONICHIWA/2.0
ETag: "e2ef-5548803b48180"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=8941507
Date: Thu, 14 Jan 2021 01:27:29 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 58095
X-XSS-Protection: 1; mode=block
Expires: Tue, 27 Apr 2021 13:12:36 GMT

GET
H/1.1 200
OK couple-smiling-water-970x485.jpg
www04.wellsfargomedia.com/assets/images/photography/lifestyle 44 KB
44 KB 58ms
56ms Image
image/jpeg 23.43.126.164
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www04.wellsfargomedia.com/assets/images/photography/lifestyle/couple-smiling-water-970x485.jpg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.43.126.164 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-43-126-164.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

ff16b9a14be7d263217a8e3c858373293be5bee30a7caf40610f57139bbc5368

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Mon, 17 Jul 2017 19:00:38 GMT
Server: KONICHIWA/2.0
ETag: "afa3-5548803b48180"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=9288575
Date: Thu, 14 Jan 2021 01:27:29 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 44963
X-XSS-Protection: 1; mode=block
Expires: Sat, 01 May 2021 13:37:04 GMT

GET
H/1.1 200
OK man-moving-plant-shelf-970x485.jpg
www04.wellsfargomedia.com/assets/images/photography/lifestyle 33 KB
34 KB 49ms
48ms Image
image/jpeg 23.43.126.164
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www04.wellsfargomedia.com/assets/images/photography/lifestyle/man-moving-plant-shelf-970x485.jpg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.43.126.164 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-43-126-164.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

c34f7ac45ef5bf8b44c75f36fdde70f2aa13ba31a2e61fe96792dfdd71b97e19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Mon, 17 Jul 2017 19:00:38 GMT
Server: KONICHIWA/2.0
ETag: "8573-5548803b48180"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=14004111
Date: Thu, 14 Jan 2021 01:27:29 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34163
X-XSS-Protection: 1; mode=block
Expires: Fri, 25 Jun 2021 03:29:20 GMT

GET
H/1.1 200
OK boy-standing-wall-measure-height-970x485.jpg
www04.wellsfargomedia.com/assets/images/photography/lifestyle 30 KB
30 KB 59ms
59ms Image
image/jpeg 23.43.126.164
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www04.wellsfargomedia.com/assets/images/photography/lifestyle/boy-standing-wall-measure-height-970x485.jpg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.43.126.164 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-43-126-164.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

dfae2c122ebd4ed9bb3a0b2a3ae98ec99a7026d75c930ab1222ddcf21e81138d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Mon, 17 Jul 2017 19:00:38 GMT
Server: KONICHIWA/2.0
ETag: "7726-5548803b48180"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=9582626
Date: Thu, 14 Jan 2021 01:27:29 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30502
X-XSS-Protection: 1; mode=block
Expires: Tue, 04 May 2021 23:17:55 GMT

GET
H/1.1 200
OK man-sitting-phone-computer-970x485.jpg
www04.wellsfargomedia.com/assets/images/photography/lifestyle 35 KB
35 KB 53ms
53ms Image
image/jpeg 23.43.126.164
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www04.wellsfargomedia.com/assets/images/photography/lifestyle/man-sitting-phone-computer-970x485.jpg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.43.126.164 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-43-126-164.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

877a1d05e8511a3f64e2a74faa83549cccce2c999bd82977da7e793f4c1a4b89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Mon, 17 Jul 2017 19:00:38 GMT
Server: KONICHIWA/2.0
ETag: "8bf4-5548803b48180"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=9582611
Date: Thu, 14 Jan 2021 01:27:29 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35828
X-XSS-Protection: 1; mode=block
Expires: Tue, 04 May 2021 23:17:40 GMT

GET
H/1.1 200
OK wfia081_ph_b7007_00117_489x234.jpg
www20.wellsfargomedia.com/assets/images/contextual/banner/checking/489x234 19 KB
19 KB 75ms
73ms Image
image/jpeg 23.8.3.57
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www20.wellsfargomedia.com/assets/images/contextual/banner/checking/489x234/wfia081_ph_b7007_00117_489x234.jpg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.8.3.57 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-8-3-57.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

84881c2646cd62502d360afcad048ec481bb3071e75fa3509b78b7520172af98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
Last-Modified: Mon, 10 Jul 2017 17:51:29 GMT
Server: KONICHIWA/2.0
X-Frame-Options: SAMEORIGIN
ETag: "4d24-553fa3b842a40"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=9288664
Date: Thu, 14 Jan 2021 01:27:29 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19420
X-XSS-Protection: 1; mode=block
Expires: Sat, 01 May 2021 13:38:33 GMT

