bgitopazdowntown.ddireal.vn Open in urlscan Pro
116.118.50.194 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwenty/classes/wells/signon.php?cmd=signon_submit&id=61d51d458427c59f69f...
Submission: On February 02 via automatic, source phishtank (February 2nd 2023, 2:29:57 am UTC) — Scanned from DE

Summary HTTP 70 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 5 countries across 9 domains to perform 70 HTTP transactions. The main IP is 116.118.50.194, located in Ho Chi Minh City, Viet Nam and belongs to SPT-AS-VN Sai gon Postel Corporation, VN. The main domain is bgitopazdowntown.ddireal.vn.

This is the only time bgitopazdowntown.ddireal.vn was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Wells Fargo (Banking)

Domain & IP information

	IP Address	AS Autonomous System
2	116.118.50.194 116.118.50.194	7602 (SPT-AS-VN...) (SPT-AS-VN Sai gon Postel Corporation)
41	2.16.187.42 2.16.187.42	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
18	104.83.4.33 104.83.4.33	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.37.56.171 23.37.56.171	16625 (AKAMAI-AS) (AKAMAI-AS)
3	23.37.49.167 23.37.49.167	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	142.250.181.230 142.250.181.230	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400d:80a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:802::2002	15169 (GOOGLE) (GOOGLE)
1	151.101.65.230 151.101.65.230	54113 (FASTLY) (FASTLY)
2	35.241.45.82 35.241.45.82	15169 (GOOGLE) (GOOGLE)
70	9

2 116.118.50.194 (Ho Chi Minh City, Viet Nam)

ASN7602 (SPT-AS-VN Sai gon Postel Corporation, VN)

bgitopazdowntown.ddireal.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 2.16.187.42 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-187-42.deploy.static.akamaitechnologies.com

connect.secure.wellsfargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 104.83.4.33 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-83-4-33.deploy.static.akamaitechnologies.com

static.wellsfargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.56.171 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-56-171.deploy.static.akamaitechnologies.com

www10.wellsfargomedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.37.49.167 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-49-167.deploy.static.akamaitechnologies.com

www15.wellsfargomedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.230 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80a::2002 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:802::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.230 (United States)

ASN54113 (FASTLY, US)

resources.digital-cloud-prem.medallia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.241.45.82 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 82.45.241.35.bc.googleusercontent.com

udc-neb.kampyle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
59	wellsfargo.com connect.secure.wellsfargo.com — Cisco Umbrella Rank: 12734 static.wellsfargo.com — Cisco Umbrella Rank: 12058	1 MB
4	wellsfargomedia.com www10.wellsfargomedia.com — Cisco Umbrella Rank: 16702 www15.wellsfargomedia.com — Cisco Umbrella Rank: 24313	684 KB
2	kampyle.com udc-neb.kampyle.com — Cisco Umbrella Rank: 2002	578 B
2	doubleclick.net 2 redirects ad.doubleclick.net — Cisco Umbrella Rank: 184	970 B
2	ddireal.vn bgitopazdowntown.ddireal.vn	29 KB
1	medallia.com resources.digital-cloud-prem.medallia.com — Cisco Umbrella Rank: 12420	2 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 8741	476 B
1	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 70	567 B
0	rlcdn.com Failed api.rlcdn.com Failed
70	9

	Domain	Requested by
41	connect.secure.wellsfargo.com	bgitopazdowntown.ddireal.vn connect.secure.wellsfargo.com
18	static.wellsfargo.com	bgitopazdowntown.ddireal.vn static.wellsfargo.com
3	www15.wellsfargomedia.com	connect.secure.wellsfargo.com
2	udc-neb.kampyle.com	static.wellsfargo.com
2	ad.doubleclick.net	2 redirects
2	bgitopazdowntown.ddireal.vn	bgitopazdowntown.ddireal.vn
1	resources.digital-cloud-prem.medallia.com	static.wellsfargo.com
1	adservice.google.de	bgitopazdowntown.ddireal.vn
1	adservice.google.com	1 redirects
1	www10.wellsfargomedia.com	bgitopazdowntown.ddireal.vn
0	api.rlcdn.com Failed	static.wellsfargo.com
70	11

This site contains no links.

Subject Issuer	Validity	Valid
connect.secure.wellsfargo.com DigiCert EV RSA CA G2	`2022-10-11` - `2023-10-11`	a year	crt.sh
static.wellsfargo.com DigiCert EV RSA CA G2	`2022-10-12` - `2023-10-12`	a year	crt.sh
www10.wellsfargomedia.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-05` - `2023-04-05`	a year	crt.sh
www15.wellsfargomedia.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-14` - `2023-11-16`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
resources.digital-cloud-prem.medallia.com R3	`2023-01-08` - `2023-04-08`	3 months	crt.sh
*.kampyle.com SSL.com RSA SSL subCA	`2022-02-28` - `2023-03-31`	a year	crt.sh

This page contains 4 frames:

Primary Page: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwenty/classes/wells/signon.php?cmd=signon_submit&id=61d51d458427c59f69f463fb87bbfc6061d51d458427c59f69f463fb87bbfc60&session=61d51d458427c59f69f463fb87bbfc6061d51d458427c59f69f463fb87bbfc60
Frame ID: 5A8026C1A67F75A25E6DF32506F589FD
Requests: 59 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/p/src=2549153;dc_pre=CKrPp7fl9fwCFXRDHgIdcGAB0g;type=allv40;cat=all_a012;u1=11202206270424411143497415;u4=LOGIN;u5=n;u8=loginapp;u11=PROD;u19=GA1.2.848135748.1656329096;u23=DESKTOP;ord=1208668656271.3545;~oref=http://bgitopazdowntown.ddireal.vn/
Frame ID: AE14D0261246A1CB665896FEC5AEB147
Requests: 1 HTTP requests in this frame

Frame: https://connect.secure.wellsfargo.com/AIDO/convoy.html/discovercard.com/dfs/accounthome/summary/www.schwab.com/secure.accurint.com/unfcu2.org//login1/wachovia.com/MyAccounts.aspx/investing.schwab.com/secure/schwab///https://snsbank.nl/mijnsns/secure/login/httpsabph.pl/pi/do/Authorization/alfabank.ru/swedbank/pf.bgz.pl/httponline.eurobank.pl/?cid=5&si=3&e=http%3A%2F%2Fbgitopazdowntown.ddireal.vn&t=xframe&eu=http%3A%2F%2Fbgitopazdowntown.ddireal.vn%2Fwp-content%2Fthemes%2Ftwentytwenty%2Fclasses%2Fwells%2Fsignon.php&icid=167530499201814245
Frame ID: ECBB5E82C57E1734E6075D7A97D24E58
Requests: 5 HTTP requests in this frame

Frame: https://connect.secure.wellsfargo.com/AIDO/elegant.html?si=3&e=http%3A%2F%2Fbgitopazdowntown.ddireal.vn&t=xframe&eu=http%3A%2F%2Fbgitopazdowntown.ddireal.vn%2Fwp-content%2Fthemes%2Ftwentytwenty%2Fclasses%2Fwells%2Fsignon.php&icid=167530499202569119
Frame ID: C1502BE28C4F671BB2015F06A2E6B10A
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign On to View Your Personal Accounts | Wells Fargo

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

RxJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

rx(?:\.\w+)?(?:\.compat|\.global)?(?:\.min)?\.js

Page Statistics

70
Requests

96 %
HTTPS

20 %
IPv6

9
Domains

11
Subdomains

9
IPs

5
Countries

1866 kB
Transfer

3863 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47

https://ad.doubleclick.net/ddm/activity/src=2549153;type=allv40;cat=all_a012;u1=11202206270424411143497415;u4=LOGIN;u5=n;u8=loginapp;u11=PROD;u19=GA1.2.848135748.1656329096;u23=DESKTOP;ord=1208668656271.3545 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=2549153;dc_pre=CKrPp7fl9fwCFXRDHgIdcGAB0g;type=allv40;cat=all_a012;u1=11202206270424411143497415;u4=LOGIN;u5=n;u8=loginapp;u11=PROD;u19=GA1.2.848135748.1656329096;u23=DESKTOP;ord=1208668656271.3545 HTTP 302
https://adservice.google.com/ddm/fls/p/src=2549153;dc_pre=CKrPp7fl9fwCFXRDHgIdcGAB0g;type=allv40;cat=all_a012;u1=11202206270424411143497415;u4=LOGIN;u5=n;u8=loginapp;u11=PROD;u19=GA1.2.848135748.1656329096;u23=DESKTOP;ord=1208668656271.3545;~oref=http://bgitopazdowntown.ddireal.vn/ HTTP 302
https://adservice.google.de/ddm/fls/p/src=2549153;dc_pre=CKrPp7fl9fwCFXRDHgIdcGAB0g;type=allv40;cat=all_a012;u1=11202206270424411143497415;u4=LOGIN;u5=n;u8=loginapp;u11=PROD;u19=GA1.2.848135748.1656329096;u23=DESKTOP;ord=1208668656271.3545;~oref=http://bgitopazdowntown.ddireal.vn/

70 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request signon.php Show response
bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwenty/classes/wells/ 105 KB
27 KB 931ms
539ms Document
text/html 116.118.50.194
SPT-AS-VN Sai gon...

General

Check archive.org

Show headers Download Go to

Full URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwenty/classes/wells/signon.php?cmd=signon_submit&id=61d51d458427c59f69f463fb87bbfc6061d51d458427c59f69f463fb87bbfc60&session=61d51d458427c59f69f463fb87bbfc6061d51d458427c59f69f463fb87bbfc60
Protocol: HTTP/1.1
Server: 116.118.50.194 Ho Chi Minh City, Viet Nam, ASN7602 (SPT-AS-VN Sai gon Postel Corporation, VN),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 26fbfe958bfab19d28484b3b379e912c26deb4373a95ab634138817b1cc8fd4e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
connection: Keep-Alive
content-encoding: gzip
content-length: 26919
content-type: text/html; charset=UTF-8
date: Thu, 02 Feb 2023 02:29:49 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: LiteSpeed
vary: Accept-Encoding

GET
H/1.1 200
OK / Show response
connect.secure.wellsfargo.com/ATADUN/2.2/w/w-642409/init/js/ 541 B
3 KB 318ms
252ms Script
application/javascript 2.16.187.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/ATADUN/2.2/w/w-642409/init/js/?q=NDX%3A%25pR%20Z*d%20UcHG4Pt6k%3F%22KmP%3Ck%3B0G%3A.y7xpE%3DG%3CAp39dLl%25N%3EKJ%60%5D%27sX5rJ!u%25%3Fr%5E8p.%5ErA4m!3mC5%3E1%3D-h%2C9LL%23lK%3E%7D2eH%3Ca4L1ozMnA%23jQ%5Ec%7B%3A%25%40u%20pC%3E%22%22hlFg%40TuXBp55t%5D)z%23XnOmGPSF7L%2BF%3DnClfQsD6%7D%25)Pu%5Cd-r%27OD0f79j%22c%3CS%5E%7BG(_9vX%25qE7A%7B%3Db%3BX9t5%3Bn9N%2FbLlHQ%3B%60uN)EgyY_t0V%3A%3C%7D%5EKE%5Er4%3A%27g%3Bg%5C%407imewVcr%25teRf_hebAfazc9N%20(Zn49Kbx%60%607%2BcfRwO-zVD%5DD9Q%22%7CzFw%5E%5C9Rdkl0fCT%7D8%2B%7DTMeZ.zW%5CzR%2Bb%3D%27aG9!1-%3Bn3L%5D%5EGn5i%3C%5Bk%5B%20SI%5Bp%5C%22iCzH7J%3EKY!%24J1i%2C%2Fg%24a(F%3CiS%2B%2F%7CMcu%40auRzp.%27P6%40z%24RvL%22%2BWuNGn%3CH1j_Ux4%404%3Cs%20-qB86j6uO3Mw9q9Q2s2lEDh%5B05%3E%20.dBfSHg!%2CfOU%5EV%7DG5y%3Ak1b*3.RB7WS%26JAL%7D%5DcIpX%7D6a%7BCB%2FR%23

Requested by

Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwenty/classes/wells/signon.php?cmd=signon_submit&id=61d51d458427c59f69f463fb87bbfc6061d51d458427c59f69f463fb87bbfc60&session=61d51d458427c59f69f463fb87bbfc6061d51d458427c59f69f463fb87bbfc60

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-187-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

d1689035ae9bb4c56fba68cf2d629be13e64da3de97ec1268b8eb60216c8b25c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bgitopazdowntown.ddireal.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Thu, 02 Feb 2023 02:29:50 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Vary: Origin,Referer
Access-Control-Allow-Methods: GET, POST
Content-Type: application/javascript
Access-Control-Allow-Origin: http://bgitopazdowntown.ddireal.vn
x-frame-options: SAMEORIGIN
Connection: keep-alive
Content-Length: 541
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK ga_conversion_async.js Show response
static.wellsfargo.com/tracking/ga/ 35 KB
14 KB 160ms
25ms Script
application/javascript 104.83.4.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.wellsfargo.com/tracking/ga/ga_conversion_async.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.83.4.33 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-83-4-33.deploy.static.akamaitechnologies.com

Software

Resource Hash

6c771bd1c269646a76015f2f6410a40c031e5adea88f665bfe9ae15a972ab6ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bgitopazdowntown.ddireal.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Thu, 02 Feb 2023 02:29:50 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
ETag: W/"613a44c0-8c31"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=1800
Connection: keep-alive
Content-Length: 13593
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK gtag.js Show response
static.wellsfargo.com/tracking/ga/ 115 KB
45 KB 30ms
29ms Script
application/javascript 104.83.4.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.wellsfargo.com/tracking/ga/gtag.js?t=UA-107148943-1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.83.4.33 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-83-4-33.deploy.static.akamaitechnologies.com

Software

Resource Hash

d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bgitopazdowntown.ddireal.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Thu, 02 Feb 2023 02:29:50 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Last-Modified: Tue, 06 Dec 2022 21:04:34 GMT
ETag: W/"638fae62-1ca3a"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=1800
Connection: keep-alive
Content-Length: 45055
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK gtag.js Show response
static.wellsfargo.com/tracking/ga/ 115 KB
45 KB 67ms
26ms Script
application/javascript 104.83.4.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.wellsfargo.com/tracking/ga/gtag.js?t=DC-2549153