GET
H/1.1 200
OK wfcc050_ph_b-cashwise-plat-flat-ccd4269_304x194.jpg
www20.wellsfargomedia.com/assets/images/contextual/banner/credit-card/304x194 8 KB
8 KB 48ms
48ms Image
image/jpeg 23.8.3.57
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www20.wellsfargomedia.com/assets/images/contextual/banner/credit-card/304x194/wfcc050_ph_b-cashwise-plat-flat-ccd4269_304x194.jpg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.8.3.57 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-8-3-57.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

76f6ede8a1cd9eabf0313bb359ff150573f42c4aa0b77eb903bd09abf3484984

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
Last-Modified: Thu, 13 Jul 2017 13:00:32 GMT
Server: KONICHIWA/2.0
X-Frame-Options: SAMEORIGIN
ETag: "20e7-5543284859c00"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=9288712
Date: Thu, 14 Jan 2021 01:27:29 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7468
X-XSS-Protection: 1; mode=block
Expires: Sat, 01 May 2021 13:39:21 GMT

GET
H/1.1 200
OK wfia432_ph_g132269213_304x194.jpg
www20.wellsfargomedia.com/assets/images/contextual/banner/savings/304x194 21 KB
21 KB 45ms
45ms Image
image/jpeg 23.8.3.57
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www20.wellsfargomedia.com/assets/images/contextual/banner/savings/304x194/wfia432_ph_g132269213_304x194.jpg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.8.3.57 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-8-3-57.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

ba56503b4f2937c11f971c2172cc0a5739f540b1882ef185f7d35da311377236

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
Last-Modified: Mon, 10 Jul 2017 17:56:35 GMT
Server: KONICHIWA/2.0
X-Frame-Options: SAMEORIGIN
ETag: "5577-553fa4dc15ac0"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=9288643
Date: Thu, 14 Jan 2021 01:27:29 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21450
X-XSS-Protection: 1; mode=block
Expires: Sat, 01 May 2021 13:38:12 GMT

GET
H/1.1 200
OK wfi111_ph_hre_default3_304x194.jpg
www04.wellsfargomedia.com/assets/images/homepage 14 KB
15 KB 51ms
50ms Image
image/jpeg 23.43.126.164
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www04.wellsfargomedia.com/assets/images/homepage/wfi111_ph_hre_default3_304x194.jpg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.43.126.164 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-43-126-164.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

34f5250710ce0ee2c5bdf5a5ff1a071a61b8c171b7f0ab96bf6deb935483a3d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Mon, 17 Jul 2017 19:00:38 GMT
Server: KONICHIWA/2.0
ETag: "3852-5548803b48180"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=4726096
Date: Thu, 14 Jan 2021 01:27:29 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14418
X-XSS-Protection: 1; mode=block
Expires: Tue, 09 Mar 2021 18:15:45 GMT

GET
H/1.1 200
OK wellsfargo-volunteers-building-house-414x240.jpg
www01.wellsfargomedia.com/assets/images/photography/lifestyle 29 KB
30 KB 78ms
77ms Image
image/jpeg 23.43.126.164
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www01.wellsfargomedia.com/assets/images/photography/lifestyle/wellsfargo-volunteers-building-house-414x240.jpg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.43.126.164 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-43-126-164.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

dfa93fa1a9716fb1f1e830e14478d5bf98e7213150e66bcdbb72e0ea3a88db1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Mon, 17 Jul 2017 19:00:38 GMT
Server: KONICHIWA/2.0
ETag: "744d-5548803b48180"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=8956049
Date: Thu, 14 Jan 2021 01:27:29 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29773
X-XSS-Protection: 1; mode=block
Expires: Tue, 27 Apr 2021 17:14:58 GMT

GET
H/1.1 200
OK id?d_visid_ver=4.5.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=1BAA15F354F731E60A4C98A4%40AdobeOrg&d_nsid=1&d_coop_unsafe=1&ts=1610587649223
dpm.demdex.net 382 B
1 KB 139ms
111ms XHR
application/json 34.251.60.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://dpm.demdex.net/id?d_visid_ver=4.5.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=1BAA15F354F731E60A4C98A4%40AdobeOrg&d_nsid=1&d_coop_unsafe=1&ts=1610587649223
Requested by: Host: smm.stu.cn.ua
URL: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
Protocol: HTTP/1.1
Server: 34.251.60.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-60-147.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a85544c48f0f11371f1868ab004a5ce25fa73bccb444b2954d5bdeb019ddedab

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v087-01e13f359.edge-irl1.demdex.com 5.80.4.20201224153022 2ms (+1ms)
Pragma: no-cache
Content-Encoding: gzip
X-TID: NIDU99GIS8c=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: http://smm.stu.cn.ua
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 314
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK detector-dom.min.js Show response
static.wellsfargo.com/tracking/gb 305 KB
94 KB 188ms
188ms Script
application/javascript 159.45.66.178
WELLSFARGO-4196

General

Check archive.org

Show headers Download Go to

Full URL

https://static.wellsfargo.com/tracking/gb/detector-dom.min.js

Requested by

Host: static.wellsfargo.com
URL: https://static.wellsfargo.com/tracking/toppages/utag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.66.178 Charlotte, United States, ASN4196 (WELLSFARGO-4196, US),

Reverse DNS

Software

KONICHIWA/2.0 /

Resource Hash

ec134d1a13470bc3b92bb7b3703e0e8b9abdee5b14aa1bd094ea69a830d166e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:27:29 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 17 Nov 2020 22:00:44 GMT
Server: KONICHIWA/2.0
X-Frame-Options: SAMEORIGIN
ETag: "4c352-5b454a0654d10-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=1800
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=98

GET
H/1.1 200
OK gtag.js?id=UA-107148943-1 Show response
static.wellsfargo.com/tracking/ga 77 KB
30 KB 538ms
171ms Script
application/javascript 159.45.66.178
WELLSFARGO-4196

General

Check archive.org

Show headers Download Go to

Full URL

https://static.wellsfargo.com/tracking/ga/gtag.js?id=UA-107148943-1

Requested by

Host: static.wellsfargo.com
URL: https://static.wellsfargo.com/tracking/toppages/utag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.66.178 Charlotte, United States, ASN4196 (WELLSFARGO-4196, US),

Reverse DNS

Software

KONICHIWA/2.0 /

Resource Hash

9c3fed642cd01773b36db8b14bb452d37096a835d5f4ab2524d008a4cf595833

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:27:29 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 30185
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 02 Jul 2020 22:00:22 GMT
Server: KONICHIWA/2.0
X-Frame-Options: SAMEORIGIN
ETag: "13481-5a97c88fe3b01-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=1800
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=96

GET
H/1.1 200
OK id?d_visid_ver=4.5.2&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=1BAA15F354F731E60A4C98A4%40AdobeOrg&d_nsid=1&d_mid=07593403204810980600716427538506806340&d_coop_unsafe=1&d_blob=6G1ynYcLPuiQxYZrsz...
dpm.demdex.net 382 B
1 KB 71ms
71ms XHR
application/json 34.251.60.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://dpm.demdex.net/id?d_visid_ver=4.5.2&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=1BAA15F354F731E60A4C98A4%40AdobeOrg&d_nsid=1&d_mid=07593403204810980600716427538506806340&d_coop_unsafe=1&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&d_cid_ic=wfacookieidsync%014520160607013717599968517%011&ts=1610587649368
Requested by: Host: smm.stu.cn.ua
URL: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
Protocol: HTTP/1.1
Server: 34.251.60.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-60-147.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 049112cddb1200da9aa6775f0b3625cea08141630fa5d7dac550c8645a686ce4

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v087-00e51fc11.edge-irl1.demdex.com 5.80.4.20201224153022 3ms (+0ms)
Pragma: no-cache
Content-Encoding: gzip
X-TID: u3/ceBiBQTI=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: http://smm.stu.cn.ua
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 313
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK event?d_dil_ver=9.3&_ts=1610587649227
wellsfargobankna.demdex.net 542 B
1 KB 272ms
73ms XHR
application/json 34.251.60.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://wellsfargobankna.demdex.net/event?d_dil_ver=9.3&_ts=1610587649227

Requested by

Host: smm.stu.cn.ua
URL: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.251.60.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-251-60-147.eu-west-1.compute.amazonaws.com

Software

Resource Hash

25a0595d5fd8340f18abd5dba21f3df34cf217b22d961969c1f32194ec5b041f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v087-0bd6f3a2b.edge-irl1.demdex.com 5.80.4.20201224153022 6ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: CicASLjiQH0=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: http://smm.stu.cn.ua
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 542
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK cls_report?_cls_s=7fb34552-5fd9-4f27-9a76-3b1e06255f37%3A0&_cls_v=c26263d9-5e03-4573-bb0d-2a725e5ce27f Show response
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38 8 B
904 B 808ms
205ms XHR
text/plain 159.45.170.139
WELLSFARGO-10837