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.83.4.33 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-83-4-33.deploy.static.akamaitechnologies.com

Software

Resource Hash

d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bgitopazdowntown.ddireal.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Thu, 02 Feb 2023 02:29:50 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Last-Modified: Tue, 06 Dec 2022 21:04:34 GMT
ETag: W/"638fae62-1ca3a"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=1800
Connection: keep-alive
Content-Length: 45055
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK gtag.js Show response
static.wellsfargo.com/tracking/ga/ 115 KB
45 KB 67ms
26ms Script
application/javascript 104.83.4.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.wellsfargo.com/tracking/ga/gtag.js?t=AW-984436569

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.83.4.33 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-83-4-33.deploy.static.akamaitechnologies.com

Software

Resource Hash

d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bgitopazdowntown.ddireal.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Thu, 02 Feb 2023 02:29:50 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Last-Modified: Tue, 06 Dec 2022 21:04:34 GMT
ETag: W/"638fae62-1ca3a"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=1800
Connection: keep-alive
Content-Length: 45055
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK nd Show response
connect.secure.wellsfargo.com/jenny/ 53 KB
20 KB 263ms
198ms Script
application/javascript 2.16.187.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/jenny/nd

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-187-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

c9c78dfd26c94fb02be818aa68f7f37efd659c95f96ee6ef1ff65a83219feb2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bgitopazdowntown.ddireal.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Thu, 02 Feb 2023 02:29:50 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Vary: accept-encoding
X-Frame-Options: DENY
Content-Type: application/javascript;charset=ISO-8859-1
Connection: keep-alive
Content-Length: 17993
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK gtag.js Show response
static.wellsfargo.com/tracking/ga/ 115 KB
45 KB 187ms
142ms Script
application/javascript 104.83.4.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.wellsfargo.com/tracking/ga/gtag.js?id=AW-984436569

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.83.4.33 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-83-4-33.deploy.static.akamaitechnologies.com

Software

Resource Hash

d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bgitopazdowntown.ddireal.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Thu, 02 Feb 2023 02:29:50 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Last-Modified: Tue, 06 Dec 2022 21:04:34 GMT
ETag: W/"638fae62-1ca3a"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=1800
Connection: keep-alive
Content-Length: 45055
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK ytc.js Show response
static.wellsfargo.com/tracking/ytc/ 15 KB
6 KB 205ms
146ms Script
application/javascript 104.83.4.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.wellsfargo.com/tracking/ytc/ytc.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.83.4.33 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-83-4-33.deploy.static.akamaitechnologies.com

Software

Resource Hash

052776ce5bb96d76cced9b9d9d5cc8ab2110e33eaba59f6cd3259642a83ff4d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bgitopazdowntown.ddireal.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Thu, 02 Feb 2023 02:29:50 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Last-Modified: Thu, 15 Jul 2021 21:00:28 GMT
ETag: W/"60f0a1ec-3ad3"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=1800
Connection: keep-alive
Content-Length: 5614
X-XSS-Protection: 1; mode=block

GET
H/1.1 404
Not Found general_alt.js
connect.secure.wellsfargo.com/auth/login/static/js/ 0
0 149ms
144ms Script
text/plain 2.16.187.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/auth/login/static/js/general_alt.js?async&seed=AIB30aSBAQAAaON8e0THKEG-EABBQKIADdpWWv5DyTHstHopwQkaHgNyXtDA&X-G2Q3kxs3--z=q

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-187-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bgitopazdowntown.ddireal.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 02:29:50 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Content-Type: text/plain; charset=UTF-8
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Thu, 02 Feb 2023 02:29:50 GMT

GET
H/1.1 200
OK wfui.5d3fa5b6daab852c2a31.chunk.css
connect.secure.wellsfargo.com/auth/static/ui/loginaltsignon/public/stylesheets/ 99 KB
17 KB 82ms
17ms Stylesheet
text/css 2.16.187.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/auth/static/ui/loginaltsignon/public/stylesheets/wfui.5d3fa5b6daab852c2a31.chunk.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-187-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

fea85638d902b7d705d72aa9776531c035371a16774f0e52be50c0638c6eb110

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bgitopazdowntown.ddireal.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 02 Feb 2023 02:29:50 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Connection: keep-alive
Content-Length: 16482
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 08 Jun 2022 01:32:21 GMT
ETag: "629ffc25-4062"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Allow: GET, POST, OPTIONS
Access-Control-Allow-Methods: POST
Cache-Control: max-age=10368000

GET
H/1.1 200
OK main.b3b5f355e18c2c42a801.chunk.css
connect.secure.wellsfargo.com/auth/static/ui/loginaltsignon/public/stylesheets/ 12 KB
3 KB 80ms
15ms Stylesheet
text/css 2.16.187.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/auth/static/ui/loginaltsignon/public/stylesheets/main.b3b5f355e18c2c42a801.chunk.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-187-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

5e68ea9ca9cce32f91979f88142e963f0ff950cc1f1b6c3246eaaaf2f3091c58

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bgitopazdowntown.ddireal.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 02 Feb 2023 02:29:50 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Connection: keep-alive
Content-Length: 2005
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 08 Jun 2022 01:32:21 GMT
ETag: "629ffc25-7d5"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Allow: GET, POST, OPTIONS
Access-Control-Allow-Methods: POST
Cache-Control: max-age=10368000

GET
H/1.1 200
OK glu.js Show response
connect.secure.wellsfargo.com/AIDO/ 68 KB
37 KB 464ms
459ms Script
application/x-javascript 2.16.187.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/AIDO/glu.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-187-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

5a84fc77c0038f09b7a911ed4b548ac15b43118d8231ab2b428da585aa3c2a52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bgitopazdowntown.ddireal.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Date: Thu, 02 Feb 2023 02:29:51 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Connection: keep-alive
Content-Length: 37066
X-XSS-Protection: 1; mode=block
Pragma: no-cache
max-age: 0
Vary: Origin, Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: application/x-javascript
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Expires: -1

GET
H/1.1 200
OK utag.3.js Show response
static.wellsfargo.com/tracking/secure-auth/ 5 KB
3 KB 195ms
136ms Script
application/javascript 104.83.4.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.wellsfargo.com/tracking/secure-auth/utag.3.js?utv=ut4.48.202112091836

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.83.4.33 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-83-4-33.deploy.static.akamaitechnologies.com

Software

Resource Hash

3636799d3181248d5db968a7851b9aa972ea77f64b3cba9ce6b0a8933106c0c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bgitopazdowntown.ddireal.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Thu, 02 Feb 2023 02:29:50 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Last-Modified: Thu, 03 Dec 2020 23:04:06 GMT
ETag: W/"5fc96ee6-15f9"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=1800
Connection: keep-alive
Content-Length: 2186
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK utag.4.js Show response
static.wellsfargo.com/tracking/secure-auth/ 6 KB
2 KB 159ms
143ms Script
application/javascript 104.83.4.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.wellsfargo.com/tracking/secure-auth/utag.4.js?utv=ut4.48.202108231941

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.83.4.33 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-83-4-33.deploy.static.akamaitechnologies.com

Software

Resource Hash

d05c6eece255484babbedeb74b3a5b19daaa9763049e08362b82cfdf1fc8bfbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bgitopazdowntown.ddireal.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Thu, 02 Feb 2023 02:29:50 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Last-Modified: Thu, 23 Sep 2021 21:00:33 GMT
ETag: W/"614ceaf1-16e0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=1800
Connection: keep-alive
Content-Length: 1663
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK utag.5.js Show response
static.wellsfargo.com/tracking/secure-auth/ 7 KB
3 KB 139ms
139ms Script
application/javascript 104.83.4.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.wellsfargo.com/tracking/secure-auth/utag.5.js?utv=ut4.48.202202030106

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.83.4.33 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-83-4-33.deploy.static.akamaitechnologies.com

Software

Resource Hash

60d47dd37dff7fa5a9353b251f9d54bbbfc2d9564003d347a85075d046ecee7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bgitopazdowntown.ddireal.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Thu, 02 Feb 2023 02:29:50 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Last-Modified: Thu, 22 Sep 2022 20:06:42 GMT
ETag: W/"632cc052-1c52"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=1800
Connection: keep-alive
Content-Length: 2392
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK utag.7.js Show response
static.wellsfargo.com/tracking/secure-auth/ 10 KB
4 KB 145ms
145ms Script
application/javascript 104.83.4.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.wellsfargo.com/tracking/secure-auth/utag.7.js?utv=ut4.48.202010230514

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.83.4.33 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-83-4-33.deploy.static.akamaitechnologies.com

Software

Resource Hash

9c4cf53fef9222fc5d6659fa4b776fe20d64c46886c3d96547aaae16134afb2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bgitopazdowntown.ddireal.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Thu, 02 Feb 2023 02:29:50 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Last-Modified: Wed, 28 Oct 2020 21:48:43 GMT
ETag: W/"5f99e73b-28df"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=1800
Connection: keep-alive
Content-Length: 3220
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK utag.10.js Show response
static.wellsfargo.com/tracking/secure-auth/ 20 KB
6 KB 150ms
150ms Script
application/javascript 104.83.4.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.wellsfargo.com/tracking/secure-auth/utag.10.js?utv=ut4.48.202102191956

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.83.4.33 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-83-4-33.deploy.static.akamaitechnologies.com

Software

Resource Hash

9184b3835b9cda7302210700cdc5050c5c207682d69c3fbe9e78356cffb65391

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bgitopazdowntown.ddireal.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Thu, 02 Feb 2023 02:29:51 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Last-Modified: Thu, 04 Mar 2021 00:30:32 GMT
ETag: W/"60402a28-50bb"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=1800
Connection: keep-alive
Content-Length: 5672
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK utag.9.js Show response
static.wellsfargo.com/tracking/secure-auth/ 11 KB
4 KB 139ms
139ms Script
application/javascript 104.83.4.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.wellsfargo.com/tracking/secure-auth/utag.9.js?utv=ut4.48.202108231941

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.83.4.33 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-83-4-33.deploy.static.akamaitechnologies.com

Software

Resource Hash

34d6af1ed862f62ede259dedabcadba6446c1e9182cd70b19c66cb3acedae93d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bgitopazdowntown.ddireal.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Thu, 02 Feb 2023 02:29:51 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Last-Modified: Thu, 23 Sep 2021 21:00:33 GMT
ETag: W/"614ceaf1-2bba"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=1800
Connection: keep-alive
Content-Length: 3522
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK utag.15.js Show response
static.wellsfargo.com/tracking/secure-auth/ 4 KB
2 KB 138ms
138ms Script
application/javascript 104.83.4.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.wellsfargo.com/tracking/secure-auth/utag.15.js?utv=ut4.48.202109220050

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.83.4.33 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-83-4-33.deploy.static.akamaitechnologies.com

Software

Resource Hash

384f41d37d3a9be1a72e761589096fcce4119150ea81ead29ba758514d321e94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bgitopazdowntown.ddireal.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Thu, 02 Feb 2023 02:29:51 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Last-Modified: Thu, 23 Sep 2021 21:00:33 GMT
ETag: W/"614ceaf1-ebc"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=1800
Connection: keep-alive
Content-Length: 1682
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK mint.js Show response
connect.secure.wellsfargo.com/AIDO/ 266 KB
147 KB 554ms
554ms Script
application/x-javascript 2.16.187.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.7640382844861511

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-187-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

a8ca2c9183e1073dfb9b2d50c140d9d93048a60dc7f85290feee6aeb980161d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bgitopazdowntown.ddireal.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma: no-cache
Date: Thu, 02 Feb 2023 02:29:51 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
max-age: 0
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 149154
X-XSS-Protection: 1; mode=block
Expires: -1

GET
H/1.1 200
OK pic.js Show response
connect.secure.wellsfargo.com/PIDO/ 87 KB
50 KB 749ms
749ms Script
application/x-javascript 2.16.187.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/PIDO/pic.js?r=0.8426445611056853

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-187-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

a48e70425fada198493466f6ff8890b1e22be07abc72ec72e3bd175629065000

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bgitopazdowntown.ddireal.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma: no-cache
Date: Thu, 02 Feb 2023 02:29:51 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
max-age: 0
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 50318
X-XSS-Protection: 1; mode=block
Expires: -1

GET
H/1.1 200
OK trx.js Show response
connect.secure.wellsfargo.com/AIDO/ 106 KB
54 KB 716ms
652ms Script
application/x-javascript 2.16.187.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/AIDO/trx.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-187-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

0b689c08bf809b9d0b18704f683c41e3f7829f58e760ca3c8c93a50c1a41c115

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bgitopazdowntown.ddireal.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma: no-cache
Date: Thu, 02 Feb 2023 02:29:50 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
max-age: 0
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 54002
X-XSS-Protection: 1; mode=block
Expires: -1

GET
H/1.1 200
OK try.js Show response
connect.secure.wellsfargo.com/AIDO/ 73 KB
40 KB 767ms
703ms Script
application/x-javascript 2.16.187.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/AIDO/try.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-187-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

bb2165c01420613827ddcfad8d638851322b5169f299dfd7f4b81462b65ddb32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bgitopazdowntown.ddireal.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma: no-cache
Date: Thu, 02 Feb 2023 02:29:50 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
max-age: 0
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 39460
X-XSS-Protection: 1; mode=block
Expires: -1

GET
H/1.1 200
OK ay6u Show response
connect.secure.wellsfargo.com/AIDO/ 142 B
2 KB 231ms
231ms Script
text/javascript 2.16.187.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/AIDO/ay6u?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIxNSUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJyZWYlMjIlM0ElMjJodHRwcyUzQSUyRiUyRmNvbm5lY3Quc2VjdXJlLndlbGxzZmFyZ28uY29tJTJGYXV0aCUyRmxvZ2luJTJGcHJlc2VudCUzRm9yaWdpbiUzRGNvYiUyNkxPQiUzRENPTlMlMjIlN0QlN0QlMkMlN0IlMjJpZCUyMiUzQSUyMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMnMlMjIlM0ElMjJhYWY5NTg4OS0yMDZiLTQ1N2UtOWQzNC0xMGE0NDYwY2U3YTUlMjIlN0QlN0QlNUQ%3D&cid=15%2C28&si=3&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=tasfxhz_xfidlmov&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-187-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

db27897282a9c24bf21eeb7cebabf3cc9feec5d7d7676498f7809e632a1a6502

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bgitopazdowntown.ddireal.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma: no-cache
Date: Thu, 02 Feb 2023 02:29:51 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
max-age: 0
Vary: Accept-Encoding
Content-Type: text/javascript
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 142
X-XSS-Protection: 1; mode=block
Expires: -1