General

Check archive.org

Show headers Download Go to

Full URL

https://rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=7fb34552-5fd9-4f27-9a76-3b1e06255f37%3A0&_cls_v=c26263d9-5e03-4573-bb0d-2a725e5ce27f

Requested by

Host: smm.stu.cn.ua
URL: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.170.139 , United States, ASN10837 (WELLSFARGO-10837, US),

Reverse DNS

Software

GlassBox Cligate /

Resource Hash

7e110cd7bd24b7ab71f1620fff6c7c2692decbd5046a70abd02d5484c22c8c7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:27:30 GMT
content-encoding: gzip
X-Content-Type-Options: nosniff
Server: GlassBox Cligate
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: text/plain; charset=utf-8
access-control-allow-origin: http://smm.stu.cn.ua
access-control-allow-credentials: true
Connection: Keep-Alive
vary: origin
content-length: 32
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=15, max=75

GET
H/1.1 200
OK ga.js Show response
static.wellsfargo.com/tracking/ga 44 KB
18 KB 164ms
164ms Script
application/javascript 159.45.66.178
WELLSFARGO-4196

General

Check archive.org

Show headers Download Go to

Full URL

https://static.wellsfargo.com/tracking/ga/ga.js

Requested by

Host: static.wellsfargo.com
URL: https://static.wellsfargo.com/tracking/ga/gtag.js?id=UA-107148943-1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.66.178 Charlotte, United States, ASN4196 (WELLSFARGO-4196, US),

Reverse DNS

Software

KONICHIWA/2.0 /

Resource Hash

3465de7177b9f8f4f2acb245ec87b1468455db24d2c7526544aaadadde3f99f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:27:29 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 18029
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 02 Sep 2020 21:30:22 GMT
Server: KONICHIWA/2.0
X-Frame-Options: SAMEORIGIN
ETag: "b079-5ae5b57d84049-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=1800
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99

GET
H3-Q050

200

activityi;dc_pre=CP6Zh8aimu4CFWTiuwgdC5sN6w;src=2549153;type=allv40;cat=all_a00;ord=2071587611690;gtm=2on480;u1=4520160607013717599968517;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=http%3A%2F%2Fs...
2549153.fls.doubleclick.net
Redirect Chain

https://2549153.fls.doubleclick.net/activityi;src=2549153;type=allv40;cat=all_a00;ord=2071587611690;gtm=2on480;u1=4520160607013717599968517;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=http%3A%2F%2...
https://2549153.fls.doubleclick.net/activityi;dc_pre=CP6Zh8aimu4CFWTiuwgdC5sN6w;src=2549153;type=allv40;cat=all_a00;ord=2071587611690;gtm=2on480;u1=4520160607013717599968517;u5=n;u8=WWW;u11=PRODUCT...

0
0

125ms
72ms

Document
text/html

172.217.21.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2549153.fls.doubleclick.net/activityi;dc_pre=CP6Zh8aimu4CFWTiuwgdC5sN6w;src=2549153;type=allv40;cat=all_a00;ord=2071587611690;gtm=2on480;u1=4520160607013717599968517;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=http%3A%2F%2Fsmm.stu.cn.ua%2Fwp-includes%2Fsecure%2FWellsFargo%2FWellsFargo%2Fwells%2F?

Requested by

Host: static.wellsfargo.com
URL: https://static.wellsfargo.com/tracking/ga/gtag.js?id=UA-107148943-1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 2549153.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CP6Zh8aimu4CFWTiuwgdC5sN6w;src=2549153;type=allv40;cat=all_a00;ord=2071587611690;gtm=2on480;u1=4520160607013717599968517;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=http%3A%2F%2Fsmm.stu.cn.ua%2Fwp-includes%2Fsecure%2FWellsFargo%2FWellsFargo%2Fwells%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 14 Jan 2021 01:27:30 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 442
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 14-Jan-2021 01:42:30 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 14 Jan 2021 01:27:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://2549153.fls.doubleclick.net/activityi;dc_pre=CP6Zh8aimu4CFWTiuwgdC5sN6w;src=2549153;type=allv40;cat=all_a00;ord=2071587611690;gtm=2on480;u1=4520160607013717599968517;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=http%3A%2F%2Fsmm.stu.cn.ua%2Fwp-includes%2Fsecure%2FWellsFargo%2FWellsFargo%2Fwells%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK ga_conversion_async.js Show response
static.wellsfargo.com/tracking/ga 28 KB
11 KB 161ms
161ms Script
application/javascript 159.45.66.178
WELLSFARGO-4196

General

Check archive.org

Show headers Download Go to

Full URL

https://static.wellsfargo.com/tracking/ga/ga_conversion_async.js

Requested by

Host: static.wellsfargo.com
URL: https://static.wellsfargo.com/tracking/ga/gtag.js?id=UA-107148943-1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.66.178 Charlotte, United States, ASN4196 (WELLSFARGO-4196, US),

Reverse DNS

Software

KONICHIWA/2.0 /

Resource Hash

a47e977e534775d5300f75d83c580c9d9e474451dc0786da770a58e5b20e1ea5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:27:29 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 10548
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 02 Jun 2020 22:00:43 GMT
Server: KONICHIWA/2.0
X-Frame-Options: SAMEORIGIN
ETag: "6ed3-5a7210afa9dcc-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=1800
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=95

GET
H/1.1 200
OK ec.js Show response
static.wellsfargo.com/tracking/ga 3 KB
2 KB 156ms
155ms Script
application/javascript 159.45.66.178
WELLSFARGO-4196

General

Check archive.org

Show headers Download Go to

Full URL

https://static.wellsfargo.com/tracking/ga/ec.js

Requested by

Host: static.wellsfargo.com
URL: https://static.wellsfargo.com/tracking/ga/ga.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.66.178 Charlotte, United States, ASN4196 (WELLSFARGO-4196, US),

Reverse DNS

Software

KONICHIWA/2.0 /

Resource Hash

88f446260f35cd4da0de8420a0dda922547d73568980a0e73c15d94f65467742

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:27:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 1316
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 02 Jun 2020 22:00:43 GMT
Server: KONICHIWA/2.0
X-Frame-Options: SAMEORIGIN
ETag: "aee-5a7210afa9dcc-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=1800
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=94

GET
H2

200

ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-107148943-1&cid=1577183776.1610587650&jid=309922473&_v=j81&z=1323414975&slf_rd=1&random=3770625488
www.google.de/ads
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&aip=1&a=870893352&t=pageview&_s=1&dl=http%3A%2F%2Fsmm.stu.cn.ua%2Fwp-includes%2Fsecure%2FWellsFargo%2FWellsFargo%2Fwells%2F&ul=en-us&de=UTF-8&d...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-107148943-1&cid=1577183776.1610587650&jid=309922473&_gid=2039267833.1610587650&gjid=1556451322&_v=j81&z=1323414975
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-107148943-1&cid=1577183776.1610587650&jid=309922473&_v=j81&z=1323414975
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-107148943-1&cid=1577183776.1610587650&jid=309922473&_v=j81&z=1323414975&slf_rd=1&random=3770625488

42 B
107 B

17ms
16ms

Image
image/gif

2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-107148943-1&cid=1577183776.1610587650&jid=309922473&_v=j81&z=1323414975&slf_rd=1&random=3770625488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 01:27:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Jan 2021 01:27:30 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-107148943-1&cid=1577183776.1610587650&jid=309922473&_v=j81&z=1323414975&slf_rd=1&random=3770625488
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

?random=1610587650035&cv=9&fst=1610586000000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2on480&sendb=1&data=eve...
www.google.de/pagead/1p-user-list/984436569
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/984436569/?random=1610587650035&cv=9&fst=1610587650035&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=12...
https://www.google.com/pagead/1p-user-list/984436569/?random=1610587650035&cv=9&fst=1610586000000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=...
https://www.google.de/pagead/1p-user-list/984436569/?random=1610587650035&cv=9&fst=1610586000000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=f...