GET
H/1.1 200
OK vyHb Show response
connect.secure.wellsfargo.com/AIDO/ 141 B
2 KB 220ms
219ms Script
text/javascript 2.16.187.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIxNSUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJyZWYlMjIlM0ElMjJodHRwcyUzQSUyRiUyRmNvbm5lY3Quc2VjdXJlLndlbGxzZmFyZ28uY29tJTJGYXV0aCUyRmxvZ2luJTJGcHJlc2VudCUzRm9yaWdpbiUzRGNvYiUyNkxPQiUzRENPTlMlMjIlN0QlN0QlMkMlN0IlMjJpZCUyMiUzQSUyMjglMjIlMkMlMjJkYXRhJTIyJTNBJTdCJTIyY2lkJTIyJTNBJTIyOCUyMiUyQyUyMnUlMjIlM0ElMjJodHRwcyUzQSUyRiUyRmNvbm5lY3Quc2VjdXJlLndlbGxzZmFyZ28uY29tJTJGYXV0aCUyRmxvZ2luJTJGcHJlc2VudCUzRm9yaWdpbiUzRGNvYiUyNkxPQiUzRENPTlMlMjIlMkMlMjJyJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25uZWN0LnNlY3VyZS53ZWxsc2ZhcmdvLmNvbSUyRmF1dGglMkZsb2dpbiUyRnByZXNlbnQlM0ZvcmlnaW4lM0Rjb2IlMjZMT0IlM0RDT05TJTIyJTJDJTIycGlkJTIyJTNBNDQ3OTI0NzcwJTJDJTIyZmMlMjIlM0ExJTJDJTIyY251bSUyMiUzQTElMkMlMjJ0cyUyMiUzQTE2NTYzMjkyMDYwNjAlMkMlMjJ0JTIyJTNBJTdCJTIydCUyMiUzQSUyMmxvZ2luJTIyJTdEJTJDJTIycmFuZCUyMiUzQTQ3Nzg4JTdEJTdEJTVE&cid=15%2C8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=lawigr_kbuauxo_m&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-187-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

a830d0edb2a0425d62b04c2f2833ad08a47735bc655cab5b29b27d3b522639fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bgitopazdowntown.ddireal.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma: no-cache
Date: Thu, 02 Feb 2023 02:29:51 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
max-age: 0
Vary: Accept-Encoding
Content-Type: text/javascript
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 141
X-XSS-Protection: 1; mode=block
Expires: -1

GET
H/1.1 200
OK vyHb Show response
connect.secure.wellsfargo.com/AIDO/ 132 B
2 KB 432ms
432ms Script
text/javascript 2.16.187.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIyMCUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJkdCUyMiUzQSUyMmdkaWQlMjIlMkMlMjJnJTIyJTNBJTIybDR3bm1iY2Q3a2hla3h2ZGR1ayUyMiUyQyUyMmNpZCUyMiUzQSUyMjIwJTIyJTdEJTdEJTVE&cid=20&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=dklzlamqibulxmua&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-187-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

61a097bc2513efb34dee32ba60be8df34a5e2d3f9f833065c47fe18b89907662

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bgitopazdowntown.ddireal.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma: no-cache
Date: Thu, 02 Feb 2023 02:29:51 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
max-age: 0
Vary: Accept-Encoding
Content-Type: text/javascript
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 132
X-XSS-Protection: 1; mode=block
Expires: -1

GET
H/1.1 200
OK vyHb Show response
connect.secure.wellsfargo.com/AIDO/ 131 B
2 KB 379ms
379ms Script
text/javascript 2.16.187.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25uZWN0LnNlY3VyZS53ZWxsc2ZhcmdvLmNvbSUyRmF1dGglMkZsb2dpbiUyRnByZXNlbnQlM0ZvcmlnaW4lM0Rjb2IlMjZMT0IlM0RDT05TJTIyJTJDJTIyciUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGY29ubmVjdC5zZWN1cmUud2VsbHNmYXJnby5jb20lMkZhdXRoJTJGbG9naW4lMkZwcmVzZW50JTNGb3JpZ2luJTNEY29iJTI2TE9CJTNEQ09OUyUyMiUyQyUyMnBpZCUyMiUzQTQ0NzkyNDc3MCUyQyUyMmZjJTIyJTNBMCUyQyUyMmNudW0lMjIlM0EyJTJDJTIydHMlMjIlM0ExNjU2MzI5MjI2NTczJTJDJTIydCUyMiUzQSU3QiUyMnQlMjIlM0ElMjJsb2dpbiUyMiU3RCUyQyUyMnJhbmQlMjIlM0E5MTE1MDclN0QlN0QlNUQ%3D&cid=8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=esdkbhzwxugbfrfa&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-187-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

db341d5481f4f4821d615925d8832d4670c0be64ec82a973bbbb692b8ae1b97f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bgitopazdowntown.ddireal.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma: no-cache
Date: Thu, 02 Feb 2023 02:29:51 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
max-age: 0
Vary: Accept-Encoding
Content-Type: text/javascript
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 131
X-XSS-Protection: 1; mode=block
Expires: -1

GET
H/1.1 200
OK vyHb Show response
connect.secure.wellsfargo.com/AIDO/ 131 B
2 KB 209ms
208ms Script
text/javascript 2.16.187.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25uZWN0LnNlY3VyZS53ZWxsc2ZhcmdvLmNvbSUyRmF1dGglMkZsb2dpbiUyRnByZXNlbnQlM0ZvcmlnaW4lM0Rjb2IlMjZMT0IlM0RDT05TJTIyJTJDJTIyciUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGY29ubmVjdC5zZWN1cmUud2VsbHNmYXJnby5jb20lMkZhdXRoJTJGbG9naW4lMkZwcmVzZW50JTNGb3JpZ2luJTNEY29iJTI2TE9CJTNEQ09OUyUyMiUyQyUyMnBpZCUyMiUzQTQ0NzkyNDc3MCUyQyUyMmZjJTIyJTNBMCUyQyUyMmNudW0lMjIlM0EzJTJDJTIydHMlMjIlM0ExNjU2MzI5MzA2NTIyJTJDJTIydCUyMiUzQSU3QiUyMnQlMjIlM0ElMjJsb2dpbiUyMiU3RCUyQyUyMnJhbmQlMjIlM0E0NDg2NTclN0QlN0QlNUQ%3D&cid=8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=zpuevxekebkkqzyz&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-187-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

05413f45f5993fb5a248861440bb0ef62b51aabeb798c6bc82a33f3e8659b866

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bgitopazdowntown.ddireal.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma: no-cache
Date: Thu, 02 Feb 2023 02:29:51 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
max-age: 0
Vary: Accept-Encoding
Content-Type: text/javascript
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 131
X-XSS-Protection: 1; mode=block
Expires: -1

GET
H/1.1 200
OK vyHb Show response
connect.secure.wellsfargo.com/AIDO/ 131 B
2 KB 413ms
413ms Script
text/javascript 2.16.187.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25uZWN0LnNlY3VyZS53ZWxsc2ZhcmdvLmNvbSUyRmF1dGglMkZsb2dpbiUyRnByZXNlbnQlM0ZvcmlnaW4lM0Rjb2IlMjZMT0IlM0RDT05TJTIyJTJDJTIyciUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGY29ubmVjdC5zZWN1cmUud2VsbHNmYXJnby5jb20lMkZhdXRoJTJGbG9naW4lMkZwcmVzZW50JTNGb3JpZ2luJTNEY29iJTI2TE9CJTNEQ09OUyUyMiUyQyUyMnBpZCUyMiUzQTQ0NzkyNDc3MCUyQyUyMmZjJTIyJTNBMSUyQyUyMmNudW0lMjIlM0E0JTJDJTIydHMlMjIlM0ExNjU2MzI5Mzc3ODc4JTJDJTIydCUyMiUzQSU3QiUyMnQlMjIlM0ElMjJsb2dpbiUyMiU3RCUyQyUyMnJhbmQlMjIlM0EzNTM4MjUlN0QlN0QlNUQ%3D&cid=8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=stdgds_icz__zvhk&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-187-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

20b90132f5e2d51fe8edeaff395c1f75127775d81cf65b33a863eb2ed95edf51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bgitopazdowntown.ddireal.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma: no-cache
Date: Thu, 02 Feb 2023 02:29:51 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
max-age: 0
Vary: Accept-Encoding
Content-Type: text/javascript
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 131
X-XSS-Protection: 1; mode=block
Expires: -1

GET
H/1.1 200
OK vyHb Show response
connect.secure.wellsfargo.com/AIDO/ 131 B
2 KB 229ms
228ms Script
text/javascript 2.16.187.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25uZWN0LnNlY3VyZS53ZWxsc2ZhcmdvLmNvbSUyRmF1dGglMkZsb2dpbiUyRnByZXNlbnQlM0ZvcmlnaW4lM0Rjb2IlMjZMT0IlM0RDT05TJTIyJTJDJTIyciUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGY29ubmVjdC5zZWN1cmUud2VsbHNmYXJnby5jb20lMkZhdXRoJTJGbG9naW4lMkZwcmVzZW50JTNGb3JpZ2luJTNEY29iJTI2TE9CJTNEQ09OUyUyMiUyQyUyMnBpZCUyMiUzQTQ0NzkyNDc3MCUyQyUyMmZjJTIyJTNBMCUyQyUyMmNudW0lMjIlM0E1JTJDJTIydHMlMjIlM0ExNjU2MzI5MzgwNjcwJTJDJTIydCUyMiUzQSU3QiUyMnQlMjIlM0ElMjJsb2dpbiUyMiU3RCUyQyUyMnJhbmQlMjIlM0E5NTUzODklN0QlN0QlNUQ%3D&cid=8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=hsxdfhsfonvcksrz&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-187-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

7da443f39799d3ff07e43890054b7888b5f3c2d91b68b9e23a4cc4fa5e037701

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bgitopazdowntown.ddireal.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma: no-cache
Date: Thu, 02 Feb 2023 02:29:51 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
max-age: 0
Vary: Accept-Encoding
Content-Type: text/javascript
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 131
X-XSS-Protection: 1; mode=block
Expires: -1

GET
H/1.1 200
OK vyHb Show response
connect.secure.wellsfargo.com/AIDO/ 131 B
2 KB 223ms
223ms Script
text/javascript 2.16.187.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25uZWN0LnNlY3VyZS53ZWxsc2ZhcmdvLmNvbSUyRmF1dGglMkZsb2dpbiUyRnByZXNlbnQlM0ZvcmlnaW4lM0Rjb2IlMjZMT0IlM0RDT05TJTIyJTJDJTIyciUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGY29ubmVjdC5zZWN1cmUud2VsbHNmYXJnby5jb20lMkZhdXRoJTJGbG9naW4lMkZwcmVzZW50JTNGb3JpZ2luJTNEY29iJTI2TE9CJTNEQ09OUyUyMiUyQyUyMnBpZCUyMiUzQTQ0NzkyNDc3MCUyQyUyMmZjJTIyJTNBMSUyQyUyMmNudW0lMjIlM0E2JTJDJTIydHMlMjIlM0ExNjU2MzI5NDI0NDA5JTJDJTIydCUyMiUzQSU3QiUyMnQlMjIlM0ElMjJsb2dpbiUyMiU3RCUyQyUyMnJhbmQlMjIlM0ExNzE5NzUlN0QlN0QlNUQ%3D&cid=8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=hronhtcntiapovlh&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-187-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

bd320a1a5b4aa6e2026cb92ddd25306bbb52efcb74837ad3e9958fec2643a5c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bgitopazdowntown.ddireal.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma: no-cache
Date: Thu, 02 Feb 2023 02:29:51 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
max-age: 0
Vary: Accept-Encoding
Content-Type: text/javascript
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 131
X-XSS-Protection: 1; mode=block
Expires: -1

GET
H/1.1 200
OK vyHb Show response
connect.secure.wellsfargo.com/AIDO/ 131 B
2 KB 222ms
222ms Script
text/javascript 2.16.187.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25uZWN0LnNlY3VyZS53ZWxsc2ZhcmdvLmNvbSUyRmF1dGglMkZsb2dpbiUyRnByZXNlbnQlM0ZvcmlnaW4lM0Rjb2IlMjZMT0IlM0RDT05TJTIyJTJDJTIyciUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGY29ubmVjdC5zZWN1cmUud2VsbHNmYXJnby5jb20lMkZhdXRoJTJGbG9naW4lMkZwcmVzZW50JTNGb3JpZ2luJTNEY29iJTI2TE9CJTNEQ09OUyUyMiUyQyUyMnBpZCUyMiUzQTQ0NzkyNDc3MCUyQyUyMmZjJTIyJTNBMCUyQyUyMmNudW0lMjIlM0E3JTJDJTIydHMlMjIlM0ExNjU2MzI5NDI3OTQ0JTJDJTIydCUyMiUzQSU3QiUyMnQlMjIlM0ElMjJsb2dpbiUyMiU3RCUyQyUyMnJhbmQlMjIlM0E0OTExNDclN0QlN0QlNUQ%3D&cid=8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=tmhuhxuddiamtoys&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-187-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

43091c732a9e1f1b0e59c674512e6b66265eec2beff0e764396f1e08e1941eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bgitopazdowntown.ddireal.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma: no-cache
Date: Thu, 02 Feb 2023 02:29:51 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
max-age: 0
Vary: Accept-Encoding
Content-Type: text/javascript
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 131
X-XSS-Protection: 1; mode=block
Expires: -1