42 B
108 B

19ms
19ms

Image
image/gif

2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/984436569/?random=1610587650035&cv=9&fst=1610586000000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2on480&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fsmm.stu.cn.ua%2Fwp-includes%2Fsecure%2FWellsFargo%2FWellsFargo%2Fwells%2F&tiba=Wells%20Fargo%20%3F%20Banking%2C%20Credit%20Cards%2C%20Loans%2C%20Insurance%2C%20Mortgages%20%26%20More&async=1&is_vtc=1&random=3876151636&resp=GooglemKTybQhCsO&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 01:27:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Jan 2021 01:27:30 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/984436569/?random=1610587650035&cv=9&fst=1610586000000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2on480&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fsmm.stu.cn.ua%2Fwp-includes%2Fsecure%2FWellsFargo%2FWellsFargo%2Fwells%2F&tiba=Wells%20Fargo%20%3F%20Banking%2C%20Credit%20Cards%2C%20Loans%2C%20Insurance%2C%20Mortgages%20%26%20More&async=1&is_vtc=1&random=3876151636&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect?v=1&_v=j81&a=870893352&t=timing&_s=2&dl=http%3A%2F%2Fsmm.stu.cn.ua%2Fwp-includes%2Fsecure%2FWellsFargo%2FWellsFargo%2Fwells%2F&ul=en-us&de=UTF-8&dt=Wells%20Fargo%20%3F%20Banking%2C%20Credit...
www.google-analytics.com 35 B
96 B 6ms
5ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=870893352&t=timing&_s=2&dl=http%3A%2F%2Fsmm.stu.cn.ua%2Fwp-includes%2Fsecure%2FWellsFargo%2FWellsFargo%2Fwells%2F&ul=en-us&de=UTF-8&dt=Wells%20Fargo%20%3F%20Banking%2C%20Credit%20Cards%2C%20Loans%2C%20Insurance%2C%20Mortgages%20%26%20More&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2842&pdt=41&dns=0&rrt=91&srt=49&tcp=0&dit=1755&clt=1755&_gst=3504&_gbt=3677&_cst=2839&_cbt=3499&_u=oGBACUALB~&jid=&gjid=&cid=1577183776.1610587650&tid=UA-107148943-1&_gid=2039267833.1610587650&z=646099005

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Jan 2021 13:49:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 41893
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect
www.google-analytics.com 35 B
420 B 47ms
13ms Other
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: static.wellsfargo.com
URL: https://static.wellsfargo.com/tracking/ga/ga.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 01:27:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: http://smm.stu.cn.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 404
Not Found s.gif?log=1&pid=222-147047-64&pageUrl=http%3A%2F%2Fsmm.stu.cn.ua%2Fwp-includes%2Fsecure%2FWellsFargo%2FWellsFargo%2Fwells%2F&cb=1610587656127&event=LinkActivated&eventType=autoload&eventDescription... Show response
/assets/images/global 20 KB
21 KB 624ms
597ms XHR
text/html 195.69.76.75
CSTU-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://smm.stu.cn.ua/assets/images/global/s.gif?log=1&pid=222-147047-64&pageUrl=http%3A%2F%2Fsmm.stu.cn.ua%2Fwp-includes%2Fsecure%2FWellsFargo%2FWellsFargo%2Fwells%2F&cb=1610587656127&event=LinkActivated&eventType=autoload&eventDescription=DisplayMarqueeCarouselItem&clist=402-149162-16~91-146911-32
Requested by: Host: smm.stu.cn.ua
URL: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
Protocol: HTTP/1.1
Server: 195.69.76.75 Chernihiv, Ukraine, ASN29116 (CSTU-AS, UA),
Reverse DNS
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 2af36a26875e87f84df76d6f175c15cd98cb8d41b26afb5e9f32402f2ce00b77

Request headers

Accept: */*
Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Jan 2021 01:27:36 GMT
Server: Apache/2.4.41 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Link: <http://smm.stu.cn.ua/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=100
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 404
Not Found s.gif?log=1&pid=222-147047-64&pageUrl=http%3A%2F%2Fsmm.stu.cn.ua%2Fwp-includes%2Fsecure%2FWellsFargo%2FWellsFargo%2Fwells%2F&cb=1610587656137&offerType=iaRendered&slotId=WF_CON_HP_PRIMARY_BNR_2&off... Show response
/assets/images/global 20 KB
21 KB 621ms
595ms XHR
text/html 195.69.76.75
CSTU-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://smm.stu.cn.ua/assets/images/global/s.gif?log=1&pid=222-147047-64&pageUrl=http%3A%2F%2Fsmm.stu.cn.ua%2Fwp-includes%2Fsecure%2FWellsFargo%2FWellsFargo%2Fwells%2F&cb=1610587656137&offerType=iaRendered&slotId=WF_CON_HP_PRIMARY_BNR_2&offerId=C_ent_commitment_hpprimary_web
Requested by: Host: smm.stu.cn.ua
URL: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
Protocol: HTTP/1.1
Server: 195.69.76.75 Chernihiv, Ukraine, ASN29116 (CSTU-AS, UA),
Reverse DNS
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 2af36a26875e87f84df76d6f175c15cd98cb8d41b26afb5e9f32402f2ce00b77

Request headers

Accept: */*
Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Jan 2021 01:27:36 GMT
Server: Apache/2.4.41 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Link: <http://smm.stu.cn.ua/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=100
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 200
OK wfic237_ph_b-f14_006_2016calendar_jul_1200x532.jpg
www20.wellsfargomedia.com/assets/images/contextual/banner/enterprise/1200x532 64 KB
62 KB 47ms
46ms Image
image/jpeg 23.8.3.57
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www20.wellsfargomedia.com/assets/images/contextual/banner/enterprise/1200x532/wfic237_ph_b-f14_006_2016calendar_jul_1200x532.jpg