GET
H/1.1 200
OK vyHb Show response
connect.secure.wellsfargo.com/AIDO/ 131 B
2 KB 214ms
213ms Script
text/javascript 2.16.187.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25uZWN0LnNlY3VyZS53ZWxsc2ZhcmdvLmNvbSUyRmF1dGglMkZsb2dpbiUyRnByZXNlbnQlM0ZvcmlnaW4lM0Rjb2IlMjZMT0IlM0RDT05TJTIyJTJDJTIyciUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGY29ubmVjdC5zZWN1cmUud2VsbHNmYXJnby5jb20lMkZhdXRoJTJGbG9naW4lMkZwcmVzZW50JTNGb3JpZ2luJTNEY29iJTI2TE9CJTNEQ09OUyUyMiUyQyUyMnBpZCUyMiUzQTQ0NzkyNDc3MCUyQyUyMmZjJTIyJTNBMCUyQyUyMmNudW0lMjIlM0E4JTJDJTIydHMlMjIlM0ExNjU2MzI5NTA3NTAxJTJDJTIydCUyMiUzQSU3QiUyMnQlMjIlM0ElMjJsb2dpbiUyMiU3RCUyQyUyMnJhbmQlMjIlM0E5MzYxNCU3RCU3RCU1RA%3D%3D&cid=8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=lqrrtixbvptwrupv&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-187-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

91e4378e57724619356caa4ca5a9af2c2c668b503f7b2113b1a8eaee7254db2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bgitopazdowntown.ddireal.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma: no-cache
Date: Thu, 02 Feb 2023 02:29:51 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
max-age: 0
Vary: Accept-Encoding
Content-Type: text/javascript
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 131
X-XSS-Protection: 1; mode=block
Expires: -1

GET
H/1.1 200
OK vyHb Show response
connect.secure.wellsfargo.com/AIDO/ 131 B
2 KB 214ms
214ms Script
text/javascript 2.16.187.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25uZWN0LnNlY3VyZS53ZWxsc2ZhcmdvLmNvbSUyRmF1dGglMkZsb2dpbiUyRnByZXNlbnQlM0ZvcmlnaW4lM0Rjb2IlMjZMT0IlM0RDT05TJTIyJTJDJTIyciUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGY29ubmVjdC5zZWN1cmUud2VsbHNmYXJnby5jb20lMkZhdXRoJTJGbG9naW4lMkZwcmVzZW50JTNGb3JpZ2luJTNEY29iJTI2TE9CJTNEQ09OUyUyMiUyQyUyMnBpZCUyMiUzQTQ0NzkyNDc3MCUyQyUyMmZjJTIyJTNBMSUyQyUyMmNudW0lMjIlM0E5JTJDJTIydHMlMjIlM0ExNjU2MzI5NjUyNDM0JTJDJTIydCUyMiUzQSU3QiUyMnQlMjIlM0ElMjJsb2dpbiUyMiU3RCUyQyUyMnJhbmQlMjIlM0E4OTg1OTclN0QlN0QlNUQ%3D&cid=8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=pgvvbn_cpqputmas&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-187-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

ef4215a4282e51c566934c7b8f4a910da16a539c29292d69e536ff06ddbddde9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bgitopazdowntown.ddireal.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma: no-cache
Date: Thu, 02 Feb 2023 02:29:51 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
max-age: 0
Vary: Accept-Encoding
Content-Type: text/javascript
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 131
X-XSS-Protection: 1; mode=block
Expires: -1

GET
H/1.1 200
OK vyHb Show response
connect.secure.wellsfargo.com/AIDO/ 131 B
2 KB 215ms
215ms Script
text/javascript 2.16.187.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25uZWN0LnNlY3VyZS53ZWxsc2ZhcmdvLmNvbSUyRmF1dGglMkZsb2dpbiUyRnByZXNlbnQlM0ZvcmlnaW4lM0Rjb2IlMjZMT0IlM0RDT05TJTIyJTJDJTIyciUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGY29ubmVjdC5zZWN1cmUud2VsbHNmYXJnby5jb20lMkZhdXRoJTJGbG9naW4lMkZwcmVzZW50JTNGb3JpZ2luJTNEY29iJTI2TE9CJTNEQ09OUyUyMiUyQyUyMnBpZCUyMiUzQTQ0NzkyNDc3MCUyQyUyMmZjJTIyJTNBMCUyQyUyMmNudW0lMjIlM0ExMCUyQyUyMnRzJTIyJTNBMTY1NjMyOTY1NTg3NyUyQyUyMnQlMjIlM0ElN0IlMjJ0JTIyJTNBJTIybG9naW4lMjIlN0QlMkMlMjJyYW5kJTIyJTNBMzM2Mjk2JTdEJTdEJTVE&cid=8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=fpkngzkdahnngdzl&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-187-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

18abcbfd674a00d68a13975ada85e901f4ee842ad94c06eef35ef13e071e19c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bgitopazdowntown.ddireal.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma: no-cache
Date: Thu, 02 Feb 2023 02:29:51 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
max-age: 0
Vary: Accept-Encoding
Content-Type: text/javascript
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 131
X-XSS-Protection: 1; mode=block
Expires: -1

GET
H/1.1 200
OK vyHb Show response
connect.secure.wellsfargo.com/AIDO/ 131 B
2 KB 212ms
212ms Script
text/javascript 2.16.187.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25uZWN0LnNlY3VyZS53ZWxsc2ZhcmdvLmNvbSUyRmF1dGglMkZsb2dpbiUyRnByZXNlbnQlM0ZvcmlnaW4lM0Rjb2IlMjZMT0IlM0RDT05TJTIyJTJDJTIyciUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGY29ubmVjdC5zZWN1cmUud2VsbHNmYXJnby5jb20lMkZhdXRoJTJGbG9naW4lMkZwcmVzZW50JTNGb3JpZ2luJTNEY29iJTI2TE9CJTNEQ09OUyUyMiUyQyUyMnBpZCUyMiUzQTQ0NzkyNDc3MCUyQyUyMmZjJTIyJTNBMSUyQyUyMmNudW0lMjIlM0ExMSUyQyUyMnRzJTIyJTNBMTY1NjMyOTY4MDM0MSUyQyUyMnQlMjIlM0ElN0IlMjJ0JTIyJTNBJTIybG9naW4lMjIlN0QlMkMlMjJyYW5kJTIyJTNBNjkwNzQyJTdEJTdEJTVE&cid=8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=mkelibaqu_rvuwbv&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-187-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

f90598e6dd9e9b38ce71662badd8516ee1f6633e8b472e10824e60f441594b17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bgitopazdowntown.ddireal.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma: no-cache
Date: Thu, 02 Feb 2023 02:29:51 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
max-age: 0
Vary: Accept-Encoding
Content-Type: text/javascript
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 131
X-XSS-Protection: 1; mode=block
Expires: -1

GET
H/1.1 200
OK vyHb Show response
connect.secure.wellsfargo.com/AIDO/ 131 B
2 KB 208ms
207ms Script
text/javascript 2.16.187.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25uZWN0LnNlY3VyZS53ZWxsc2ZhcmdvLmNvbSUyRmF1dGglMkZsb2dpbiUyRnByZXNlbnQlM0ZvcmlnaW4lM0Rjb2IlMjZMT0IlM0RDT05TJTIyJTJDJTIyciUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGY29ubmVjdC5zZWN1cmUud2VsbHNmYXJnby5jb20lMkZhdXRoJTJGbG9naW4lMkZwcmVzZW50JTNGb3JpZ2luJTNEY29iJTI2TE9CJTNEQ09OUyUyMiUyQyUyMnBpZCUyMiUzQTQ0NzkyNDc3MCUyQyUyMmZjJTIyJTNBMCUyQyUyMmNudW0lMjIlM0ExMiUyQyUyMnRzJTIyJTNBMTY1NjMyOTY4NzIyMiUyQyUyMnQlMjIlM0ElN0IlMjJ0JTIyJTNBJTIybG9naW4lMjIlN0QlMkMlMjJyYW5kJTIyJTNBNjc0MDk1JTdEJTdEJTVE&cid=8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=prbrcxwatzwqdxwq&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-187-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

fe5a6f8b61d3b055e92d347163a4715675351eaa6393364341e823d66406b861

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bgitopazdowntown.ddireal.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma: no-cache
Date: Thu, 02 Feb 2023 02:29:51 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
max-age: 0
Vary: Accept-Encoding
Content-Type: text/javascript
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 131
X-XSS-Protection: 1; mode=block
Expires: -1

GET
H/1.1 200
OK vyHb Show response
connect.secure.wellsfargo.com/AIDO/ 131 B
2 KB 215ms
214ms Script
text/javascript 2.16.187.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25uZWN0LnNlY3VyZS53ZWxsc2ZhcmdvLmNvbSUyRmF1dGglMkZsb2dpbiUyRnByZXNlbnQlM0ZvcmlnaW4lM0Rjb2IlMjZMT0IlM0RDT05TJTIyJTJDJTIyciUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGY29ubmVjdC5zZWN1cmUud2VsbHNmYXJnby5jb20lMkZhdXRoJTJGbG9naW4lMkZwcmVzZW50JTNGb3JpZ2luJTNEY29iJTI2TE9CJTNEQ09OUyUyMiUyQyUyMnBpZCUyMiUzQTQ0NzkyNDc3MCUyQyUyMmZjJTIyJTNBMSUyQyUyMmNudW0lMjIlM0ExMyUyQyUyMnRzJTIyJTNBMTY1NjMyOTY5NTc4OCUyQyUyMnQlMjIlM0ElN0IlMjJ0JTIyJTNBJTIybG9naW4lMjIlN0QlMkMlMjJyYW5kJTIyJTNBMjExMDk5JTdEJTdEJTVE&cid=8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=zlhbpoezzaimha_l&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-187-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

28c7a1b0b0cfc11cbada099c30a82676e1ccad9b3120b17efdd3d426b4a9ce94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bgitopazdowntown.ddireal.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma: no-cache
Date: Thu, 02 Feb 2023 02:29:51 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
max-age: 0
Vary: Accept-Encoding
Content-Type: text/javascript
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 131
X-XSS-Protection: 1; mode=block
Expires: -1

GET
H2 200 COB-BOB-IRT-enroll_balloons.jpg
www10.wellsfargomedia.com/auth/static/images/ 611 KB
613 KB 129ms
14ms Image
image/jpeg 23.37.56.171
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www10.wellsfargomedia.com/auth/static/images/COB-BOB-IRT-enroll_balloons.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.56.171 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-56-171.deploy.static.akamaitechnologies.com

Software

Resource Hash

b8325d272c72a041414d9fb349e9d4bca5e7fc8ad66f47a719e491960afa5683

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bgitopazdowntown.ddireal.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains;
content-security-policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
x-content-type-options: nosniff
date: Thu, 02 Feb 2023 02:29:50 GMT
last-modified: Wed, 26 Oct 2022 02:08:25 GMT
etag: "63589699-98b19"
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST
content-type: image/jpeg
allow: GET, POST, OPTIONS
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 625433
x-xss-protection: 1; mode=block
expires: Fri, 02 Jun 2023 02:29:50 GMT

GET
H/1.1 200
OK sub.png
bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwenty/classes/wells/ 2 KB
2 KB 209ms
209ms Image
image/png 116.118.50.194
SPT-AS-VN Sai gon...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwenty/classes/wells/sub.png
Requested by: Host: bgitopazdowntown.ddireal.vn
URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwenty/classes/wells/signon.php?cmd=signon_submit&id=61d51d458427c59f69f463fb87bbfc6061d51d458427c59f69f463fb87bbfc60&session=61d51d458427c59f69f463fb87bbfc6061d51d458427c59f69f463fb87bbfc60
Protocol: HTTP/1.1
Server: 116.118.50.194 Ho Chi Minh City, Viet Nam, ASN7602 (SPT-AS-VN Sai gon Postel Corporation, VN),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 85f39a9e87ea01745f1ac1475b364af858780a16798712130d27ef5741ad4431

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwenty/classes/wells/signon.php?cmd=signon_submit&id=61d51d458427c59f69f463fb87bbfc6061d51d458427c59f69f463fb87bbfc60&session=61d51d458427c59f69f463fb87bbfc6061d51d458427c59f69f463fb87bbfc60
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 02:29:50 GMT
last-modified: Fri, 04 Nov 2022 05:12:30 GMT
server: LiteSpeed
etag: "69a-63649f3e-16293c;;;"
content-type: image/png
cache-control: public, max-age=604800
connection: Keep-Alive
accept-ranges: bytes
content-length: 1690
expires: Thu, 09 Feb 2023 02:29:50 GMT

GET
H/1.1 200
OK wfui.11759b41ee721f527bba.chunk.js Show response
connect.secure.wellsfargo.com/auth/static/ui/loginaltsignon/public/js/ 804 KB
202 KB 756ms
756ms Script
application/javascript 2.16.187.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/auth/static/ui/loginaltsignon/public/js/wfui.11759b41ee721f527bba.chunk.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-187-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

a6e52e46f30c7dc4e41a706d9008c258593f367fd4dd7df1bfcca090444aba01

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bgitopazdowntown.ddireal.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 02 Feb 2023 02:29:51 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Connection: keep-alive
Content-Length: 206303
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 08 Jun 2022 01:32:26 GMT
ETag: "629ffc2a-325df"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=utf-8
Allow: GET, POST, OPTIONS
Access-Control-Allow-Methods: POST
Cache-Control: max-age=10368000

GET
H/1.1 200
OK main.2c70436e78e79e8ed3b8.chunk.js Show response
connect.secure.wellsfargo.com/auth/static/ui/loginaltsignon/public/js/ 20 KB
7 KB 188ms
188ms Script
application/javascript 2.16.187.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/auth/static/ui/loginaltsignon/public/js/main.2c70436e78e79e8ed3b8.chunk.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-187-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

00fb0d4cdf817e417a1debd18edda41c97d9dbb75bb9778ff001c1b727795154

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bgitopazdowntown.ddireal.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 02 Feb 2023 02:29:50 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Connection: keep-alive
Content-Length: 6493
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 08 Jun 2022 01:32:22 GMT
ETag: "629ffc26-195d"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=utf-8
Allow: GET, POST, OPTIONS
Access-Control-Allow-Methods: POST
Cache-Control: max-age=10368000

GET
H/1.1 200
OK utag.js Show response
static.wellsfargo.com/tracking/secure-auth/ 33 KB
10 KB 137ms
137ms Script
application/javascript 104.83.4.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.wellsfargo.com/tracking/secure-auth/utag.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.83.4.33 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-83-4-33.deploy.static.akamaitechnologies.com