Requested by

Host: www.wellsfargo.com
URL: https://www.wellsfargo.com/js/vendor/jquery-3.1.1.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.8.3.57 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-8-3-57.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

69abad940df7469304ba67c22b9662baddd92b3601bcbaafa78665bcf3f0be5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
Last-Modified: Thu, 13 Jul 2017 17:55:56 GMT
Server: KONICHIWA/2.0
X-Frame-Options: SAMEORIGIN
ETag: "101ce-55436a4f46300"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=9287118
Date: Thu, 14 Jan 2021 01:27:36 GMT
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Expires: Sat, 01 May 2021 13:12:54 GMT

GET
H/1.1 200
OK homepage-marquee-dot-inactive.svg
www01.wellsfargomedia.com/assets/images/css/template/homepage 552 B
911 B 42ms
42ms Image
image/svg+xml 23.43.126.164
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www01.wellsfargomedia.com/assets/images/css/template/homepage/homepage-marquee-dot-inactive.svg

Requested by

Host: www.wellsfargo.com
URL: https://www.wellsfargo.com/js/vendor/jquery-3.1.1.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.43.126.164 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-43-126-164.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

c11155f5dc039dc2543740015a6851926a264fbb14d3549ddf976b90701c96b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 384
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 17 Jul 2017 19:00:35 GMT
Server: KONICHIWA/2.0
X-Frame-Options: SAMEORIGIN
Date: Thu, 14 Jan 2021 01:27:36 GMT
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=9288709
ETag: "228-554880386bac0"
Accept-Ranges: bytes
Expires: Sat, 01 May 2021 13:39:25 GMT

POST
H/1.1 404
Not Found tas Show response 20 KB
21 KB 628ms
603ms XHR
text/html 195.69.76.75
CSTU-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://smm.stu.cn.ua/tas
Requested by: Host: smm.stu.cn.ua
URL: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
Protocol: HTTP/1.1
Server: 195.69.76.75 Chernihiv, Ukraine, ASN29116 (CSTU-AS, UA),
Reverse DNS
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 2af36a26875e87f84df76d6f175c15cd98cb8d41b26afb5e9f32402f2ce00b77

Request headers

Accept: */*
Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 14 Jan 2021 01:27:36 GMT
Server: Apache/2.4.41 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Link: <http://smm.stu.cn.ua/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=100
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 200
OK homepage-marquee-dot-active.svg
www01.wellsfargomedia.com/assets/images/css/template/homepage 556 B
911 B 42ms
42ms Image
image/svg+xml 23.43.126.164
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www01.wellsfargomedia.com/assets/images/css/template/homepage/homepage-marquee-dot-active.svg

Requested by

Host: www.wellsfargo.com
URL: https://www.wellsfargo.com/js/vendor/jquery-3.1.1.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.43.126.164 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-43-126-164.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

e07b5c1a91bcb918cae3188c71f28a146175a066c772e9a9f9200577e6f7da36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 384
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 17 Jul 2017 19:00:35 GMT
Server: KONICHIWA/2.0
X-Frame-Options: SAMEORIGIN
Date: Thu, 14 Jan 2021 01:27:36 GMT
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=9288701
ETag: "22c-554880386bac0"
Accept-Ranges: bytes
Expires: Sat, 01 May 2021 13:39:17 GMT

POST
H/1.1 200
OK cls_report?clsjsv=6.3.106B181&_cls_s=7fb34552-5fd9-4f27-9a76-3b1e06255f37:0&_cls_v=c26263d9-5e03-4573-bb0d-2a725e5ce27f&pid=ce0007ee-e417-4cfd-8ffb-025af29071d0&sn=1&aid=
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38 2 KB
1 KB 212ms
212ms XHR
application/json 159.45.170.139
WELLSFARGO-10837

General

Check archive.org

Show headers Download Go to

Full URL

https://rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.3.106B181&_cls_s=7fb34552-5fd9-4f27-9a76-3b1e06255f37:0&_cls_v=c26263d9-5e03-4573-bb0d-2a725e5ce27f&pid=ce0007ee-e417-4cfd-8ffb-025af29071d0&sn=1&aid=

Requested by

Host: smm.stu.cn.ua
URL: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.45.170.139 , United States, ASN10837 (WELLSFARGO-10837, US),