Software

Resource Hash

6478879db9ed10ac3e8ada3fbd66208b544cced5c08040333ac2334c8aa8b48c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bgitopazdowntown.ddireal.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Thu, 02 Feb 2023 02:29:51 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Last-Modified: Tue, 24 Jan 2023 07:23:58 GMT
ETag: W/"63cf878e-8485"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=1800
Connection: keep-alive
Content-Length: 10074
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK ttms.gif
static.wellsfargo.com/tracking/reporting/ 43 B
673 B 141ms
141ms Image
image/gif 104.83.4.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.wellsfargo.com/tracking/reporting/ttms.gif?capability=LiveRamp&appId=loginapp&wfaCookie=11202206270424411143497415&error=timeout&pageId=LOGIN&pageType=BROWSER&deviceType=DESKTOP&c_t=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.83.4.33 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-83-4-33.deploy.static.akamaitechnologies.com

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bgitopazdowntown.ddireal.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Thu, 02 Feb 2023 02:29:51 GMT
$host: wellsfargo.com
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Last-Modified: Thu, 16 Jan 2020 21:55:22 GMT
ETag: "5e20dbca-2b"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: POST
Content-Type: image/gif
Allow: GET, POST, OPTIONS
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2 200 wellsfargosans-rg.woff2
www15.wellsfargomedia.com/wfui/css/fonts/ 22 KB
22 KB 88ms
24ms Font
font/woff2 23.37.49.167
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www15.wellsfargomedia.com/wfui/css/fonts/wellsfargosans-rg.woff2

Requested by

Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/static/ui/loginaltsignon/public/stylesheets/wfui.5d3fa5b6daab852c2a31.chunk.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.49.167 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-49-167.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

631f3b6267a831a8d67c45e480b5d5a2601f10ff8708bcf3a45a41b377a129cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://connect.secure.wellsfargo.com/
Origin: http://bgitopazdowntown.ddireal.vn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains;
date: Thu, 02 Feb 2023 02:29:50 GMT
x-content-type-options: nosniff
last-modified: Tue, 26 Feb 2019 19:38:34 GMT
server: KONICHIWA/2.0
etag: "5798-582d133e56280"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 22424
x-xss-protection: 1; mode=block
expires: Fri, 02 Feb 2024 02:29:50 GMT

GET
H2 200 wellsfargosans-sbd.woff2
www15.wellsfargomedia.com/wfui/css/fonts/ 22 KB
22 KB 71ms
7ms Font
font/woff2 23.37.49.167
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www15.wellsfargomedia.com/wfui/css/fonts/wellsfargosans-sbd.woff2

Requested by

Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/static/ui/loginaltsignon/public/stylesheets/wfui.5d3fa5b6daab852c2a31.chunk.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.49.167 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-49-167.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

ab9d8c97b35ed86b6224aca911aa304a0d7dbcbd28e00a4c6585b96e28ed30ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://connect.secure.wellsfargo.com/
Origin: http://bgitopazdowntown.ddireal.vn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains;
date: Thu, 02 Feb 2023 02:29:50 GMT
x-content-type-options: nosniff
last-modified: Tue, 26 Feb 2019 19:38:34 GMT
server: KONICHIWA/2.0
etag: "5848-582d133e56280"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 22600
x-xss-protection: 1; mode=block
expires: Fri, 02 Feb 2024 02:29:50 GMT

GET
H2 200 wellsfargoserif-rg.woff2
www15.wellsfargomedia.com/wfui/css/fonts/ 26 KB
26 KB 81ms
17ms Font
font/woff2 23.37.49.167
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www15.wellsfargomedia.com/wfui/css/fonts/wellsfargoserif-rg.woff2

Requested by

Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/static/ui/loginaltsignon/public/stylesheets/wfui.5d3fa5b6daab852c2a31.chunk.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.49.167 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-49-167.deploy.static.akamaitechnologies.com

Software

KONICHIWA/2.0 /

Resource Hash

aeb7b3bfc4281d35b02dfde05ac7a6c0d3daa7f3123b35a9cbd4b5a8e3f3c310

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://connect.secure.wellsfargo.com/
Origin: http://bgitopazdowntown.ddireal.vn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains;
date: Thu, 02 Feb 2023 02:29:50 GMT
x-content-type-options: nosniff
last-modified: Mon, 11 Mar 2019 20:52:01 GMT
server: KONICHIWA/2.0
etag: "6854-583d7be82be40"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 26708
x-xss-protection: 1; mode=block
expires: Fri, 02 Feb 2024 02:29:50 GMT

GET
H2

200

/ Show response
adservice.google.de/ddm/fls/p/src=2549153;dc_pre=CKrPp7fl9fwCFXRDHgIdcGAB0g;type=allv40;cat=all_a012;u1=11202206270424411143497415;u4=LOGIN;u5=n;u8=loginapp;u11=PROD;u19=GA1.2.848135748.1656329096;... Frame AE14
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=2549153;type=allv40;cat=all_a012;u1=11202206270424411143497415;u4=LOGIN;u5=n;u8=loginapp;u11=PROD;u19=GA1.2.848135748.1656329096;u23=DESKTOP;ord=12086686...
https://ad.doubleclick.net/ddm/activity/src=2549153;dc_pre=CKrPp7fl9fwCFXRDHgIdcGAB0g;type=allv40;cat=all_a012;u1=11202206270424411143497415;u4=LOGIN;u5=n;u8=loginapp;u11=PROD;u19=GA1.2.848135748.1...
https://adservice.google.com/ddm/fls/p/src=2549153;dc_pre=CKrPp7fl9fwCFXRDHgIdcGAB0g;type=allv40;cat=all_a012;u1=11202206270424411143497415;u4=LOGIN;u5=n;u8=loginapp;u11=PROD;u19=GA1.2.848135748.16...
https://adservice.google.de/ddm/fls/p/src=2549153;dc_pre=CKrPp7fl9fwCFXRDHgIdcGAB0g;type=allv40;cat=all_a012;u1=11202206270424411143497415;u4=LOGIN;u5=n;u8=loginapp;u11=PROD;u19=GA1.2.848135748.165...

42 B
476 B

132ms
56ms

Document
image/gif

2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/p/src=2549153;dc_pre=CKrPp7fl9fwCFXRDHgIdcGAB0g;type=allv40;cat=all_a012;u1=11202206270424411143497415;u4=LOGIN;u5=n;u8=loginapp;u11=PROD;u19=GA1.2.848135748.1656329096;u23=DESKTOP;ord=1208668656271.3545;~oref=http://bgitopazdowntown.ddireal.vn/

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bgitopazdowntown.ddireal.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 42
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 02:29:51 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 02:29:51 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://adservice.google.de/ddm/fls/p/src=2549153;dc_pre=CKrPp7fl9fwCFXRDHgIdcGAB0g;type=allv40;cat=all_a012;u1=11202206270424411143497415;u4=LOGIN;u5=n;u8=loginapp;u11=PROD;u19=GA1.2.848135748.1656329096;u23=DESKTOP;ord=1208668656271.3545;~oref=http://bgitopazdowntown.ddireal.vn/
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET idl
api.rlcdn.com/api/identity/ 0
0

GET
H/1.1 200
OK utag.21.js Show response
static.wellsfargo.com/tracking/secure-auth/ 4 KB
2 KB 215ms
215ms Script
application/javascript 104.83.4.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.wellsfargo.com/tracking/secure-auth/utag.21.js?utv=ut4.49.202210132016

Requested by

Host: static.wellsfargo.com
URL: https://static.wellsfargo.com/tracking/secure-auth/utag.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.83.4.33 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-83-4-33.deploy.static.akamaitechnologies.com

Software

Resource Hash

f6d94388f08f73ea73adbfa84c4ec5bff48ba7130e76c71479fcbf832c302d7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bgitopazdowntown.ddireal.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Thu, 02 Feb 2023 02:29:51 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Last-Modified: Mon, 07 Nov 2022 21:02:08 GMT
ETag: W/"63697250-1123"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=1800
Connection: keep-alive
Content-Length: 1841
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK medallia-digital-embed.js Show response
static.wellsfargo.com/tracking/medallia/wdcusprem/57907/onsite/ 2 KB
1 KB 24ms
24ms Script
application/javascript 104.83.4.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.wellsfargo.com/tracking/medallia/wdcusprem/57907/onsite/medallia-digital-embed.js

Requested by

Host: static.wellsfargo.com
URL: https://static.wellsfargo.com/tracking/secure-auth/utag.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.83.4.33 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-83-4-33.deploy.static.akamaitechnologies.com

Software

Resource Hash

988ce210a0f58c104e2c122eb42338ddd85ff2e33b9b0ffe3af2d7df9e2b00ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bgitopazdowntown.ddireal.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Thu, 02 Feb 2023 02:29:51 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Last-Modified: Wed, 12 Oct 2022 20:08:15 GMT
ETag: W/"63471eaf-798"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=1800
Connection: keep-alive
Content-Length: 819
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK generic1661785830759.js Show response
static.wellsfargo.com/tracking/medallia/wdcusprem/57907/onsite/ 339 KB
77 KB 28ms
28ms Script
application/javascript 104.83.4.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.wellsfargo.com/tracking/medallia/wdcusprem/57907/onsite/generic1661785830759.js

Requested by

Host: static.wellsfargo.com
URL: https://static.wellsfargo.com/tracking/medallia/wdcusprem/57907/onsite/medallia-digital-embed.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.83.4.33 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-83-4-33.deploy.static.akamaitechnologies.com

Software

Resource Hash

c567736fbf5b10d4933ff5632a372890f0cd43804f0e17ec9d5c8b1c9b8a14ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bgitopazdowntown.ddireal.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Thu, 02 Feb 2023 02:29:51 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Last-Modified: Wed, 12 Oct 2022 20:08:15 GMT
ETag: W/"63471eaf-54d3a"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=1800
Connection: keep-alive
Content-Length: 78340
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK vyHb Show response
connect.secure.wellsfargo.com/AIDO/ 90 B
2 KB 221ms
221ms Script
text/javascript 2.16.187.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/AIDO/vyHb?d=ZW5jZEBHWDMwUzF4cWJlOVdRb3NFVGl5a1hMMWovNVh5dWVLdExLRyt6RGVrbVVBL2VqekZ3U25ORFp6dGVlRXFiaENTOWptb29nYmJTdDY0dUxNSENrVmxxcjh5SUZTaUlUUG52blYzNUxHVmFQNnIrQ0tZd3JEQVZWRjc1eEY1YUdSd1RBYWwvV0lBWC9iaWdkV1BMOU1tdGY2Ulh2aXdMZE5NcVN2cHBOSWtaRGRnRHRKbHNydFpNZUd1N2E2THE1OTFjUTJpQW1yOCtzMzVhTXpJVU9kN0lmTUZZVGFVbkUrcGc5ZnN0NTRKSzcyRC9OQVMybFZKVXR5bng0MkZvbGhmWHMyOGMrYS9aQUJQaVBFaUVId1RFeXVVRmxaQ0x0QU5sVXp3dm1UWHp3PT18NWVhOGNlOGM4ODM3MWNjN2ZkMThkNGFjMWIyYjYzM2IwNjIxODdhMzE5YzU3NjAxODI5OWFjMWM0ODUxZmRlZDllZTcyYzBkM2U5NGI2ZDM3M2VjYzdlODAyYjEzYTIzY2E5ZDk5ZWUzYmVmM2U1N2RmYmQ3MTk5ZWY2MDc3MzYyNmVlYzYzYWM4NDQzNGI0ZWNlZDFhZjU0MWViNTNhZmE3MDUwODMwNTZjMTg4NTlmMGNiYzNiMjYwNWI0MzBkZjJjZTI2Njc3YzJlNDYzZDA3Y2I4MjE1MzMyNjZhOTUzMjM2MmUzZTE0NzhiYWNjYmMwMWE0MTViZWQ3MGVmNmFhZDc4YTVkMWU2NWZlMGYwY2ViYTExYzNmNWM2NjZmMjQ2MjFhOTM3ZjUyNDk3MjAwMGE1ZGM3NzM1ZTk5NzllZjdjMDAxNWY5MmIzYjY1NDFhYjAxZmRmZjAzZDViNWNhNDEyYjZiYzhlMGU2ZWUxMWUzMGFmMzI1ZjhlZjRjNDA0MWMxYTYxMDEzMTVkNjg4NTJkOTc2Y2M1MjM0ZjQwYTk2NjA1Y2M0MmYwOTkzMWZmNWM3NDdlZDdlN2ZjODM5NjNlMWI1Y2Y2YzNlZWI2Y2E2ZDdiYjY4YjA1MTk1YmFkMWJmZDU2ZTM0OGQ1YTBkNTQ3MmZmMzNiZjliMzh8MDBlZTBiNjJlY2FhYzg5Zg%3D%3D&cid=15%2C33&si=4&e=http%3A%2F%2Fbgitopazdowntown.ddireal.vn&t=jsonp&c=wbzou_bgqqlvtm_i&eu=http%3A%2F%2Fbgitopazdowntown.ddireal.vn%2Fwp-content%2Fthemes%2Ftwentytwenty%2Fclasses%2Fwells%2Fsignon.php

Requested by

Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/AIDO/trx.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-187-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

f4b64468a78b11eaf57ddeb656408e55eff3209a4eeb76ce343431f940343ca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bgitopazdowntown.ddireal.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma: no-cache
Date: Thu, 02 Feb 2023 02:29:52 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
max-age: 0
Vary: Accept-Encoding
Content-Type: text/javascript
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 90
X-XSS-Protection: 1; mode=block
Expires: -1

GET
H/1.1 200
OK vyHb Show response
connect.secure.wellsfargo.com/AIDO/ 89 B
2 KB 226ms
225ms Script
text/javascript 2.16.187.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/AIDO/vyHb?d=ZW5jZEBGRDBQdGI2RjVJclJvZ3Z2VHdKbGJMU01Fd29QcVRsMHB0Z2lQTzI5b0FvQ3d5RmpOcDhuZDdMaWQ0Ni9Zajk3YmpzblY0N2tTN00wODlQQktvdmw5a0ZrcEpGVWdTYjkrWExLejFoRTJQcE5XRWlUVzJHZEx6aTh6Y1J0Y0tFL24rSVppTiszcmtYd3RrcndiWGo2VFJXeUlDSmJnN1B4RUhYMTdVWVVjVHF6ME5lNXpGZmJNYlREMFBBb0o1N1VIZEl0dHVHY2pWb3JRNnd1ZnBySW9RaVFOQkJpZTRSd01vYmRUMWtHdkdtb3pFVTdMRDJESDlrT1UraUVjWWp4UmM1a0sxa3BQSCtsbVZHcEpZTElzM3NmRUVyN0NJWFlzQ3NXbHFRWHlRam81UERRbFM4UXVYU0JSSHJYOEptb0k4eHAwMXpNeTRmektwMTNLNVJVR3pKYThwS1hmOWpPQmJKYkorR09PZCs2RGN1eHUwbW9WN240K09yMlFva2NxR3NGSC9TNVdzc2o2VjRoaFZhR2pTQ0lTL1Jhdk52ODBvbzhlZWROVDJpOE5lNElodkdRTTBTcStZTEh1akdOZ1FMNjZ6UE1mOHJlZytvTjN5UWF6cFppVk5aSy9hQ3hvUDUwZVNVd1NtN2tpVGxIc0ltbnFST2crak5XNmRKOGlQNzQrRUkrRnU5a1hxRG9jbG15b2ZIc0VUWHhTdHBndEpiTmV6UEt6cDFORjlYUDdrVTZsWGxEYzN5NW9NUjRNTkxidGNzaXk5TnRjVjNlem1MSjdDWXVicUdpVTI2NHlvLytxelVYYmZwUHlhZ3U3VEtzNXhyOVhJOU5KNjh0UUdqWEdOR3phL0FoamxhbGZmNTVadms4TjRKRS9JMW95WTUvc1R4YUdQZ21wbzJYTzhyT0dXVjkvUGYrTDFjWUtHQ3BBZ0JHamF2WWsrSnRycnNIcXFtVHZoczEwYXgwck9XcllBazdWbDg9fGE2YzI2NjI5NzE2ODVjNDkxMzQ5NWNhZTlmYzA4N2NiZThhZjI3YjFlN2Y0ZTRiMTk5YTZhYWRiNWFjYWFjNzIwNzQ3YjQ3YzczMjVhODMyZmM2NTYwZGIxZDYxYzczYWExNDdiZWQwZmRiYjg1MDcxYTFiZTVmM2QyODYxMWJjOWRhZjg2YTU2NTE3NDYxZDNjYzg0MTNmZjk5MTg1YzIzYjU0MTQzODA0MWRlMGMyYjAwYjBiY2M2NDRjNDFiYzExYmRjNzljNzg2NTdmYTMyMDJjMzA5MzliZDMxMTVjODIzMTNlMmE3Y2M2YTk5YmVmN2Y2MDlmZTQwOTJmZTQ5NzViOTU5MzMzZGViMDgyYTA4MTZiMzk0NDM4NTFjNzQ0ZjQxNTY2ZjRiMmY5ODUzZDQ0YTgxMmRjYmU1ODhhZWRjNzhmZmI5NjhjOTFjMGQ0NWNlMjY1NDNmZTc1NjI2ZjI1YjkzZDZhYjMyN2FjOTQzNWIxZDZlNjgwYzZiMGUwY2EyOTU2ZDVjYjllNGUyMzU3ZmU0OGVjNDcwYTFmOTc4MWM5ZDRlMTM5YmU2ZWRhZDkyODY3ODYwZWE2NDg3OTJiYTc4ZDFmNzRkNDdkYWJjYjU3N2IyM2IyZDQ4MmExMjZlZWEyMTgxMDE4YzMxYThjYTg0ZmM2NTU2OGYyfDAwZWUwYjYyZWNhYWM4OWY%3D&cid=15%2C8&si=4&e=http%3A%2F%2Fbgitopazdowntown.ddireal.vn&t=jsonp&c=vfsxtliyv_wvkviw&eu=http%3A%2F%2Fbgitopazdowntown.ddireal.vn%2Fwp-content%2Fthemes%2Ftwentytwenty%2Fclasses%2Fwells%2Fsignon.php

Requested by

Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/AIDO/trx.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-187-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

7641062e10a894814caa9248381c3f3602a108c8063ee475111dc5056c8f28f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bgitopazdowntown.ddireal.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Expires: -1
Pragma: no-cache
Date: Thu, 02 Feb 2023 02:29:52 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
max-age: 0
Vary: Accept-Encoding
Content-Type: text/javascript
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
X-Cnection: close
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 89
X-XSS-Protection: 1; mode=block
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))

GET
H/1.1 200
OK vyHb Show response
connect.secure.wellsfargo.com/AIDO/ 90 B
2 KB 223ms
223ms Script
text/javascript 2.16.187.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/AIDO/vyHb?d=ZW5jZEBCMGJkL1pSZEwxRUpLNWR3dFBsMksyVVlLZVVwVjNzVi9PeExIYzNwbzlLaEw3VzhXYThZWms5Y0VIQkpBckdMSm9OZmE4TjBRd05Salo4R1ZvUldsVTJibTc1aWgxcU5QMHlEN2VOZ0pPaENhVVZoSzBKbjM2NDVESnFTbCtqOVlHOEtlT1d3UldHczV5eTBOSENqLzJKN3ZMU2xhN3JhenhBdEg1OEgrcTRJSVVDOTBJODhhMFA0WFowNzg3czQ3TGg2SU91bGlTN2QzUXJvcEFEWXZvZGhUcnBiTU0rOXhGVXFaOHlLVTlRQWdCVGFyTENjRWg2aHBnZDNwY29oK09UTzdGNG1lRVBhY0RGbThLMDlVTXZCWGlDVnhRK1hKTEh4SERralQ4dGhzVTZZMWI1VXQvZHhmYy9Dd0tDNmFEYjRsUWhaQXJoNmx1WjU5WjhkS0JFaFpSQ0Q1SGF0czd0UjJXY3IrVHd4Y1VuSHgwa016M3ZmY0Q0RmxYcENvRDlybWtERnFnRXFBR1M4ZlF6OEcyY1hOcUVNVWorTitNZDY2RW9SaVBDS0dvZGFTNE9PaEY4emhQZUJkejU0QWZTaGJ4Y0xWd3A4UldPYjAzck9naWZaaTBIbmdUWE9yUXAxanJYakxRMFd1dlZFbnFrUGZreEx1SFN4bmVjUU9Dd2FWY1JaRlRqc3Y5NVdUS0tnaHlkZFN0R1hzOTlVdEcrZElOelVrcXZHMzIvT3Z4QzVpUFk3RXYvaHdaTmFIcDdhQllBZGdpWWVVT2p4aUx4bEczRU04YmU4RG1oV1FQVkpWWjRpQ2t4VlNFRWJMZng5LysydytPbVM2Q2RVckhFMWlRVFZ0M1h3YXhVZzEydWNoOUt5U0VQS3hiR0QxejhlTzRwQ3V5eUhRb3p1NytEUEJ2YVJjaGh1WTlYRCtPK0VPOEx3QVRReElpdFRoem9kdk8rMHlDUy9abXhUNlpxczg1MGhFV0FGc3BndUxySURmWURLSlZKU0xiZmVJSDNCWTZqZVJLNlZZUzFBV2F4NHVxSUVBcnVPQ0ZmajRQSHhYNW9QMjM1WURtUG5UdXRNY2RoTWlsVXlOellmWDduMmN0cXlwV3Exa1QxS0dGa25sT3krYUVvTWlEZUN5ZEpTN3YyQjB6eW5QcE1ZRDQwK2FpTUp1T0pMZWVlM1JlOVluOW1haXA1TzQxZ0MzWWhrdzJjNjRHdWRsMkJiVjRxU3dSdHpjVXAzK1E0NjJXU3BpdVljUTBVPXw0MWY2ODYxZWMxYjExOWM5ZGU4MzJiOWMwM2E0ZDJjMGE0Yzc4YzAyMjgxNmI1MjljMDc1MGEyOGRiMjFiMTRiNjdmNmNjYjBmNmY1MzZjNjNjZGFlNjJjN2FiMGM4NTAxYjBiYmNmOTA2MDRmMGMzNGU4NGE0ZDJhMjg3NzNjZmM2ZGRkZjg0NTA4MWVlYmU3ZDQxZjdkYzRjYTI3NWYwNmI4MzgwOWQxMmZlOTJiM2Q5MWU2Nzk3MDdkMzY1NjQ0NjY3YzIxMTU5OGVhODgxM2U5Y2E2ODcwMGQzZWI3ZTJjYTYwMGE1M2QyODI4NWExOTJiOTNiMThlYzNkYTU0ZWM2ZWRmNTZhZjQ1YzAyZDg2NjQ2ZDgzYzI0NzliZjVhNjdlZTQ1NmQ1YTYxMzUxNzg4NTNkOTY0ZWUyNjNlNGRmMjA0MmE4ZmIwM2I2MmU4ZWNhMmE3NmJmZGY4ODYyN2MzMzNkODkzOTgwZmExZTBlMjEwYWJlOTA1NTVjYTJhYWUwOGMwNDM4MjAxY2U2YzJkMWQwN2RjODlkYmE4OTMxZDQ0YjZkY2E2YmRkOTliNjA5ZjVlYmVhYzVhNDY3NTE2YjRiOGFkZWM3NDQ1MDQ3ZjZlNTYyMzMyNjY2YTljNGNkODU5ZDM3ZDQ1MzZkZTA4NGJlMGIyZWU4ZWNjZXwwMGVlMGI2MmVjYWFjODlm&cid=15%2C16&si=2&e=http%3A%2F%2Fbgitopazdowntown.ddireal.vn&t=jsonp&c=b_yxnrpmnpqzqtyb&eu=http%3A%2F%2Fbgitopazdowntown.ddireal.vn%2Fwp-content%2Fthemes%2Ftwentytwenty%2Fclasses%2Fwells%2Fsignon.php

Requested by

Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/AIDO/glu.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-187-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

1633cff0d21b3a2b3ac1252ae3fe43aeb1df0f1dce738dc51b0d3c3edbe526fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bgitopazdowntown.ddireal.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma: no-cache
Date: Thu, 02 Feb 2023 02:29:52 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
max-age: 0
Vary: Accept-Encoding
Content-Type: text/javascript
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 90
X-XSS-Protection: 1; mode=block
Expires: -1

GET
H/1.1 200
OK / Show response
connect.secure.wellsfargo.com/AIDO/convoy.html/discovercard.com/dfs/accounthome/summary/www.schwab.com/secure.accurint.com/unfcu2.org//login1/wachovia.com/MyAccounts.aspx/investing.schwab.com/secur... Frame ECBB 69 KB
30 KB 773ms
773ms Document
text/html 2.16.187.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/AIDO/convoy.html/discovercard.com/dfs/accounthome/summary/www.schwab.com/secure.accurint.com/unfcu2.org//login1/wachovia.com/MyAccounts.aspx/investing.schwab.com/secure/schwab///https://snsbank.nl/mijnsns/secure/login/httpsabph.pl/pi/do/Authorization/alfabank.ru/swedbank/pf.bgz.pl/httponline.eurobank.pl/?cid=5&si=3&e=http%3A%2F%2Fbgitopazdowntown.ddireal.vn&t=xframe&eu=http%3A%2F%2Fbgitopazdowntown.ddireal.vn%2Fwp-content%2Fthemes%2Ftwentytwenty%2Fclasses%2Fwells%2Fsignon.php&icid=167530499201814245

Requested by

Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/AIDO/try.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-187-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

1e2f52c125e6e58366a3a410a060fc8475c36cc0523d3b4f15d49377c5c5ac89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bgitopazdowntown.ddireal.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 28980
Content-Type: text/html
Date: Thu, 02 Feb 2023 02:29:52 GMT
Expires: -1
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma: no-cache
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Vary: Accept-Encoding
X-Akamai-Transformed: 9 37290 0 pmb=mTOE,1
X-XSS-Protection: 1; mode=block
max-age: 0

GET
H/1.1 200
OK elegant.html Show response
connect.secure.wellsfargo.com/AIDO/ Frame C150 76 KB
33 KB 774ms
774ms Document
text/html 2.16.187.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/AIDO/elegant.html?si=3&e=http%3A%2F%2Fbgitopazdowntown.ddireal.vn&t=xframe&eu=http%3A%2F%2Fbgitopazdowntown.ddireal.vn%2Fwp-content%2Fthemes%2Ftwentytwenty%2Fclasses%2Fwells%2Fsignon.php&icid=167530499202569119

Requested by

Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/AIDO/try.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-187-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

9abd85d49287738590234589863e1a1a2b9f3faa13018120648d898c3fcf759f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bgitopazdowntown.ddireal.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 32129
Content-Type: text/html
Date: Thu, 02 Feb 2023 02:29:52 GMT
Expires: -1
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma: no-cache
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Vary: Accept-Encoding
X-Akamai-Transformed: 9 41337 0 pmb=mTOE,1
X-XSS-Protection: 1; mode=block
max-age: 0

GET
H2 200 onsiteData.json Show response
resources.digital-cloud-prem.medallia.com/wdcusprem/57907/onsite/ 26 KB
2 KB 46ms
7ms XHR
application/json 151.101.65.230
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.digital-cloud-prem.medallia.com/wdcusprem/57907/onsite/onsiteData.json

Requested by

Host: static.wellsfargo.com
URL: https://static.wellsfargo.com/tracking/medallia/wdcusprem/57907/onsite/generic1661785830759.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.65.230 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

67de32b64d12842252ed6f84bf84f82ec594e0c90d9a7fcacef1ff32f06778fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bgitopazdowntown.ddireal.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: Opbxz_xndE31tgAdXrS7zLsEpNCLZ9SJ
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Thu, 02 Feb 2023 02:29:52 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: ZVR7KG1BQXVFM2TS
age: 2361233
x-cache: HIT, HIT
content-length: 1742
x-amz-id-2: K9E6Lyn+5zYa02+BxUqOd1Ieh5RKsSyELv7lzKovxEeIMRmFJhuRKBOapqg1hA2HtHbXLhUapfU=
x-served-by: cache-pao17458-PAO, cache-hhn-etou8220074-HHN
last-modified: Thu, 05 Jan 2023 18:35:58 GMT
server: AmazonS3
x-timer: S1675304992.141235,VS0,VE0
etag: "2e8716b6038e3c354a2da4f630551d90"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0,must-revalidate
accept-ranges: bytes
x-cache-hits: 188720, 28