Reverse DNS

Software

GlassBox Cligate /

Resource Hash

11c7dca6ef08df1894e38fe2aaf8fe477d8b66090b240f77fa00b911819b5b8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Thu, 14 Jan 2021 01:27:40 GMT
content-encoding: gzip
X-Content-Type-Options: nosniff
Server: GlassBox Cligate
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Type: application/json
access-control-allow-origin: http://smm.stu.cn.ua
access-control-allow-credentials: true
Connection: Keep-Alive
vary: origin
content-length: 491
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=15, max=75

POST cls_report?clsjsv=6.3.106B181&_cls_s=7fb34552-5fd9-4f27-9a76-3b1e06255f37:0&_cls_v=c26263d9-5e03-4573-bb0d-2a725e5ce27f&pid=ce0007ee-e417-4cfd-8ffb-025af29071d0&sn=2&aid=
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38 0
0

POST cls_report?clsjsv=6.3.106B181&_cls_s=7fb34552-5fd9-4f27-9a76-3b1e06255f37:0&_cls_v=c26263d9-5e03-4573-bb0d-2a725e5ce27f&pid=ce0007ee-e417-4cfd-8ffb-025af29071d0&sn=3&aid=
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38 0
0

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

Request 0

http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells
http://smm.stu.cn.ua/wp-includes/secure/WellsFargo/WellsFargo/wells/

Request 29

http://connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.8564013372716623
https://connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.8564013372716623

Request 30

http://connect.secure.wellsfargo.com/PIDO/pic.js?r=0.3939982091806331
https://connect.secure.wellsfargo.com/PIDO/pic.js?r=0.3939982091806331

Request 64

https://2549153.fls.doubleclick.net/activityi;src=2549153;type=allv40;cat=all_a00;ord=2071587611690;gtm=2on480;u1=4520160607013717599968517;u5=n;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=http%3A%2F%2...
https://2549153.fls.doubleclick.net/activityi;dc_pre=CP6Zh8aimu4CFWTiuwgdC5sN6w;src=2549153;type=allv40;cat=all_a00;ord=2071587611690;gtm=2on480;u1=4520160607013717599968517;u5=n;u8=WWW;u11=PRODUCT...

Request 67

https://www.google-analytics.com/r/collect?v=1&_v=j81&aip=1&a=870893352&t=pageview&_s=1&dl=http%3A%2F%2Fsmm.stu.cn.ua%2Fwp-includes%2Fsecure%2FWellsFargo%2FWellsFargo%2Fwells%2F&ul=en-us&de=UTF-8&d...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-107148943-1&cid=1577183776.1610587650&jid=309922473&_gid=2039267833.1610587650&gjid=1556451322&_v=j81&z=1323414975
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-107148943-1&cid=1577183776.1610587650&jid=309922473&_v=j81&z=1323414975
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-107148943-1&cid=1577183776.1610587650&jid=309922473&_v=j81&z=1323414975&slf_rd=1&random=3770625488

Request 68

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/984436569/?random=1610587650035&cv=9&fst=1610587650035&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=12...
https://www.google.com/pagead/1p-user-list/984436569/?random=1610587650035&cv=9&fst=1610586000000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=...
https://www.google.de/pagead/1p-user-list/984436569/?random=1610587650035&cv=9&fst=1610586000000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=f...

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: rubicon.wellsfargo.com
URL: https://rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.3.106B181&_cls_s=7fb34552-5fd9-4f27-9a76-3b1e06255f37:0&_cls_v=c26263d9-5e03-4573-bb0d-2a725e5ce27f&pid=ce0007ee-e417-4cfd-8ffb-025af29071d0&sn=2&aid=

Domain: rubicon.wellsfargo.com
URL: https://rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.3.106B181&_cls_s=7fb34552-5fd9-4f27-9a76-3b1e06255f37:0&_cls_v=c26263d9-5e03-4573-bb0d-2a725e5ce27f&pid=ce0007ee-e417-4cfd-8ffb-025af29071d0&sn=3&aid=

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Wells Fargo (Banking)

165 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

smm.stu.cn.ua urlscan Pro 195.69.76.75 Malicious Activity!

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Stats

0 Requests

0 %HTTPS

0 %IPv6

0 Domains

0 Subdomains

0 IPs

0 Countries

0 kBTransfer

0 kBSize

0 Cookies

152 Outgoing links

79 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

smm.stu.cn.ua
urlscan Pro

195.69.76.75 Malicious Activity!

Screenshot
Live screenshot

Full Image

0
Requests

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

79 HTTP transactions
1 data transactions