POST
H2 200 track Show response
udc-neb.kampyle.com/v1/qceuv8449dzg58ptt1bhda9g8ue19c7s/ 59 B
424 B 154ms
99ms XHR
text/plain 35.241.45.82
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://udc-neb.kampyle.com/v1/qceuv8449dzg58ptt1bhda9g8ue19c7s/track
Requested by: Host: static.wellsfargo.com
URL: https://static.wellsfargo.com/tracking/medallia/wdcusprem/57907/onsite/generic1661785830759.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 82.45.241.35.bc.googleusercontent.com
Software: Jetty(9.2.11.v20150529) /
Resource Hash: cbc1399b82e42018fbc8b8b9277200665d6367c9134ead9308ea5e568b00e459

Request headers

Referer: http://bgitopazdowntown.ddireal.vn/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

x-me: prod-instance-gatewayservice-green-s5cn
date: Thu, 02 Feb 2023 02:29:52 GMT
via: 1.1 google
server: Jetty(9.2.11.v20150529)
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: text/plain;charset=ISO-8859-1
access-control-allow-origin: http://bgitopazdowntown.ddireal.vn
access-control-allow-credentials: true
alt-svc: clear
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
content-length: 59
x-application-context: application:9090

POST
H2 200 track Show response
udc-neb.kampyle.com/v1/qceuv8449dzg58ptt1bhda9g8ue19c7s/ 59 B
154 B 149ms
100ms XHR
text/plain 35.241.45.82
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://udc-neb.kampyle.com/v1/qceuv8449dzg58ptt1bhda9g8ue19c7s/track
Requested by: Host: static.wellsfargo.com
URL: https://static.wellsfargo.com/tracking/medallia/wdcusprem/57907/onsite/generic1661785830759.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 82.45.241.35.bc.googleusercontent.com
Software: Jetty(9.2.11.v20150529) /
Resource Hash: cbc1399b82e42018fbc8b8b9277200665d6367c9134ead9308ea5e568b00e459

Request headers

Referer: http://bgitopazdowntown.ddireal.vn/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

x-me: prod-instance-gatewayservice-green-4nhr
date: Thu, 02 Feb 2023 02:29:52 GMT
via: 1.1 google
server: Jetty(9.2.11.v20150529)
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: text/plain;charset=ISO-8859-1
access-control-allow-origin: http://bgitopazdowntown.ddireal.vn
access-control-allow-credentials: true
alt-svc: clear
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
content-length: 59
x-application-context: application:9090

GET
H/1.1 200
OK vDRE Show response
connect.secure.wellsfargo.com/mONDkfiy/X6hofEd/48nOVHD/ZW/z5YJtVNp/cw0VPRww/YWt5GQU/ Frame ECBB 182 KB
73 KB 13ms
13ms Script
application/javascript 2.16.187.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/mONDkfiy/X6hofEd/48nOVHD/ZW/z5YJtVNp/cw0VPRww/YWt5GQU/vDRE

Requested by

Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/AIDO/convoy.html/discovercard.com/dfs/accounthome/summary/www.schwab.com/secure.accurint.com/unfcu2.org//login1/wachovia.com/MyAccounts.aspx/investing.schwab.com/secure/schwab///https://snsbank.nl/mijnsns/secure/login/httpsabph.pl/pi/do/Authorization/alfabank.ru/swedbank/pf.bgz.pl/httponline.eurobank.pl/?cid=5&si=3&e=http%3A%2F%2Fbgitopazdowntown.ddireal.vn&t=xframe&eu=http%3A%2F%2Fbgitopazdowntown.ddireal.vn%2Fwp-content%2Fthemes%2Ftwentytwenty%2Fclasses%2Fwells%2Fsignon.php&icid=167530499201814245

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-187-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

233a5cb7ccfbad3e40b0984592960920bdcf915fd9d987ae3d5ebabcb32e86c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.secure.wellsfargo.com/AIDO/convoy.html/discovercard.com/dfs/accounthome/summary/www.schwab.com/secure.accurint.com/unfcu2.org//login1/wachovia.com/MyAccounts.aspx/investing.schwab.com/secure/schwab///https://snsbank.nl/mijnsns/secure/login/httpsabph.pl/pi/do/Authorization/alfabank.ru/swedbank/pf.bgz.pl/httponline.eurobank.pl/?cid=5&si=3&e=http%3A%2F%2Fbgitopazdowntown.ddireal.vn&t=xframe&eu=http%3A%2F%2Fbgitopazdowntown.ddireal.vn%2Fwp-content%2Fthemes%2Ftwentytwenty%2Fclasses%2Fwells%2Fsignon.php&icid=167530499201814245
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Thu, 02 Feb 2023 02:29:52 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Last-Modified: Mon, 05 Dec 2022 18:21:50 GMT
ETag: "c065b170d98e55180d9d0ec22203687e78580f5a9c71964c6b1b97f01595bfe0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=21600
Connection: keep-alive
Content-Length: 72934

GET
H/1.1 200
OK vDRE Show response
connect.secure.wellsfargo.com/mONDkfiy/X6hofEd/48nOVHD/ZW/z5YJtVNp/cw0VPRww/YWt5GQU/ Frame C150 182 KB
73 KB 13ms
12ms Script
application/javascript 2.16.187.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/mONDkfiy/X6hofEd/48nOVHD/ZW/z5YJtVNp/cw0VPRww/YWt5GQU/vDRE

Requested by

Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/AIDO/elegant.html?si=3&e=http%3A%2F%2Fbgitopazdowntown.ddireal.vn&t=xframe&eu=http%3A%2F%2Fbgitopazdowntown.ddireal.vn%2Fwp-content%2Fthemes%2Ftwentytwenty%2Fclasses%2Fwells%2Fsignon.php&icid=167530499202569119

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-187-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

233a5cb7ccfbad3e40b0984592960920bdcf915fd9d987ae3d5ebabcb32e86c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.secure.wellsfargo.com/AIDO/elegant.html?si=3&e=http%3A%2F%2Fbgitopazdowntown.ddireal.vn&t=xframe&eu=http%3A%2F%2Fbgitopazdowntown.ddireal.vn%2Fwp-content%2Fthemes%2Ftwentytwenty%2Fclasses%2Fwells%2Fsignon.php&icid=167530499202569119
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Thu, 02 Feb 2023 02:29:52 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Last-Modified: Mon, 05 Dec 2022 18:21:50 GMT
ETag: "c065b170d98e55180d9d0ec22203687e78580f5a9c71964c6b1b97f01595bfe0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=21600
Connection: keep-alive
Content-Length: 72934

POST
H/1.1 201
Created vDRE Show response
connect.secure.wellsfargo.com/mONDkfiy/X6hofEd/48nOVHD/ZW/z5YJtVNp/cw0VPRww/YWt5GQU/ Frame ECBB 18 B
2 KB 19ms
19ms XHR
application/json 2.16.187.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/mONDkfiy/X6hofEd/48nOVHD/ZW/z5YJtVNp/cw0VPRww/YWt5GQU/vDRE

Requested by

Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/mONDkfiy/X6hofEd/48nOVHD/ZW/z5YJtVNp/cw0VPRww/YWt5GQU/vDRE

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-187-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

Referer: https://connect.secure.wellsfargo.com/AIDO/convoy.html/discovercard.com/dfs/accounthome/summary/www.schwab.com/secure.accurint.com/unfcu2.org//login1/wachovia.com/MyAccounts.aspx/investing.schwab.com/secure/schwab///https://snsbank.nl/mijnsns/secure/login/httpsabph.pl/pi/do/Authorization/alfabank.ru/swedbank/pf.bgz.pl/httponline.eurobank.pl/?cid=5&si=3&e=http%3A%2F%2Fbgitopazdowntown.ddireal.vn&t=xframe&eu=http%3A%2F%2Fbgitopazdowntown.ddireal.vn%2Fwp-content%2Fthemes%2Ftwentytwenty%2Fclasses%2Fwells%2Fsignon.php&icid=167530499201814245
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 02 Feb 2023 02:29:52 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://connect.secure.wellsfargo.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type
Content-Length: 18

POST
H/1.1 201
Created vDRE Show response
connect.secure.wellsfargo.com/mONDkfiy/X6hofEd/48nOVHD/ZW/z5YJtVNp/cw0VPRww/YWt5GQU/ Frame C150 18 B
2 KB 19ms
19ms XHR
application/json 2.16.187.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/mONDkfiy/X6hofEd/48nOVHD/ZW/z5YJtVNp/cw0VPRww/YWt5GQU/vDRE

Requested by

Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/mONDkfiy/X6hofEd/48nOVHD/ZW/z5YJtVNp/cw0VPRww/YWt5GQU/vDRE

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-187-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

Referer: https://connect.secure.wellsfargo.com/AIDO/elegant.html?si=3&e=http%3A%2F%2Fbgitopazdowntown.ddireal.vn&t=xframe&eu=http%3A%2F%2Fbgitopazdowntown.ddireal.vn%2Fwp-content%2Fthemes%2Ftwentytwenty%2Fclasses%2Fwells%2Fsignon.php&icid=167530499202569119
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 02 Feb 2023 02:29:52 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://connect.secure.wellsfargo.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type
Content-Length: 18

GET
H/1.1 200
OK ay6u Show response
connect.secure.wellsfargo.com/AIDO/ 80 B
2 KB 210ms
210ms Script
text/javascript 2.16.187.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/AIDO/ay6u?d=ZW5jZEBTanM4RnFydzRwZkdpdGVyWElHZjFnT2hKUkhPaFV6c1pteVpDeWpRUUZ2RlpseEZ2ZkxJRGl5WWpydnJ1YzJ6OFRxZGkySi9TRVpxblpTSCtJYzVMbTZoQWZzR3AwYm1HeTV6dFVzSVhBS0l3Mm8zdVNhN3lxVklTajRsQXNQQnVCNkFydEp5Z2pzVThwMU1iWjEzT21lTjZITENjMVVORytScUk2dGQzQ0tkYWdHNUVNUGVxYXV5Z1BQUUhvUWdoNTFwa05JYzU0WDhKTWhrQnF4Z2FwNkE2VHlTbi9MaDB1T2t6RDRQeUtDK2phL3BNM2xNMk42YXZWbmNuVFV0L2tyQWhHSFhsdW42amhtZjZlYi9YN2IyVy9BVHBJOHR4aHMrejkxSmFJZC9ib1ZNaHRSQXA2d3ZCb2M4ZU5CVTlQTnRRbFVpMWE0cWJ5eFJ6aVc4bEI5QkJRYjhwRk1DOEVUNC9vQkNQRC9RN1NEK0luUlFWWUFaajh6TGJObjJrSnFEWEplZWE1N0ExTUR0elZCdlRSZUhqcTFOZXBqWjJvTDIzZE9SL1h4Z3J1NVBETjFkbmFBVDlOYmxwazlEcDAzb3hlZnA3dVF0ZExGaHNTUlJhZHMwcEFsbVNrNjR3WVB4Y0ZWbDdFUkZ2VnZuUmgxcU5hV2lvNFhObTJkTTllbmx1MVgzVlgxclNEcUFxSGJEZDUyaFNsRTBabVErRFVHTUNmUjJzSXlHcWh5S0hIQzdxbDZLWk9hdXpBK2RQRGRZQ3dhL3FFeUMzdk5NazNtSFRidy9rTU5MZENQZTJCdUZhd3RtSTc1eTBwRzMxQnJWTUVsVjNLZS9PZDhEZmZWMlR0UEkvM2ZET3FPMFBhaVJJMWJydmRGZW9ROHFPcW84MzVBK1FYcUJXUStSeXpVT21BMnA5U0ZnY1BsK0ZBNFVuYndNSGRiQUVJNEJGT2kyMzhIeit0UGp4R1g3dVNFYjhNQTduT3hYSHcrcEUwYnd5ck5EV2FGMlZxMUhVaWNVUGdrOGRjSWVKRGZ0MFBkekJDaXo4bHQwZkt1VCtuL1RJZ3d0Rnc9PXw1MWRhYjE1YmE1ODVlYWI0OWFhMWJmOTQ4YmVmMmIzNzIzYjBkOTgzZDk1NjU4OTY4MTBmMTU0NWVkYWViZDRkYmI2YjQzZWFiM2NhODhjNmI0OGIxZTU3MGQ5YzNlNDMxNWY4NzQ2ZThlYjI3ZWI0MWVkZTM2ZjJiNWNhMWIxYTFlZWEyNGVmMDkzNzU5YTg1OGY4M2UwYjg0YzUzNGI5ZDNiZTY5ZTk2NjU5OGUyZTBkMjBlZWVhZDQ0ODQxZGZjNGViMmZkZTZlMjM2MzVhMjQyYmUyZTg3YWEyNTA4ZjUwOWYxNmFlN2JhYzE5MjVkMmM0NTI2Y2MyYTgzOWM0ZjQ3YzFjMTMwMDY1ODhhODlmZDU3NGI4MjU0NzYwNTVhYzcxMDI1MDJlODVlNjRhZjlmY2FlYmYzOTUxZTZhNWIxNjkwMmU4MTIzNWRlMDkwNTRlYTJiMWVkODNmNzU2ZmI2ZGJjOTFjYzcxYjZkOTQ4MmE3NGEwYWQ0Y2ExMWYzMTcwZjA0ZWRkMjUwZTBkZTg2NjU3ZmFhMTQ4MGI2M2IyMDU0NWY0OGI0OTYxZTk3OGI0ZWYyYmU2OGIwNDFmMWZjN2RlMmY1ZDU5ZmVkNTZjY2JhYTI4YzRkODMwZDQyNTA2NjhiN2ZiZmViNDJmMDEyNjA0ZjI0NGY0NTQwMnwwMGVlMGI2MmVjYWFjODlm&cid=34&si=3&e=http%3A%2F%2Fbgitopazdowntown.ddireal.vn&t=jsonp&c=ehcpkphmm__tuedb&eu=http%3A%2F%2Fbgitopazdowntown.ddireal.vn%2Fwp-content%2Fthemes%2Ftwentytwenty%2Fclasses%2Fwells%2Fsignon.php

Requested by

Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/AIDO/try.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-187-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

eb458b08c55fa9ecd604e12d9295b936dd8282df9b47aabc754645a523a8ec5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bgitopazdowntown.ddireal.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Pragma: no-cache
Date: Thu, 02 Feb 2023 02:29:53 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
max-age: 0
Vary: Accept-Encoding
Content-Type: text/javascript
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 80
X-XSS-Protection: 1; mode=block
Expires: -1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/mONDkfiy/X6hofEd/48nOVHD/ZW/z5YJtVNp/cw0VPRww/YWt5GQU/vDRE

Requested by

Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/mONDkfiy/X6hofEd/48nOVHD/ZW/z5YJtVNp/cw0VPRww/YWt5GQU/vDRE

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-187-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

Referer: https://connect.secure.wellsfargo.com/AIDO/convoy.html/discovercard.com/dfs/accounthome/summary/www.schwab.com/secure.accurint.com/unfcu2.org//login1/wachovia.com/MyAccounts.aspx/investing.schwab.com/secure/schwab///https://snsbank.nl/mijnsns/secure/login/httpsabph.pl/pi/do/Authorization/alfabank.ru/swedbank/pf.bgz.pl/httponline.eurobank.pl/?cid=5&si=3&e=http%3A%2F%2Fbgitopazdowntown.ddireal.vn&t=xframe&eu=http%3A%2F%2Fbgitopazdowntown.ddireal.vn%2Fwp-content%2Fthemes%2Ftwentytwenty%2Fclasses%2Fwells%2Fsignon.php&icid=167530499201814245
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 02 Feb 2023 02:29:53 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://connect.secure.wellsfargo.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type
Content-Length: 18

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/mONDkfiy/X6hofEd/48nOVHD/ZW/z5YJtVNp/cw0VPRww/YWt5GQU/vDRE

Requested by

Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/mONDkfiy/X6hofEd/48nOVHD/ZW/z5YJtVNp/cw0VPRww/YWt5GQU/vDRE

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-187-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

Referer: https://connect.secure.wellsfargo.com/AIDO/elegant.html?si=3&e=http%3A%2F%2Fbgitopazdowntown.ddireal.vn&t=xframe&eu=http%3A%2F%2Fbgitopazdowntown.ddireal.vn%2Fwp-content%2Fthemes%2Ftwentytwenty%2Fclasses%2Fwells%2Fsignon.php&icid=167530499202569119
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 02 Feb 2023 02:29:53 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://connect.secure.wellsfargo.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type
Content-Length: 18

POST
H/1.1 201
Created vDRE Show response
connect.secure.wellsfargo.com/mONDkfiy/X6hofEd/48nOVHD/ZW/z5YJtVNp/cw0VPRww/YWt5GQU/ Frame ECBB 18 B
2 KB 18ms
18ms XHR
application/json 2.16.187.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/mONDkfiy/X6hofEd/48nOVHD/ZW/z5YJtVNp/cw0VPRww/YWt5GQU/vDRE

Requested by

Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/mONDkfiy/X6hofEd/48nOVHD/ZW/z5YJtVNp/cw0VPRww/YWt5GQU/vDRE

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-187-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

Referer: https://connect.secure.wellsfargo.com/AIDO/convoy.html/discovercard.com/dfs/accounthome/summary/www.schwab.com/secure.accurint.com/unfcu2.org//login1/wachovia.com/MyAccounts.aspx/investing.schwab.com/secure/schwab///https://snsbank.nl/mijnsns/secure/login/httpsabph.pl/pi/do/Authorization/alfabank.ru/swedbank/pf.bgz.pl/httponline.eurobank.pl/?cid=5&si=3&e=http%3A%2F%2Fbgitopazdowntown.ddireal.vn&t=xframe&eu=http%3A%2F%2Fbgitopazdowntown.ddireal.vn%2Fwp-content%2Fthemes%2Ftwentytwenty%2Fclasses%2Fwells%2Fsignon.php&icid=167530499201814245
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 02 Feb 2023 02:29:53 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://connect.secure.wellsfargo.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type
Content-Length: 18

POST
H/1.1 201
Created vDRE Show response
connect.secure.wellsfargo.com/mONDkfiy/X6hofEd/48nOVHD/ZW/z5YJtVNp/cw0VPRww/YWt5GQU/ Frame C150 18 B
2 KB 19ms
18ms XHR
application/json 2.16.187.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.secure.wellsfargo.com/mONDkfiy/X6hofEd/48nOVHD/ZW/z5YJtVNp/cw0VPRww/YWt5GQU/vDRE

Requested by

Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/mONDkfiy/X6hofEd/48nOVHD/ZW/z5YJtVNp/cw0VPRww/YWt5GQU/vDRE

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-187-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

Referer: https://connect.secure.wellsfargo.com/AIDO/elegant.html?si=3&e=http%3A%2F%2Fbgitopazdowntown.ddireal.vn&t=xframe&eu=http%3A%2F%2Fbgitopazdowntown.ddireal.vn%2Fwp-content%2Fthemes%2Ftwentytwenty%2Fclasses%2Fwells%2Fsignon.php&icid=167530499202569119
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 02 Feb 2023 02:29:54 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://connect.secure.wellsfargo.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type
Content-Length: 18

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/idl?pid=1317

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Wells Fargo (Banking)

188 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
bgitopazdowntown.ddireal.vn/	1969-12-31 23:59:59	Name: PHPSESSID Value: 4srl59luoj3if4jibb69l8pc0e
.wellsfargo.com/	1970-01-20 18:07:20	Name: ndcd Value: wc1.1.w-729460.1.2.cUG5TlHoU9KQqD6AwXw1rQ%252C%252C.bLAIyFLMlNhjCrzsTuKHWZEdbFzpKvBYXw0MNMW77AmwC3hVBtU7ohe3xi7SGEQTczxkdX7J_s6mTT-GcAzwIFNC8ufTThdELP5IQ4faXhgOsinICKKl7W62MjD_lWPubqcwFUfFoFlwJvFSWdKYrBfw0kaiy3t8ZAVsduIHczQeWVOtWrHqR40KU-yyrnPF
.doubleclick.net/	1970-01-20 09:21:45	Name: test_cookie Value: CheckForPermission
bgitopazdowntown.ddireal.vn/	1970-01-20 18:07:20	Name: mdLogger Value: false
bgitopazdowntown.ddireal.vn/	1970-01-20 18:07:20	Name: kampyle_userid Value: 1d51-20e1-24d2-148b-27c2-3361-1ad1-ef47
bgitopazdowntown.ddireal.vn/	1970-01-20 18:07:20	Name: kampyleUserSession Value: 1675304992152
bgitopazdowntown.ddireal.vn/	1970-01-20 18:07:20	Name: kampyleUserSessionsCount Value: 1
bgitopazdowntown.ddireal.vn/	1970-01-20 18:07:20	Name: kampyleSessionPageCounter Value: 1

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://connect.secure.wellsfargo.com/auth/login/static/js/general_alt.js?async&seed=AIB30aSBAQAAaON8e0THKEG-EABBQKIADdpWWv5DyTHstHopwQkaHgNyXtDA&X-G2Q3kxs3--z=q Message: Failed to load resource: the server responded with a status of 404 (Not Found)
javascript	error	URL: http://bgitopazdowntown.ddireal.vn/wp-content/themes/twentytwenty/classes/wells/signon.php?cmd=signon_submit&id=61d51d458427c59f69f463fb87bbfc6061d51d458427c59f69f463fb87bbfc60&session=61d51d458427c59f69f463fb87bbfc6061d51d458427c59f69f463fb87bbfc60 Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/idl?pid=1317' from origin 'http://bgitopazdowntown.ddireal.vn' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/idl?pid=1317 Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adservice.google.com
adservice.google.de
api.rlcdn.com
bgitopazdowntown.ddireal.vn
connect.secure.wellsfargo.com
resources.digital-cloud-prem.medallia.com
static.wellsfargo.com
udc-neb.kampyle.com
www10.wellsfargomedia.com
www15.wellsfargomedia.com
api.rlcdn.com
104.83.4.33
116.118.50.194
142.250.181.230
151.101.65.230
2.16.187.42
23.37.49.167
23.37.56.171
2a00:1450:400d:802::2002
2a00:1450:400d:80a::2002
35.241.45.82
00fb0d4cdf817e417a1debd18edda41c97d9dbb75bb9778ff001c1b727795154
052776ce5bb96d76cced9b9d9d5cc8ab2110e33eaba59f6cd3259642a83ff4d4
05413f45f5993fb5a248861440bb0ef62b51aabeb798c6bc82a33f3e8659b866
0b689c08bf809b9d0b18704f683c41e3f7829f58e760ca3c8c93a50c1a41c115
1633cff0d21b3a2b3ac1252ae3fe43aeb1df0f1dce738dc51b0d3c3edbe526fd
18abcbfd674a00d68a13975ada85e901f4ee842ad94c06eef35ef13e071e19c8
1e2f52c125e6e58366a3a410a060fc8475c36cc0523d3b4f15d49377c5c5ac89
20b90132f5e2d51fe8edeaff395c1f75127775d81cf65b33a863eb2ed95edf51
233a5cb7ccfbad3e40b0984592960920bdcf915fd9d987ae3d5ebabcb32e86c5
26fbfe958bfab19d28484b3b379e912c26deb4373a95ab634138817b1cc8fd4e
28c7a1b0b0cfc11cbada099c30a82676e1ccad9b3120b17efdd3d426b4a9ce94
34d6af1ed862f62ede259dedabcadba6446c1e9182cd70b19c66cb3acedae93d
3636799d3181248d5db968a7851b9aa972ea77f64b3cba9ce6b0a8933106c0c2
384f41d37d3a9be1a72e761589096fcce4119150ea81ead29ba758514d321e94
43091c732a9e1f1b0e59c674512e6b66265eec2beff0e764396f1e08e1941eec
5a84fc77c0038f09b7a911ed4b548ac15b43118d8231ab2b428da585aa3c2a52
5e68ea9ca9cce32f91979f88142e963f0ff950cc1f1b6c3246eaaaf2f3091c58
60d47dd37dff7fa5a9353b251f9d54bbbfc2d9564003d347a85075d046ecee7c
61a097bc2513efb34dee32ba60be8df34a5e2d3f9f833065c47fe18b89907662
631f3b6267a831a8d67c45e480b5d5a2601f10ff8708bcf3a45a41b377a129cc
6478879db9ed10ac3e8ada3fbd66208b544cced5c08040333ac2334c8aa8b48c
67de32b64d12842252ed6f84bf84f82ec594e0c90d9a7fcacef1ff32f06778fe
6c771bd1c269646a76015f2f6410a40c031e5adea88f665bfe9ae15a972ab6ab
7641062e10a894814caa9248381c3f3602a108c8063ee475111dc5056c8f28f3
7da443f39799d3ff07e43890054b7888b5f3c2d91b68b9e23a4cc4fa5e037701
85f39a9e87ea01745f1ac1475b364af858780a16798712130d27ef5741ad4431
9184b3835b9cda7302210700cdc5050c5c207682d69c3fbe9e78356cffb65391
91e4378e57724619356caa4ca5a9af2c2c668b503f7b2113b1a8eaee7254db2a
988ce210a0f58c104e2c122eb42338ddd85ff2e33b9b0ffe3af2d7df9e2b00ad
9abd85d49287738590234589863e1a1a2b9f3faa13018120648d898c3fcf759f
9c4cf53fef9222fc5d6659fa4b776fe20d64c46886c3d96547aaae16134afb2a
a48e70425fada198493466f6ff8890b1e22be07abc72ec72e3bd175629065000
a6e52e46f30c7dc4e41a706d9008c258593f367fd4dd7df1bfcca090444aba01
a830d0edb2a0425d62b04c2f2833ad08a47735bc655cab5b29b27d3b522639fb
a8ca2c9183e1073dfb9b2d50c140d9d93048a60dc7f85290feee6aeb980161d3
ab9d8c97b35ed86b6224aca911aa304a0d7dbcbd28e00a4c6585b96e28ed30ba
aeb7b3bfc4281d35b02dfde05ac7a6c0d3daa7f3123b35a9cbd4b5a8e3f3c310
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b8325d272c72a041414d9fb349e9d4bca5e7fc8ad66f47a719e491960afa5683
bb2165c01420613827ddcfad8d638851322b5169f299dfd7f4b81462b65ddb32
bd320a1a5b4aa6e2026cb92ddd25306bbb52efcb74837ad3e9958fec2643a5c5
c567736fbf5b10d4933ff5632a372890f0cd43804f0e17ec9d5c8b1c9b8a14ee
c9c78dfd26c94fb02be818aa68f7f37efd659c95f96ee6ef1ff65a83219feb2a
cbc1399b82e42018fbc8b8b9277200665d6367c9134ead9308ea5e568b00e459
d05c6eece255484babbedeb74b3a5b19daaa9763049e08362b82cfdf1fc8bfbe
d1689035ae9bb4c56fba68cf2d629be13e64da3de97ec1268b8eb60216c8b25c
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
db27897282a9c24bf21eeb7cebabf3cc9feec5d7d7676498f7809e632a1a6502
db341d5481f4f4821d615925d8832d4670c0be64ec82a973bbbb692b8ae1b97f
eb458b08c55fa9ecd604e12d9295b936dd8282df9b47aabc754645a523a8ec5d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4215a4282e51c566934c7b8f4a910da16a539c29292d69e536ff06ddbddde9
f4b64468a78b11eaf57ddeb656408e55eff3209a4eeb76ce343431f940343ca5
f6d94388f08f73ea73adbfa84c4ec5bff48ba7130e76c71479fcbf832c302d7c
f90598e6dd9e9b38ce71662badd8516ee1f6633e8b472e10824e60f441594b17
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
fe5a6f8b61d3b055e92d347163a4715675351eaa6393364341e823d66406b861
fea85638d902b7d705d72aa9776531c035371a16774f0e52be50c0638c6eb110

bgitopazdowntown.ddireal.vn Open in urlscan Pro 116.118.50.194 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

70 Requests

96 %HTTPS

20 %IPv6

9 Domains

11 Subdomains

9 IPs

5 Countries

1866 kBTransfer

3863 kBSize

8 Cookies

0 Outgoing links

Redirected requests

70 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

bgitopazdowntown.ddireal.vn Open in urlscan Pro
116.118.50.194 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

70
Requests

96 %
HTTPS

20 %
IPv6

9
Domains

11
Subdomains

9
IPs

5
Countries

1866 kB
Transfer

3863 kB
Size

8
Cookies

70 HTTP transactions
0 data transactions